Career Focus

Leaders who aspire to run successful enterprises need to develop and execute a winning business formula. Difficult enough, but the reward for building a successful business is that the leader must then spot when external conditions require a change to the formula. And the more successful the business, the harder that piece will be to pull off. This course, which introduces a series of powerful theoretical frameworks for navigating these critical moments in enterprise growth, will prove valuable to students who anticipate managing, advising, or investing in any of a variety of companies-from category-creating startups to industry-leading incumbents.

Educational Objectives

The focus of the course is to learn to use well-researched theories about strategy, innovation, and management to understand why things happen the way they do in businesses, and to predict which tools, strategies, and methods will and will not be effective in the various circumstances in which our students find themselves.

Course Content and Objectives

This course was created by Professor Clayton Christensen to help students become insightful consumers and teachers of practical management theory and techniques. Early sessions will introduce models about the key jobs of the general manager, who must integrate the marketing, product development, operations, strategic planning, financial, and human dimensions of the enterprise. We will employ these models throughout the course to understand the root causes of the challenges that the general managers in our cases are facing, and to develop action plans for resolving them. During case discussions, we will seek to answer some of the following questions, which are relevant to companies of all sizes:

1. What is disruptive innovation? How can entrants disrupt market leaders, and what can market leaders do to avoid disruption?
2. Who is our ideal customer? How can we create products and brands that will appeal to those customers?
3. How should we decide which activities to keep in-house and which to outsource?
4. When is an industry about to be commoditized, and how can we profit from that shift?
5. How do we set strategy in a rapidly changing world (where unknowns vastly outweigh knowns)?
6. Whose investment capital will help us, and whose money might undermine our chances of success?
7. To what extent do commonly used performance metrics kill innovation, and how can we develop metrics that encourage new growth?
8. Can acquisitions become a pathway to new capabilities? Should we integrate acquired companies or keep them separate?
9. What is the role of the CEO in building new growth engines within established companies?

Course Organization and Grading

The course includes a final paper, to be completed by teams. The paper will not require field or library research; instead, it will provide an opportunity for students to apply theories and frameworks introduced in the course to explore the opportunities and challenges of a company they know and/or in which they have a current interest. Grading is based on class participation (50%) and the final paper (50%).

Copyright © 2022 President & Fellows of Harvard College. All Rights Reserved.

• The U.S. job market has almost 600,000 openings requesting cybersecurity-related skills. 
• Employers are struggling to fill these openings due to a general cyber-skill shortage, with many openings remaining vacant each year. 
• When evaluating prospective information-security candidates, employers should look for certifications as an important measure of excellence and commitment to quality.
• This article is for business owners looking to hire cybersecurity experts, or for individuals interested in pursuing a cybersecurity career. 

Cybersecurity is one of the most crucial areas for ensuring a business’s success and longevity. With cyberattacks growing in sophistication, it’s essential for business owners to protect their companies by hiring qualified cybersecurity experts to manage this aspect of their business. The best candidates will have a certification in information security and cybersecurity. This guide breaks down the top certifications and other guidance you’ll need to make the right hire for your company. It’s also a great primer for individuals who are embarking on a cybersecurity career.

Best information security and cybersecurity certifications

When evaluating prospective InfoSec candidates, employers frequently look to certification as an important measure of excellence and commitment to quality. We examined five InfoSec certifications we consider to be leaders in the field of information security today.

This year’s list includes entry-level credentials, such as Security+, as well as more advanced certifications, like Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA). According to CyberSeek, more employers are seeking CISA, CISM and CISSP certification holders than there are credential holders, which makes these credentials a welcome addition to any certification portfolio.

Absent from our list of the top five is SANS GIAC Security Essentials (GSEC). Although this certification is still a very worthy credential, the job board numbers for CISA were so solid that it merited a spot in the top five. Farther down in this guide, we offer some additional certification options because the field of information security is both wide and varied.

1. CEH: Certified Ethical Hacker

The CEH (ANSI) certification is an intermediate-level credential offered by the International Council of E-Commerce Consultants (EC-Council). It’s a must-have for IT professionals who are pursuing careers in white hat hacking and certifies their competence in the five phases of ethical hacking: reconnaissance, enumeration, gaining of access, access maintenance and track covering. 

