Affecting the C-suite: The CSO’s reputation in today’s corporate environment

Those who occupy the C-suite all bow to one corporate god: Reputation, says Blackstone CISO Jay Leek. James Hale reports.

Affecting the C-suite: The CSO's reputation in today's corporate environment
Jay Leek, senior vice president and CISO, Blackstone

The number one driver in business right now is brand value, says Jay Leek, senior vice president and CISO at Blackstone, a New York City-based asset manager. And, whether you are a brick-and-mortar retailer like Target or the manufacturer of a digital tool like Internet Explorer, nothing has a negative impact on your brand quite like a data breach. As Target CEO Gregg Steinhafel discovered when he was forced to resign last month, putting the personal information of a large segment of your customer base in jeopardy can tarnish your company’s reputation and derail executives’ careers.

But, pull back on that view of the C-suite and identify who is missing among all those present with the title of ‘chief.’ Chances are, you will not find the CISO – or the person he or she reports to – on Mahogany Row. “It’s very rare to find a CISO who reports to the CEO,” says Ted Julian, chief marketing officer at Cambridge, Mass.-based Co3 Systems, “yet that is the most dramatic indicator that a company takes its security seriously.”

“Giving CISOs that kind of executive responsibility is not widely adopted,” agrees Bob West, chief trust officer at CipherCloud, based in San Jose, Calif. “Most CISOs still don’t have that kind of visibility. Systemic issues still abound in that area.”

John Johnson, global security strategist at John Deere, the equipment manufacturing giant based in Moline, Ill., admits that his company does not even have a CISO, and says he sees few as he looks across the manufacturing sector. “Most manufacturers are struggling to improve and adapt, and swimming against the tide of lean IT budgets and resource shortages,” he says. “As such, security started as a function of IT and remains under the CIO.”

That line of reporting can work, says Leek, as long as the person the CISO reports to is the kind of executive who makes things happen when needed. “You need to team up with the right business leader to ensure your voice gets heard,” he says.

Unfortunately, based on the results of a new study, the voices from the security department are not generally getting heard.

According to research conducted by the Ponemon Institute and sponsored by FireMon, only six percent of security professionals surveyed report being highly effective at communicating risk factors to senior management. Twenty-nine percent say they never communicate with senior executives, and 31 percent say the only time they meet with those in the C-suite is when a serious risk has been discovered. Seventy-one percent say communication occurs at too low a level to be effective, and more than half of respondents admit to filtering negative facts before talking to senior executives.

“The survey reveals there is a lack of understanding of what’s important and how it should be measured,” says Jody Brazil, FireMon’s president and chief technology officer. “Most security professionals are invisible until they are forced to disrupt the flow of regular business, and disruption is seldom viewed as positive by those in charge.”

Despite these findings, Leek (left) believes awareness of the importance of security to companies’ overall welfare is increasing. “The conversation has been changing over the past two or three years,” he says. “The highly publicized breaches have changed the way that business leaders and boards of directors look at things.”

Those who occupy the C-suite all bow to one corporate god: Reputation, says Blackstone CISO Jay Leek. James Hale reports.

Affecting the C-suite: The CSO's reputation in today's corporate environment
Jay Leek, senior vice president and CISO, Blackstone

Tim Smith says it depends on which senior executive you are talking to. The interim CEO and executive director of the 76,000-member Canadian Medical Association (CMA) says digital security is seldom a topic of conversation among the peers he meets, but agrees with Leek that disasters have heightened awareness among those who manage high-risk organizations. As an example, he points to a fire at the headquarters of MD Physician Services, the CMA’s wealth management subsidiary.

“We had a very strong disaster-recovery plan in place, and despite having to abandon the building and force employees to work externally for a number of months, the security of our clients’ data was never at risk.”

Smith says he has fielded a number of inquiries about risk avoidance and recovery processes since the fire. “It hits home with business leaders when there is a cost factor involved.”

But, Julian (left) says that CISOs would find the doors to the boardroom open to them more often if they put their reports in terms that business leaders understand, such as potential cost to the business and comparisons to industry averages.

CISOs need to take the reins and define the metrics by which they want to be measured,” he says. “Ground your concerns and recommendations in business issues, and provide metrics that board members can relate to. A lot of boards are there now. They’re concerned about liability, but they want to know how to effectively avoid risk.”

It is also important, he says, to avoid the data breach equivalent of crying wolf – ensuring that executives clearly understand how many threats are real, and which ones are related to sensitive digital assets and what their value is. “Get the kind of data they can relate to in the C-suite,” he says.

Getting the message across is also important, adds Johnson. “We need to be better at communicating IT security risk to our executives, in a way they can understand and appreciate. This means we need to assess and explain the risk, and align our projects and services with business objectives.”

West says that, too often, security professionals are viewed as “the geek in the corner” because they don’t speak the same language as senior executives. Both he and Leek point to the traditional corporate general counsel as a useful role model for CISOs who want their advice to be heard and seriously regarded.

“Senior executives need that kind of objective opinion and the opportunity to have a dialogue that helps them weigh their options and make a decision,” says West.

Smith agrees that that kind of input is becoming an essential element in sound business management, and says substantive governance adjustments are required to make it effective.

“It’s a big area of change,” he says. “To make it work, you need to involve security professionals at the early stages of planning and ensure they’re at the table shoulder to shoulder with you before problems occur.”

Rather than sitting back, waiting for the senior management team to recognize their value to the organization and invite them in, Johnson says the onus is on security professionals to change the model.

Those who occupy the C-suite all bow to one corporate god: Reputation, says Blackstone CISO Jay Leek. James Hale reports.

Affecting the C-suite: The CSO's reputation in today's corporate environment
Jay Leek, senior vice president and CISO, Blackstone

“The blame is shared when a company doesn’t see the value of the security team,” he says, “but mostly it is our fault for not explaining why we need an elevated role. There is only so much we can accomplish, and only so quickly we can manifest change, if we are trying to do it from the bottom up.”

He says organizations need to designate a security executive who is in a position to lead from the top down, and – as Smith suggests – be involved in strategic planning.

But, do security professionals possess the strategic, critical thinking and communications skills required to take a seat at the leadership table?

“The stereotypical path to CISO is through IT,” says Julian, “but a different set of skills are needed if they want to take corporate leadership roles. They need to find ways to address their shortcomings, but it’s a two-way street. Their organizations need to support the change.”

He says a lot of CISOs become frustrated because their companies talk a good game about adding technically minded people at the upper echelon, but when it comes to advanced training, mentoring and exposing managers to different parts of the organization, those opportunities continue to be reserved for ambitious ladder-climbers with legal, accounting or entrepreneurial backgrounds.

Eric Chiu (right), president of HyTrust in Mountain View, Calif., believes companies should consider other models of training for prospective leaders. “IT has traditionally been a support or enabling function, brought in to support the growth of business. The Japanese method of business has long been to expose managers to all aspects of a company with a goal of creating understanding and harmony.”

Although he says it makes sense for U.S. companies to expose future leaders to critical functions of security and IT, he believes it will take time for that to happen.

Johnson also thinks that change will take time, “but I don’t think this is going to take a generation. We need to stop being the technical experts, and develop business skills and learn to communicate and market security more effectively. We no longer have the luxury of making incremental change, year by year.”

Like any key management role, making it to the top will depend on both the person in the position and the level of power they are allowed to exercise, says Chiu. “A person with the right leadership skills, as well as the right training and technical depth, will be critical to have an impact.”

But, could the time come when companies will begin to look at demanding that prospective CEOs or COOs have technical experience as well as exposure to marketing and corporate governance? Smith, whose own background includes a stint running the CMA’s eHealth software business unit, believes smart companies will broaden their horizons.

“I think we need a new career-path model,” he says. “I look at my 12-year-old son. He lives completely in the cyber world. He and his friends are collaborating digitally on school projects. People his age will soon be our customers, and organizations need to prepare for this new world.”

Leek agrees that the climate is right for change to occur at the top level of business. “Companies now recognize that being able to recover from a data breach is more difficult,” he says. “It’s not just about lost business, it’s a blow to your brand value. Understanding that technology is now a business function is essential, so it follows that it’s vital that CEOs understand technology.”

There is agreement among industry observers that the first step is putting security professionals in a direct line of reporting to the top, which often means moving them out from under the traditional IT establishment.

Johnson points to his own company as an example. Although John Deere does not have a CISO, the company has decided to recruit a security director with executive-level authority. Johnson predicts this will become more common, if security professionals can make the case that they belong at the table. “In time, if the security organization can demonstrate they have earned a seat in the C-suite, we will see more CISO titles and more security organizations that are not under the CIO.”

For more information about CYBERSECURITY and SIEM solutions:

Sustaining Training’s Impact

Time plays a key role in business. It has a meaningful impact on how corporate training programs are developed, whether it’s the speed of delivery, the length of the program, the time the learner interacts with the materials, the time the behavior is demonstrated by the employee after the training, or the introduction of tools and technologies that can get information to learners quickly.

Looking across three research studies, I have collected a group of factors demonstrating the impact of time or speed on training programs. Time is a major constraint in the delivery of training – creating tension between desire for shorter training and longer impact.

In the Training Industry and ON24 research study, “Using Virtual Environments for Leadership Development,” 68 percent of respondents cited that sustaining the impact of training is a key challenge. What’s interesting to note is that the drive to shorten the duration of the programs crosses with the notion of effectively sustaining the impact of the program. In this study, we looked at the length of leadership development programs, and found that more than half of leadership development programs last one week or less (see Figure 1).

Chart 11

Interestingly, the companies that felt their program was effective actually had longer programs, ultimately sustaining the impact of training by extending the entire program (see Figure 2).


In a related piece of research, “Strategies for Sustaining the Impact of Sales Training,” we found that continuous training leads to sustained impact. Effective organizations utilize more pre-training strategies for sustaining training and post-training reinforcement, logically extending the program, but making it more impactful.

