Category Archives: Internet

Fixing the IoT problem

Being worried that my new fridge would unilaterally put me on a diet and, having read about criminals compromising cars’ keyless entry systems, plus having seen the video of that jeep being run off the road after its engine management system had been remotely compromised, I asked my vehicle’s manufacturer whether my car was firewalled?

The answer was no, but I need not worry because everything was encrypted. Ditto with the fridge, washing machine, central heating and my burglar alarm system. Well, if encryption were the answer, then we would not have suffered fridges being compromised to send spam, or cars being driven off the road. Before fixing a problem, you need to understand it!
Anything to do with IT security tends to be based around the CIA triage of confidentiality, integrity and availability. The internet of things (IoT) is no different. My house is effectively firewalled through my router and any internal devices connected to my private home network are behind this firewall.
Because it is a software firewall, it is not the best protection in the world and any weaknesses will be known to the hackers, but much like a burglar alarm, it may send them elsewhere where the pickings are easier. Likewise, my attached computing devices have their own firewalls, so access to them now requires the hacker to circumnavigate two firewalls. Nothing like a bit of protection in depth.
But what about my other devices, such the central heating, fridge, coffee machine and burglar alarm? Here the protection is less secure in that they are totally reliant on the firewall in my router, plus the standard one factor authentication at log-in. So, confidentiality is undoubtedly a problem, but what about integrity and availability? The compromised fridge sending spam emails illustrates the integrity problem.

Altered state
If code can be so easily amended, or overwritten, then almost any connected device can be altered to do whatever the hacker wants it to do. It is, after all, based on a general-purpose chip. The final part of the triage, availability, is a key factor for my central heating and burglar alarm. I can probably manage with the fridge, or coffee machine being disconnected from the internet, but not these.

Management techniques
Now that we know what the problems are, let us examine what the solutions may be. Basically, we need to apply risk management techniques, but with a skew towards the consequence part of the equation, rather than the likelihood.

Keeping it confidential
Having dealt with availability and integrity I now come to the problem of confidentiality, which is all about identification, authentication and privilege allocation. Most devices will be using a chip containing an operating system and an application. Control of the OS will provide control over the application, so protection here is paramount.

Future of speech tech

Systems like Siri and Cortana are now everyday helpers. But the apparent popularity of speech based interfaces belies the fact that comparatively few languages can be processed using current natural language processing technologies.

English, because of its popularity, and the fact its spoken by many academics, has led it to be the focus of most machine learning research. Millions of people, Dr Sharon Goldwater says, are missing out on the advantages speech tech offers and she hopes her research will redress this imbalance.

The 2016 Needham Lecture
Dr Goldwater is a Reader at the University of Edinburgh’s School of Informatics and the winner of the 2016 Roger Needham award – an award made annually for distinguished research contributions in computer science by a UK based researcher. Along with the award, the winner is given the opportunity to give a public lecture.
Dr Goldwater’s talk was called ‘Language learning in humans and machines: making connections to make progress.’ Explaining where she hopes her research will lead, she says: ‘There are languages in Africa that have millions of speakers, yet there’s zero language technology. Especially in areas with low literacy, developing speech technology would be very useful – users could call up on their mobile phone, ask a question and get a spoken response. Using current technology, that’s not possible.’

Fascinated by how words work
‘I’m interested in how computational systems can learn language,’ says Goldwater as she begins to explain her work. ‘And when I say computational system, it could be an actual computer or it could be the human mind – which I think of as a computational system too. It receives input, does some sort of computation and produces output.’
‘When you say you’re interested in language,’ she observes, ‘people always say “oh, so you want to be a writer or you’re interested in literature”. That’s not what I’m interested in. I’ve always been fascinated by the structural nature of language. What is it that makes Russian different from English? That’s what linguists are interested in – the scientific study of language.’

An everyday revolution
Natural language processing is something of a hot topic in the tech industry. With the arrival of Siri, Cortana and their cousins, people are becoming increasingly comfortable talking to their devices – in much the same way they became accustomed to touch based interfaces a few years ago. Of course, that’s not always been the case. ‘Not so long ago NLP was a very niche subject, ‘Dr Goldwater says. ‘If I tried to tell anybody what I was involved in – even if they worked in computer science – they had no idea what I was talking about’, she laughs. ‘Now the number of people turning up to conferences has increased massively.’

