Black Swan Technology Vendors
While most technology vendor relationships deliver linear, incremental value, some rare technology partnerships can have exponential results. IBM and Microsoft, for example, partnered to dominate personal computers. SAP’s partnership with Oracle grew both companies.
We call these outcomes Black Swans because they are unanticipated and profound in their impact. Serendipitous Black Swans help businesses. Catastrophic Black Swans have the opposite effect.
Vendor risk is most often incremental and linear. A failed project might cause a minor outage or delay, but losses are limited to the fees paid and some inconvenience. A catastrophic black swan like a security breach, however could put both companies out of business.
Catastrophic Vendor Black Swan examples
In 2013, an HVAC vendor created a massive security breach that cost Target $153 million in fines, hundreds in millions in revenue before the Christmas season, and a temporary 10% drop in stock price.
Also in 2013, Frozen food manufacturer Findus was nearly bankrupted, when it was forced to announce that their meat supplier Comigel had been supplying horse-meat for their frozen lasagna.
There are two objectives in managing the possibility of a vendor black swan: minimizing exposure to catastrophic black swans, and maximize exposure to serendipitous black swans.
Minimizing Black Swan Vendor Risk
Technology vendors can create exponential risk for their clients in several ways:
Operational Risk
A technology vendor’s negligence may cause a major outage that disables the business’s ability to operate.
Avoid the risk by maintaining high standards for vendor performance, and actively pruning your vendor portfolio of any vendor with consistent poor performance. Watch for red flags in vendor performance. A vendor that can’t get an invoice right, probably doesn’t have the sophistication necessary to competently manage one of your key systems.
Security Risk
Technology vendors may have privileged network access that makes them attractive targets for bad actors. Their security breach could be your nightmare.
Security needs to be written into every vendor agreement. Standard security best practices like least privilege, strong passwords, and multi-factor authentication help manage the risk. Clients should also PHISH train everyone who has access to their network, including vendors.
Reputational & Legal
Some technology providers may create legal risk for their clients by using pirated software, counterfeit hardware, or doing other things of legal and ethical murkiness.
Best practices in contracting like indemnification clauses can partially control this risk. Integrity and ethics should be required values for every vendor.
Serendipitous Black Swans
Black swans are unpredictable and rare by definition. It’s not really possible to plan for a black swan. The best you can do is create situations in which serendipitous black swans can emerge and recognize them when they do.
Serendipitous Black Swans are like hitting a shot from half court. Aiming helps, but you really just need to take a lot of shots. You also need to be able to recognize when you’re getting close to the basket.
Vendors are in a unique position to think of innovative ideas that could become black swans. Many vendors understand enough about your business to help, but not so much as to lose the outsider’s perspective. They can speak to what they’ve seen work for other clients and in other industries, and they are motivated to help and motivated to ideate on things they can sell elsewhere.
Here are a few ideas for increasing the likelihood of a positive black swan.
1. Be vocal about your BHAG (Big Harry Audacious Goal)
At the end of each vendor meeting, challenge the vendor to solve an unsolvable long term problem.
- I need to lower labor costs across the board by 40%. How can you help with that?
- We need to double revenue in the next 18 months. What ideas do you have?
- We need 300% more leads, 30% higher close ratio, 90%+ retention rate… What do you got?
- What product is going to rewrite the way my industry operates?
These challenging questions need not relate directly to the area of the business they support. Your service desk vendor may have ideas about customer success. Your security vendor may know something about lowering your costs of goods or international expansion.
Some vendors will shrug and move on. Others will take the prompt and run with it. There is little risk to challenging your vendor, and if nothing else, it forces the vendor to think about your business needs, not just the small corner they manage.
2. Innovation Sessions
Vendor innovation labs can be effective, but too often they just focus on solutions rooted in the vendor’s technology. Vendors often lack the business or industry background necessary to understand the problem and think of creative solutions. They may also be unaware of the what’s already in progress within the company.
The best brainstorming sessions include a small group of creative people from different backgrounds. Consider pulling multiple vendors into the mix, and include people of different levels and tenure with the company.
Ideas are easy. Follow through is hard. Consider pre-committing budget or time to whatever idea comes out of the session. This forces you to work toward action so the investment doesn’t go to waste.
What is a Vendor Partnership?
3. Think about the vendor’s business
Clients drive innovation for their vendors as much as vendors drive innovation for the client. Vendors performing well in one area may be able to work in adjacent areas just as well and will likely approach the expanded business with a unique perspective. For example, a security vendor who manages your network will take a security-first perspective. A help desk vendor who takes over customer success will lean toward technology solutions.
Develop a Black Swan Strategy
The right environment allows serendipitous black swans to emerge and minimizes the risk of catastrophic black swans. Manage the risk, and create the opportunity.