(continued from Process Types Part 1)



In the past decade, the Lean movement made an impact on the way businesses bring new products to market. The term was first introduced by John Krafcik (Krafcik, 1988) when referring to the manufacturing approaches in the Japanese market in the eighties. Lean manufacturing is an approach that in its core is made to avoid waste in every aspect of the process. The approach takes many of its ideas from the Toyota Production System, as introduced by Taiichi Ono.

Among its tenets are drawing on the knowledge and creativity of individual workers, the shrinking of batch sizes, just-in-time production and inventory control, and an acceleration of cycle times. It taught the world the difference between value-creating activities and waste and showed how to build quality into products from the inside out. (Ries, The Lean Startup, 2011)

In more recent years, these “Lean” principles have been applied to other parts of industry and business outside of the production settings. A prime example is the “Lean Startup” movement pioneered by Eric Ries. The basic idea in the Lean Startup approach, as in the Lean Manufacturing approach, is that waste has to be minimized in the startup phase of new endeavours. This approach can be valuable to innovation in the wide sense as well, not just for startups. As stated by Ries, a startup can be very broadly defined as:

“A human institution designed to create a new product or service under conditions of extreme uncertainty” (Ries, The Lean Startup, 2011)

This definition mentions nothing about the size of the institution. Sometimes a startup is the classic example of the new, young organization with a clear entrepreneurial spirit, and sometimes a startup is a new or existing division in a large enterprise creating a new product or service. What they all have in common are the uncertain conditions. To deal with this uncertainty, Ries postulates that progress of a startup should be measured in terms of validated learning. The sooner the startup learns, and subsequently acts on that knowledge, the smaller the “waste” the organisation will produce. Learning, in the mind of the author, should happen primarily through the use of experiments. These are the principles that are at the core of the Lean Startup movement (Ries, THE LEAN STARTUP METHODOLOGY):

  • Enterpreneurs are everywhere: you do not have to identify with the prototypical young startup enterprise to be an entrepreneur.
  • Entrepreneurship is management: being an entrepreneur is not something that happens haphazard. A real management approach is required, albeit maybe different from the approaches that you find in classic management literature.
  • Validated Learning: the goal of the early stages of a startup is to learn how to build a sustainable business. The way to do this is through experiments that enable validated learning.
  • Innovation Accounting: startups require their own measurement system, called innovation accounting, describing how progress should be measured, and how work can be prioritized.
  • Build-Measure-Learn: there is a clear feedback loop to make validated learning possible, called the build-measure-learn cycle.

The Build-Measure-Learn feedback loop forms the process that Ries envisions for a lean startup. In order to get to “Validated Learning” as quickly as possible, one must build a prototype (which can range from a pen and paper prototype to a working prototype), measure the response through qualitative or quantitative research methods such as experiments, and learn from the results. The result of a learning phase should be either to fine-tune the approach, or to “pivot” to a radically different approach.

Figure 8: the Build-Measure-Learn Cycle (Ries, THE LEAN STARTUP METHODOLOGY)



While Ries describes many of the important principles and corroborates them with examples, In (Maurya, Running Lean: Iterate from Plan A to a Plan That Works, 2012), the author of “Running Lean” (Maurya, Running Lean: Iterate from Plan A to a Plan That Works, 2012) gives a more practical approach to the “Lean Startup” process. There are three steps in the “Running Lean” process:

  • Document your plan A.
  • Identify the riskiest parts of your plan.
  • Systematically test your plan.

For documenting the plan, Maurya advises to use the “Lean Canvas”. The Lean Canvas, which is based on the Business Model Canvas by Alex Osterwalder (Osterwalder A. , 2010), is a one page overview of the business plan. Figure 9 provides an overview of the Lean Canvas.



Figure 9: the Lean Canvas :

 (Maurya, Lean Canvas, 2012)

Once the lean canvas has been drafted (which Maurya advises to not do this by oneself, and preferably through interations), the riskiest parts must be identified. The biggest risk of most startups is not the technical feasibility, but rather building a product that nobody wants. Therefore Maurya stipulates that a startup goes through three phases:

  • Problem/Solution Fit: find out if we have a problem worth solving.
  • Product/Market Fit: find out if we have built something people want.
  • Scale: find out how we can accelerate growth.

