In 2009, a curious experiment was conducted. Stanford students were divided into groups, given $5 each, and tasked with maximizing the profit from that $5 in two hours and presenting the results to everyone.
Most of the students took the $5, bought something with it, sold it for a little more, and tried to repeat the process several times. The outcome was a small profit.
Several groups ignored the $5 and tried to make the most of the two hours. They made reservations at the most popular restaurants in town and resold the reservations or pumped up the wheels of bicycles on campus. This yielded better results.
The winning group did things differently. They realized that the most valuable thing they had was not $5 and two hours of time, but the final presentation in front of Stanford students. They sold that time for $650 to a company that wanted to ‘headhunt’ Stanford students and got a whopping ROI.
An electronics manufacturing plant in Germany was faced with the challenge of improving production efficiency. The first obvious solution was to increase the productivity of existing equipment or replace it with more modern equipment. However, a less obvious but more effective approach was to analyze bottlenecks and figure out how to eliminate them. They found one such bottleneck – an X-ray inspection machine for printed circuit boards. To alleviate the bottleneck, they added a hardware and software module that analyzed the data and predicted the quality of the final products. If it determined that there was no risk of defects, those products were not sent for X-ray inspection. This reduced the workload at the bottleneck and improved overall production efficiency.
When it comes to protecting an organization from cyberattacks, the intuitive solution is to use more security tools. After all, more tools means less chance of something getting through. But there’s research showing that companies using more than 50 cybersecurity tools have a 7% lower defensive capability than those using fewer than 50 such tools.
Or there’s evidence that in 2023, for example, there were dozens of incidents where the damage from the response measures exceeded the possible impact of the incident. This is because it has become too difficult for many organizations to work with a large number of protection solutions.
A less intuitive approach is to use fewer security tools that work in tune with each other. And also to develop constructive security of critical system nodes, including reducing the number of security tools.
In general, when faced with a seemingly simple problem, “quick thinking” often leads us to a simple and intuitive solution that turns out to be wrong. There may be less obvious, but more effective ways.
In 2009, a curious experiment was conducted. Stanford students were divided into groups, given $5 each, and tasked with maximizing the profit from that $5 in two hours and presenting the results to everyone.
Most of the students took the $5, bought something with it, sold it for a little more, and tried to repeat the process several times. The outcome was a small profit.
Several groups ignored the $5 and tried to make the most of the two hours. They made reservations at the most popular restaurants in town and resold the reservations or pumped up the wheels of bicycles on campus. This yielded better results.
The winning group did things differently. They realized that the most valuable thing they had was not $5 and two hours of time, but the final presentation in front of Stanford students. They sold that time for $650 to a company that wanted to ‘headhunt’ Stanford students and got a whopping ROI.
An electronics manufacturing plant in Germany was faced with the challenge of improving production efficiency. The first obvious solution was to increase the productivity of existing equipment or replace it with more modern equipment. However, a less obvious but more effective approach was to analyze bottlenecks and figure out how to eliminate them. They found one such bottleneck – an X-ray inspection machine for printed circuit boards. To alleviate the bottleneck, they added a hardware and software module that analyzed the data and predicted the quality of the final products. If it determined that there was no risk of defects, those products were not sent for X-ray inspection. This reduced the workload at the bottleneck and improved overall production efficiency.
When it comes to protecting an organization from cyberattacks, the intuitive solution is to use more security tools. After all, more tools means less chance of something getting through. But there’s research showing that companies using more than 50 cybersecurity tools have a 7% lower defensive capability than those using fewer than 50 such tools.
Or there’s evidence that in 2023, for example, there were dozens of incidents where the damage from the response measures exceeded the possible impact of the incident. This is because it has become too difficult for many organizations to work with a large number of protection solutions.
A less intuitive approach is to use fewer security tools that work in tune with each other. And also to develop constructive security of critical system nodes, including reducing the number of security tools.
In general, when faced with a seemingly simple problem, “quick thinking” often leads us to a simple and intuitive solution that turns out to be wrong. There may be less obvious, but more effective ways.