Make IT work

Business need drives software development; that’s why concepts like agile and extreme programming have become so popular; they allow development effort to be targeted towards what will really deliver business benefit.

And that’s great if you’re working on powerful servers, with mature platforms, using frameworks that have been developed and refined over years – you know that the security is already there from all that prior experience, even if the product is only at the ‘make it work’ stage.

But when we’re looking at IoT devices, with their small processing footprint, and myriad operating systems, there’s not always a lot of room for security, and the development focus tends to go on what customers pay for – functionality. At the moment, it’s enough that you can switch the light on with your phone.

The software running on many IoT devices right now certainly ‘works’, but is it ‘right’? What if others can switch your light on with their phones? As enterprise IT professionals implementing new technologies, these are the kinds of questions we’re more interested in. What risks are introduced by installing these devices in our infrastructure? And how do we handle those risks?

There are many different technologies in use in the world of IoT right now and in some cases IT departments may find they are simply not involved in an IoT implementation in their business. Hence, we need to arm ourselves with a practical, constructive approach to deal with common risk factors.

Are there standards we can make use of?
While international standards for an organisational approach to information security such as ISO27001 have been around for a good number of years now, a similar software-level standard has been more difficult to get in place. ISO 27034 (application security) may go some way to meeting this need but is currently incomplete.

Looking specifically at IoT devices, there are numerous frameworks and platforms to assist with interoperability – Apple’s HomeKit is probably the most well-known but this is targeted at the consumer market rather than business; all the usual players like Amazon, Google, IBM and Microsoft provide IoT integration frameworks; there are also many open source options.

Managing the risks
Many of us in IT won’t come near to the internal workings of IoT devices. But we’ve all got a duty to ensure we manage the risks facing our businesses, and make sure we, the manufacturers and vendors, don’t just ‘make it work’, we all ‘make it secure’.

Monetising the IoT

The internet of things (IoT) is exciting but simply adding sensors to every piece of equipment or every location, from shop floors to petrol pumps, is not going to change the world. While a predicted 20 billion connected devices will be in place by 2020, how many businesses yet truly understand how this connected world will drive new value and create new revenue streams?

The IoT conundrum
It is hard to find any piece of equipment that can’t be hooked up to the all-consuming IoT. The problem is that while these devices are low cost, they are also low value unless organisations find a way to capture and leverage the created data. And these devices, by their sheer number, are generating huge volumes of data.
How many organisations will have the required in house infrastructure to store or analyse this information? Or the people with the skills to determine how best to leverage this data to drive real business value? This IoT-enabled data revolution is not just about finding ways to drive business efficiency or improve customer service; it is about creating data streams that underpin new collaborative business models and can be actionably monetised.

Data driven experience
Of course, many organisations have been capturing machine data for years. Petrol stations, for example, have pump event logs that track every time a pump is picked up and how much fuel is used. Fuel, however, is just one part of the overall customer basket and represents a fraction of profitable revenue. It is the complete customer journey that is key – and linking pump activity to the rest of the customer basket can provide a chance to gain far more customer understanding and hence drive incremental sales.

Understanding value
Of course with so much potential IoT driven information and so many different areas to explore, it is tough for companies to prioritise and understand how best to derive value from this data. IoT is not a magic bullet; nor is big data analytics. And only a tiny minority of the very largest companies can justify a multi-million pound investment in the infrastructure, tools and analytics skills required to understand and prioritise the new business opportunities.

New data driven revenue streams
IoT is revolutionary, but not in the way perceived by many organisations today. According to Gartner, growing numbers of businesses will be able to use IoT analytics to drive significant revenue streams. Organisations that have never considered the chance to monetise their data now have the opportunity to mine these rich new data seems. Indeed, many of what have traditionally been core business processes could soon be superseded in value by the monetisation of IoT provided information.

Cognitive Computing

The talk is going to be about the cognitive computing era,’ says Dr Guruduth Banavar, addressing the topic of his 2017 BCS/IET Turing Lecture. Over the past few years, he explains, we’ve witnessed the establishment of a new era in computing – the age of machine learning. And, as we move into this new age, the resulting technical, professional and societal changes will be profound.

