Archive for November, 2017

What is the Internet of Things?

The Internet of Things is a collective term for hundreds of devices that can connect to the internet wirelessly, and possibly connect to each other as well.

Some of the most common questions asked are :

What is the Internet of Things?

What are Internet of Things Devices?

How Does the Internet of Things Work?

How do IoT Devices Communicate with Each Other?

What is a Smart Device?

Whilst wireless devices are not new, what is new is the growth, and anticipated growth, in such devices, which is massive and set to explode in the next five or ten years. Many of these devices, which cover all areas of modern life, are being rushed to market, often with inherent security weakness’s as a result.

The Internet of Things is perhaps best understood by the following scenario.

Driving home from work, your car automatically detects that you are approaching home. Your car automatically opens your garage doors, turns on the lighting in your home, turns on the central heating in your home, switches your oven on, starts playing your favourite music that it has taken from your playlists on your smartphone.

As you get into your garage, you see the groceries that have been automatically delivered to your home. This was done buy your refrigerator realising that it had run low on a number of items and had contacted your local grocery store.

The grocery store had updated your normal inventory, automatically debited the money from your bank account and delivered your groceries. To some people, this scenario sounds like a dream, to others like a nightmare.

In any event, the Internet of Things refers to a world Web watch everything is connected wirelessly, with a huge range of privacy and cyber security implications involved. To people who think the above scenario is a kind of fairytale, the reality is that it is happening at the moment.

It is being driven by the major tech companies in the same way that cell phones and smart phones were being driven by phone companies a few years ago.

The range of Internet connected devices and wearables and products is growing at a huge rate, and it is only a matter of time before the Internet of Things, a wirelessly connected world, becomes more of a reality.

INTERNET of THINGS – SMART HOME

The smart home has become the focus of where the Internet of things is seen as developing, see Amazon’s Echo, but is closely followed by the healthcare industry where wireless connection of devices is already gathering significant momentum. Other areas of industry and finance and commerce are moving forward a pace as well.

The issues concerning cyber security are enormous, and the need for some type of cyber insurance staggering. If everything that you own, buy or wear can be connected wirelessly to the Internet, then it can also be theoretically hacked, or have some other way of some type of malware installed in the system.

This means potentially an individuals home is at risk, their car is at risk, their body is at risk if they have something like a pacemaker fitted, their pet is at risk if it is microchiped, as well as all their day-to-day activities being at risk such as banking, shopping etc, especially if being done on a smart phone or mobile device.

The other way that the Internet of things impacts hugely on cyber security is simply that any employee or volunteer will be taking their connected life with them into their place of employment or work, meaning that anything on or about them that is wirelessly connected will then feed into the IT infrastructure of their place of work.

This means that any organisation or businesses IT systems and networks can immediately be exposed to a wide range of wearables and devices that the IT system administrators have no real control over.

This of itself poses significant risks in terms of a data breach, in addition to the unpredictability of whatever wearable or device an individual may unwittingly bring into their place of employment or work.

 

What is an Effective Cyber Security Policy?

Cyber security means different things to different people, and this can be one of the problems in creating a relatively good cyber security protection system within any organisation or business.

Some of the most common questions asked are :

What is  a Cyber Security attack?

What is a Security Network?

What is a Cyber Security Policy?

What is Cyber Crime?

What is  a Cyber Security Engineer?

In a number of organisations, staff employed or think of cyber security as being the realm of the IT guys. To them it means the risks of a network being hacked by someone and stealing data, and it’s down to the IT systems professionals to protect the network through firewalls etc.

Whilst this is certainly a large part of cyber security, the danger in this understanding is that it leaves out the day-to-day activities of people employed within the organisation. These account for the bulk of the activity through networks, and it is day-to-day activity that in many ways poses a much greater risk for many organisations.

This is not so much an issue around complacency, as around getting staff or people working/volunteering in any organisation or business to appreciate the real risks posed by doing any activities online, on any device, at any location.

