Paul Wallbank

Paul Wallbank is a speaker and writer charting how technology is changing society and business. Paul has four regular technology advice radio programs on ABC, a weekly column on the website and has published seven books.

Oct 262016
computer and internet security

Are we focusing too much on technology and not enough on people when it comes to insider threats? Talking to Keith Lowry, the Senior Vice President of threat intelligence and analysis for Nuix, it’s hard not to come away with the impression there is too much emphasis on technology and not enough on human factors when looking at IT security risks.

Lowry gave a briefing to journalists at Nuix’s Sydney office last week discussing the types of insider threats organizations face.  “Why is it, despite all the money we’re spending, we seem to be losing the cybersecurity battle?” he asks.

“The majority of insider threat programs that I’ve seen begin with the foundation of technology when in reality the foundation of a counter insider threat program should be about people,” he stated as one of the reasons why organisations are struggling with security their networks.

Supporting his belief that people are a problem is a 2015 survey by information security company Clearswift that found more than a third of employees are willing to sell their company’s private information.

All of the six examples he cited illustrated the problem facing managers, each breach was as much a failure in managing people as it was technology not being implemented correctly.

Naturally the Chelsea Manning case was one of the headline cases, “Manning was a failure of leadership.” Lowry said, “what’s really interesting is before his unit went to Afghanistan was deemed by a psycologist to be unfit to deploy. They took him anyway.

Two of the other examples, alleged Chinese spy Hao Zhang and Russian intelligence agent Anna Chapman are classic espionage tales while Edward Snowden is a continuing tale that may well define our public security policies for a generation.

Of the examples, Aussie twosome Christopher Hill and Lukas Kamay along with US student Glenn Duffie Shriver are the two that should worry organisations the most.

Duffie-Shriver was sentenced to 48 months jail after being recruited by PRC intelligence officers while studying in China.

Born in 1981, Duffie-Shriver is part of a generation that’s far less loyal to organisations believes Lowry and, coupled with economic pressures such as student loans, they may be far more likely to be tempted by offers such those alleged to have been offered to the American scholar.

The Aussie example is probably more concerning for managements as Hill was passing Australian Bureau of Statistics data ahead of its public release to Kamay who arranged trades. Their insider trading scheme netting Kamay seven million dollars.

Kamay and Hill present a far more typical risk to most organisations as employees motivated by greed, addiction or some vulnerability are much more likely to steal data. This is certainly a human, rather than technology, problem.

Ultimately the focus on technology, foreign hackers and government agencies in protecting an organisation’s data is missing the greatest risk of all in our businesses – the people. How we manage and treat staff is essential to securing information.

Oct 252016

Last weekend a cyberattack launched from compromised webcams crippled a number of high profile services. In response, the Chinese manufacturer has withdrawn the devices from the market.

That dodgy webcams should have been used to launch a massive DDOS doesn’t surprise anyone who’s spent any time in the home automation field. These problems are endemic in the Internet of Things.

In the early 2000s I became involved in a home automation company through my IT support business. Basically we were kitting out Sydney’s harbourfront mansions with state of the art technology.

Very quickly I realised something was wrong. Almost all the home automation and CCTV systems were running on outdated, insecure software. The leading brand of home security systems used servers running on an old version of Windows 2000 at a time when malware was exploding.

It wasn’t a matter of if, but when, these systems would become hopelessly compromised given the networks they were running on were shared with the home users.

The real concern though was when I raised this with the vendors, installers and designers – no one cared. It was clear security wasn’t a concern for the market and the industry.

We could have patched the systems and boosted their security policies but given the shoddy software being used – mainly DOS batch files – and the assumed file permissions we’d have completely broken the systems and it would up to us to fix it given the attitudes of vendors and clients.

After realising this problem was industry wide I pulled the pin on that business venture as I wasn’t prepared to carry the legal risk and moral obligation of helping install dangerous equipment into people’s homes or businesses.

I’ve since watched as the Internet of Things has become fashionable with the knowledge that the industry’s cavalier attitude towards customer security hasn’t changed.

Now we’re at the stage where script kiddies can launch massive attacks from compromised webcams – God knows what the serious bad guys like state sponsored actors, criminal organisations and commercial spies are up to with these things – which shows the industry’s robotic chickens have come home to roost.

What last weekend’s events show is we have to demand better security from our technology suppliers. That though comes at a cost – we’ll pay more, we’ll have to sacrifice some convenience and we’ll have to spend time maintaining systems.

Are we prepared to wear those costs? Is the tech industry prepared to move beyond it’s ‘good enough’ attitude toward security? Are governments prepared to legislate and enforce proper design rules?

We may not have a choice if we want to enjoy the benefits of technology.

Oct 192016

This week Google released its latest smartphone, the Pixel, to mixed reviews. Controlling the most popular mobile operating system, Android, isn’t enough for the company.

As Microsoft found, just supplying the operating systems for smartphones isn’t enough to influence the market. Apple, along with Nokia and Blackberry before them, showed that the path to both controlling the segment and being profitable relies on having devices designed for their software.

Given the Pixel’s price point, it’s unclear how well it will do against the iPhone, Samsung’s models or the plethora of Chinese devices but for all the Android ecosystem’s players, having its controlling owner running in opposition to them can’t be comforting.

Again though Microsoft’s experience is instructive, and encouraging, for the broader Android community as Microsoft’s attempts to push out Windows CE devices failed dismally. For Google to be successful where Microsoft failed would require a degree of corporate discipline the search engine giant is not renown for.

In the Windows ecosystem, Microsoft strength was licensing and controlling access to the operating system. Android’s strength in the smartphone world is that Google doesn’t have the same veto power. To be able to exercise control over the market, Google needs a big device share.

Ultimately though the success of the Google Pixel smartphone will depend on how many users will adopt it. It may be time for another round of smartphone subsidy wars.


Oct 182016

As part of Telstra’s Muru-D business accelerator opening its latest startup intake this week, Annie Parker and Ben Sand, the organisation’s co-founder and Entrepreneur in Chief respectively, spoke to a small group of journalists on Tuesday about what they were looking for in the next batch of applicants and how the tech startup sector is changing.

Ben’s entrepreneurial journey from a scrappy, underfunded Aussie startup to a hot Silicon Valley property and back to a corporate incubator is an interesting tale in itself.

His first venture, an edu-tech startup called Brainworth founded in 2010, operated out of a dilapidated inner city Sydney terrace. The business acheived traction and Ben’s team won a ScreenNSW interactive media grant two years later.

Failing the Kickstarter test

Ultimately Brainworth petered out after missing a Kickstarter round. As Ben says, “I focused on getting out the maximum viable model rather than the Minimum Viable Model and the money ran out.”

As Brainworth withered away, Ben joined former university friend, Meron Gribetz at his Augmented Reality startup Meta which went onto join the Y Combinator program. The company went on to attract $23 million dollars in investment, primarily from Hong Kong and Chinese investors, and now has 150 employees.

Earlier this year, Ben returned to Australia after seeing Mick Liubinskas’ blog post about moving to the United States. In that article, his predecessor put out a call out for those interested in replacing him at the Sydney office which Ben answered.

Australian advantages

Now firmly settled into his Sydney role, Ben sees computer vision as one of the biggest opportunities in the tech sector. Bringing together disparate technologies like virtual and augmented reality, artificial intelligence and smart sensors, computer vision allows machines such as autonomous vehicles, drones and medical diagnostic equipment to pull together sources of data that lets machines see what is going on in the world around them.

Computer vision is a field where Australia has an advantage, Ben believes. “Adelaide is the second most funded city in the world in computer vision,” he points out with investments like Cisco’s into South Australia’s Kohda Wireless driving the local industry.

Ben and Annie don’t see the next group of Muru-D applicants being restricted to any one field despite Ben’s background in AR and interest in machine vision. “It’s more the psychology of the founders,” he says.

Mentoring the next wave

Three years of experience is also delivering dividends, observes Annie. “I’m starting to see the early cohorts starting to mentor and support the newer ones. That’s part of what Muru-D is part of, creating the ecosystem.”

Over the three years, there’s also been quite a few adjustments to the Muru-D process, Annie observes. “We change the model each year by about thirty percent.” she says.

Another thing that has changed is that later stage startups can apply for the program which will be open until November 4.

“I’m excited and I’m very confident we’re going to get great outcomes for these people,” says Ben of the next Muru-D cohort. “We’ll be working on getting the most confident founders on board and hopefully helping them to aim high.”