CEH credential holders possess skills and knowledge of hacking practices in areas such as footprinting and reconnaissance, network scanning, enumeration, system hacking, Trojans, worms and viruses, sniffers, denial-of-service attacks, social engineering, session hijacking, web server hacking, wireless networks and web applications, SQL injection, cryptography, penetration testing, IDS evasion, firewalls and honeypots. CEH V11 provides a remapping of the course to the NIST/NICE framework’s Protect and Defend (PR) job role category, as well as an additional focus on emerging threats in cloud, OT and IT security, such as fileless malware.

To obtain a CEH (ANSI) certification, candidates must pass one exam. A comprehensive five-day CEH training course is recommended, with the test presented at the course’s conclusion. Candidates may self-study for the test but must submit documentation of at least two years of work experience in information security with employer verification. Self-study candidates must also pay an additional $100 application fee. Education may be substituted for experience, but this is evaluated on a case-by-case basis. Candidates who complete any EC-Council-approved training (including with the iClass platform, academic institutions or an accredited training center) do not need to submit an application prior to attempting the exam.

Because technology in the field of hacking changes almost daily, CEH credential holders are required to obtain 120 continuing-education credits for each three-year cycle.

Once a candidate obtains the CEH (ANSI) designation, a logical progression on the EC-Council certification ladder is the CEH (Practical) credential. The CEH (Practical) designation targets the application of CEH skills to real-world security audit challenges and related scenarios. To obtain the credential, candidates must pass a rigorous six-hour practical examination. Conducted on live virtual machines, candidates are presented 20 scenarios with questions designed to validate a candidate’s ability to perform tasks such as vulnerability analysis, identification of threat vectors, web app and system hacking, OS detection, network scanning, packet sniffing, steganography and virus identification. Candidates who pass both the CEH (ANSI) and the CEH (Practical) exams earn the CEH (Master) designation.

CEH facts and figures

Certified Ethical Hacker (CEH) training

While EC-Council offers both instructor-led and online training for its CEH certification, IT professionals have plenty of other options for self-study materials, including video training, practice exams and books.

Pluralsight currently offers an ethical-hacking learning path geared toward the 312-50 exam. With a monthly subscription, you get access to all of these courses, plus everything else in Pluralsight’s training library. Through Pluralsight’s learning path, students can prepare for all of the domains covered in the CEH exam.  

CyberVista offers a practice test for the CEH 312-50 certification that includes several sets of exam-like questions, custom quizzes, flash cards and more. An test prep subscription for 180 days costs $149 and gives candidates access to online study materials, as well as the ability to download the materials for offline study. Backed by its “pass guarantee,” CyberVista is so confident its practice test will prepare you for the CEH test that the company will refund its practice test costs if you don’t pass.

FYI: Besides certifications in information security and cybersecurity, the best IT certifications cover areas such as disaster recovery, virtualization and telecommunications.

2. CISM: Certified Information Security Manager

The CISM certification is a top credential for IT professionals who are responsible for managing, developing and overseeing information security systems in enterprise-level applications or for developing organizational security best practices. The CISM credential was introduced to security professionals in 2003 by the Information Systems Audit and Control Association (ISACA).

ISACA’s organizational goals are specifically geared toward IT professionals who are interested in the highest-quality standards with respect to the auditing, control and security of information systems. The CISM credential targets the needs of IT security professionals with enterprise-level security management responsibilities. Credential holders possess advanced and proven skills in security risk management, program development and management, governance, and incident management and response.

Holders of the CISM credential, which is designed for experienced security professionals, must agree to ISACA’s code of ethics, pass a comprehensive examination, possess at least five years of experience in information security management, comply with the organization’s continuing education policy and submit a written application. Some combinations of education and experience may be substituted for the full experience requirement.

The CISM credential is valid for three years, and credential holders must pay an annual maintenance fee of $45 (ISACA members) or $85 (nonmembers). Credential holders are also required to obtain a minimum of 120 continuing professional education (CPE) credits over the three-year term to maintain the credential. At least 20 CPE credits must be earned every year.

CISM facts and figures

Other ISACA certification program elements

In addition to CISM, ISACA offers numerous certifications for those interested in information security and best practices. Other credentials worth considering include the following:

• Certified Information Systems Auditor (CISA)
• Certified in the Governance of Enterprise IT (CGEIT)
• Certified in Risk and Information Systems Control (CRISC)

The CISA designation was created for professionals working with information systems auditing, control or security and is popular enough with employers to earn it a place on the leaderboard. The CGEIT credential targets IT professionals working in enterprise IT management, governance, strategic alignment, value delivery, and risk and resource performance management. IT professionals who are seeking careers in all aspects of risk management will find that the CRISC credential nicely meets their needs.

