Paul Wallbank – Brilliant Communications

Author: Paul Wallbank

  • Tech security in a tough world

    Tech security in a tough world

    Network giant Cisco Systems released its 2014 Annual Security Report last week which should make sobering reading for every business manager and owner.

    If you’re looking at a career change, the survey even suggests a possible new job.

    Over two million of Cisco’s customers were examined in the survey and every single company had evidence of their systems being compromised in some way, from staff visiting suspicious websites to full scale hacker break-ins.

    Keeping up with change

    The survey points out IT security risks are evolving quickly as business technology becomes more complex and it’s hard for even industry professionals to keep up with the pace of change.

    “Even the most sophisticated and well funded security teams are struggling to keep on top of what’s happening,” Chief Security Officer of Cisco, John Stewart, told a media briefing yesterday.

    That concern was reinforced by Stewart’s colleague Levi Gundert, technical lead at Cisco’s Threat Research Analysis and Communications (TRAC) group.

    “It’s not about are you going to be compromised,” said Gundert. “the question is how long is it going to take you to detect and shorten the remediation window?”

    If even the world’s biggest corporations are struggling what can smaller organisations do to control the risk?

    Disable Java

    The biggest computer security risk is Java software. Cisco found a shocking 91% of software exploits were related to the application, “2013 was the year of the Java exploit.

    It was a bad year for Java.” Says Gundert. It should also be noted that the first successful malware targeting Apple Macs, the Flashback Trojan, was a Java exploit.

    The best way to deal with this risk is keep Java off your systems, the problem with that advice is many business applications – and games if you have a home office or kids use your computer – need the software to run.

    If you have to use Java packages, make sure you have the latest version running on your systems.

    Keep your systems up to date

    It’s not just Java that is a risk, Cisco identified Adobe PDFs and Microsoft Office vulnerabilities as being other threats.

    It’s important that all systems – Mac, Windows or any other operating systems – are kept up to date with the latest patches.

    Lock down office systems

    Except when your computers are being updated, there’s no reason for office computers to be running in Administrator mode.

    Day to day use should be done in restricted user profiles; on a Windows machine, workers should be logged on as standard users, while on Macs they should be managed users, the only time an Administrator needs to be logged on is when maintenance is being done.

    Watch those mobiles

    The IT security industry has been watching smartphones for a while and 2013 started seeing large scale malware appearing on mobile devices, although it’s still small scale compared to PCs.

    Cisco’s survey found only 1.2 percent of web based malware coming from mobile devices with almost all the infections being on Android systems.

    Most of these Android infections were game add-ons downloaded from unofficial Android app stores so the message is to stick to the official, trusted services for Android apps.

    Website risks

    Another risky area for businesses identified by Cisco identified are websites being compromised and hijacked.

    The software on these needs to be updated to the latest versions just as office computers should be.

    Often, disused websites and blogs aren’t updated, the ABC discovered last year that abandoned, neglected websites are a great way for hackers and malware distributors to launch attacks or spread problems.

    So if you have older websites or blogs, shut them down and redirect the domains to operating addresses.

    For those operational websites password security needs to be beefed up as Cisco found ‘brute force’ attacks – where automated systems try every conceivable password combinations – were up threefold in 2013.

    Professional skills shortage

    A big problem facing the IT industry is a worldwide skills shortage: “There are essential a million jobs across the globe that can be filled but we don’t have trained people to fill them,” says Cisco’s Stewart. “We’ve got a dearth of talent and skills.”

    For smaller businesses that means it’s harder to find someone to fix problems when they happen, for both business managers and owners it’s smarter to reduce the likelihood of having a problem rather than scrambling to find an IT professional to help after the event.

    The good news from Cisco’s survey is if you’re thinking of a career change, or you have a teenager moping around looking for a job, then IT security could be the answer.

    For everyone else, as business and the world in general becomes more connected the security of the systems our world is coming to depend upon is something we have to take more seriously.

    Similar posts:

  • InfoSec’s looming labor shortage

    InfoSec’s looming labor shortage

    For the last few days I’ve been reading Cisco’s 2014 annual security report and trying to decide exactly which parts are suitable for this site, Networked Globe and the various other outlets I write for.

    One of concerns Cisco raises in their study is the labor problem facing the information security (InfoSec) community with a shortage of a million workers this year.

    Even when budgets are generous, CISOs (Chief Information Security Officers) struggle to hire people with up-to-date security skills. It’s estimated that by 2014, the industry will still be short more than a million security professionals across the globe. Also in short supply are security professionals with data science skills—understanding and analyzing security data can help improve alignment with business objectives.

    “There are essential a million jobs across the globe that can be filled but we don’t have trained people to fill them,” Cisco’s Chief Security Officer John Stewart told a media conference yesterday. “We’ve got a dearth of talent and skills.”

    As governments tighten up laws on liability for data breaches and privacy lapses a lot of businesses will be fighting to find people with the right skills to fix their problems or help them manage various technology and security risks.

    So if you have a teenager moping around the house wondering what to do for a job, or you’re looking for a career change, becoming an IT security expert might be the answer.

    Just as we see many jobs disappear in the face of technological change, we see new ones appear. This is a good example.