Once the riskiest parts have been defined, it is time to systematically test the plan using the Build-Measure-Learn loop described earlier.

While the “Lean” processes definitely have their worth in the innovation space, we must be careful to generalize their applicability. First of all, even though many of the techniques have a common sense aura surrounding them, they have not been scientifically proven yet as being better than other models. Second, the lean approaches seem best suited to business where iterating through the loop multiple times in order to get client feedback is not a costly affair in itself, such as is the case for purely software based startups. Businesses where costly manufacturing is involved might not be so keen on a process that relies very heavily on iterative design and testing. Other critiques that have been posited can be found in (Kern, 2012), (Burgstone, 2012) and (Pelling, 2011).





Burgstone, J. (2012, 5 10). What's Wrong With the Lean Start-up. Opgeroepen op 10 30, 2014, van Inc.com: http://www.inc.com/jon-burgstone/flaws-in-the-lean-start-up.html
Cagnazzo, L., & Taticchi, P. B. (2008). A literature review on innovation management tools. Revista de Administração da Universidade Federal de Santa Maria, 316-330.
Chesbrough, H. (2003). Open innovation: the new imperative for creating and profiting from technology. Harvard business school press.
Chesbrough, H., 2004. Open Innovation Renewing Growth from Industrial R&D. Minneapolis, s.n.
du Preez, N. & Louw, L., 2008. A framework for managing the innovation process. CapeTown, South Africa, s.n 
Enkel, E., Gassmann, O. & Chesbrough, H., 2009. Open R&D and Open Innovation: exploring the phenomenon. , 39(4): 311-316.. R&D Management, 39(4), pp. 311-316.
Forrest, J. (1991). Models of the process of technological innovation. Technology analysis and strategic management, 3(4), 439-452.
Galanakis, K. (2006). Innovation process: Make sense using systems thinking. Technovation, 26(11), 1222-1232.
Hobday. (2005). Firm-level Innovation Models: Perspectives on Research in Developed and Developing Countries. Technology analysis & strategic management, 121-146.
Kern, E. (2012, 12 3). Marc Andreessen: Not every startup should be a Lean Startup or embrace the pivot. Opgeroepen op 10 30, 2014, van GigaOm: https://gigaom.com/2012/12/03/marc-andreessen-not-every-startup-should-be-a-lean-startup-or-embrace-the-pivot/
Krafcik, J. F. (1988). Triumph of the Lean Production System. MIT Sloan Management Review, 30(1).
Maurya, A. (2012). Lean Canvas. Opgeroepen op 10 30, 2014, van Practive Trumps Theory: http://practicetrumpstheory.com
Maurya, A. (2012). Running Lean: Iterate from Plan A to a Plan That Works. O'Reilly Media.
Mowery, D. C., & Rosenberg, N. (1978). The Influence of Market Demand upon Innovation: a critical review of some recent empirical studies. Research Policy.
O'Raghallaigh, P., Sammon, D., & Murphy, C. (2011). A re-conceptualisation of innovation models to support decision design. Journal of decision systems, 20, 361-382.
Osterwalder, A. (2010). Business Model Generation: A Handbook for Visionaries, Game Changers, and Challengers. John Wiley and Sons.
Pavitt, K. (2005). Innovation processes. The Oxford handbook of innovation.
Pelling, N. (2011, 5 10). Lean Startups suck. Here are 10 reasons why…. Opgeroepen op 10 28, 2014, van Funding Startups: http://nanodome.wordpress.com/2011/10/05/lean-startups-suck-here-are-10-reasons-why/
Ries, E. (2011). The Lean Startup. Crown Business.
Ries, E. (sd). THE LEAN STARTUP METHODOLOGY. Opgeroepen op 10 30, 2014, van The Lean Startup: http://theleanstartup.com/principles
Rothwell, R. (1992). Developments Towards the Fifth Generation Model of Innovation. Technology Analysis and Strategic Management, 4(1), 73-75.
Rothwell, R. (1993). Chair Hydro—Quebec Conference enGestion de al Technologie. Systems Integration and Networking: The fifth generation innovation process. Montreal.
Rothwell, R. (1994). Towards the fifth-generation innovation process. International marketing review, 11, 7-31.
Trott, P. (2005). Innovation Management and New Product Development. Harlow: Pearson Education Limited.



PACS stakeholders can also be categorised with regards to their role in the overall innovation process, and can be distinguished across four key categories:

  • “Innovators”: individuals or companies that are looking to bring ideas in the PACs domain to market. Sub-categories include researchers, vendors, service providers, integrators and infrastructure providers;
  • “Enablers”: individuals or entities who are responsible for supporting individuals or companies in being more innovative and in commercialising technology;
  • “Influencers”: individuals whose professional mandates influence or impact on the ability of PACs Innovators or Enablers to bring technologies to market;
  • “End-Users”: individuals or organisations leveraging PACs technologies and services to improve resilience of their own infrastructures, or technologies they provide to others.


Different organisations and individuals may fall into multiple stakeholder categories under this scheme, depending on factors, particularly their relationship with the product lifecycle, as illustrated in the different innovation stakeholders.


Key and Emerging Players

For an overview of PACS key and emerging players see market theme.

Key PACs Buyer Categories
PACs market competitive analysis by Pierre Audoin Consultants identifies four key distinct buying groups in the security (and privacy) domain, each with significantly different security requirements, buying/pricing points and purchasing behaviours [PAC13]. These four identified categories are:

  1. Defence and Intelligence, specialist defence and intelligence agencies which are a specialised sub-segment of the wider public sector cyber security segment
  2. Government (other than Defence and Intelligence) – this includes central and local government, publicly funded agencies and so on
  3. Large Enterprises – i.e. private firms with more than 250 employees
  4. SMEs and Consumers – which account for the remaining private sector buyers, and buyers in the general public.

Players across several of these sub-segments operate in relatively distinct silos, for example target stakeholders in the Defence and Intelligence segment would typically operate in a completely different community to those serving the Large Enterprise segment, with significantly different product requirements and selling protocols in each. Also, many bespoke solutions developed for Defence and Intelligence purposes will be too advanced for many target buyers in enterprise segments, while in turn, solutions for the mass market segment are unlikely to be powerful or configurable enough for Defence industry purposes. Sales cycles in the Defence industry may take many years to develop, resulting in an organisational culture that would operate very differently to those that serving more fast-moving enterprise and consumer markets. Also, selling to SMEs and consumers requires a low-touch multi-channel approach (typically combining online and offline elements), which can be quite different to selling to large enterprises where more consultative and integrated ways of working with clients are essential. There will also be strong channels alliances between vendors, partners and customers within each segment, creating strong entry barriers to those crossing over from one sub-market to another. Further characteristics of these four buyer groups are highlighted in Table 1.


Buyer Sub-Category

Overview of Sub-Segment

Defence and Intelligence

  • Most mature security market segment, tend to buy the most expensive and complex products
  • Invest in solving the most complex PACs R&D challenges
  • Highly trusted relationships with PACs vendors and service providers, who are typically small in number and are required to have top security clearance levels.
  • Long sales cycles typical (years rather than months)
  • SMEs suppliers do not typically access this market easily, when they do it is usually via larger product and service providers


  • Broadly can be referred to as the “rest of the public sector”
  • Key sub-segments within this group include (1) larger “central” government agencies covering key ministries (e.g finance, social protection, pensions, justice etc) (2) Law enforcement groups focused on cybercrime dimension of PACs, (3) agencies operating at regional or local government level – e.g. local government agencies, universities, health trusts etc).
  • Broad spectrum of PACs requirements can exist within the Government category. (1) Central agencies will often have the most sophisticated PACs requirements, often as part of larger organisational or ICT transformation programmes. (2) Law enforcement will have specific requirements to help them identify and prosecute perpetrators of cyber-attacks, fraud, and other serious cyber-crime offences - defence contractors participate alongside enterprise PACs players here (3) smaller regional government entities will have varying PACs requirements that will overlap heavily with a broad portion of the enterprise segment.
  • Key differentiator between government and enterprise buyers is the need for Government agencies to follow specific procurement procedures and tendering processes, often supported by specialist online portals.

Large Enterprises

  • Tend to have broadly similar PACs requirements as the central government agencies above, but often are supported by more developed in-house IT skills and resourcing.
  • Will also have different procurement procedures to government agencies
  • Certain enterprise segments are more vulnerable than others to attack due to several motivations, for example financial players (e.g. financial reward), pharmaceutical players (e.g. IP theft), and IT service providers (e.g. reputational damage). Pivotal IT players with broad global infrastructure footprint (e.g. Google, Amazon, Rackspace, etc) would also have highly advanced PACs requirements.
  • Other industries would typically have a lower risk profile rating (e.g. manufacturing and retail), and would typically spend much less on security. For example online retailers are particularly careful in ensuring that security measures do not negatively impact customer experiences and online conversion rates.
  • Understanding the industry-specific nuances of individual verticals and implications for implementing appropriate levels of PACs are crucial in serving each segments, particularly around industry-specific legislation and compliance mandates that may complement broader government-mandated legislation.

SMEs and Consumers

  • Viewed as the least mature segment with the strongest growth potential in the long term.
  • Have much smaller budget availability but collectively expected to form a larger addressable market opportunity in the future, especially as SMEs are now being breached more frequently than in previous years .
  • Consumers and (most) SMEs have a very different PACs buying behaviour to larger enterprises, do not have dedicated cyber/IT security skills, and tend to buy their IT from low-touch channels, i.e. resellers, high street retailers, or via the web, and increasingly via cloud services.
  • Like to “outsource” security, and have it pre-packaged in the services they buy. Hence it is often bundled by default in widely used hardware and software. A lot of freeware products serve this segment, making revenue potential and viable business models more challenging.
  • From a supply-side analysis perspective at least, many SMEs (micro-SMEs in particular) would broadly have similar purchasing requirements as consumers. This is not to ignore the great variation that will exist across SMEs and that exceptions to this rule that will exist, particularly for companies at the larger side of the SME definition (~250 employees)



PACS Clusters
For an overview of PACS Clusters please refer to the dedicated subtheme in the ‘market’ section of the framework.


Policy Framework, Standards and Legislation Actors and Initiatives
The Policy Framework and Legislation subtheme highlights key activities and initiatives around policy, legislation and standards within the PACs domain. Key PACs institutions and their interrelationships influencing overall cyber security at regional and global levels are highlighted and described – EU and US initiatives are given particular attention. Key PACs standards are legislation are broadly itemised and highlighted. A summary of various incentives available to policymakers to influence PACs outcomes is also provided.

European PACs Investment Context
Higher volume of digital attacks and increasing awareness among clients of the need to increase defences means innovative PACS organisations are in a good position to be acquired. In the US alone, estimates around the cost of organisational failures ranges from between $70 billion to $400 billion in IP Theft per annum [MCA14]. An estimated 1110+ startup companies exist globally in various segments of the security market, defending and protecting against advanced persistent threats. Many of these organisations present ideal targets for acquisition by larger PACs and ICT enterprises, if their niche offering strengthen their overall portfolio and meet their client’s broadening range of security and privacy issues. This view is being driven by the desire of corporate customers for a single source, end-to-end solution that takes charge and responsibility of all their security needs - which in turn is driving consolidation among providers of different types of security solutions [E&Y13]. A case in point was the acquisition of Mandiant by FireEye at the beginning of 2014 for just over $1 billion, fusing FireEye's advanced persistent threat technology with Mandiant's endpoint protection, offering corporate clients of either organisation a complete end-to-end security solution.

According to investment firm Allegis Capital, a number of key PACs solution requirement categories are in significant demand and are driving this investment growth trend [PEH13]. Key desired solution aspects achieving investment include:
• Active defense solutions to protect websites from Botnet attacks
• Security/authentication/identity access and management for mobile devices as enterprises increasingly let employees bring their own devices to work (BYOD)
• Securing communications piece of infrastructures more effectively
• Identifying and mitigating malware once it’s gotten inside the network
• Innovative “big data” solutions applied to cyber security threats
• Secure cloud computing solutions, a key requirement for enterprises to more broadly adopt cloud computing
• Integrated, enterprise-wide security solutions to replace collections of “point” products that solve a single problem

Rather than spending billions devising new technologies, larger organisations are starting to look at acquiring smaller, more agile organisations that have developed innovative technologies that can deal with these new threats. For the large organisation this can give them a cheaper and quicker alternative to developing in-house skills. For the smaller organisation, being acquired allows them to get their product to a wider corporate market.

It is traditionally accepted that the US has a more mature and established venture capital industry than its European counterparts at present. This is particularly reflected in more successful performance returns over time – while the US VC industry has achieved 13% returns since 1990, its counterparts in Europe have managed just 2.1% over that period [ECON14], with much returns in the latter sapped during the dot-com bust, followed by post 2008 stagnancy across Europe in recent years.
Compared to Europe, the European VC ecosystem is funded much more heavily by government participants, with 40% of available funding coming from them, up from 14% in 2007, with much of this coming from the EU-backed European Investment Fund (EIF), which contributed €600m to European startups across all domains in 2013. Mixed views exist on the impact of public funding on startup investment, particularly when it is used to match funding from a public source, particularly VCs. Some private investors fear that any strings attached to government money (e.g. to create jobs in certain countries, or focus on certain sectors) may limit outcomes from their investments. There is also a perceived lack of transparency in how EIF-backed investments have fared, with no data available on investment performance. There is also the perception that European funds backed by government money can cash in on successful investments too early, selling companies to boost short term returns that make it easier to get follow-up government funding, thereby losing out on huge gains that can arise by staying with longer term bets. Pan-European rules placing limits on allowed investment (to ensure a perceived level playing field across individual European nations) are also viewed as being restrictive versus the US model, where no such limits exist [WSJ13]. Getting later stage financing is also seen as a challenge in Europe, where as few as 20-30% of European companies funded at seed stage are able to secure follow-up investment. Labour laws in many European countries are viewed as prohibitive to encouraging start-up activity, for example making it harder for companies to pay staff with stock options, often a key carrot to encouraging employees to take risks on working with start-ups.

However, in the PACs context more explicit funding supporting PACs-based start-ups in Europe is now emerging. For example, in June 2014 London-based C5 Capital became the first focused cyber security investment fund in Europe, providing a $125m fund for PACs start-ups. So far two investments have been made, an $8m investment in monitoring provider Balabit, as well as investment in Qinetiq spinout Metrasens28. Managers of the fund now believe that European ICT and PACS companies are now at an increased competitive advantage in Europe as a result of recent NSA surveillance scandals in the US, as such firms are not subjected to the same levels of data collection as their US counterparts. Traditionally, EU PACs companies have sought expansion funding to expand into US markets by default, but other markets such as the Middle East and Asia are now also seen as attractive alternatives [SCM14]. Local European vendors will also always benefit from understanding the local needs of the region, often giving them a competitive advantage over US and other non-European vendors over others, but there is now increased demand for Europeans to provide alternative services to protect citizens and their embodied data in their own markets.


process icon 01process icon 03process icon 04


Innovation in an organization does not happen by coincidence or “magic”. Instead, there needs to be a systematic process in place that creates the right environment for innovation in an organization to arise (John Jeston, 2008). The view that large gains in efficiency and effectiveness can be gotten from adopting a process oriented approach has gained considerable influence in the past two decades. As described in (Hammer, 2007):
In virtually every industry, companies of all sizes have achieved extraordinary improvements in cost, quality, speed, profitability, and other key areas by focusing on, measuring, and redesigning their customer-facing and internal processes.
The Process theme consists of two parts. First, we provide an overview various innovation processes that exist outside of the PaCS Core Innovation Process. In this section we also introduce the notion of “lean” innovation as an alternative approach. In addition, we introduce those governance tools and activities that an organization can use to assure itself of the approach it has taken regarding the innovation process itself. Using this theme, an organization can assess its innovation process maturity level and indicate gaps between its current state and desired state.



Given the proliferation in research and scholarly attention afforded to innovation over the last three decades, a diverse range of innovation modelling processes exist in the literature. The existing catalogue of process models of innovation can be generally subdivided into three umbrella categories: (1) Linear (2) phased models, and (3) non-linear, coupling, cyclical models.

Early models of innovation presented innovation as a linear phenomenon where each aspect was considered modular and unconnected to other parts of the innovation process. The linear model hypothesises that innovation starts with basic research, followed by applied research and development, and culminating with production and diffusion. The theory identifies two traditional linear underpinning approaches to innovation (Rothwell, 1994); “Technology push” and “demand pull”. Regarding technology push, innovation is seen considered to be driven solely by scientific advances whereas the latter demand pull approach views innovation as a response to demands for new products and processes. However, it was found early on that these models did not survive empirical scrutiny as this representation oversimplified the innovation process. Indeed, (Kline & Rosenberg, 1986) note that models that depict innovation as “…a smooth, well-behaved linear process badly misspecify the nature and direction of the causal factors at work. Innovation is complex, uncertain, somewhat disorderly, and subject to changes of many sorts”.

Phased models (Figure 1) serve as a management tool to map, systemise, control and review innovation progress across the sequential phases involved in an innovation project (Hughes & Chafin, 1996). As illustrated in Figure 1 below, Inputs and outputs for each phase are defined with management reviews at the end of each phase to determine the continuation of a project (“go-no-go”). The advantages of such an approach is in reducing uncertainty and promoting completion of sub stages of the innovation process. Equally so, the phased approach deals primarily with the development phase, and fails to accommodate any commercialisation perspectives (Verworn & Herstatt, 2002).

Figure 1 Linear Phase Review Model


Source: (Hughes & Chafin, 1996)

The process model by Pleschak et al. (Figure 2) delves into more detail across each stage of the innovation process and introduces the role for external stakeholders. Of merit for framing the range of issues surrounding innovation modelling, the Pleschak model specifically accommodates “…the possibility of truncation during every stage of the innovation process due to the rejection of an idea, technical or economical failure similar to Cooper’s gates” (Verworn & Herstatt, 2002).

Figure 2 Pleschak Process Model


Source: cited in (Verworn & Herstatt, 2002)

The Stage-Gate process (Cooper, 1990) also represents distinctive and orderly phases (Figure 3). The innovation process, according to the Stage Gate model consists of a range of gates to evaluate the various stages in the innovation development journey.

Figure 3 Stage Gate Model


Source: (Cooper, 1990)
At gate 1, the idea is evaluated according to must meet and should meet criteria such as strategic alignment, feasibility or fit with company policies. (Verworn & Herstatt, 2002) describe the stage gates as follows:
• Stage 1 represents a preliminary assessment of the project in terms of market, technology, and financials.
• After passing a second gate, a detailed investigation follows during stage 2 definition. Output from this stage is a business plan which is the basis for the decision on business case at gate 3.
• Stage 3 contains the actual development of the product and a marketing concept. Deliverable of this stage is a prototype product.
• Gate 4 ensures that the developed product is consistent with the definition specified at gate 3. In-house product tests, customer field trials, test markets, and trial productions are typical activities during the validation stage 4.
• Gate 5 decides on production start-up and market launch, which follow during stage 5. Objective of a terminating review is to compare actual with expected results and assess the entire project.

(Ulrich & Eppinger, 1995) normative process model (Figure 4) resembles Cooper’s stage-gate-process through mapping activities each function carries out during the development of an innovation. The noteworthiness of this model for (Verworn & Herstatt, 2002) is “…the interdisciplinary point of view. Every function is weaved into each phase of the development process”.


Figure 4 Normative Process Model


Source: (Ulrich & Eppinger, 1995)

Reflecting a project management orientation focus in terms of innovation modelling, the development funnel metaphor has been incorporated by researchers to illustrate the process from idea to innovation execution (Wheelwright & Clark, 1992); (McGrath, 1996)). The wide element of the funnel, reflects the idea generation/concept development stage and the funnel narrows as ideas progress through corresponding development, test and release phases (as illustrated in Fig 5)

Figure 5 PACE NPD Funnel


Source: (McGrath, 1996)

The Innovation Pentathlon Model (Goffin & Pfeiffer, 1999) also incorporates a funnel approach and highlights five performance areas which must be prioritised and integrated for effective innovation (Goffin & Mitchell, 2005); (Oke, et al., 2007). The five interlocking elements referred to in the pentathlon are:
• Ideas Management & Creativity Management;
• Prioritization, Selection and Portfolio Management;
• Implementation Management (NPD etc.);
• Innovation Strategy;
• Human Resource Management (People and Organisation).

The pentathlon framework accommodates a wider range of soft organisational issues than the traditional linear innovation model. It overcomes the deficiencies of typical phased models by including: HRM, Creativity/Ideas Management, the selection of priorities, and the importance of market conditions (in respect of the products, processes and services). At the top of the model lies the role of an innovation strategy, which will dictate what is needed in terms of the focus and goals, communication, technology and the measurement of success. In the middle of the model, a flow is often conceptualised within a funnel, indicating a move of the ideas through a prioritisation process as and through to implementation and new product development interactions with the marketplace. Underneath this middle section, the model depicts the formalisation of the human element in innovation. The pentathlon framework (Goffin & Pfeiffer, 1999) is distinctive from earlier models in featuring the human factor in innovation; specifically, recognising how the people and organizational climate play a role, and consequently, the value of seeking a conducive culture, where people are motivated to innovate.

Mindful of the combination of technical activities occurring in the innovation process, the external forces of the market place, as well as the complex interac tions and iterations between the various stages of the process, researchers in the field of innovation have developed more complex and inclusive models based upon the limitations of linear and sequential models (Leger & Swaminatham, 2007).


Kline and Rosenberg’s Chain Linked innovation model (Figure 6) combines both market pull and technology push orientations, identifies five paths of innovation process (C): starting with the perception of a new market opportunity and/or a new science and technology-based invention; this is necessarily followed by the ‘analytic design’ (D) for a new product or process, and subsequently leads to development, production and marketing (Kline & Rosenberg, 1986).

Figure 6 Chain Linked Innovation Model


Source: (Kline & Rosenberg, 1986)

The process accomodates feedback loops (f, F) link each downstream phase in the central chain with the phase immediately preceding it and longer feedback loops link perceived market demand and product users with phases upstream. The second set of relationships links the innovation process embedded in firms and industries with the scientific and technical knowledge base and with research (K). In terms of use case scenarios – innovators search the existing knowledge bases to seek a solution to an identified problem (1), and if such solutions are available, continues along the innovation chain(2). If no solution knowledge is available, then the innovator resorts to conducting research (3). The restults of such research activities are then fed into the innovation chain (4). Finally, the results are subsequently integrated into the scientific arena (S).

Earlier versions of Cooper et al.’s Stage Gate process models prescribed that the next phase can only start, if the project complied with all the requirements prior one. However, the stage gate process has evolved to incorporate feedback and spiral loops to address the limitation of a sequential pattern, as illustrated in Figure 7.


Figure 7 The Next Generation Idea to Launch System


Source: (Cooper, 2012)

Departing from a linear conceptualisation, Berkhout’s Cyclic Innovation Model (CIM) developed in the nineties views the innovation process as more than just technical invention and describes the innovation arena by a ‘circle of change' linking changes in science (left) and industry (right), and changes in technology (top) and markets (bottom) (Berhkout, 2000); (Berkhout, et al., 2007). As illustrated in Figure 8, the model architecture is not a chain but a circle: where ideas may start anywhere in the circle and proceed clockwise or anticlockwise. Equally, the model portrays a system of dynamic processes –with four ‘nodes of change’: scientific exploration, technological research, product creations and market transitions and between these nodes there are ‘cycles of change’ (Berkhout, et al., 2010).


Figure 8 Cyclical Innovation Model


Source: (Berkhout, et al., 2010)

Berhkout, A., 2000. The Dynamic Role of Knowledge in Innovation. An Integrated Framework of Cyclic Networks for the Assessment of Technological Change and Sustainable Growth. the Netherlands: Delft University Press..
Berkhout, A., Van der Duin, P., Hartmann, D. & Ortt, J., 2007. Connecting Hard Sciences with Soft Values Advances in the Study of Entrepreneurship, Innovation and Economic Growth, Amsterdam: Elsevier.
Berkhout, G., Hartmann, D. & Trott, P., 2010. Connecting Technological Capabilities with Market Needs using a Cyclic Innovation Model.. R&D Management, 40(5), pp. 474-490.
Cooper, R., 1990. Stage-Gate Systems: a new tool for managing new products. Business Horizons, Volume 33, pp. 44-56.
Cooper, R., 2012. What Next After Stage-Gate?. Research-Technology Management, pp. 20-31.
Goffin, K. & Mitchell, R., 2005. Innovation management: Strategy and implementation using the pentathlon framework. Basingstoke: Palgrave Macmillan.
Goffin, K. & Pfeiffer, R., 1999. Innovation Management in UK and German Manufacturing Companies. London: Anglo-German Foundation.
Hammer, M. (2007, April). The Process Audit. Harvard Business Review, 85(4).
Hughes, G. & Chafin, D., 1996. Turning new product development into a continuous. Journal of Product Innovation Management, Volume 13, pp. 89-104.
John Jeston, J. N. (2008). Business Process Management - Practical guidelines to succesful implementations (Second edition ed.). Oxon: Routledge.
Kline, S. & Rosenberg, N., 1986. An overview of innovation. In: The Positive Sum Strategy: Harnessing Technology for Economic Growth. Washington: National Academy Press, pp. 275-305.
Leger, A. & Swaminatham, S., 2007. Innovation Theories: Relevance and Implications for Developing Country Innovation., s.l.: Discussion Paper No. 743, DIW Berlin..
McGrath, M., 1996. Setting the PACE® in Product Development. Boston, MA: Butterworth-Heinemann.
Oke, A., Burke, G. & Myers, A., 2007. Innovation Types and Performance in Growing UK SMEs. International Journal of Operations and Production Management, 27(7), pp. 735-53.
Rothwell, R., 1994. Towards the Fifth-Generation Innovation Process. International Marketing Review, 11(1), pp. 7-31.
Verworn, B. & Herstatt, C., 2002. The Innovation Process: an Introduction to Process Models., s.l.: Working Paper No. 12, Technical University of Hamburg..
Ulrich, K. & Eppinger, S., 1995. Product design and development. Ney York: McGraw Hill.


ipacso people icon 01ipacso people icon 02ipacso people icon 03ipacso people icon 04ipacso people icon 05


The people theme is focused on the key stakeholders both internal and external to the innovating enterprise and serves to highlight the salient role that different categories of individuals can play in the innovation process.
An innovation process failing to respect the human aspect, is predestined to fail. People with innovative ideas will simply stop participating in the innovation process if they feel they are not adequately supported. Equally so, the growing prominence of open innovation approaches, necessitates the need for innovators to engage and collaborate with a variety of stakeholders external to their core operations. Simply put, any innovation process is only as solid as the people supporting and executing it. The people theme is therefore an important theme, describing the roles necessary to establish and nurture the innovative capability, as well as describing best-practices concerning the direction of the organizational culture as a whole.
This theme, differentiated from the others within the IPACSO framework seeks to provide insights and information, as opposed to prescriptive instruction or guidance. The People Theme is divided a range of subthemes, described below

  • Selecting the Right People - Any worthwhile innovation endeavour involves having the right people doing the right things the right way at the right time.
  • Human Resource Management Practices -appropriate people management rewarding systems as well as an innovative culture are required in terms of generating ideas and implementing them.
  • Key PACS Stakeholders – delineating and identifying stakeholders of relevance who are in a position to influence and support innovation in the PACS domain.
  • PACS Related associations – listing associations across Europe which are specific for the PACS ecosystem is.


framework market 01framework market 02framework market 03framework market 04framework market 05framework market 06framework market 07framework market 08framework market 09framework market 10framework market 11framework market 12framework market 13framework market 14framework market 15framework market 16framework market 17framework market 18framework market 19framework market 20framework market 21framework market 22market01 23framework market 24framework market 25framework market 26framework market 27


The Market Analysis section contains trends and challenges in the cyber-security domain, a market overview, information on science and technologies and links to legislative as well as policy frameworks.


The Economics of Cyber-Security and Privacy section introduces the reader not only to the field of research, but also to basic concepts that are used in the academic works on the subject.



Cyber-security is officially defined by ISO as the 'preservation of confidentiality, integrity and availability of information in the Cyberspace.' In the context of this website, we use the term privacy and cyber-security (PACS) interchangeably with cyber-security. Note that other terms, including IT security, ICT security, network security, and internet security can have separate, more nuanced meanings.





Getting Started

Which type of company are you? Choose one of the options below and get a head-start.

Framework Overview

Navigate through the different parts of the Framework


Joomla! Debug Console


Profile Information

Memory Usage

Database Queries