National Coding Week 2015 – older people can learn programming skills too

National Coding Week ran from 21 to 25 September 2015, aiming to teach coding and digital skills to adults across the UK.

Those wanting to get involved joined in events and learned skills online or face-to-face to encourage more people to step across the digital divide.

Co-founder Richard Rolfe said he thought of the initative after he left teaching to recover from a serious illness.  

In a meeting with an ex-student who was running a web development business, Rolfe was left feeling as thought technology was only for “younger people”.

“I wasn’t into coding and all that kind of stuff, and I thought: If I’m 50 or so, can I learn these skills?” Rolfe explained.

But after researching around the subject area, Rolfe found the skills gap was soon to become a skills chasm, and children were the only ones being trained to fill it.

“There were lots of jobs that were unfilled and projections about them increasing within the technology space – particularly in coding and programming.” Rolfe said.

“All of the efforts were going into teaching children, older people were being written off.” 

After teaching himself coding through online tutorials in 2013, Rolfe wanted to teach unemployed or older people those skills.

Teaching skills, building confidence

He and his ex-student co-founder ran a trial week, after which 80% of the attendees went into a job in coding or related fields – so Rolfe decided to run the event again.

“Yes, coding and technology are important for the future generation – but what about those people who are adults who think they’ve missed out?” said Rolfe.

“We try and tease them into this digital world, build their confidence, give them some skills and then if they want to know more that’s great; if they don’t want to know more, that’s fine too.”

The scheme has attracted a lot of support from teachers, many of whom feel they have not received the training they need. “The children are running away with their learning,” leaving parents and teachers “disenfranchised" as they fail to keep up, said Rolfe.

Read more about digital skills

  • Tinder, the digital inclusion agency, has funded an innovation product allowing libraries to teach community members digital skills.
  • The government has invested in Stem initiatives but the IT industry still thinks it could be doing more to fill the skills gap. 

He said the number and variety of people taking part in the week surprised him. The mix included teachers, parents, the unemployed and business managers.

“In the past, business leaders have felt embarrassed to ask questions with regards to digital,” Rolfe said.

He said the lack of digital skills higher up in organisations often leads to business leaders opting for outsourcing contracts.

“If they don’t know anything about digital or coding or technology, or analytics or big data, then they’re going to miss opportunities in the global economy,” Rolfe said.

Digital literacy for wide range of careers

National Coding Week events used languages from CSS to JavaScript, but Rolfe pointed out that a technical background could lead to many other career paths – such as in marketing, design or team leadership.

“I don’t think coding is necessarily where the future is,” said Rolfe.

“You need teams of creative people who aren’t afraid of technology.”

Rolfe said he plans to use case studies from the events to inspire people who weren't interested in the coding side of a digital career, but need “wider digital literacy skills”.

“We want people exposed to it – but they need to find a route because digital encompasses so many routes, and you don’t have to be stuck down just one, but understanding coding at the core is important.” said Rolfe.

In 2014 the initiative attracted over 1,300 interactions online, was hashtagged on Twitter more than 155 times and written up in more than 30 articles. This year was even bigger.

In 2016, Rolfe wants to involve more libraries, more adults from school communities and expand into the US and Australia.

“We are seeing the effects of last year’s national coding week now and next year we’ll have an even bigger caseload of people that have changed their lives as a result.” Rolfe said.

“We want this to be a movement that says: Older people can learn these skills too.”

Read More »

European IT budgets expected to fall in 2016, research reveals

IT departments have plenty to plan for in 2016 with Windows 10 upgrades and Microsoft SQL Server and Server 2003 refreshes, yet their budgets are expected to barely budge over the coming year, according to a survey by Spiceworks.

While North American IT professionals anticipate a slight lift in their 2016 budget, European IT pros predict no increase at all.

The survey of more than 800 IT professionals on the Spiceworks social network revealed that 38% of IT professionals think their budgets will increase in 2016, while 42% believe there will be no change and 10% anticipate a drop in funds, with the other 10% not sure.

Globally, annual budgets for IT were expected to increase on average by just $2,000, from $291,062 in 2015 to $293,094 in 2016, while in Europe IT budgets were projected to decrease by an average of $668.

Despite this, the survey revealed that IT professionals have plans for major migrations in 2016, with 64% claiming that end of support for products would be the driving force behind new hardware, software and services spending.

A total of 60% of IT professionals surveyed said they do not expect their IT staff to increase in 2016.

According to Spiceworks, the top operating system initiatives for 2016 are upgrading to Windows 10 and migrating from Windows Server 2003. In addition, surveyed IT professionals who have allocated budget to operating system upgrades expect to upgrade older hardware during these projects.

Some 53% of European IT professionals said they plan to invest in Windows 10, which is 6% higher than the global average. Additionally, 28% said they are planning a Windows Server 2003 migration and 8% said they are planning a Microsoft SQL Server 2005 migration, which Microsoft will no longer support after April 2016.

Read more about IT budgets

The largest chunk of IT budget – 37% – is expected to be spent on hardware, which is 4% less than in 2015. Software is predicted to account for 31% of IT spending, compared with 33% in 2015. Managed services spending is expected to increase by 3% to 13% in 2016, while cloud spending is set to increase by 2% to 14%.

As previously reported by Computer Weekly, CIOs' IT budgets have also been heavily affected by the strong US dollar, which has made hardware 20% more expensive. Some IT departments have acquired servers in the current quarter to avoid even higher costs in 2016, when the strength of the dollar could increase further.

Meanwhile, the Spiceworks survey also revealed that 54% of IT professionals in Europe do not feel their organisation is adequately investing in security.

Read More »

Risky and untested: What went wrong with the ESN procurement?

With a fully constructed and paid-for network spanning 99% of the UK’s geographical area, one could easily be forgiven for thinking that long-standing incumbent emergency services communications supplier Airwave would have been a serious contender when the Home Office kicked off the Emergency Services Mobile Communications Programme (ESMCP) – a procurement to replace its terrestrial trunked radio (Tetra) network with a 4G LTE system called the Emergency Services Network (ESN).

For a while it was. Airwave was the only supplier invited to bid across three lots of the four-lot programme. However, in early 2015, the procurement began to break down, ultimately resulting in the current near-farcical situation of having two lots out to tender with only one bidder on each and one potential lot with no bidder at all.

On 11 February 2015, it emerged Airwave would no longer be taking part in the ESN procurement. As Computer Weekly revealed at the time, a source close to the procurement said that, in private, it was considered Tetra was too old, too costly and too inflexible to meet the changing needs of the UK’s emergency services.

But now, Airwave’s side of the story of what really went wrong can be told, and along with it comes a warning that the UK government may be setting itself up for another costly IT disaster and a potential public safety nightmare.

Tetra: The right system at the right time

To understand the problems that have dogged the ESN procurement process, it is first necessary to understand a little more about Tetra itself.

First developed in the 1990s by the European Telecommunications Standardisation Institute, Tetra was designed from the outset as a targeted infrastructure for emergency services customers. Ambulance, fire and police services all rely on mobile radios to communicate in the field – and Tetra is the technology they rely on.

It is based on digital, trunked radio technology and includes mobile radio, paging and wireless data features. Tetra-based hardware also comes with encryption hardwired into it and – when first developed – was able to transfer data packets much faster than existing mobile technology, to the extent that Airwave became the sole supplier to the UK’s emergency services.

However, it will eventually become obsolete, and the Home Office believes 4G LTE mobile networks will one day supersede Tetra. This is why it left no place for Tetra in its procurement and set out a plan to procure an enhanced mobile service over a commercial 4G network – with priority routing for emergency services traffic.

The logic behind using an existing commercial network was partly a logistical one, in that there was no spectrum available to buy a dedicated mobile network for the blue light sector, and partly a financial one, in that in these times of austerity there was no money available either.

Airwave’s CEO, John Lewis, fully backs the Home Office’s view on the eventual dominance of 4G, as he takes care to point out when he sits down with Computer Weekly for a no-holds barred dissection of the process.

“The first thing you have to understand is that we fundamentally agree 4G LTE is the right system for the future of public safety communications, and that’s an important point to register. The problem with 4G LTE is that it is not the best system currently,” explains Lewis.

“The best system in the world today for what we do is Tetra. The reason for that is Tetra is a proven and trusted mission-critical voice system.”

This view was echoed by many when the procurement began, including the then shadow policing minister Jack Dromey, who accused the government of acting with “unseemly haste” in its rush to replace Tetra.

As Tetra is such a critical element of the current emergency services communication system, it is vital the ESN procurement is fit for purpose and can transition seamlessly.