    Similar posts:

  • Digital vagrancy

    Digital vagrancy

    One of the joys of writing on and analysing trends IT industry trends is the never ending source of buzzwords and phrases that vendors invent.

    Today is a good day with a release from security software vendor AVG coining the term ‘Digital Vagrant’.

    Underlying the idea of digital vagrancy is an abandoned underclass who, overwhelmed by technology, are ignored and neglected in a connected society. As the AVG media release describes;

    Users who are left behind to wander around in an online world that largely ignores them are nothing more than the digital equivalent of vagrants – people who are left to cope in a world that has become too overwhelming.

    ‘Digital Vagrant’ joins other wonderful ‘digital’ labels; digital immigrant, digital native and digital sharecropper come to mind.

    It’s tempting to think that digital vagrancy is what eventually happens to poor exploited digital sharecroppers – those who’ve donated their free labour to help the likes of Mia Freedman, Chris Anderson and Ariana Huffington to build their media empires.

    Should that be the case, there’s going to be many digital vagrants.

    On more serious note, AVG does have a point in that both individuals and businesses that scorn technology risk being left behind in society that’s becoming increasingly connected.

    Society and business are going through a change similar to that of a century ago where the motor car, trucks and tractors radically changed industries and the economy.

    Those farmers and businesspeople who stuck with horse drawn equipment slowly became irrelevant and went broke.

    A similar process is happening now as a new wave of technology is changing business and society.

    The question for all of us is do we want to be left behind in a connected society?

    Beggar image courtesy of apujol through sxc.hu

    Similar posts:

  • On looking foolish

    On looking foolish

    Looking foolish is one of the biggest risks when taking chances in business. It’s something every innovator and entrepreneur has to consider.

    Venture Capital investor Mark Suster explains why he doesn’t mind looking foolish with his choice of investors on his blog today.

    One of the toughest things in life is taking the risk of looking foolish in front of your peers yet that’s what the real high risk inventors, innovators and entrepreneurs do with their ventures.

    Light bulbs and the telephone looked ridiculous to many at the time they were invented and no doubt the inventor of the wheel or the Neanderthal who came up with the idea of cooking meat in a fire both probably received a far bit of scorn when they told the others in their tribe about their idea.

    While Suster is talking about ‘moonshot investments’, even the most modest venture is going to attract scorn.

    There would be few people who decided to buy a doughnut franchise, establish a cafe or set up a lawn mowing service who weren’t told by some of their relatives, friends or colleagues that they are doing the wrong thing and they should stick to their safe job in their cosy cubicle.

    Should someone want to change the way doughnuts are made or lawns mowed, then they can expect even more naysayers laughing at them.

    In this current craze about ‘entrepreneurship’ it’s easy to overlook the real costs and risks of running any sort of business. Looking foolish is another of those risks.

    Having a thick hide is another useful attribute when you’re investing, running a business or changing an industry.

    Similar posts:

  • Peak employment and the political challenge

    Peak employment and the political challenge

    This week’s edition of The Economist asks about the Future of Employment and where the jobs are in a society where work is increasingly done by machines.

    For the Economist the conclusion is that the future of employment is ‘complex’ and observes economists and politicians haven’t given enough thought to the effects of the changing workplace and the dislocation of many workers.

    Much of the Economist’s story is based around the ideas of professors at MIT Erik Brynjolfsson and Andrew McAfee in their upcoming book “The Second Machine Age”.

    The race with the machines

    Professor Brynjolfsson gives his view at TED 2013 in the key to growth? Race with the machines, a presentation countered by Robert Gordon in the ‘death of innovation, the end of growth’ and followed by an excellent debate between the two.

    Brynjolfsson cites the dilemma of bookkeepers being displaced by software applications such as Intuit Turbotax as an example of where service sector staff are being displaced.

    “How can a skilled worker compete with a $39 piece of software?” Brynjolfsson asks.

    “She can’t. Today millions of Americans do have cheaper, faster, more accurate tax preparations and the founders of Intuit have done very well for themselves. But 17% of tax preparers no longer have jobs.

    “That is a microcosm of what’s happening not just in software and services, but in media and music, in finance, manufacturing, in retailing and trade. In short, in every industry.”

    The great decoupling

    Brynjolfsson’s key point is that workers’ wages have been decoupled from productivity and that the workforce isn’t sharing the rewards of improved practices and increased wealth.

    That is certainly true over the last forty years, however that may not be a technological effect, but the business consequences of liberalising the financial sector which has seen massive pay increases to the banking industry and managerial classes that has been way out of kilter with the rest of the workforce.

    It may well be the current golden era of high executive salaries is a transition effect of an evolving economy, albeit one where our grandchildren will puzzle over an era where a failed executive can receive a $100 million payout on being fired.

    As The Economist points out technological change itself tends to create new jobs that make up for those displaced in old industries, this is a view supported by GE’s Chief Economist Marco Annunziata.

    The main problem that Brynjolfsson identifies is the medium term issue of dislocated workers finding themselves out of work with superseded skills and, as The Economist point out, it’s clear the developed world’s political leaders haven’t though through the consequences of that transition.

    In almost every sense, the current crisis of confidence about employment prospects is more a political and social problem rather than technological.

    Helping displaced workers is going to be the greatest challenge for today’s generation of business and political leaders, the real question is are they up to that task?

    Similar posts: