• Resources
  • Podcasts
  • Protecting Customer Experience for Black Friday – Deri Jones, Thinktribe

Protecting Customer Experience for Black Friday – Deri Jones, Thinktribe

Available on:
Season 1, Episode 1
18th November 2021

In this podcast, Andy Still and Deri Jones discuss the importance of customer experience to eCommerce, and how both web performance and cybersecurity play a role in this. With Black Friday approaching, they consider where these overlap in sometimes unexpected ways, and how typical security concerns like bots can also impact performance.

Key points

  • How Black Friday become a peak trading phenomenon
  • How marketing add-ons affect website performance and security
  • The challenge of continually testing websites in a fast-paced digital age
  • How threats like scraper bots can damage both web performance and customer experience


Andy Still

Andy Still

CTO & co-founder, Netacea
Deri Jones

Deri Jones

CEO, ThinkTribe

Episode Transcript

00:00:00 Deri Jones:

Somebody told me there are 4,000 marketing technology supplies trying to sell you bolt ons to your code base. I guess you have a similar thing in terms of bot traffic and so on. You're trying to protect clients against that changes every day. You can't know what the bot traffic will be this morning, just because you looked at it yesterday.

00:00:17 Andy Still:

Hello. Welcome, welcome one and all to the Cybersecurity Sessions. This is the first episode of this new podcast we're starting today, where we'll be talking about some of the challenges and innovative solutions being developed within the cybersecurity industry. I'm your host for this podcast, Andy Still. I'm the CTO and one of the founders of Netacea, the leading and only fully agentless bot management solution. Thank you for coming along and joining us today for what we hope will be a monthly podcast. Every month will have a new and exciting guest. Joining me for this first episode is Deri Jones, who the CEO of Think Tribe. Deri’s here to talk about some of the challenges of maintaining customer experience over Black Friday and the general over, over peak periods, particularly around how cybersecurity and performance challenges, whether they're in alignment or whether competitive. My background is in web performance, so this is a subject that is very close to my heart as well. Thank you, Deri, for joining us today. It's a great pleasure to have you here today. Before we dive into the details, do you want to quickly introduce yourself to the listeners?

00:01:26 Deri Jones:

Sure. Thanks for introducing me as a new and exciting guest. That's a first time. No, possibly not a first time, but yeah. Thanks for that. Yeah. So yeah, customer experience is key for me. I'm Chief Executive of Think Tribe. My history goes back a long way in the internet. Not a lot of people know this, but the internet in the UK did not start in. Interestingly enough, it started in Canterbury, which is where I now live. It was a bunch of techies at the University of Kent, and there's a whole lot of people from around the UK dialing into Canterbury with good old-fashioned modems, all those lovely noises. To pick up that email. And then news groups, this is even before Tim Berners-Lee created the web protocol. So there wasn't even a worldwide web. There was only email news groups and some other primitive ways of navigating information. So I came down here, Canterbury, there's three techies in the lab, built a company. I became first marketing, then chief executive director. And you know, the rest is history. I remember. Yeah, it uh, rest is history. I've been down in Canterbury ever since since. I've also worked in the, in the security space like, uh, like you guys and more recently with, with Think tribe, where we work with, um, 50 of the biggest UK retailers and beyond, and it's, it's all about the, the battle of custom experience these days.

00:02:53 Andy Still:

I think it's interesting to how the world has changed since you were both very interesting to think of the internet before the worldwide web that. A whole different, a whole different world, a world of news groups and, and things like that. And I guess over the years you've seen, um, a lot of changes, but particularly I'm thinking around the peak period and how that has, how that has changed dramatically over the last, um, 20 years, but particularly 10 years, I think has, oh, this is obviously a different story in the the US but in the uk I think Black Friday wasn't really as 10 years ago. Um, how, what, what would you say the impact of PLA Friday in general peak period is on your retail customers and the challenges they face?

00:03:41 Deri Jones:

I mean, it's been, it's, it's obviously been enormous, as you say. If it came in, it sneaked in from, of course, the Atlantic, um, in those first few years took a lot of retailers, uh, by. In a sense, cuz the internet was going through this transformation, wasn't it? From, um, a lot of big retailers, it was only a certain percentage of their annual sales. It wasn't, wasn't that big. And then suddenly there came a point where boards of directors were realizing, hey, our, this, this internet thing is bigger than our London store turnover, our, our flagship store in a Oxford. Does less than that. Oh, okay. And so people started to take digital seriously. That was, that was five, 10 years ago. Um, and, uh, you know, and our boards are taking, obviously digital and of course covid is un accelerated even more. It's just, yeah, it's digital hours, notes all there is, but it's, it's digital and the stores supporting it and working together with it.