One of the key problems that these longer more effective programs introduce to the learning management team is the potential for cost increases. Logically, longer programs cost more to support and deliver. So the learning leader is challenged to find new ways to make these programs happen, and we see it in true blended solutions, including face-to-face training, e-learning, adoption of tools such as virtual training platforms, or digital e-readers to make the materials and reinforcement available when the employee needs it, or more importantly, has time to consume it or participate.

Cost and Sustainability

While our research has shown that long-term, continuous training programs are more effective at sustaining the impact of training, cost is still a critical factor in terms of delivery. Using cost-effective resources to leverage information can help offset the cost of long-term training initiatives, such as digital e-readers, virtual training and e-learning.

From the same research on the use of virtual platforms in leadership development, 51 percent of organizations use a virtual delivery platform in support of their company’ program, often cited as one of the soft skills that benefits most from face-to-face, experiential learning .

In another, soon-to-be-published study on the use of e-readers in the support of corporate training programs, we found that roughly 59 percent of respondents currently use digital e-reader platforms to deliver corporate training content (see Figure 3).


Access was the number one benefit of using digital content delivery platforms as part of corporate training programs allowing the learner to access the content at any location, at any time with quicker reach to the entire group of participants. These digital content delivery platforms also provide the benefit of improved consistency and reduce the cost of revisions to the training materials.  Being able to quickly and inexpensively update reference materials or inserting a session on a topic that appears to need more reinforcement allows for improved agility in the program makeup, and potentially continuous realignment to the company goals.

Additionally, effective companies are 50 percent more likely to include self-study online and e-learning training as an element of their leadership development program, according to the ON24 research report. We are beginning to see an increase in the use of blended learning approaches in key focus areas like leadership development emerge in the training marketplace. There is also increasing pressure from the learner pool to provide program elements in the modality they chose. This provides a clear picture for the future direction of corporate learning surrounding key change initiative like leadership development.


The most effective companies are those that utilize long-term or continuous training programs to sustain the impact of training. Regardless of budget, companies are looking for cost-effective ways to deliver the training, including the introduction of digital e-readers, virtual training and self-study into the learning program. A blended learning approach helps the program sustain the impact of the training while keeping the cost in check as the programs begin to span longer periods of time.

For more information:

Originally posted by: Ken Taylor, Ken is Partner and Chief Operating Officer of Training Industry, Inc., and editor in chief for Training Industry Magazine.

How Big is the Training Market?

One of the most frequently asked questions of training analysts is, “how big is the training market?” The truth of the matter is no one really knows for sure, although we are able to make good rational estimates based on sound research and economic analysis. Why is the data hard to get to? Because corporations (buyers of services) are weary of reporting actual expenditures for training. And in some cases, many large companies don’t accurately know how much they spend on training as expenses get buried in non-training related line items.

As difficult as it may be, my goal is to provide you with a few data points that should help in understanding the size of the market. estimates that:

  • 2013 Corporate and government spend for training activities in N.A. (North America) was approximately $141.7B. We believe the average spend for all corporate training activities (employee and customer) to be about .7 percent of annual revenues (or $7 for every $1000 in company revenues). Generally speaking, the larger the company the more they spend on training as a percent of revenue. Companies that are more technology oriented tends to spend more, while companies who are more services oriented tends to spend much less. Note: ASTD estimates the 2012 market to have been $164.2B, down from $171.5B which they reported for 2011, or 1.1 percent of revenues.
  • Spend for training services has increased by about 5.2 percent from 2012, much better than what was originally anticipated (original expectations were the market would grow at a modest 2.5 percent. Spend levels have now exceeded the industry’s high market in 2007 of about a $136B. Our best estimates find the ten year industry low mark to be in 2002 with spend at about $109B, and again dropping to $110B in 2009 (revised from earlier estimates).
  • The global market for training expenditures in 2013 was about $306.9B, an increase from $291.7B in 2012. We believe N.A. represents about 46% of the global market ($141.7B) and Europe to be about 29%, or $89B of the global market. Asia comes in at $31B (10 percent), India $21.5B (seven percent), Australia $9.2B (3 percent), South America $6.3B (2 percent), Africa $3.6B (1 percent), and the rest of the world $4.6B (1.1 percent).
  • Approximately 75 percent of the global spend for training is in North America and Europe. Asia and India, the two most populated regions in the world, combined make up about 17 percent of the global market.
  • Companies spend about 44 percent of their training related dollars on employees, compared to 49 percent on customers, and seven percent on suppliers and channel partners.
  • Companies in North America spend approximately 58 percent of their training budget on insourced activities (people, facilities, etc.), and about 42 percent of their budget on outsourced services. This translates into a supplier market for outsourced services of $59.5B and an insourced spend of $82.2B.  Note: ASTD estimates companies spend 60 percent of their training budgets on internal resources and 40 percent with external suppliers.
  • The top 5 non-BPO market segments for outsourced training are IT ($2.9B; 4.9 percent), Leadership ($2.6B; 4.4 percent), Learning Technologies ($4.0B; 6.7 percent), Sales Training ($2.2B; 3.8 percent), and Content Development ($3.5B; 5.9 percent). All other segments account for about $44.2B. The market is so highly fragmented that the top five segments represents only 12 percent of the total market spend.
  • Training BPO (business process outsourcing) services in N.A. was about $5.76B, or 9.7 percent of the external spend for training services. This includes both comprehensive and selective outsourcing deals. We estimate the out-tasked market for training services was about 90 percent of the sourcing market, or $53.7B. Respectively, licensing of content and training technologies was about $34.1B (58 percent), and contracting for training resources to be about $19.6B (32.3 percent).

ABOUT THE AUTHOR: Doug Harward is the CEO and Founder of Training Industry, Inc. He is internationally recognized as one of the leading strategists for training and outsourcing business models.

Top 10 Social Gamification Examples that will Literally Save the World

supermanreturnsearth Top 10 Social Gamification Examples that will Literally Save the World

New to GamificationCheck out my post What is Gamification & my Gamification Framework: Octalysis

Can Gamification really make the world better?

As a Gamification Pioneer, one of the most common responses I get when I tell people about Gamification is some version of, “Interesting. But how can something like video games really create value in real-world important things?” In other words, “I’m going to be polite to you, but I think this is a gimmicky fad that has no impact.”

Instead of trying to convince people with the same arguments over and over again, I’m going to settle this issue here once and for all – Gamification not only has real-life value and impact, it even saves lives and could ensure our future as a race!

Last Week I wrote about Old Spice’s Genius Gamification Marketing Campaign DIKEMBE MUTOMBO’S 4 1/2 WEEKS TO SAVE THE WORLD. While I think it is brilliant and does a lot of things well, I can assure you that it does NOT really save the world, outside of making more men smell like an adventure and bake gourmet cakes with the kitchens they made with their own hands.

But the 10 Examples below will blow your mind away and show you why Good Gamification, or “Human-Focused Design” (as opposed to Function-Focused Design”), undeniably has a role in “adding more lives” to our future.

1. Puzzle Game Foldit made breakthrough in AIDS Research that Scientists couldn’t solve

By 2009, AIDS has already killed 30 Million people, or close to the equivalent of the State of California. As of 2010, there are still 34 Million people that have contracted HIV. For 15 years, many of the top PhD Scientists in the world were trying to decipher a crystal structure for one of the AIDS-causing viruses called the Mason-Pfizer monkey virus (M-PMV), but could not solve it.

Luckily, the University of Washington’s Center for Game Science (yes, such center exists) collaborated with the Biochemistry department and created FoldIt, an online puzzle video game about protein folding. Foldit utilizes a game-like puzzle interface that allows people from all over the world to “play” and compete in figuring out various protein structures that fit a researcher’s criteria.

To everyone’s surprised, with over 240,000 “players” registering for the game and competing viciously against each other, a solution to the structure of the M-PMV was found in 10 days, creating a major breakthrough in the AIDS research field. 15 Years vs 10 Days? I would say for this alone Gamification added extremely concrete value to the world and could one day save a loved one.

2. RPG Diary Game Pain Squad helps Patients Combat Cancer by providing both Purpose and Data

Along the lines of FoldIt, Pain Squad is a “mobile game” designed to help kids fight cancer better by providing the patients with purpose and the researchers with data. In 2007, cancer was the cause of 13% of all human deaths (or 7.9M people). Fighting cancer is not only painful, it could be lonely and full of despair. To better treat children patients, doctors need patients to keep a “pain journal” everyday to see what is working and what is not.

However, kids are generally too tired to keep a journal and only record data occasionally, which makes the data completely useless. Toronto-based company Cundari created a role-playing cop game with missions and rewards, as well as police encouragement videos to motivate these children to log their pains twice a day for 2 weeks.

Turns out, this game not only provided doctors with all the data they need for better research and care, it made children excited and fought their pains with a purpose. They now are not simply victims of cancer but detectives that is baring some pain to help humanity defeat cancer once and for all!

Pain Squad was a massive success in a few hospitals in Canada and is going through more test cases in a lot more hospitals in 2013.

3. Zamzee makes Kids active by making running around Epic

Studies show that the activity rate for children between 9-15 have decreased by 60%, leading to obesity, diabetes or even worse diseases. I introduced Zamzee in an earlier blogpost, along with an Octalysis analysis, but basically Zamzee is a device that clips onto kids and tracks their activities when they run around – somewhat like the Nike+ FuelBand but cheaper for kids and has missions that are designed to get kids excited.

Kids can upload their activity data onto a website and see how many points they received and whether they have accomplished interesting challenges as well as earned badges. Amazingly, Zamzee has concrete data to show that the activity rate of children increased by 59%, a very sizeable increase that will help encourage kids to go to the gym more when they grow up.

