The Official Blog of Cogmap, the Org Chart Wiki


Archive for November, 2009


Modeling Mobile Ad Networks

Tuesday, November 24th, 2009

mm_logoI read recently that Millenial Media and Admob both see around 6-7b impressions per month.

ad_mob_logo_headerPretty good.  Obviously, a reasonable next question is what does that business look like?

First, we need to speculate on what kind of CPMs they achieve.  We have absolutely no idea, so let’s make up a number.  A reasonable starting point might be “regular ad network CPMs”.  So here is Pubmatics numbers:


OK, so $0.27 is a real network value.  But that is the publisher payout.  So if we inflate that 40%, to get the network revenue:  ~$0.50.  In the interests of being conservative, let’s make the mobile network CPMs $0.25.  That also makes our math easy.

So a 6.0b impression/month network yields a $1.5m/month business with ~$600k gross margins.  That means they could probably support 30 employees with that business.  From this, one could imply that Admob, with ~150 employees was losing a lot of money and Millenial Media, with ~50 employees (and ~1b more impressions, yielding an extra ~$100k in gross margins), actually close to breakeven.

Are these margins realistic?  I have no idea.  Maybe they have to rev share with the carriers.  Maybe a lot of these are international impressions and hence worthless.  (Although the Millenial team, at the least, is smart enough not to buy those impressions.)

Seems like a great business.  Obviously, Millenial is sending a message with their raise, as did Google with their acquisition, that the market is a lot bigger than these two companies current implied run rate implies (implications imply!), but these numbers actually seem to make a lot of random anecdotal sense to me.  I had heard that Admob was doing around $10m in revenue annually , so this kind of lines up, given their ramp.

The obvious question is “was my imaginary CPM correct?”  Anecdotal information is that CPM prices are high and CPC prices are low in the industry.  When I try to unwind all of the math from the blog post, it sounds like $0.25 is about right.

I would be shocked if this back of the envelope calculation was too far off.

Death Spirals into a Secure New World

Monday, November 23rd, 2009

RSA-SecurID-TokensSecurity breaches are an act of terrorism in many ways.  And much like terrorism, security never gets credit for breaches prevented, but people lose their jobs ever time someone gets away with one.  The result is that there is little incentive other than sheer cost to limit security efforts in a corporate context.

And better security works!  I found this chart of password lengths that told me that allowing a special character could force a hacker to take 8x longer to break a password.  Making a password 7 characters instead of 6 makes it 12x harder to break.  This is very good.  Passwords should be hard to break.  So what security organizations take away from this is that users should be required to put in a special character.  Required to mix case.  Required to use numbers.  Let’s make the password 8 characters minimum!

Does this sound preposterous?  This was an employer’s corporate password philosophy.  According to our handy-dandy chart, it will take a hacker 1.45 centuries to break my password.

But you never know, a hacker could have started on my password already!  Fortunately, my employer made me change my password every 45 days.  Also, they would need my RSA Securid, a 6-digit passcode that changes every 60 seconds and is more or less random.

But if you are on the security side of our organization, I can’t figure out why they haven’t made passwords 12 characters, or 45 characters?  If it was 12 characters it would take 4 millenia to hack.  Maybe they could relax other rules, like letting me change my password every 60 days.  I am sure they would encourage me to voluntarily make my password that long.  But here is the rub:

When you have to change your password every 45 days, and the password is that preposterously complex, you have a system.  Everyone I work with has a system.  Incrementing numbers in the same password.  Date-based password schemes.  When you have to come up with 9 passwords a year and you are not allowed to reuse a password you have used in the last 24 tries (true!), you have to have a system to remember.  Does this mean changing passwords is less secure than not changing passwords?

So changing passwords is a bad idea.

These same requirements are true if you wanted to read my email via my phone, where every corporate phone is locked with an 8 digit password combining letters, numbers, and special characters.

Do you have any idea how much of a pain in the butt it is for me to put in an 8 digit password with letters, numbers, and special characters every time I want to make a phone call?

How much business value is lost by making people enter passwords every time they use their phone?  I just calculated that it takes 12 seconds for me to type in my password on my phone.  So let’s say that I do that 10x/day: 2 minutes.  That means 14 minutes/week (still typing on weekends).  12 hours/year typing your password (52 weeks because you still have to type the password on vacation.  That is .5% of my work week.  Let’s say that an employee makes $104,000/year (to keep the math simple).  That means $2k/week.  So that password lock on the phone is essentially paying $11.66/week to keep things secure.  But none of that cost gets passed back to the IT department, so it is a slam dunk decision.

Is anyone trying to brute force hack my password on my phone?  Really?  That would be foolish because if they fail six straight times, my phone deletes its entire contents.  So why the password complexity?

Let’s not even get into what it is like when I am trying to type my password into my phone while driving.  If my wife knew…

Password-protecting phones with complex passwords is a bad idea.

Let’s talk about RSA Securid.  RSA touts it as the best protection in the world because the Securid’s are mobile: They go where your workers go.  But let me tell you, they don’t really.  I put mine on my keychain.  Now my keychain is huge.  Sometimes it bothers me so I leave it lying around the house or office.  I don’t take it on vacation.  I don’t have it lots of times.  In fact, I don’t have it right now.

(Let’s be clear, this is not a ding on any one company, this is a ding on complex security at companies.  Many companies have them, all of them are FAIL.  I don’t like them.  Of course, I don’t work on the IT side of companies any more because I am the kind of guy that annoys the rest of the organization.)

Talk about your problems with your company’s security policies.

Guerilla Marketing 102

Friday, November 20th, 2009

So what does David at Expensify do after I give him a little blog love last week?

He shoots me an email asking if I could tweak the post to be a little more SEO friendly towards him.  Now “track expenses” is a link to expensify!

This is another smart idea:

  • Obviously the SEO wars are important and that little bit of link juice helps.  (Little does he know that no one reads this blog!  That is other posts!)
  • He is hitting me at a moment when we have a great relationship!
  • Asking favors continues to build the relationship and dialogue.  That means asking favors is a good thing.  I will be posting on that more soon.

Early Stage Venture Capital Becomes a Smarter Investment Every Day

Thursday, November 19th, 2009

I have talked before about how it is far cheaper to build stuff today than it was previously: languages like Ruby, dev environments like AWS, and tools such as Github and Basecamp allow small teams to develop great products for thousands of dollars instead of millions of dollars.

Also, we have talked about how marketing has gotten a lot less expensive for many companies also.  The tools of social media and the ease by which a meme can be spread have never been better.

All of this is great for early stage venture capital.  It used to be that they had to write huge checks to fund product development and marketing expenses.  Now they can write smaller checks.

But I am here to tell you that there is even better news.  The growing science of customer development and lean start-ups has led to start-ups that are out-and-out better.  The odds of start-up success are simply higher than they used to be.  Start-ups have a better idea of how to build a product that customers want.  Plus approaches like scrum and agile have increased the velocity at which great products can be built.

Of course, competitive risk continues to be an issue, but as entrepreneurs systemically work to decrease risk in businesses, investors reap the benefits!

Chicken Little (TechCrunch) Says Twitter’s Sky Is Falling

Wednesday, November 18th, 2009

twitter-com_uv_1yHoly ComScore, Batman!

TechCrunch freaks out in an attempt to break news by noting that Twitter growth has declined for the first time month over month!

Are they doomed?  Nah, Facebook had the same problem:


OMG!  Facebook was doomed!

Furthermore, Facebook was doomed when they changed their newsfeed, driving down views per user:


At least Twitter is figuring out how to get engagement into a Facebook-ish range with the introduction of features such as lists:


Guerilla Marketing Technique 101

Tuesday, November 17th, 2009

expensify.comI recently signed up for Expensify.  I needed to track expenses for something else and it seemed like a good idea.  Moments after I registered, I got the following email:

From: David Barrett

Subject: Welcome to Expensify

Hi there!  I see you just signed up for Expensify, welcome!  Can you tell me about yourself?  Namely, what sort of work do you do, how big is your company, how do you currently do expense reports, how did you learn about Expensify, how do you hope to use it — that sort of thing.  Thanks!

I immediately sent an email to David asking if this was an automated form email and his reply was:

Yep, it’s timed to come roughly 30 minutes after you sign up (but it’s randomized to appear natural).  You should totally steal the technique: it works *so amazingly well* for convincing people to reply who just need a little encouragement.

Regardless, glad to have you on board for Expensify!  Please let me know if you have any questions or suggestions, or if I can help in any way.

I completely believe him!  The email comes across as so casual and authentic, it does a fantastic job of inviting response.  Who could resist?  And response is fantastic.  I now have a relationship with both Expensify and David!  Surely I will look him up when I am next in San Francisco.

This is a great example of some of the little things you can do that make a big difference in generating customer evangelists.

Blogging Frequently: Sticky or Spam?