Rounding off his summary, Dr Banavar asserts: ‘It means having a very different relationship with machines. We’ll need to start getting used to having machines with us, to having natural conversations with them, and get used to the idea that they’ll be doing a lot of tasks in every part of our lives.’

Dawn of a third age
If you’re a student of such things, the Tabulating Systems Era began in the early 1900s and ran to the 1950s. The Programmable Systems Era – the if and then epoch – began in the 1950s and has served us well. It’s the foundation of much of the digital world that surrounds us.

A career in technology
Born in India, Dr Banavar spent the first half of his life there before moving to the United States. ‘I did my graduate school in the US and, after my PHD, I joined IBM at the TJ Watson research centre’ he recalls. ‘Since then, I’ve held a number of very interesting roles at IBM.’

The motivation to speak
So, why did Dr Banavar take on the challenge of speaking at the 2017 Turing Lecture? ‘Turing is one of my heroes’, he enthuses. ‘His vision of what computers can do… things like the Turing Test. It measures the limits of what computers can do. These things have always been a guiding light and are very relevant to my work.

Meeting a thinking machine
IBM’s work, and a big part of Dr Banavar’s career, have been focussed on Watson – a machine learning and natural language processing platform named after IBM’s founder, Thomas John Watson Senior.
Watson gained prominence in the popular consciousness when it won at the US game show Jeopardy!. The 2011 victory was an important proof of concept and, since then, Watson has developed many new skills.

What can cognitive do?
Cognitive computing platforms like Watson, Dr Banavar is keen to point out, aren’t intended to replace workers. Rather, the cognitive computing revolution is all about computers and humans working together.

How does Watson work?
To achieve all of this, Watson is constantly ingesting huge amounts of knowledge. When the system is asked a question it finds answers that are likely to be correct by exploring this ever growing corpus of information.
‘When a prescribed time limit has passed’, Dr Banavar explains, ‘the systems stops all the algorithms that are looking for answers and presents all of the likely solutions in a probabilistic fashion. We then use a number of different scoring techniques. They look at the accuracy of the inference and the credibility of sources. At the end of that process is a set of answers with confidence levels.’

Politicians are learning from social media

Demos is a cross-party research organisation and it has brought its investigative skills to bear on social media. The work led, ultimately, to the creation of Demos’ Centre For Analysis Of Social Media (CASM) – a partnership with University of Sussex.

From CASM came Method 52, a piece of machine-learning software that brings social media analytics and social research in-line with academic standards – rigorous standards that government is willing to listen to. And to help politicians understand its research, Demos has worked with BCS to create an innovative and visual dashboard system.

‘Around five years ago we watched the rise of social media and we thought this would be a potentially useful tool through which we can understand some of the issues that we’re already dealing with,’ said Demo’s Krasodomski-Jones, recalling the decisions that led ultimately to Method 52’s creation.

The idea seemed logical and the necessary tools appeared to already exist. ‘Coke was interested in how many times you click on its site. Nike was interested in sentiment about its shoes online,’ he recalled.

Demos explored these internet marketing insights and the tools that were used to create them. But, when it spoke to politicians, they said: ‘It’s great. It’s modern. It’s up-to-date. It’s shiny. But I can’t use this stuff. We’re not interested in the same insights Nike is interested in. We don’t know how accurate this data is and we don’t know who is represented. We don’t know who is speaking and we don’t know what’s going on inside the technology.’

Researcher and machine in unison
Five years in the making, CASM’s Method 52 is a human assisted machine learning platform. It works hand-in-hand with researchers and can be used to aid political insight through looking for patterns in huge data sets of Tweets. These sets, Krasodomski-Jones, explained can consist millions of tweets – so large they are impossible for a human to grapple with alone

A focus on Twitter
For the purpose of dealing with UK politics, Demos looks primarily at Twitter. This, of course, leads to a natural question: is Demos looking at a representative cross-section of society? Twitter is, after all, much loved by the London media set, politicians and opinion makers. Could looking at the micro blogging site lead to some kind of bias?

Refining the tool
Despite being very rigorous in its approach to analysing and understanding trends on social media, there was still work to be done. Working with BCS, Demos developed a dashboard tool that makes Method 52’s findings easier to understand. Politicians, Alex Krasodomski-Jones explained, can be notoriously time poor.

Engineering intelligent networks

According to Gartner’s forecast on Public Cloud Services1, end-user spending on public cloud services is expected to record a compound annual growth rate of 17.7 per cent from 2011 through 2016.