Certified Information Security Manager (CISM) training

Pluralsight offers a CISM learning path containing five courses and 17 hours of instruction. The courses cover the domains addressed in the exam, but the learning path is aimed at the CISM job practice areas. 

CyberVista offers a CISM online training course in both live and on-demand formats. The course includes more than 16 hours of training videos, supplementary lessons, custom quizzes, practice test questions and access to experts through the instructor. As with other CyberVista courses, the CISM training course comes with a “pass guarantee.” 

Did you know?: According to CyberSeek, there are enough workers to fill only 68% of the cybersecurity job openings in the U.S. A cybersecurity certification is an important way to demonstrate the knowledge and ability to succeed in these job roles.

3. CompTIA Security+

CompTIA’s Security+ is a well-respected, vendor-neutral security certification. Security+ credential holders are recognized as possessing superior technical skills, broad knowledge and expertise in multiple security-related disciplines.

Although Security+ is an entry-level certification, the ideal candidates possess at least two years of experience working in network security and should consider first obtaining the Network+ certification. IT pros who obtain this certification have expertise in areas such as threat management, cryptography, identity management, security systems, security risk identification and mitigation, network access control, and security infrastructure. The CompTIA Security+ credential is approved by the U.S. Department of Defense to meet Directive 8140/8570.01-M requirements. In addition, the Security+ credential complies with the standards for ISO 17024.

The Security+ credential requires a single exam, currently priced at $381. (Discounts may apply to employees of CompTIA member companies and full-time students.) Training is available but not required.

IT professionals who earned the Security+ certification prior to Jan. 1, 2011, remain certified for life. Those who certify after that date must renew the certification every three years to stay current. To renew, candidates must obtain 50 continuing-education units (CEUs) or complete the CertMaster CE online course prior to the expiration of the three-year period. CEUs can be obtained by engaging in activities such as teaching, blogging, publishing articles or whitepapers, and participating in professional conferences and similar activities.

CompTIA Security+ facts and figures

CompTIA Security+ training

You’ll find several companies offering online training, instructor-led and self-study courses, practice exams and books to help you prepare for and pass the Security+ exam.

Pluralsight offers a Security+ learning path as a part of its monthly subscription plan for the latest SY0-601 exam. Split into six sections, the training series is more than 24 hours long and covers attacks, threats and vulnerabilities; architecture and design; implementation of secure solutions; operations and incident response; and governance, risk and compliance.

CyberVista offers a Security+ practice test so you can test your security knowledge before attempting the SY0-601 exam. The test comes with a 180-day access period and includes multiple sets of test questions, key concept flash cards, access to InstructorLink experts, a performance tracker and more. As with CyberVista’s other offerings, this practice test comes with a “pass guarantee.”

4. CISSP: Certified Information Systems Security Professional

CISSP is an advanced-level certification for IT pros who are serious about careers in information security. Offered by the International Information Systems Security Certification Consortium, known as (ISC)2 (pronounced “ISC squared”), this vendor-neutral credential is recognized worldwide for its standards of excellence.

CISSP credential holders are decision-makers who possess the expert knowledge and technical skills necessary to develop, guide and manage security standards, policies and procedures within their organizations. The CISSP certification continues to be highly sought after by IT professionals and is well recognized by IT organizations. It is a regular fixture on most-wanted and must-have security certification surveys.

CISSP is designed for experienced security professionals. A minimum of five years of experience in at least two of (ISC)2’s eight common body of knowledge (CBK) domains, or four years of experience in at least two of (ISC)2’s CBK domains and a college degree or an approved credential, is required for this certification. The CBK domains are security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security.

(ISC)2 also offers three CISSP concentrations targeting specific areas of interest in IT security:

• Architecture (CISSP-ISSAP)
• Engineering (CISSP-ISSEP)
• Management (CISSP-ISSMP)

Each CISSP concentration test is $599, and credential seekers must currently possess a valid CISSP.

An annual fee of $125 is required to maintain the CISSP credential. Recertification is required every three years. To recertify, candidates must earn 40 CPE credits each year, for a total of 120 CPE credits within the three-year cycle.