4. Khan Academy makes people fall in love with learning through Gamified Online Education

When you ask kids these days, “What is work?” They will say, “School.” If you asked them “What is play?” they will often say, “Video games!” I believe human’s have an innate DESIRE to learn, but for some reason current school systems does not motivate children to learn the way they’re supposed to. What makes matter worse is that many schools are getting their budgets cut, with teachers being laid off and children not getting properly educated.

In comes Khan Academy. What used to just be a guy teaching math on YouTube became a huge collection of over 3000 educational videos on math, physics, chemistry, finance, and a lot more, with millions of people learning from it. Khan Academy utilizes lots of game mechanics such as “skill-growth trees” to unlock new classes and learn new skills. Many have said that they couldn’t imagine themselves ever enjoying or being good at math, but now their world has changed, thanks to some great teaching skills by Khan, and a little bit of Gamification.

5. CrowdRise turns Charitable donations into a Game

The Founder of once said, “the biggest competitor to Kiva is Zynga.” When people are occupying their minds with games, they are less concerned about helping the world through philanthropy. This is why an aspiring entrepreneur named Edward Norton, along with some other friends started CrowdRise together.

CrowdRise is a platform that Gamifies charity. People create their pages and profiles, and they can accumulate points and match up against others on a leaderboard based on how much they can fundraise.

Of courses, they don’t use very advanced Gamification techniques and simply stick to basic PBL (points, badges + leaderboards), but with some Epic Meaning & Calling on top of some celebrity power, CrowdRise managed to attract over 33M players and have raised hundreds of millions of dollars for non-profits worldwide.

6. SuperBetter makes you Recover from Setbacks and Supercharges your Life.

This is a website created by game designer and known speaker Jane McGonigal. This site is unique because Jane herself once got into a brain concussion (hate those concussive shells!) and doctors were not very optimistic about her conditions. To her credit, Jane used her game design skills to create the first version of SuperBetter, a site to help people accomplish their goals by building physical, intellectual, emotional, and social resilience.

Through the process of forming alliances, using power packs, and defeating bad guys, she recovered from her illness and is now spreading the healing power of games to everyone who needs it.

The site is generally well designed, but it has some Ocean Paralysis towards the end of Onboarding. Of course, when you are curing people from a life-changing illness or setback, that hardly is an obstacle.

7. OPower makes people responsible with their energy consumption

Energy is a serious issue in the world. It powers a nation’s efficiency to produce and transport, but also leads to war in some cases. OPower works to solve these problems by utilizing gamification to encourage people to use less energy. OPower works with utility companies to provide households with data on how much energy they are consuming, how they match up with neighbors, and if they are close to any new milestones.

Compellingly, people are consuming on average 2% less energy, which in 2012 led to over 1 Terawatt of energy savings in the world. This equates to $120,000,000 in utility bill savings, and decreased polluions equivalent of keeping 100,000 cars off the road.

8. RecycleBank saves the environment by rewarding points that can be redeemed for goods

Perhaps not obvious to many, but there’s also a serious trash problem in the world. 195 Million Tons of Trash are tossed out by American’s alone each year. The trash needs to go somewhere, and they generally go into landfills. The problem is, many products can take 100-400 years to decompose, and we are slowly running out of landfill space. In 1988, there were about 4,000 landfills in the United States. Just 10 years after, in 1998, we only had 2,514 landfills left. In 2010, we dropped to 1,908. Starting to sense a problem here?

RecycleBank was created to encourage people to recycle more and reduce landfill trash by awarding points for recycling, saving energy, and answering sustainability quizzes and pledges. Points are redeemable for actual goods at WalMart, BestBuy and more places, as city government pays RecycleBank for reducing landfill waste. The project is backed by Al Gore and how won numerous awards in innovation, sustainability, and business. It now has 3 Million members and over 180 employees pushing the recycling envelope further.

9. m.Paani aims to solve the clean-water problem in third world nations through an innovative loyalty program

In many third world countries, many people lack clean drinkable water, while others walk over 4 hours everyday to get clean water for the villages. A billion people in this world (that’s 1/7th of the world) do not have access to clean water, with 2.2M of them dying every year due to water-related diseases.

The crazy thing is, people in these third world countries own mobile phones. In fact, more people own mobile phones than toilets. m.Paani implements a very innovative loyalty program, where by purchasing mobile credits from sponsoring companies, individuals earn points towards sanitization products or water-related infrastructure for the entire village.

10. FreeRice Feeds the Hungry by Quizzing the Intellect

Alone the lines of solving the water problem is solving world hunger. Every year, 15 Million children die from starvation, while another billion people having less than $1 a day to buy food. Almost 50% of the human population live on less than $2 a day.

Similar to what was said about Kiva, people are spending their time playing games instead of helping the poor, so FreeRice created a quiz game where each time you answered a question correctly, FreeRice will buy 10 grains of rice, which are paid for by the sponsors of the site. Now here’s a win-win, the user improves his/her education from answering these questions, hungry people get fed, and sponsors get their promotional bang for the buck.

