Amazing CTO | More happiness and success 🚀 Issue 2⁴.1by Stephan SchmidtHappy Friday, a coachee asked me about technology strategy. How does it differ from a product strategy? Especially if the CEO only cares about features delivered, not about technology? The original sin of modern software development is the split of product development into product management and engineering with the arrival of Scrum and the product owner. Now it’s difficult for CTOs to reconcile both and the CEO is not interested. Not only does this reflect insecurity about strategy, but also about metrics like OKRs. How do technology OKRs differ from product OKRs? Until we have reunited product management with engineering all you have left is dealing with the symptoms. I advise the CTOs I coach not to entangle technology strategy, people goals, and OKRs with product. All of product development steering should flow through product management. Even bugs. Stay away from all strategies and OKRs that you are not in control of. Keep technology’s OKRs and strategy to technology topics like maintainability, releases, or site reliability. This answers the strategy question: Think about how technology’s strategy can support business growth with technical decisions, not development execution, and don’t entangle it with feature delivery. On to the insights. This week’s insights include - ⛅ CTO Job Market Weather
- 💡 Innovation for CTOs
- What is product-market-fit PMF really!?
- Infected via HDMI 🔌!
Good reading, nice weekend ❤️ and until next week, Stephan ⛅ CTO Job Market WeatherHow is the CTO job market? We have seen winter coming, with companies in Europe like Kontist and Klarna laying off people, but also massive layoffs with Coinbase (I know crypto!) and Netflix (I enjoy Disney+, is that the reason). But in general, the market for CTOs looks robust. Germany is slightly down to 27 open positions on Indeed while the US is strong at 101. In one of the future insights, I plan a deep dive into the CTO job market. Article of the week that changes your futureSteve Blank Finding and Growing the Islands of Innovation inside a large company – Action Plan for A New CTO In another life a long time ago, “The Four Steps to the Epiphany: Successful Strategies for Products that Win” by Steve Blank changed my understanding of software development completely. Now another good read. This is about a large company. You’re in a small company. But you can still learn from this article. I urge all my coachees to focus on innovation, not execution. First for the benefit of the company, then for the impact, and third for their success. They can shine with innovation but never with execution. Many good points here: https://steveblank.com/2022/06/20/finding-and-growing-the-islands-of-innovation-inside-a-large-company-action-plan-for-a-new-cto/ Stories I’ve encountered last weekHow to Define Product Market Fit For Your Startup This nearly made it to the article of the week. Many companies struggle with product-market fit. Not understanding where a company stands (MVP, Searching for product-market fit, Scaling) leads to a lot of problems (e.g. Marketing wants to scale and development thinks it’s an MVP while product management iterates for product-market fit). This is a fuzzy concept, this article for the first time tries to build a methodology around PMF for different companies. Should be very helpful to some of you (the reason it didn’t make it to the article of the week spot) https://afirsttimefounder.substack.com/p/how-to-define-product-market-fit-for-your-startup How To Transition From Engineering To A Product Manager Role How is this relevant to you, dear CTO? I do think part of reuniting (see above) engineering and product management is the CTPO role (which will take away most of your daily pain). This might mean you moving into product management. So, this article. https://hackernoon.com/how-to-transition-from-engineering-to-a-product-manager-role-c4dadad3d776 PagerDuty Security Training With my coachees, I always talk about security. For CTOs coming from a developer role, this is a challenge. As developers, they don’t care (meh I need to deliver!) and as CTOs it’s critical to their role (and the reason for sleepless nights, oh if I’d only had added more security as a developer). Here is good content that you can use for some good sleep! https://sudo.pagerduty.com/ Infected via HDMI! About security: Did you know that a laptop plugged into an HDMI plug could infect your network? In my last CTO role, I plugged all USB ports of all the Macs, but I didn’t know I had to plug HDMI ports too! https://git.cuvoodoo.info/kingkevin/board/src/branch/hdmi_firewall/README.md Now Amazon debuts an AI programming assistant – CodeWhisperer After Microsoft with Github, Amazon also launches an AI-assisted auto-completion tool for developers called CodeWhisperer. Is this going the way of CASE (and an ill-advised new way to develop software in the 80s) or the future? (Well it is for sure the far future, but I mean the 5-year future). https://www.theregister.com/2022/06/23/amazon_codewhisperer/ Announcing our Next-generation AI models And another tool for auto code completion based on ML. https://www.tabnine.com/blog/announcing-tabnine-next-generation/ The ending of Product Management I hope so! (see above again) This also reminds me of my last newsletter, on why big tech doesn’t use Scrum (go read that also) https://medium.com/@anfonn/the-ending-of-product-management-40153938154d The Documentation Triangle (or, why code isn’t self-documenting) I’ve talked a lot about software documentation, as a CTO and as a software researcher (Yes worked in research some time). I knew people are forgetting the “Why?” to document, which is the most important question to answer in your documentation. But this article builds a neat triangle of What-Why-How. Worth a (short) read. https://sourceless.org/posts/the-documentation-triangle.html How To: Server-Side Request Forgery (SSRF) I hadn’t been aware of that. As soon as a user can submit an URL (e.g. webhook) that your servers execute, you probably have an SSRF problem. Do you have one in your code? Check now. https://www.hackerone.com/application-security/how-server-side-request-forgery-ssrf |