CISSP facts and figures

Certified Information Systems Security Professional (CISSP) training

Given the popularity of the CISSP certification, there is no shortage of available training options. These include classroom-based training offered by (ISC)2, as well as online video courses, practice exams and books from third-party companies.

Pluralsight’s CISSP learning path includes 12 courses and 25 hours of e-learning covering the security concepts required for the certification exam. Available for a low monthly fee, the CISSP courses are part of a subscription plan that gives IT professionals access to Pluralsight’s complete library of video training courses.

When you’re ready to test your security knowledge, you can take a simulated test that mimics the format and content of the real CISSP exam. Udemy offers CISSP practice questions to help you prepare for this challenging exam.

5. CISA: Certified Information Systems Auditor

ISACA’s globally recognized CISA certification is the gold standard for IT workers seeking to practice in information security, audit control and assurance. Ideal candidates can identify and assess organizational threats and vulnerabilities, assess compliance, and provide guidance and organizational security controls. CISA-certified professionals demonstrate knowledge and skill across the CISA job practice areas of auditing, governance and management, acquisition, development and implementation, maintenance and service management, and asset protection.

To earn the CISA certification, candidates must pass one exam, submit an application, agree to the code of professional ethics, agree to the CPE requirements and agree to the organization’s information systems auditing standards. In addition, candidates must possess at least five years of experience working with information systems. Some substitutions for education and experience with auditing are permitted.

To maintain the CISA certification, candidates must earn 120 CPE credits over a three-year period, with a minimum of 20 CPE credits earned annually. Candidates must also pay an annual maintenance fee ($45 for members; $85 for nonmembers).

CISA facts and figures

Certified Information Systems Auditor (CISA) training

Training opportunities for the CISA certification are plentiful. Udemy offers more than 160 CISA-related courses, lectures, practice exams, question sets and more. On Pluralsight, you’ll find 12 courses with 27 hours of information systems auditor training covering all CISA job practice domains for the CISA job practice areas.

Beyond the top 5: More cybersecurity certifications

In addition to these must-have credentials, many other certifications are available to fit the career needs of any IT professional interested in information security. Business owners should consider employing workers with these credentials as well.

• The SANS GIAC Security Essentials (GSEC) certification remains an excellent entry-level credential for IT professionals seeking to demonstrate that they not only understand information security terminology and concepts but also possess the skills and technical expertise necessary to occupy “hands-on” security roles.
• If you find incident response and investigation intriguing, check out the Logical Operations CyberSec First Responder (CFR) certification. This ANSI-accredited and U.S. DoD-8570-compliant credential recognizes security professionals who can design secure IT environments, perform threat analysis, and respond appropriately and effectively to cyberattacks. Logical Operations also offers other certifications, including Master Mobile Application Developer (MMAD), Certified Virtualization Professional (CVP), Cyber Secure Coder and CloudMASTER.
• The associate-level Cisco Certified CyberOps Associate certification is aimed at analysts in security operations centers at large companies and organizations. Candidates who qualify through Cisco’s global scholarship program may receive free training, mentoring and testing to help them achieve a range of entry-level to expert certifications that the company offers. CompTIA Cybersecurity Analyst (CySA+), which launched in 2017, is a vendor-neutral certification designed for professionals with three to four years of security and behavioral analytics experience.
• The Identity Management Institute offers several credentials for identity and access management, data protection, identity protection, identity governance and more. The International Association of Privacy Professionals (IAPP), which focuses on privacy, has a small but growing number of certifications as well.
• The SECO-Institute, in cooperation with the Security Academy Netherlands and APMG, is behind the Cyber Security & Governance Certification Program; SECO-Institute certifications aren’t well known in the United States, but their popularity is growing. 
• It also may be worth your time to browse the Chartered Institute of Information Security accreditations, the U.K. equivalent of the U.S. DoD 8570 certifications and the corresponding 8140 framework.

Also, consider these five entry-level cybersecurity certifications for more options.

Tip: Before you decide to purchase training for a certification or an test voucher, see if your employer will cover the cost. Employers may cover all or part of the cost if you have a continuing education or training allowance, or if the certification is in line with your current or potential job duties.

Information security and cybersecurity jobs

According to CyberSeek, the number of cybersecurity job openings in the U.S. stands at almost 598,000, with about 1.05 million cybersecurity professionals employed in today’s workforce. Projections continue to be robust: The U.S. Bureau of Labor Statistics expects 33% growth in information security analyst positions between 2020 and 2030; in comparison, the average rate of growth for all occupations is about 8%.