Oct 132016
radio programs for techonology, web, social media, cloud computing and computer advice

This Thursday night join Dom Knight and myself on ABC Nightlife to discuss what tools you can use to start or improve your business and how can we encourage more people to have a go.

Last week the last Australian car making jobs finished and a survey of the Geelong Ford workers found only one percent were interested in starting a new business.

If you missed the spot, you can listen to the podcast through the Nightlife website.

Despite the reluctance to start new businesses it’s never been easier to do so with a range of tools making it simpler to run one. Tonight on the Nightlife we look at some of those tools and what we can do to encourage more people to have a go at running their own companies.

For the program, I’ve a compiled a list of tools businesses should be using. It certainly isn’t exhaustive or definitive and if you have any suggestions on better or newer tools, I’ll be happy to add them.

Some of the questions we cover on the program include;

  • who ran the survey of motor industry workers?
  • what were most of them going to do?
  • so what sort of businesses can these workers go into?
  • what programs are being offered to these workers?
  • how has starting a business changed over the past twenty years?
  • is the focus on tech startups intimidating people who might want to start a business?
  • what are the basic tools every business should have?
  • a few years ago social media was all the rage, does it matter any more?
  • what’s the number one advice for anyone thinking of starting a business?

Join us

Tune in on your local ABC radio station from 10pm Australian Eastern Summer time or listen online at

We’d love to hear your views so join the conversation with your on-air questions, ideas or comments; phone in on 1300 800 222 within Australia or +61 2 8333 1000 from outside Australia.

You can SMS Nightlife’s talkback on 19922702, or through twitter to @paulwallbank using the #abcnightlife hashtag or visit the Nightlife Facebook page.

Oct 112016

Workplaces by Facebook was is the social media giant’s enterprise collaboration service it hopes will put the company into the enterprise space.

Like many similar products, the service is aimed at improving collaboration in the workplace. As the media release gushes, “the new global and mobile workplace isn’t about closed-door meetings or keeping people separated by title, department or geography. Organizations are stronger and more productive when everyone comes together.”

On first impressions, Facebook should score some successes with the service however it’s success is far from guaranteed. As we’ve seen with other major company’s attempts to open new products, being the deepest pocketed player doesn’t automatically ensure a successful product.

The Google example

A common assumption when a behemoth enters a martketplace is will simply smother smaller competitors by virtue of its size.

History shows this not always the case, Facebook itself thrived despite the huge threat posed by Google+, indeed Google is probably the best example of a large corporation that struggles outside its core business.

Part of the reason for the idea of big companies easily squashing the little folk being a fallacy is that the smaller companies are more focused on their problem – for a corporation the division is one part of a broader operation run by managers, not owners.

In such a marketplace, execution and management focus matter so Facebook’s success will depend as much on executive buy-in as the resources thrown at the product.

Cost and complexity

A notable thing about Workplaces by Facebook is its partner network, led by Deloitte. This is not a good sign.

The need to have consulting partners – particularly huge and expensive companies like Deloitte – is not an encouraging sign for the nascent service and may be a barrier towards adoption.

A separate issue in Deloitte’s involvement is how cloud services, which we include Workplaces by Facebook, are buddying up with the major consulting firms with everyone from Huawei to Oracle entering arrangements. While this might help partners squeeze a few more pennies out of their hapless clients, it’s doesn’t seem to be in the vendors’ or customers’ interests.


What happens to users’ data is a perennial problem for Facebook and it’s notable this issue isn’t mentioned in the announcement.

Facebook’s success shows consumers are relaxed about how the company uses data but that attitude may not be shared by managers and business owners.

The proprietor of one reasonable sized startup said, “I have a slight concern about giving Facebook any access to my company information. Whilst it has been fine from a personal perspective I feel the trust level is not strong enough to warrant handing over access to, effectively, everything.”

Overcoming that objection may be one of the biggest challenges for Facebook being accepted as an enterprise tool.

Becoming an enterprise service

Facebook’s push into the enterprise isn’t surprising and indicates that as the company matures, something more than the advertising funded consumer market is needed to drive its growth.

That consumer background is a strength for Facebook as the consumerization of enterprise software is an established trend. Having an interface and tools that are familiar to most staff is very attractive to managers looking at introducing new platforms with the shallowest possible learning curves.