Any organisation or business will be acutely aware how internet access has changed profoundly over last few years, not only in terms of broadband speeds, but in terms of how people access the internet through smartphones, tablets etc. There is also the strong drive/push by many organisations and government agencies to push people to use the Internet to do their daily chores.

CYBER SECURITY – INTERNET USAGE

It is worth recapping the various areas that people use the Internet for. People employed in any organisation or business likely to use the internet at that place the employment not only for company business, but also for their own day-to-day activities.

This invariably puts the company or organisation at risk of a data breach, and it is important to understand the dangers of this happening.

CYBER SECURITY – EMAIL

Email – email is still used by most people as a primary means of communication, both to work colleagues and to friends/family.

Whilst a company/organisation should have its own anti-virus and anti-malware software installed, there still a danger through unsolicited emails of introducing malware into the network. It is estimated that between 85 and 90% of all email sent is spam.

Surprisingly many people do click on spam links, partly because a huge amount of spam is directed at pharmacy medications and Viagra, which can sometimes be made to look convincingly professional.

The risks of clicking on any type of spam email, or opening any attachment from an unknown source or that it will introduce some type of malware into the organisation’s IT system, with potentially highly damaging effects.

CYBER SECURITY – BANKING and FINANCE

Banking and finance – most of the major banks are increasingly persuading/forcing customers to do their banking online, which again raises real security issues, often through email.

Many of the scams people fall for stem from emails sent to them that purportedly come from their bank, or from their credit card company or organisation such as PayPal.

These scam emails will contain links within them encouraging individual to click on the link and either enter a password or confirm some other details. This type of scam invariably leads to disclosure of critical private information from individual, which usually results in monetary loss and/or the risk of identity theft.

CYBER SECURITY – SOCIAL NETWORKING PROFILES

The other huge area of potential risk is through social networking. People quite happily post a huge amount of private information on social network sites such as Facebook/Twitter/Google + etc, which presents a potential minefield in terms of privacy and identity theft.

The danger is that enough information could be gathered about an employee through that social networking profiles to allow hackers/criminals to gain access to a company’s network through posing as an individual connected to that organisation.

The other main areas of Internet usage tend to relate to areas such as online shopping, online gaming and gambling, downloading and distributing videos and file sharing. Whilst internet usage itself is not primarily dangerous, the issue within an organisation/business is that of cyber security.

All the above activities when carried out within an organisation or business environment can potentially expose the security of the network through unintentional personal carelessness.

The main way to protect the organisation/business against risks outlined above is really through education, and having policies and procedures in place which help staff and volunteers to remember the potential dangers that daily online activities can expose them to.

CYBER SECURITY – PASSWORDS

Changing passwords is a classic example. Every cyber security guide there is encourages people to change their password regularly, but most people don’t. If they do, they change it to something memorable so they don’t forget it.

Changing an attitude or culture within any organisation is difficult, but an area of website security it can be increasingly dangerous or financially damaging not to.

CYBER SECURITY – INTERNET of THINGS

The other huge area of cyber security which is likely to become dominant in the next couple of years is what is referred to as the Internet of Things.

This refers to the ever increasing installation of wireless capable activity into and onto such everything that people own, eat, where, buy or in some other way have about them on their person or in their person in daily life.

The intent is to make people and their daily activities always connected to the Internet. This may take some time to achieve, but is being driven by all the major tech companies and all the major manufacturers.

This means in simple language that everything from clothes to watches, spectacles, shoes, refrigerators, ovens, speakers, televisions, cars, pacemakers, public transportation etc are becoming, or soon will be, wirelessly connected. To some people, this scenario is a dream, to others it is a nightmare.

However it is likely to become a reality of some description within the next few years. It is largely been driven by the belief that the more people are connected wirelessly to their lives, the more goods and services can be sold to them, and the more profitable large manufacturers and tech companies can come.

Whatever the ideological bent about the Internet of Things, perhaps the major issue is cyber security.

If peoples lives are literally connected with the world online, it will expose then and their possessions to extensive cyber security risks, both in terms of hacking and other risks as outlined above, and will require extensive rethinhing about different types of insurance and risk management.

What does Big Data and Predictive Analysis Really Mean ?

One of the problems with understanding Big Data, is that the term itself means different things to different people !

Some of the most common questions asked are :

 – What is Big Data all about?

 – What is the Big Data Market?

 – Why is it important to use Data?

 – What is Strong Data?

 – What si Big Data Used For

There are however two main areas of the term that most people recognise, and in reality cover the present reality. It is important to realize that we are really only just at the beginning of what Big Data means, what the implications are and its relationship to Artificial Intelligence.

The two main areas referred to above are the amount of information posted by and about people online, and the amount of information made available by governments, business’s etc. The scale of the amount of information that is posted online is almost too big to quantify.

What is important to realize is that this type of information, i.e. blog posts, social media posts, videos etc don’t fit into the traditional format of a database, and as such cannot be analysed in the same way. In relation to Big data, this mean new ways have to be found to both store and analyse this information.

In terms of governmental information, Big data is at its simplest just that. Huge amounts of data/information that are produced by governments, businesses and other organisations, some of which is made public, some of which is kept private.

The issues around big data are complex and varied. The primary concerns have to be those of privacy and cyber insurance/cyber security.

The sheer volume of big data, however you may come to define that term, means that a significant number of different people and different networks will be involved in processing and using the information. The privacy issues of big data are significant.

However much the information is anonamized, the implications regarding the data being hacked and personal information on individuals being gathered is significant. Identity theft is a significant cyber insurance and cyber security issue, yet one that remains under the radar for many people.

In most instances, cyber security has at its core the issue of a data breach occurring, and the implications thereof. Given the sheer fact that big data implies a huge increase in the volume of data being processed, both structured and unstructured data, the number of servers and networks involved also going to be significantly increased.

The logic therefore dictates that the risk of cyber security threats that would apply to one network within a company or organisation will be multiplied many times over.

Big Data – Government

Most governments in the West actively encourage the release of big data relating to many areas of government and life generally. This in part is because governments believe it shows an openness in their storage of information, which may be true or not, and because it allows an unprecedented level of predictive analysis of trends and behaviour in society generally.

The US government website has huge amounts of big data available relating to a wide range of areas, listed below.

Agriculture

Climate

Consumer

Ecosystems

Education

Energy

Finance

Health

Local Government

Manufacturing

Maritime

Oceans

Public Safety

Science and research

BIG DATA and BUSINESS

Whether or not many businesses want to get involved with big data, often they do not really have a choice.  It is more an issue of how they analyse and use the data that is flowing through them, both to enhance their business and also to promote their industry.

The issue is really about how to make sense of the huge volumes of data in ways that benefit their company as opposed to being overwhelmed by it.

Predictive Analysis

Predictive analysis is the phrase that has given to the manipulation of data into formats and charts that make sense of the information in a way that is useful. Predictive analysis of the data as to add value to any organisation, government or business.

It has to help them understand potential future trends, both in their underlying business as well as consumer or citizen habits. Predictive Analysis will to a large extent also show likely developments in individuals lifestyles and behaviours, as part of a wider pattern.

Such analysis will inevitably mean more information being gathered from consumers/ordinary people in order that predictive analysis have some meaning. This inevitably raises even more privacy concerns and cyber security threats and need for cyber insurance planning.

BIG DATA and ARTIFICIAL INTELLIGENCE

The whole area of artificial intelligence is relatively new, but one being heavily invested in by the major tech companies. The aim behind a lot of artificial intelligence research is to allow it to automatically analyse and manipulate the data by itself, without the need for human intervention.

The growth of artificial intelligence and robotics is one that will profound effect on the issue of big data and how it is used. The cyber security implications need to be part of any process of form regarding the storage, usage and predictive analysis of the data by whoever is storing it.

BIG DATA and HADOOP

Hadoop is an open source structure that can be used to store and manipulate sets of big data. Hadoop acts as a system that allows it to monitor clusters of computers to allocate types and amounts of different  jinformation in the most efficient manner possible.