Security-related job roles include information security specialist, security analyst, network security administrator, system administrator (with security as a responsibility) and security engineer, as well as specialized roles, like malware engineer, intrusion analyst and penetration tester.

Average salaries for information security certified and security engineers – two of the most common job roles – vary depending on the source. For example, SimplyHired reports about $74,000 for specialist positions, whereas Glassdoor‘s national average is about $108,000. For security engineers, SimplyHired reports almost $112,000, while Glassdoor’s average is more than $111,000, with salaries on the high end reported at $261,000. Note that these numbers frequently change as the sources regularly update their data. [Meet the man who kept Microsoft safe and secure for more than a decade.]

Our informal job board survey from April 2022 reports the number of job posts nationwide in which our featured certifications were mentioned on a given day. This should deliver you an idea of the relative popularity of each certification.

Job board search results (in alphabetical order by cybersecurity certification)

Did you know?: Cybersecurity matters even when you’re traveling. Find out how to keep your computer secure when you’re on the road for business or pleasure.

The importance of hiring information security and cybersecurity professionals

According to Risk Based Security‘s 2021 Year End Data Breach Quickview Report, there were 4,145 publicly disclosed breaches throughout 2021, containing over 22 billion records. This is the second-highest number of breached records, after an all-time high the year before. The U.S. was particularly affected, with the number of breaches increasing 10% compared with the previous year. More than 80% of the records exposed throughout 2021 were due to human error, highlighting an ever-increasing need for cybersecurity education, as well as for highly skilled and trained cybersecurity professionals. [Learn how to recover from a data breach.]

If you’re serious about advancing your career in the IT field and are interested in specializing in security, certification is a great choice. It’s an effective way to validate your skills and show a current or prospective employer that you’re qualified and properly trained. If you’re a business owner, hiring certified professionals and skilled IT managers can help prevent cyberattacks and provide confidence that your company’s security is in the right hands. In the meantime, review our quick cybersecurity tips to Strengthen your company’s protection.

Jeremy Bender contributed to the writing and research in this article.

Actuarial Mathematics (ACMA)

Asia-Canada (ASC)

Biology (BISC) 

Biomedical Physiology and Kinesiology (BPK)

Business (BUS)

Communication (CMNS) 

Computing Science (CMPT) 

Contemporary Arts (CA) 

Criminology (CRIM) 

Earth Sciences (EASC)

Economics (ECON)

Education (EDUC) 

English (ENGL) 

Engineering Science (ENSC) 

Environment (ENV) 

Environmental Science (EVSC) 

Explorations (EXPL) 

Foundations Courses: FAL X99 and FAN X99

Health Sciences (HSCI) 

History (HIST)

Humanities (HUM)

Interactive Arts and Technology (IAT)

International Studies (IS) 

Labour Studies (LBST)

Linguistics (LING) 

Mathematics (MATH)

Molecular Biology and Biochemistry (MBB) 

Mechatronic Systems Engineering (MSE) 

Philosophy

Physics (PHYS) 

Planning (PLAN)

Political Science (POL)

Psychology (PSYC)

Publishing (PUB)

Resource and Environmental Management (REM)

Sociology and Anthropology (SA)

Statistics and Actuarial Science (STAT)

Sustainable Development (SD)

Sustainable Energy Engineering (SEE)

Urban Studies, Masters Program (URB)

Students requiring accommodations as a result of a disability, must contact the Centre for Students with Disabilities (778) 782-3112 or csdo@sfu.ca.

Instructor:    Dr. Elizabeth Elle

                        Office: B8230, 291-4592

elizabeth_elle@sfu.ca

Prerequisite: BISC 204

Course Fee:   $15.00 field, $3.50 materials

Course Description: The study of the distribution and abundance of plants, including how individuals, populations, and communities are affected by abiotic (climate, soil) and biotic (competition, herbivory) factors. The special problems experienced by plants, as sessile organisms, will be a main focus in our discussion of life history evolution (pollination, defence, dispersal) and population and community dynamics.