Monday, November 16th, 2009

Blog Posts by MonthSo this sweet graph is the number of posts by month that have gotten cranked out on this blog.  Fairly consistent, in the big scheme of things.  You can see when I stopped blogging to write “Football Coach” and you can see the burst in blog posts around the launch of Private Charts and the Cogmap APIs.  Outside of that, the steady cranking out of 7-10 blog posts per month has been the historic pace.  I am trying to pick up speed, as is evident in November 2009, where we are not even at the halfway mark and we have 6 posts.

The key question, as I endeavor to bring fresh new “contextual diarrhea” to this blog more frequently, is: Does freshness matter?  This is a fresh take on my most popular blog post of all time: “Why Do You Hate Me So Much?

Does my huge reader community want more commentary?  Less but meatier?  More of the kind of talk that angers AOL?  Is about org charts?  Is about ad exchanges?

Everyone says that posting frequency is a key consideration for building blog communities.  Do you think it matters?  When we look at my first poll, the conclusion was that my marketing is poor and the Cogmap site is the wrong place to do it.  That implies that my content is great, but then, you are my loyal readers, so maybe I am asking the wrong people.

Anyway, to drive the point home, I am bringing my third poll to the community.  Hopefully this will drive results more like the first poll (Why Do You Hate Me) and less like my second poll (“Help Me Replace Alley Insider“), which only garnered one response.

Remember, your response helps determine how frequently I blog!  Vote like your vote matters.  Remember, no one reads this blog!  It only takes a few votes to really swing things.

How many posts would you like to see from me?

View Results

Loading ... Loading ...

Presentations Part 4: Always Room for Improvement

Friday, November 13th, 2009

Read Part 1, Part 2, and Part 3 – They are far better than this one.

The other day, I had a brief sales presentation with Brad Feld, prominent blogger and venture capitalist.  We had an interesting conversation about the format of the presentation afterwards and he said, “I should blog about this.”  In the interests of beating him to the punch, I thought I would blog about it first, especially given that I just did a slew of posts on presentation approaches.

Let me start by saying that this sales presentation was poor.  It was closer to the Deliverable presentation than it was to the sales presentation format given the verbosity of the slides.  I had only been working on the deck for a few days and my concepts were not nearly as crisply articulated as they needed to be to close a sale.  The result was that there were a lot of ideas expressed textually that did not have that simple conceptual image that conveys them.

At the end of the presentation, Brad’s feedback was, “There was a lot of text on the slide and it was hard to listen to you talk and look at the slides and try to read it all.”  One thing I have always done well is not read people slides, yet these slides simply had too much data on them.  The result is that he was being asked to consume two different data sources simultaneously.  His counsel was, “re-do the slides with 6 words to a slide” – so he was recommending the conference slide approach.  My rejoinder was, “I want to be able to leave this behind and have it make sense,” to which he replied, “Have two presentations.”

In retrospect, I think the real issue is that it was simply not my best deck.  A better deck, aligned with my “sales presentation techniques”, would probably overcome this objection and yield a more appropriate outcome.  20 words can be read fast.  15 words with an appropriate and easy-to-grasp image is even better.  40 or 50 words on a page, which I sometimes had, is simply being an idiot.

The final mistake I made, particularly for a deck as wordy as this, was attempting to present off a laptop.  Now Brad had to squint his eyes to read all this text.  If I had delivered a hard copy, which is important if you want a leave-behind, then he may have been able to flip through it and grasp the text on it more easily.  Bottom-line, copy is simply easier to digest when you control the pace of flipping and it is printed and sitting in your lap.

The best thing I did: Get out and practice and show the deck to people!

Force Ranking to Fire Employees Every Year

Thursday, November 12th, 2009

IMG_4696When I first read many years ago about Siebel’s practice of force ranking employees and firing the bottom 5%, I loved it.  If you are an angry, aggressive guy like me, you always feel like there is deadweight in the organization and the opportunity to improve.  Knowing that every year, some of that deadweight leaves the building and will be replaced by the new new thing always seemed exciting to me.

Now, of course, lots of people hate it.  The idea of being compared to your peers and judged against them rather than judged against your job description can be terrifying and some claim it leads to nasty in-fighting in organizations.

I always thought that that process of renewal might be something that would be really important to me when I went off and did the next thing, so I recently did some research into force ranking.

The big objections:

  • Legal risk: Apparently, some people sue and win because it is hard to demonstrate that the force ranking process was accurate.  Much like how big companies like Time Warner find the exercise of documenting poor performance and firing people incredibly onerous, demonstrating that you identified the poorest performer could potentially be difficult in a court of law.

My conclusion: Kill lawyers.  This whole strategy, conceptually, was about identifying people who may be hard to fire for poor performance, but perform poorly nonetheless.

  • The poor performers may be distributed in strange ways across departments.  A department may consist of superior performers, but it is still forced to cut.

My conclusion: Management has to manage that.

  • People that need to be fired might be “hoarded” for cut time, resulting in sub par performers being kept around longer than they should.

My conclusion: Far more frequent is the situation where people let someone linger around for years and years because s/he does his/her job just well enough to be hard to fire.

Let me be clear, this is not a death sentence.  If I fire one innocent and get ten poor performers, I think that is morally OK.  Bummer that I got an innocent, but I can live with it.

What actually put me off from this was a study they did on the effectiveness of this policy.  There were a few conclusions that came away from the study:

  • A big cut is better than a small cut.  If 5% is good, 10% is even better!
  • After several years of this, the effectiveness declines (the worst people are gone and given that the replacements are a blend of bad and good, there become fewer and fewer really poor performers.)
  • The system works.  No lie, cutting the bottom X% of your workforce improves your workforce.

One conclusion you could take away from this is that you should just do a cut every few years.  This may feel “Lay-off-ish”.  But maybe it feels that way no matter what you do.

So the conclusion I reached was that doing a surprise bottom 10% cut every other or every third year is a really good exercise.  Maybe every year for a year or three then stop for three.  You get the idea.  Surprise 10% cut.  That is healthy.  Scary?  Probably.

Have I gone off the deep-end?

Corporate Values Should Not Be Set By The Corporation

Tuesday, November 10th, 2009
<div xmlns:cc="" about=""><a rel="cc:attributionURL" href= / CC BY-NC-ND 2.0

AOL is currently going through the process of defining a new set of corporate values.  They are collecting input from all of their employees to develop these new set of values.  This is great because it is great to try to crowdsource the best ideas of the company.  Also, making people feel included makes everyone happy.  But hopefully, after this warm fuzzy, when the doors are shut, most of this data will be thought of as secondary input to the equation.  Or, at best, verbiage to help appropriately spin the new values rolled out to the organization.


Company values are an interesting thing.  On the one hand, theoretically the values should represent the collective ideal of the employees.  It should represent what every employee aspires to be.  Does that mean that employees should be building the value system through concensus?  Or should senior leadership set the values and use that to drive employee behavior?

Let me tell you the answer: Values come from senior leadership.  This is because senior leadership absolutely must represent the values of the organization.  If you value ethical behavior, but the CEO is unethical, you are done.  If that is the case, values should be advocating unethical behavior.  Then the company will work in a way that reflects the CEO’s worldview.

If, during the poll, every employee working for an unethical CEO responds with “Be Ethical”, either the CEO should consider changing his worldview, or he should consider how his value system aligns with the company he is building.

If he likes to work 20 hours a day, hiring 9-to-5ers is going to make things difficult and stressful.  The organization needs to be aligned with its leader.  It is that simple.

Another problem with corporate values is that the risk of concensus building risks eliminating the uniqueness from the values of the organization.  A recent study by Booz Allen Hamilton indicated that 95% of North American companies include “be ethical”, 87% use some variant on “Commitment to Customers”, 81% “Commitment to Employees”, 79% “Teamwork and Trust”, and 77% use “Honesty”.  If I had to guess at the values that might be put forth in a group exercise, it seems reasonable that this is what the list would look like.

But here is the thing: That is “company values as competitive necessity”, not values as competitive advantage.  If you want to create a competitive advantage with your values, you have to zig where others zag.  Seth Goldstein did a post quite some time ago on his values and I have remembered it to this day (How ’bout that Seth!)  I don’t think it is perfect either, but that is the idea.  His values are different.  Reading them tells me what we are going to do differently if we accept his value system.  Reading “be ethical” doesn’t tell me how to be different.  One would hope that for humanity, ethical is step one.  I don’t think of that as a company value, I think of that as value as a human being.  People that act unethically can probably be kicked.  Just FYI.

Should values reflect the long term recipe for winning over the next century, even as the strategy of the business changes?  I say yes.

Keep watching, coming soon is my value system.  We are hard at work on how to win.

Let’s get those comments out there.  What do company values mean to you?

Update: I left the employ of AOL shortly before this post was made public.  This is not disparaging toward AOL and let me be clear that my use of “unethical” as an example was used not because AOL senior leadership had this value.  Quite the contrary, it is a preposterous value that no one has.  Tim is OK in my book.