00:04:38 Andy Still:

Did you find your customers, um, peak last year was significantly. Because of, you know, everyone was buying everything online.

00:04:49 Deri Jones:

It, it was, it was bigger for a lot of our clients. I mean, for some, for some, some of our clients it was double, um, you know, what they've done the previous online, particularly for the smaller, the smaller retails who were just sliding up from the bottom and, uh, um, but yeah, everybody did a lot more, even our biggest clients, like, you know, the billion dollar, billion pound turnover, Dixon Curry's, you know, substantially up on the previous year. So some people, some people sail through it, some people, it was their first real experience of, uh, an unexpectedly high level, and they struggled a bit. Um, I think the one takeaway that, that we saw most commonly was, um, the days of, of people's website literally falling over dead as ado, not, not so much, but what we saw a lot of clients struggling with was, you know, certain functionality, really struggling, certain subsets of their product set. What my guys call the sort of the own bible product nightmare where you can find certain things and then you can't actually buy them. Um, something goes wrong in the middle and that, that can be a range of things from the overload itself. It can be, um, the marking guys changing with their AB testing, you know, changing some AB testing that morning, that week and the scientist no longer what it was a week ago. And, um, I think overall, What's changed in the last 20 years, online 30 years is websites used to be really nice and simple. Html, a few images, few links, job done, one file, html. You could have a workplace with just one html file. You could do it in notepad, yourself. Now you've got teams of multiple teams, and of course, Jarvis script means that your, your, your web. Depends on so much functionality and so much code and it's, it's your team are changing it. Your outsource team are changing it. Your ab supplies guys, they're changing the JavaScript. So there's so many moving parts and it's just so common that something somewhere rubs up the wrong way and yeah, customer experience suffers.

00:06:53 Andy Still:

Yeah. So one of, one of the biggest challenges, um, when I was in the performance, Was the, the way that control was moving out to the hands of the development team who'd, who'd built the website and into the hands of various groups across the business. So you, you've mentioned already tools, such, uh, marketing tools, AB tools, SEO tools. Um, and how easy it was to, for the marketing team to suddenly drop another JavaScript tag in there and another another, and you ended up with, you know, 2030, um, pieces of third party JavaScript being, being absorbed into the website, affecting performance in an untestable way. And I think is, is that one of the, is that a challenge that you see particularly, um, in the sites that you manage?

00:07:44 Deri Jones:

Yeah, I mean, it, it's in that untestable way is interesting. It is testable, but it's extremely hard. Um, the, the, the challenge, and I guess you, you guys kind of drop solutions into the space as well. People are doing more and more testing, shift left testing and so on during the dry run the code, while it's still on the inside and still. But of course Tony, when it goes into production is your code having to fight its way with all the other layers on top. AB testing people are doing machine learning, AI plugins for better search and so on and so on. So, um, somebody told me there were 4,000 marketing technology supplies trying to sell you boltons to your, your gut based. Um, so it's only in your production and of course it's then changing every day. So it's no good testing it yesterday because it's different. I guess you have a similar thing in terms of bots, traffic and, and so on. You're trying to protect clients against, that changes every day, isn't it? You can't, you can't know what the block traffic will be this morning, just cuz you looked at it yesterday. Um, so from our perspective, it's the old truth about, you know, test your website, do what the customer's doing, um, which is on killer mantra. The only testing is to be the customer, do the customer thing online, um, which is what our technology does. Um, But of course you've really gotta do that 24 by seven as well as the big tests before Black Fridays. Um, and that's, that's just hard work when there were so many teams involved. Um, we even saw, I don't wanna take more than I might share the talking here, but we even had interesting discussion of a conference last week about Google Call, what Vitals, which is a good Google initiative in theory to make our webpages more human. Effective, faster and, and experience better. But again, it's very difficult to measure that and it changes all the time. And, um, even though companies are motivated to get it right, because Google will use core web vitals for your SEO rating, um, it's actually left a lot of people scratching their heads. You know, how we're gonna manage this on the ongoing basis, um, when there are so many players. Um, so. Yeah. But I think it's, uh, you know, custom spent is not gonna go away. It's the last big battleground online. Nobody's really got anything unique to sell online. Nobody's got products like mine. Everybody's got services like mine. There's competition no matter who you are. But if you're custom spent and fiction, you're losing, you're losing sales.

00:10:16 Andy Still:

Yeah, no, think when, when you start talking about peak, I think you, you alluded it to it earlier on things that would be small problem. Um, escalate dramatically when you've got increased amount of traffic. So bottlenecks become exponentially hard on anything. I mean, one of the, one of the challenges we see a lot is, um, scraper activity. So sites can handle a reasonable amount of scraper activity most of the time, but when you get into peak, that suddenly become, can be the thing that takes your. Down particularly, um, if you're selling problems like play stations are the, are the, the biggest thing at the moment, everyone is being scraped for availability for plays, stations. Um, is that an, is that a problem that you see again with, with the customers that you are seeing?

00:11:04 Deri Jones:

Yeah, absolutely. It, it all adds to the fog of war, doesn't it? Really? What's, you know, what is happening on life site right now and why, what's gonna happen on it tomorrow morning and how could we make it good? So, um, The way we, we see it in a number of really concrete ways when we're, when we're planning, uh, peak testing, whether it's Black Friday or for clients like Thorntons, it's, it's Valentine's Day preparation. Or, or have you. Um, then our key thing for the, for the load testing, the capacity testing is to make it realistic. So we'll say, okay, let's have a look at your, let's have a look at your web traffic for your last beat. You know, what was the busiest two hour? Last year and so on. And then sometimes we have to mash outta that, Hey, there's a whole bunch of bot traffic in this, it looks like. So we, so, so we're not gonna reproduce the bot traffic. We want to make sure that our realistic combination of journeys, looking, searching, heading to basket taken out, you know, doing really complicated multi-step things are real customers do. Um, we're always trying to say, client, remember your last peak? Well, you're now 30% bigger. Yes, that. People wanna lose, but yeah. How much bigger? Um, so yeah, it can be real painful for them to take out a whole bunch of block traffic from their last peak. Yeah.

00:12:39 Andy Still:

I think, for me, a lot of this is about, from a, from a customer point of view, it's about knowing and understanding when it's your website, know, know how it works, know where your bottlenecks up, and then you can, you can take this next step, which is starting to control what you can control. And I think particularly, I think with, with companies buying into, um, helping flatten your own peak, so you are in control of your own marketing activity. Don't, don't take your own site down, you know, and I think we've, we've, I, over the years as Black Friday's become more established, um, in the uk I think we've seen websites start to be more intelligent around that and make it Black Friday week. Um, not have these kind of flash sales with limited availability products on them and things like that. Just to try and stagger the, the amount of traffic that's, that's going. That obviously improves customer experience as well. What you want is a, a good perform website for, for your customers.

00:13:42 Deri Jones:

You know, a, a big part of what we do, one of one of our clients describe what we do is we unite the tribes within their organization. And that's exactly what you're talking about there. You know, the marking guys said, oh, we didn't realize if we sent those emails off. Cause a peach. Well, you know, um, so it, it is hard for, for organizations, like I say, on modern websites, there are so many teams involved. Um, it's not just keeping your internal team in the picture. Your external systems integrator, your external e r p, your warehousing supply, your external SEO, your PPC agencies, your a. Testers, you've probably got more and more, you've got a third party data science team who are trying to plug all your different data sources together in a better way. Um, so it's quite hard to coordinate both across all those, um, and not, I mean, sometimes with clients we're seeing on projects, we're seeing, you know, slack channels in the week after Christmas with, you know, 10 or 20 organizations on the, on the line in that precious seven, seven days.

00:14:44 Andy Still:

Um, but it's, it's nice to hear of. The team's working together though, in that situation. Cause, well, we worked with, with clients in the past where it was almost like they, they were a battler with each other and it was a point of, you know, it seems to be a point of pride with the, um, some of the teams that it should just work. Um, the platform should be able to handle whatever we throw it in and, and it doesn't, that's your fault. Um, no, it's a failure. Whereas, like you say, if they can all work together and underst. Understand what you can can't handle. Um, then I think that that obviously works, works well.

00:15:20 Deri Jones:

Um, it should just work. Yeah. It's sounds, yeah. It's, it's, it is difficult at one level. Uh, you know, one other we work with, with some partners who are in the kind of change management space. People management, people change process chain. And it is tricky cuz if you're in the inside of an organization, you do see that email on a Thursday night that says, oh yeah, we had a problem on the website Tuesday night, we've had to refund 50 clients. Yeah, it's, it's sorted now or it's not sorted. There's a meeting tomorrow. Um, so it is easy for business and marketing people to, uh, To think, you know, why, why is our website so flaky when actually everybody's website's are flaky in the corners at the moment? You know? Um, a couple years ago the myth was, oh, everything will be in the cloud, so it'll be infinite and we'll never have a slow page again.

00:16:13 Andy Still:

not quite as easy. It's not quite as easy as it sounds. A bit of both people. Uh, do you find that. Going back to the, the cybersecurity, um, topic. Uh, do you find dairy that from a customer experience point of view, you are, um, having to trade off customer experience versus security?

00:16:34 Deri Jones:

Um, you try not to, but, um, in life there are often, often trade-offs. Um, you know, there's, there's the trade off with, um, putting in a, you know, queuing system. Ideally, you never wanna force your clients through a queuing system. But if, if your site's creaking, that's, that's a better trade off than getting slow and slower. So, so there are those juggling things. Security, we, we often, um, on projects we're often, you know, sitting alongside you guys and others in the planning and the, and the building stages. Um, cuz the two things have to go together and things like, um, you know, other security things, things like pen testing and so on, they, what's happen, um, near, near the launch date rather than, well in. Um, but security's, it's there. There were just many, there were many things to get right on a modern site, and, um, it's not just h human anymore. It's, it's complicated and, uh, there are many teams. So security is absolutely in there. Um, and as you say, the, the, uh, the scrapers and the blocks can have a, a direct impact on your customer experience. Um, so absolutely it's got to be covered.

00:17:48 Andy Still:

Before we wind up, I'll give you a, a chance, uh, if there was one or two pieces of Kia advice you were, you were gonna give some, someone preparing for peak this year, what would they be preparing for peak?

00:18:02 Deri Jones:

The checklist. I, I mean, our guys are, are flat acts at the moment in capacity peak testing across our project base. Um, tips and tricks. Um, one is, is, yeah, test it and test it realistically. You know, it's, it's, it's too easy for business and tech guys to not quite have that conversation about it. Watch out in particular, if, if tech teams are saying we can handle 50,000 Hong Kong users, because that's a metric on its own, that's, that's 100% useless because that could be 50,000 people hitting your homepage and going away, but it would still be 50,000 if it was, if 10,000 of that had put three things in the basket and checked out. It would be the same number. So it's not a helpful number as to what's really happening on your website. So definitely, definitely do some peak testing and make sure the metrics are, are realistic. Uh, and the other one I guess is to keep measuring your customer experience and your Google Cwv, you know, in the run up to Black Friday and through and beyond. Um, cuz you don't wanna be penalized, you know, in the following weeks from a bad experience to Black Friday week.

00:19:09 Andy Still:

Uh, yes, very good up, right? So thank. Knowing what's going on for me is always the key on peak. Knowing what's going on and knowing what levers you've got to pull in the event, the things start to go wrong. Things like you mentioned them earlier, things like queuing systems are just things like that as a, as a point of insurance. Knowing the bottlenecks and the ability to turn them off if, if, uh, things start to go wrong. I think that. It always comes down in my mind, just it's your website, understand it, and, and be in control of what's going on. The worst peak situation is where, you know something's going bad, where you haven't got the information at hand to, to know exactly how bad it is and what the problem is and what to do about it. And I, the, the other one I always thought is, don't think it'll just work. It's not work websites, high performance websites take a lot of time and. To, to get them right. They're not, you're not gonna be working. And it just turns, turns on and it all just works. Um, okay, so I think, um, we're, we're running short on time now, so, um, sorry. The opportunity to say thank you, Derek, for joining us today. Thank you for the insight. Very interesting, um, views of, of some of the challenges to what is coming up to your very fun time of the year. Imagine in the, um, retail optimization. So thank you very much Deri. Really appreciate your time today. Um, and thank you very much for everyone joining. Listen in and hope. Hopefully you can, you can join us again soon. Um, please subscribe, leave reviews, um, give us any feedback. Very welcome. Can do that, um, via Twitter @cybersecpod. Um, or if you wanna email over to podcast@netacea.com and look forward to welcome you all back for next month's episode.

00:21:06 Deri Jones:

So thank you very much. Thank you, Andy. It was a pleasure to chat. Thank you.

Show more

Block Bots Effortlessly with Netacea

Book a demo and see how Netacea autonomously prevents sophisticated automated attacks.

Related Podcasts

S02 E07

Validating AI Value, Securing Supply Chains, Fake Account Creation

In this episode, hosts discuss AI validation, ways to secure the supply chain, fake account creation with guest speakers from Netacea, Cytix and Risk Ledger.
S02 E06

Protecting Privacy in ChatGPT, Credential Stuffing Strikes 23andMe, Freebie Bots

Find out how to make the most of ChatGPT without compromising privacy, how 23andMe could have avoided its credential stuffing attack, and how freebie bots work.
S02 E05

Skiplagging, CAPTCHA vs Bots, Scraper Bots

Discover why airlines are battling skiplagging and the bots that aid it, whether CAPTCHA is still useful, and scraper bots uses in this podcast.

Block Bots Effortlessly with Netacea

Demo Netacea and see how our bot protection software autonomously prevents the most sophisticated and dynamic automated attacks across websites, apps and APIs.
  • Agentless, self managing spots up to 33x more threats
  • Automated, trusted defensive AI. Real-time detection and response
  • Invisible to attackers. Operates at the edge, deters persistent threats
Book a Demo