Course Web Page (from last year)—includes the lecture outlines and lab schedule from 2003, and 2004 will be similar: http://www.sfu.ca/biology/courses/bisc404/index.html

Laboratory: Experiments on various ecological phenomena, including competition, pollination, and herbivory, and vegetation sampling and analysis. Data collected and analyzed by students will serve as the basis for reports. In addition, there will be field trips to several different habitats in the lower mainland. The lecture and lab are tightly integrated in BISC 404; field work is fundamental to plant ecology so be prepared for outdoor work, rain or shine! Labs begin the first week of class, and students can expect to return late from one or two of the off-campus labs.

Text: Gurevitch, J., S. Scheiner, and G. Fox. 2002. The Ecology of Plants. Sinauer Associates. (Required, and available in bookstore)

Recommended, but not required: Pojar J. and A. MacKinnon. Plants of Coastal British Columbia. Lone Pine Publishing.

Marks:            Two quizzes, 20% each

                        Final (cumulative) 30%

                        Lab 30% (participation 5%; two papers, 10% and 15%)

1) High Growth and Dual Structure

Through the Reconstruction Period and by the low 1950s, the Japanese economy recovered almost to the pre-War level and SMEs became very active. Capital investments called for further capital investment. The favorable economic cycle resulted in surging national income, to achieve High Economic Growth.

In the course of the economic recovery and high growth, however, large-scale enterprises and SMEs went with two different paces of growth to very different levels of productivity, wages, technology and financing ability. Thus arguments began to prevail on the "Dual Industrial Structure" of "advanced large-scale enterprises" and "delayed SMEs."

2) Measures for Solving the Dual Industrial Structure

<Financial Resources>

The Law on Financial Assistance for Promoting Small and Medium Enterprises was enacted in 1956 to support improvement in productivity by applying modern equipment. Municipal governments began to loan under the said Law such funds as were necessary for modernizing equipment.

<Cooperatives>

In 1957, the Law Concerning the Organization of Small and Medium Enterprises Organizations was enacted. This law was designed to strengthen SME organizations and to establish a organization which adjusts business activities.

<Management Consulting and Guidance>

In this area, the Law on Organizing Commerce and Industry Association (Commerce and Industry Association Law) was enacted in 1960 in order to Strengthen and better the management of small-scale enterprises through management consulting, which meant that better management programs were broadly diffused by the government.

As for guidance programs, the Small and Medium Enterprise Guidance Law was enacted in 1963 to prepare a systematic and efficient scheme of guidance for the rationalization of management and improvement in technology for SMEs, whereby municipal governments can plan and efficiently undertake the guidance.

3) Countermeasures for the Diffusion of the Subcontracting Division of Labor Structure

Through the first and second stages of the High Growth Period, stratification of enterprises developed to such an extent that stratified structure (subcontracting division of labor structure) became evident, with a parent enterprise at the top. Japanese SMEs’ industries then became incorporated in such division of labor structure, which was typified in the electrical machinery manufacturing and transportation machinery industries. The improvement of efficiency and progress in technology with this division of labor and specialization typify the Japanese SMEs.

In combination with the said move, on the other hand, many parent enterprises, taking advantage of their predominant position over subcontractors, would increasingly enforce unfair practices such as delaying or reducing payment for subcontractors, infringing their benefits. As countermeasures to the unfairness, and to control the abuse of power by large-scale enterprises, the Law on the Prevention of Delay in the Payment of Subcontracting Charges and Related Matters (the Subcontractors’ Payment Law) was enacted in 1956.

Business intelligence definition

Business intelligence (BI) is a set of strategies and technologies enterprises use to analyze business information and transform it into actionable insights that inform strategic and tactical business decisions. BI tools access and analyze data sets and present analytical findings in reports, summaries, dashboards, graphs, charts, and maps to provide users with detailed intelligence about the state of the business.

The term business intelligence often also refers to a range of tools that provide quick, easy-to-digest access to insights about an organization’s current state, based on available data.

Benefits of BI

BI helps business decision-makers get the information they need to make informed decisions. But the benefits of BI extend beyond business decision-making, according to data visualization vendor Tableau, including the following:

• Data-driven business decisions: The ability to drive business decisions with data is the central benefit of BI. A strong BI strategy can deliver accurate data and reporting capabilities faster to business users to help them make better business decisions in a more timely fashion.
• Faster analysis and intuitive dashboards: BI improves reporting efficiency by condensing reports into dashboards that are easy for non-technical users to analyze, saving them time when seeking to glean insights from data.
• Increased organizational efficiency: BI can help provide holistic views of business operations, giving leaders the ability to benchmark results against larger organizational goals and identify areas of opportunity.
• Improved customer experience: Ready access to data can help employees charged with customer satisfaction provide better experiences.
• Improved employee satisfaction: Providing business users access to data without having to contact analysts or IT can reduce friction, increase productivity, and facilitate faster results.
• Trusted and governed data: Modern BI platforms can combine internal databases with external data sources into a single data warehouse, allowing departments across an organization to access the same data at one time.
• Increased competitive advantage: A sound BI strategy can help businesses monitor their changing market and anticipate customer needs.

Business intelligence examples

Reporting is a central facet of BI and the dashboard is perhaps the archetypical BI tool. Dashboards are hosted software applications that automatically pull together available data into charts and graphs that deliver a sense of the immediate state of the company.

Although business intelligence does not tell business users what to do or what will happen if they take a certain course, neither is BI solely about generating reports. Rather, BI offers a way for people to examine data to understand trends and derive insights by streamlining the effort needed to search for, merge, and query the data necessary to make sound business decisions.

For example, a company that wants to better manage its supply chain needs BI capabilities to determine where delays are happening and where variabilities exist within the shipping process. That company could also use its BI capabilities to discover which products are most commonly delayed or which modes of transportation are most often involved in delays.

The potential use cases for BI extend beyond the typical business performance metrics of improved sales and reduced costs.

Tableau and software review site G2 also offer concrete examples of how organizations might put business intelligence tools to use:

• A co-op organization could use BI to keep track of member acquisition and retention.
• BI tools could automatically generate sales and delivery reports from CRM data.
• A sales team could use BI to create a dashboard showing where each rep’s prospects are on the sales pipeline.

Business intelligence vs. business analytics

Business analytics and BI serve similar purposes and are often used as interchangeable terms, but BI should be considered a subset of business analytics. BI focuses on descriptive analytics, data collection, data storage, knowledge management, and data analysis to evaluate past business data and better understand currently known information. Whereas BI studies historical data to guide business decision-making, business analytics is about looking forward. It uses data mining, data modeling, and machine learning to answer why something happened and predict what might happen in the future.

Business intelligence is descriptive, telling you what’s happening now and what happened in the past to get your organization to that state: Where are sales prospects in the pipeline today? How many members have we lost or gained this month? Business analytics, on the other hand, is predictive (what’s going to happen in the future?) and prescriptive (what should the organization be doing to create better outcomes?).

This gets to the heart of the question of who business intelligence is for. BI aims to deliver straightforward snapshots of the current state of affairs to business managers. While the predictions and advice derived from business analytics requires data science professionals to analyze and interpret, one of the goals of BI is that it should be easy for relatively non-technical end users to understand, and even to dive into the data and create new reports.

A variety of different types of tools fall under the business intelligence umbrella. The software selection service SelectHub breaks down some of the most important categories and features:

• Dashboards
• Visualizations
• Reporting
• Data mining
• ETL (extract-transfer-load — tools that import data from one data store into another)
• OLAP (online analytical processing)

Of these tools, dashboards and visualization are by far the most popular; they offer the quick and easy-to-digest data summaries that are at the heart of BI’s value proposition.

Some of the top BI tools include:

• Domo
• Dundas BI
• Microsoft Power BI
• MicroStrategy
• Oracle Analytics Cloud
• Qlik
• SAS
• Sisense
• Tableau
• Tibco

Business intelligence jobs

Any company that’s serious about BI will need to have business intelligence analysts on staff. BI analysts use data analytics, data visualization, and data modeling techniques and technologies to identify trends. The role combines hard skills such as programming, data modeling, and statistics, with soft skills like communication, analytical thinking, and problem-solving.

Even if your company relies on self-service BI tools on a day-to-day basis, BI analysts have an important role to play, as they are necessary for managing and maintaining those tools and their vendors. They also set up and standardize the reports that managers are going to be generating to make sure that results are consistent and meaningful across your organization. And to avoid garbage in/garbage out problems, business intelligence analysts need to make sure the data going into the system is correct and consistent, which often involves getting it out of other data stores and cleaning it up.

Business intelligence analyst jobs often require only a bachelor’s degree, at least at the entry level, though to advance up the ranks an MBA may be helpful or even required. As of January 2023, the median business intelligence salary is around $72,000, though depending on your employer that could range from $53,000 to $97,000.

More on business intelligence: