Keystone business models for network security processors

Network security processors are critical components of high-performance systems built for cybersecurity. Development of a network security processor requires multi-domain experience in semiconductors and complex software security applications, and multiple iterations of both software and hardware implementations. Limited by the business models in use today, such an arduous task can be undertaken only by large incumbent companies and government organizations. Neither the “fabless semiconductor” models nor the silicon intellectual-property licensing (“IP-licensing”) models allow small technology companies to successfully compete. This article describes an alternative approach that produces an ongoing stream of novel network security processors for niche markets through continuous innovation by both large and small companies. This approach, referred to here as the "business ecosystem model for network security processors", includes a flexible and reconfigurable technology platform, a “keystone” business model for the company that maintains the platform architecture, and an extended ecosystem of companies that both contribute and share in the value created by innovation. New opportunities for business model innovation by participating companies are made possible by the ecosystem model. This ecosystem model builds on: i) the lessons learned from the experience of the first author as a senior integrated circuit architect for providers of public-key cryptography solutions and as the owner of a semiconductor startup, and ii) the latest scholarly research on technology entrepreneurship, business models, platforms, and business ecosystems. This article will be of interest to all technology entrepreneurs, but it will be of particular interest to owners of small companies that provide security solutions and to specialized security professionals seeking to launch their own companies

A game theory perspective on product development project charters: The project manager-project sponsor relationship as an iterated Prisoner's Dilemma

The product development processes of many firms include a project charter - a document that formally authorises a product development project, establishes expectations and success criteria, and provides a project manager with authorit

A design science approach to construct critical infrastructure and communicate cybersecurity risks

Academics are increasingly examining the approaches individuals and organizations use to construct critical infrastructure and communicate cybersecurity risks. Recent studies conclude that owners and operators of critical infrastructures, as well as governments, do not disclose reliable information related to cybersecurity risks and that cybersecurity specialists manipulate cognitive limitations to overdramatize and oversimplify cybersecurity risks to critical infrastructures. This article applies a design science perspective to the challenge of securing critical infrastructure by developing a process anchored around evidence-based design principles. The proposed process is expected to enable learning across critical infrastructures, improve the way risks to critical infrastructure are communicated, and improve the quality of the responses to citizens’ demands for their governments to collect, validate, and disseminate reliable information on cybersecurity risks to critical infrastructures. These results will be of interest to the general public, vulnerable populations, owners and operators of critical infrastructures, and various levels of governments worldwide

Richard Branson and virgin galactic: A case study of entrepreneuring as emancipation

The space industry has experienced a profound paradigm shift: Once the exclusive domain of government, military contractors, and incumbent aerospace companies, space is increasingly accessible to new entrants founded by ambitious, well-resourced, and well-connected entrepreneurs from outside the traditional industry. We present early results from an ongoing study of technology entrepreneurship in the space industry, focusing here on the entrepreneuring actions of Sir Richard Branson, founder of Virgin Galactic. We employ the emancipatory perspective on entrepreneuring- A theoretical lens that challenges the traditional notion of entrepreneurs as profit-driven wealth-maximizers by focusing instead on impetus and actions for change. We begin by reviewing the core ideas of the emancipatory perspective-that entrepreneurs are motivated by a driving need to bring about change that disrupts the status quo, and enact change by authoring new relationships, arrangements, rules of engagement, and positions of power, and by making declarations of intent to create change. Using publicly-available sources, we identify and report examples of seeking autonomy, authoring, and making declarations by Branson. Finally, we discuss the explanatory power of the emancipatory perspective and the implications for the theory and practice of technology management

Business ecosystems and new venture business models: An exploratory study of participation in the Lead To Win job-creation engine

Copyrigh

Time to discover and fix software vulnerabilities in open source software projects: Notes on measurement and data availability

Reducing the time taken to discover and fix vulnerabilities in open source software projects is increasingly relevant to technology entrepreneurs and technology managers at all levels of industry. Rigorous research requires access to valid and reliable data on when vulnerabilities were introduced, discovered, and closed. This article offers three contributions about measurement and data availability: (1) an approach to measuring the time to discover and time to fix vulnerabilities in open source software projects, (2) evidence that combining project release histories and metrics from two online databases can provide reliable proxy dates for vulnerability introduction and fix, but not discovery, and (3) possible technical and open collaboration solutions to the data availability limitations of current databases. These results were part of a larger mixed-method study on the relationship between open source project and community attributes and software vulnerabilities with a data set of 1268 vulnerabilities affecting the software produced by 60 open source projects

Incremental analysis in machine learning

Supervised learning requires data to be labeled. However, labels may not always be available, or creating a labeled dataset may be costly. Even when the data is labeled, labeling is often inconsistent, incomplete and inaccurate. If the data changes over time, a model also needs to be retrained periodically. A machine learning model, therefore, needs to learn from data "in the wild", not just from an initial training dataset. This problem can be addressed by techniques that combine clustering and classification with user feedback. The paper describes one such technique in the form of a pattern: Incremental Analysis. The target audience includes developers who do not have much experience with using machine learning in dynamic environments. This is the first of a number of planned papers on patterns for machine learning