However the ultimate question is what need does Workplaces by Facebook address? There’s no shortage of collaboration platforms that offer most of the futures offered by the platform.

If Workplaces by Facebook does address a genuine need in enterprise workplaces and the company’s management can maintain its focus on the product then the service may be a success. That isn’t a given though.

Oct 112016

This is the last of four stories I did for The Australian on why entrepreneurs are making their way to the United States’ Bay Area.

“It is a very good time to be Australian in America,” says Dr Catriona Wallace , the Sydney based founder of Flamingo Customer Experience. Despite that goodwill she and those who’ve made the move to the US have found the ways of doing business in the two countries can be quite different.

US decision making processes are one trap, Wallace observes. “Americans will say ‘yes, yes, yes then no’, whereas Australians will say ‘no, no, no then yes,’“ she told The Australian. “I had to learn that an enthusiastic “Yes” from an American is an expression of their interest and intention, not necessarily an action that can be followed through.”

Swinging for the fences

Casey Ellis, who relocated his Sydney security startup Bugcrowd to San Francisco in 2013, finds the scale of ambitions are a key difference between the two countries. “Americans are comfortable with those who swing for the fences whereas Australians aren’t.

“I had a million dollars committed already but people weren’t buying my execution because the way I was selling it was that I had it all figured out, which is what I’d been taught what to do in Australia – we’ve figured how to make sausage machine then the key to making more money is to build a bigger handle and crank out more sausages.”

The reality though is different in the United States warns Ellis. “If I’m pitching like that to VCs over here they’re like ‘we like what you’re doing but your vision is too small.’ I always had a big vision for Bugcrowd but I’d been taught not to put that at the front. In the US you put the vision first and the execution follows.”

Figuring out the differences

“I spent some time trying to figure out why it is different,” Ellis reflects. “If you think about it Australia is a country was formed by a bunch of people who were thrown out for stealing stuff, dropped on a rock and told to figure it out, so we’ve got this incredible culture of troubleshooting and innovation but we’ve also got this tall poppy syndrome of ‘don’t stick your head out too far.’ That’s a very strong cultural feature of Australians and how they interact.”

“If you bring that over to America you will fail because this country was formed by entrepreneurs who set out to find a new land,” Casey concludes. “It’s not about saying Aussies are meek, they’re not, but Americans are completely comfortable with swinging for the fences and Australia’s aren’t.”

Peter Grant of Safesite warns not to overplay the Paul Hogan persona. “Coming from Australia is a novelty but you can’t play the dinky di Aussie card, you have display professionalism and represent you are serious about being a US company and serving the US environment,” he told The Australian. “Americans are a lot more accepting of risk and have a fear of missing out on the next big thing.”

“The country is founded upon going out and doing your own thing and being a maverick, so they are a lot more accepting of risk and have a bit more of a fear about missing out on the next big thing, “ Grant explains. “We’ve developed a strategy of saying ‘we’re working on this, this is going to happen and we’re talking to your competitors.’ That seems to work.”

Watching the clock

One respect where Australians’ laid back attitudes come unstuck is in time keeping warns Flamingo’s Wallace, “Americans are super punctual. Conference calls typically start 5 mins before the hour rather than 10 minutes after as it would in Australia. Meetings finish at quarter before the hour so people can get to the next meeting 5 minutes early.”

“If people are delayed and get to a meeting a few minutes late they will apologise profusely for several minutes and then apologise again at the end of the meeting. American’s will warn of the need to finish a meeting at a certain time by saying, “I have a hard stop at quarter before”

Humour lapses

Another difference is the sense of humour, Dr Wallace warns. “Americans typically are not funny in business as we Australians are. There is not much joking in meetings. I once used the enormously funny expression of, ‘That customer experience would have been like having a hot chicken blood enema!’.”

“Instead of this being outrageously funny I was surrounded by a group of 10 executives whose mouths hung open in shock that I had just said something like that. The meeting tanked from there on….”

“All this being said, the American business community love Australians,” Wallace concludes. “They find us hard working, great at relationships, good at navigating politics, honest, authentic and transparent. In some ways they aspire to be more like us. We cut through the bollocks – although they don’t understand that word – or bullshit and get things done. Americans like that. We are generous. They like that too.”