This creates a tremendous opportunity for broadband carriers to expand and enhance their broadband networks to better support and offer cloud services, and in fact, many ISPs around the world have already started offering cloud services to their customers, including residential and enterprises.

However, revenue decline, decreasing profitability and the explosive traffic growth on the existing networks hamper service providers as they strive to innovate and differentiate themselves from competitors.

Service providers want to offer cutting-edge and personalised cloud solutions to their customers while they also look to improve operational efficiency, accelerate network deployment and lower total cost of ownership. The challenge of migrating existing network architectures, managements and policy frameworks is impacting providers around the world as they work feverishly to ramp up to this new area of opportunity and demand.

Cloud services are generally understood as being combinations of communications, storage and computing services that enable convenient, on-demand access to a shared pool of configurable, rapidly provisioned resources.

These cloud computing environments require networks that can cope with high levels of traffic, as well as frequently changing types and patterns of traffic. Many of the concepts inherent in cloud services are not new, but are becoming more economically feasible and IT attractive with advances in technologies and market developments.

In considering cloud services provided in the context of multiservice broadband networks, there are a number of approaches that could be considered. These alternatives are illustrated in the following figures, indicating potential new cloud service related functions.With the creation of the Broadband Forum’s Cloud Intelligent Broadband Network (CIBN) project, service providers are being given the tools to take advantage of these market developments – helping them migrate to a cloud supporting network, reduce costs and enhancing revenue opportunities. The goal of this project is to provide the industry with the specifications needed to capitalise on the cloud service opportunity, ensuring the delivery of new services without cannibalising older ones.

This two-phased cloud project is focused on transitioning the multiservice broadband network to address the cloud requirements, incorporating a holistic approach that addresses not only the architecture, but management, policy control and the quality of experience (QoE) of cloud service offerings, while leveraging technologies such as SDN and virtualisation.Progress in SDN and virtualisation is coming fast and furious as customers increasingly push operators to find methods to provide more bandwidth or deploy applications. The world is becoming increasingly software-centric and virtualised, and getting the most efficiency and value out of data centres, along with their seamless connectivity and interoperability with evolving network operator infrastructures, is Broadband Forum’s top work in progress.

Big data trends

Big data has a huge crossover with the business intelligence world. But recently analyst Forrester commented that most organisations still analyse structured and unstructured data in silos, using different tools and serving different use cases. ‘The techniques used, such as statistical analysis, machine learning, natural language processing and artificial intelligence are now bringing text analytics closer to the world of business intelligence’ they say.

Burgeoning technology such as the internet of things (IoT) with its obvious connection to big data due to the sheer amount of data that can be produced means that there will be some tensions in the use of the data. Forrester mention in a recent paper that ‘enterprise applications must handle IoT data in two ways: 1) analyse large volumes to find patterns and insights that can be valuable in the future and 2) perform streaming analytics to glean immediate, actionable insights.’

2015 will be the year, say the likes of PricewaterhouseCoopers (PwC), that analysing the data collected via sensors from the internet of things will really kick in. But as more data is collected, processes will need to be decentralised to provide agility in its use. In their survey ‘Guts & Gigabytes’ PwC showed that 41 per cent of British executives use their intuition and experience in the decision-making process but only 23 per cent uses data and analytics.

Getting big impact from big data
Earlier this year McKinsey Quarterly ran an item on the efforts that organisations are making to turn their use of big data and data analytics into large-scale benefits. They note that some of the obstacles to that include a lack of willingness among leaders to invest in analytics and the fact that when analytics are undertaken users are either unable to correctly understand it, or don’t have the confidence to implement the changes suggested by the results. The piece goes on to suggest ways to make an organisation more receptive to analytics through change management and redefining jobs where needed.As with their pioneering use of 3D printing, Formula One racing teams are making good use of big data analytics and have been for some time. The technical demands are high, with hundreds of sensors providing thousands of data points for analysis. In Formula One these include such things as tyre pressure and fuel burn efficiency, which have to be collected in real-time for very quick analysis by race engineers onsite. A Forbes piece by Frank Bi on this looks at how Red Bull Racing and driver Sebastian Vettel used big data in 2012 to fix damage to his car during a pit stop, leading to a race strategy change that helped Vettel win the world championship.

Demystifying the dark web

As you read on, we’ll explore how the ‘dark web’ works, how big it is (and it is huge) and how most of it is relatively benign, but has gained notoriety because of a few places where illegal goods and services are sold to anyone willing to pay the price – and to take the risk.

What is the ‘dark web’?
Read the term dark web and most people’s minds leap immediately to the stuff of lurid headlines. The media often portrays the dark web as a den of vice and iniquity – a place where you can buy guns and drugs as readily as soap in your supermarket. And sure, there is criminality on the dark web. But this isn’t the whole story by any means.
The dark web also goes by another, much less dramatic name: the deep web. The deep web is probably a more correct term because it conveys the idea that the internet is like an iceberg.

A route to the dark web
The dark web is generally considered to be a group of websites which exist on a special type of network that cannot be seen by the ‘normal web’. They are powered by places like ‘The Onion Router (TOR)’ (torproject.org),’I2P’ (geti2p.net), and ‘Freenet’ (freenetproject.org), all of which offer specialist pieces of software which allow you to access the websites on the dark web.
Once you have one of these pieces of software installed, you can potentially access any of the websites on the dark web which comply with your software’s protocols. It is worth noting though – often the most nefarious and notorious dark web sites also require passwords and access is by invitation only.

How does the dark web work?
Each web address or website on the dark web represents a starting point, or node, which allows the connection to reach the server the website is actually stored on.
These starting points, or nodes, provide access to a network, connected in a way to protect the identity of the person or people who run the websites which make up the dark web. All of these connections are encrypted, and it is almost impossible to block access to these networks.

What can you find on the dark web?
You can find a lot of different things on the dark web, however you can only access a very small percentage of them using the encrypted networks. It is worth noting that many criminals, hackers and undesirable people have made the dark web their home.

Strong women want to code

Why don’t we have more women in technology, or in business in general? It’s one of the biggest cultural questions of our time, but perhaps the best thing about my job is that every day I get the opportunity to play a personal role in trying to solve it.

As a mother and a leader I do find myself questioning why the problem is taking so very long to solve. Logically we all understand that diversity of gender, religion, age, ability and culture makes teams and businesses more dynamic, more successful and a better breeding ground for creativity.

Consulting firm McKinsey & Company has estimated that ‘companies in the top quartile for gender diversity are 15 per cent more likely to have financial returns above their respective national industry medians.’

Even in companies like Cisco where we focus a lot on this issue, we still have work to do. I try not to be offended when a peer of mine, like me, a senior sales leader, calls me ‘kiddo’. But I doubt he would use the same greeting were I not a women. It is this notion of unconscious bias that the BBC journalist and author, Kate Russell, recently spoke about when she joined our annual Women of Impact Conference at Cisco.

She called her presentation ‘Girls Don’t Game’ and the core of her message centred around the fact that actually women in technology also share many of the same unconscious biases as men. As a child she had questioned her right and credibility to game, something she still enjoys doing to this day.

So her presentation made me think about myself and whether I am actually a good role model to my three kids. After all, I have encouraged my son to code, but perhaps unconsciously haven’t done the same with my two daughters, who do not.

Recently I was with some of my closest women friends, who are all hugely successful, interesting and grounded. They are some of the ones who have been fighting this cause for close to 30 years and come from various places around the world: Singapore, London and various parts of the United States. I asked them ‘Are we actually making any progress?’ Gladly the answer was a very loud ‘YES!’

However, we all agreed the change is happening too slowly. My personal view is that we must keep pushing forward. This isn’t just critical for our daughters but also for our world. And it’s this opinion that was reinforced by another speaker at our Women of Impact conference at Cisco. We had the privilege to listen to Halla Tomasdottir. Halla is a remarkable woman, person and leader that led the ONLY successful financial services firm in Iceland through the country’s well publicised financial meltdown.

I am not saying that her company was only successful because it was led by two women, but they embraced a culture of being conscious and collaborative, versus the greed some associate with other parts of the banking industry.

Halla’s ambition knows no bounds; she is now running for President of Iceland! Yet she brings with her a thoroughly human and authentic style which we all warmed to. Her final quote made me want to laugh and cry at my own journey as a mother and leader: ‘I want every girl that is told she is bossy to know she has leadership skills!’