The site was later donated to the United Nations World Food Programme. To date, FreeRice has donated 6100 metric TONS of rice, consisting of 93 billion grains of rice and enough to feed 10 million people.

Gamification: Too Legit to Quit

It’s hard to argue against these examples being extremely positive for our society and well-being. But this is just the tip of the iceberg. Dozens of new examples are being created every month. Gamified products that help with fitness, getting out of debt, doing chores, cleaning up the environment, you name it.

What we’re seeing here is a complete shift from things we “should do” to things we “want to do.” But instead of shifting the tasks, we simply make what we should do fun.

Imagine a world where kids can save lives, get healthier, bond with family and even make a living by playing World of Warcraft. My vision for Gamification is a future where no one really works, but everyone plays and contributes to a happier and more productive society.

Lets hope this is not just a fad.

For more information about GAMIFICATION:

This entry was originally posted in Gamification Examples on December 3, 2013

by u

NSA Gamifies Surveillance Training: Ethical or Questionable?


The Ethical Implications of the NSA Surveillance Training and the Gamification Industry

It is undeniable that gamification is a force to be reckoned with as it is a powerful tool in eliciting change for a user’s behavior. Although gamification as a tool by itself is inherently neutral, its use for good or bad has been highly debatable.  Here at Gamification Co, we have covered numerous examples where gamified systems have been used for good in solving problems across industries. Nonetheless, there is a need to address the elephant in the living room where gamification is used for questionable means.

The case in point was a recent Der Spiegel report on the NSA gamifying its infamous international surveillance program, XKEYSCORE. Gleaned from a secret report entitled, “Tales from the Land of Brothers Grimm”, it detailed training procedures that were used to motivate NSA agents who are new to the program. Gamification mechanics were used such as how agents could earn “skilz” points and “unlock achievements” as they effectively use the training program. What was startling was that the report indicated the training procedure changed the perception of its users opinion on surveillance after a certain period of time.

Der Spiegel wrote, “One analyst is quoted as saying that he always felt that he had one foot in prison when he was using the program, but that he began feeling more confident after going through training.”

The effectiveness of the gamified training program was highlighted in the report as well. It noted that Griesheim base, the European hub of the XKEYSCORE achieved the “highest average skill points” compared to other NSA departments in the same training program.

nsa gamification xkey score

CC Image by 禁书网中国禁闻

If readers are feeling uncomfortable right now, you have all the right reasons to do so. For this has not been the first time a federal agency has used gamification to to pursue their own organizational goals. So, the big question now is, how should the gamification community respond to this?

A core principle of gamification design is to include rules to govern the parameters of the “game”. If rules were non-existent within a game, there will always be a segment of users who will inherently attempt to game the system for their own needs. While there are currently no laws that specifically govern against the misuse of gamification, the gamification community can seek guidance based on a code of ethics. In a write up by Zichermann covering ethics, he has pointed out how “game, film, loyalty and behavioral economics industries don’t really have an omnibus code of ethics, despite their persuasive natures.” The same goes for gamification as well. As the field is still developing while trying its best to avoid terrible design and ultimately failure, the discussion on unethical application of gamification is often an afterthought.

Nonetheless, important strides has been made to address this long overdue subject matter. The establishment of the Engagement Alliance has helped generate discussion on ethics while Kevin Werbach’s Coursera class and his book, “For the Win” co-written with Dan Hunter, covered extensively on the role ethics play for gamification design. These efforts are helping to educate the community while addressing the issue but this is not the end of it. In fact, it goes to show the significant responsibility that must be shouldered by gamification designers.

In essence, ethics are actions and behavior that are deemed socially and culturally acceptable by the majority. Will there come a day where society will become ambivalent to gamified systems that are designed with questionable intent? It is always a possibility. This article may prove to be a Pandora’s box, leaving us with more questions than answers. Is a code of ethics temporarily sufficient in governing an entire industry? How do we tell when gamification systems are morally right or wrong? Above all, when should gamification designers draw the line upon realizing their work’s true purpose? Hopefully through continuous dialogue on the ethical implications, gamification may turn out ultimately to be a catalyst of positive change.

For more information about GAMIFICATION:

Originally posted by Heong Weng Mak – gco online

Gamification: Accelerating Learning For Business & Education

Learning - Featured

Anyone who has children or who has been around them for a while knows that kids, as well as young adults, are attracted to video games like flies are attracted to light. And while older adults may think the kids are being lazy or using their time idly when they’re connected to their Wii or Xbox using a Kinect, in reality the kids are paving the way for business training and education.

How? It’s part of a future trend I first identified back in the 1980s that we are now calling gamification, and today that growing trend is reaching a tipping point. If you think back, you’ll see that many of the greatest technological advances in business have come from the world of kids and games. Actually, here’s the exact flow of events: a concept or technology often begins with kids and the world of gaming. Some will start with the military, but it’s amazing how many start with kids’ games. From there it gains the attention of the adults in the business community as they learn how to adapt it to their needs, and finally it creeps into the education sector. So in many respects, the adults and the business world can learn much from the kids and their video games.

To see the migration of how a concept goes from kids and games to adults and business, just look at the evolution of social media. At first, young people were the predominant ones on social media sites such as Twitter and Facebook. Adults simply didn’t see the value of social media. After all, who really cared what you had for lunch or what outfit someone wore to the dance. As adults eventually took more and more interest in social media, many companies made formal policies forbidding employees from using Twitter and Facebook at work. But now that the business world has seen the relevancy of social media and how it can be a brand management, marketing, and collaboration tool, they’re embracing it, some even going so far as creating their own internal versions of Twitter and Facebook.

Granted, video games and social media are different technologies, but the concept migration pattern is still the same. And with game controllers like the Wii and Xbox Kinect giving people new ways of interacting with technology, the business world is currently on the threshold of being game-ified.

For example, in the past, gaming was all about sitting in front of a computer or television screen and using a game pad, joystick, or keyboard playing against the computer or online opponent while sitting down—a passive activity. Thanks to the Nintendo Wii’s interactive nature, players stood up, got physically involved, and actually became a part of the game. Then Microsoft introduced the Kinect, which eliminates the need for a hand-held controller entirely. Players use their hand motions and body movements to manipulate the game.

Thanks to Microsoft releasing a software development kit for the Kinect that allows programmers to create new applications, university students started taking this gaming concept and writing software that allows users to control business software using just hand motions—no keyboard or mouse. An early example would be if you want to go to the next page, you do a sweep of your hand across the screen without touching anything. You can sweep to the left, sweep to the right, scroll up, scroll down, and many other things. Think back to the movie Minority Report where the police were able to maneuver data in the air without touching anything. Today, that’s rapidly becoming more fact than fiction.

The Core of Gamification

The heart of the gamification trend is using interactive gaming as a tool to transform training and education. Based on twenty-five years of research, I’ve identified five core elements that when applied together can dramatically accelerate learning. When you model your company’s training to include these five elements, your employees will learn more in less time and have better results. The five core elements are:

  • Self-diagnostic. In the world of gaming, as you accomplish new feats and as your character gets better, the game gives you greater challenges. When you power down, the game remembers where you left off. When you return to the game, you still have your capabilities and all the things your character has previously learned. You don’t have to start over from ground zero. In the case of business training, if you learn something, there’s no need for a trainer to re-teach it to you. But how many times have you sat through a training session where you already learned a majority of the concepts yet you stayed so you could gain knowledge on a few key items? How much time did you waste? A better idea is for business training to have a self-diagnostic component. The interactive, competitive, and immersed module can know your skill or knowledge level and progress accordingly. It can know where you left off and give you next steps from that point when you log back in. This is the best way to allow for individual training and learning.
  • Interactivity. For centuries, education and training have been, for the most part, passive experiences. Someone stands in front of a group and talks. The people being educated or trained sit and listen—taking a few notes here and there. If there is a lab, they will have some hands-on application, but application labs are not the norm in everyday education and training. As technology evolved, the trainer or teacher showed a movie or two to keep people involved, but in the end, the people learning just sat and watched. Regardless of someone’s inherent learning style, learning is much more effective when you’re interacting with the material, not passively sitting there. When you learn by gaming, you’re interacting with the information and concepts. You’re moving things around, you’re manipulating items, and you’re actually doing things. It’s no longer passive training. Now you are much more engaged and immersed.
  • Immersion. We’ve seen 3D TVs where you have to wear special glasses to make the images pop out at you, but that’s because TVs have a lot of viewers sitting in a room spread out. When you’re playing a game on a small screen like a tablet or a smart phone, the viewing angle is such that you can have images appear 3D very easily without special glasses. In the recent past to the present, video games use interspatial 3D, where you go into worlds. So instead of images popping out at you, you go inside to them. That’s how games on the Xbox 360 and others have been working for years, by using a regular television set or flat panel display. This sort of technology gives an immersed effect, which engages people more. To apply this to business, if you’re training salespeople on a particular manufacturing tool they need to sell, why not have them see the tool in 3D and actually get to virtually manipulate the tool rather than have them read spec sheets about it? The former will give them more insight to the tool, which will make selling it easier.
  • Competition. Humans are naturally competitive beings. We want to sell more, be more productive, innovate faster, and be smarter than the next person. When you’re sitting in class learning, there’s little competitive value. You’re all there for the entire timeframe whether you’ve learned the materials in one hour or three. No one advances until the class is over. However, when you’re competing, as in a game, there’s an adrenaline rush that keeps you engaged and focused on the task at hand. In an effort to “win,” people master concepts faster so they can be first…and certainly not last.
  • Focus. When you’re playing a game, you’re forced to focus. You have to do A in order for B to occur. If you don’t do A, then you won’t get far in the game. Focus is the result of interactivity, competition, immersion, and self-diagnosis. When you can focus, you can learn virtually anything…fast.

Accelerate Learning

Using all five core elements is a key to accelerating learning. With more and more to learn, it will be increasingly important to gamify both business and education to create better results faster. Those companies and school districts that adopt early will be the long-term winners. So here’s your homework assignment: Get together with a kid and play one of their games. While you’re playing, think Wii or Kinect for business. Think of the five core elements and how you could reinvent learning with tools like these. Since businesses spend large sums of money on training and education, any tool that can accelerate or enhance learning will save both time and dollars.

For more information about Gamification:

Originally posted by Daniel Burrus, CEO of Burrus Research and leading technology forecaster and business strategist

How We Discovered the Underground Chinese App Market Or, how Robert Fortune’s tea heist shaped China’s iOS market

There is a dirty secret lying beneath China’s iOS app market, and our revenue is hiding somewhere in it.

In December of 2011, right before Christmas, we released our first iOS application Bilingual Child. Immediately after, we saw downloads flooding in from China.

We had tapped into one of the biggest markets in the world. We knew the revenue was just around the corner.

But it never came.

We figured it was because we were teaching Spanish to native English speakers. We weren’t giving our Chinese customers localized content.

Localized content for Mandarin speakers

So we created a new version of our application for Mandarin speakers to learn English. We rerecorded all of the audio with a native Mandarin speaker; had three translators cross-reference every word and phrase used in the application to make sure our Mandarin was correct; remade our main character, animations, and marketing assets to showcase our new bilingual Mandarin boy; and released the new version into the Chinese App Store.

Again, the downloads flooded in — but no sales.

We were perplexed. We knew China was a huge opportunity for us if we could break into it.

Something just didn’t seem right, so we dug in a little further to figure out what was happening.

The underground Chinese App Market brings more than $10 million a year in revenue from Stolen Apps

We discovered our apps on, a Chinese clone of Cydia.

Then we came across KuaiYong (aka, an app market that allows users to install iOS apps without even jailbreaking their phone.

The site even uses geolocation to hide its store from users outside of China.

In 2012 42% of iPhones were jailbroken in China

That’s thirty-four million jailbroken devices with access to apps stolen through illegal app stores.

Since its rise in popularity this year, KuaiYong has actually decreased the jailbreaking of iOS phones from 42% to 32.3% by giving users access to stolen apps without the risk of jailbreaking. That still leaves approximately 28.3 million jailbroken iOS devices active in China.

How bad was the Chinese app market for us?

To date, we have made $58.98 in China’s iOS store, compared to $41,780.20 in the United States.

So why is China so willing to jailbreak their phones and download illegal software?

“Only if we have some understanding of why in Chinese civilization
it has been an elegant offense to steal a book will China and its
foreign friends know how in the future to discern and protect one
another’s legitimate interests.” —William Alford

It all started with tea.

In the 19th century, China was the only country that knew how to grow and make tea, a favorite drink of the British and a huge market worldwide. The Chinese not only had exclusive access to the seed but also essentially owned the process of production.

At the time, the British were the largest providers of opium to the world and exported the substance to China in exchange for tea.

The Chinese Emperor realized this was creating a nation of drug addicts and proceeded to confiscate and destroy all of the opium.

The British were left with a nation (the upper class anyway) starving for tea with no viable trade option. So the British devised a plan to steal China’s intellectual property and create their own tea plantations in India.

They sent botanist Robert Fortune deep within China to steal the tea-leaf farming process and the seeds themselves so the British could build tea plantations in India.

Within a generation, the plantations in India had far surpassed the production of those in China. The Chinese abruptly lost their control of the global tea market, and it would take them a hundred years to return to the level of production they had enjoyed in the nineteenth century.

The same tactic that Britain used to destroy China’s domination of the tea market, China is now using against us in the technology market.

Intellectual property through cyber espionage constitutes the “greatest transfer of wealth in history.”
—Gen. Keith Alexander, NSA Director and CYCOM Commander

It’s been estimated that U.S. companies lose approximately $250 million dollars a year to China through intellectual property theft.

While the Chinese government recently vowed to protect intellectual property, They have done little to protect foreign companies. Often times, foreign companies cannot legally sell their products in China, so they cannot claim damages when their property is stolen and distributed.

Though the government has a heavy hand in restricting domain access on the internet, as well as which apps are allowed in the Chinese iOS app store — they seem to turn a blind eye to sites (such as Youku) which distribute copywrited material without consent.

The situation is much the same for such illegal app distribution sites as KuaiYong and iPadIpa.

So what can you do as an app developer looking to distribute in China?

Use advertising as a defense strategy.

We consulted with a freelance marketer based in China. He acknowledged that the problem was widespread and there wasn’t much we could do defensively to protect our application from being stolen.

While we couldn’t take advantage of our “’Buy All’ button, we could take advantage of the traffic coming though our applications by removing the paywalls in our Chinese versions and replacing them with advertising that is not removed when distributed in the illegal marketplaces.

Despite the amazing potential the Chinese digital marketplace has, it has a long way to go before providing the protections that software developers need to enter the market with confidence.

Or, perhaps China has just found its own Robert Fortune.

Originally published by: Michael Sacca

View story at