The consequences for public safety if something were to go wrong would be dire. Imagine the consequences for the victim of a car crash in the remotest part of the Highlands if the first responder could not request an air ambulance, or for London if it saw a repeat of the 7 July 2005 bombings and nobody could call for help.

Risk for no reward

According to Lewis, the procurement came with a number of risks attached to it. Firstly, the standards for mission-critical voice over LTE (VoLTE) have yet to be agreed or specified, and will not be until long after Tetra is switched off in 2020.

This means features such as group calling, handset-to-handset communications and the all-important emergency button – which is used by a police officer somewhere in Britain every six minutes on average – will not be ready in time for the final switchover to ESN.

“The government is addressing that through using pre-standards systems, which we have looked at, validated and demonstrated, but those pre-standard systems have never been deployed on a national scale anywhere in the world. This is high-risk adoption of immature technology,” says Lewis.

“The second issue is really about the maturity of LTE networks and their ability to provide the coverage and the resilience the emergency services need. The roll-out of those networks will not be sufficient in the timeframe the government is aiming for.”

Given that 2G and 3G networks still do not cover the entirety of the UK, in Lewis’s view it is simply not worth the risk to assume 4G will be fully available by 2020. “We have experience of building a Tetra network in these remote areas, so we know what it takes,” he adds.

Convinced the technology and infrastructure were too high risk and the commercial model didn’t really work, Airwave elected not to bid on Lot 2, User Services, or the deleted Lot 4, Extension to Mobile Services, and articulated these concerns to the Home Office at the time.

For a little while, it remained involved with Lot 3, Mobile Services, alongside its strategic partner, Hutchison Whampoa’s Three.

“When we submitted our bid, we made it very clear we didn’t think the timeframe was achievable. We outlined our view of the risks on what the government was trying to achieve,” says Lewis.

“In all my experience of bidding on these things, that doesn’t normally set you up to be selected on the shortlist, but we thought it’s better to be honest about what we thought the industry was feeling,” he says.

Airwave was not selected. Instead O2 and EE were invited to submit their final tenders. Following O2’s withdrawal – citing almost identical concerns to Airwave’s – EE remains the only bidder and therefore the presumptive supplier on the crucial Lot 3.

On Lot 2, meanwhile, Hewlett-Packard’s withdrawal – again citing concerns over risk – has left Motorola as the only company bidding for Lot 2. The tender process for Lot 1 concluded in early September 2015, with Kellogg Brown and Root winning out.

“To put it simply, the new technology is not ready. You don’t throw out old technology until new technology is ready. Motorola, the only bidder left on Lot 2, says LTE won’t be ready until 2020 or 2022, so even the government bidders who are going to deliver the system don’t think it will be ready,” says Lewis.

ESMCP: The wrong procurement at the wrong time?

Although he is no longer involved in the process and can speak only at arm’s length, Lewis maintains a certain amount of sympathy for the Home Office’s situation, saying it had done everything it should and could have done.

The Home Office talks about cheaper, faster and better. Quite rightly, it’s looking at driving efficiencies with austerity, improving its capabilities as technology evolves and doing better things with it,” he says.

The Home Office could never have just renewed the Tetra contracts as it had to run a procurement. However, with Airwave at the end of its contract and holding a paid-for asset that will cost less in the future – neatly knocking the austerity argument on the head – and 4G networks already good enough for non-mission critical processes, it seems it was just the wrong procurement at the wrong time.

“They have to understand and approve what the market can bear. It’s perfectly reasonable to run a procurement to test what the market can do, but the market’s telling them it’s too soon because they’re left with one bidder in Lot 2 and one bidder in Lot 3 and no bidder in Lot 4,” says Lewis.

The fact that Lot 4 was revived barely eight months after it was axed also suggests the government has no answer for how to provide coverage in remote areas, most of Scotland and Wales, the London Underground or for air-to-ground communications with emergency service helicopters, which are all crucial elements of a national plan.

So what should have happened? Lewis says the right answer would have been to continue to use Tetra until 4G LTE was good enough to implement – in effect – a parallel system.

“Users would have had two devices: Their emergency radio and a smartphone, whereby commercial LTE brings them the business process improvements. You run those together and at some point LTE overtakes Tetra and then you switch over, in a timeframe that’s probably somewhere between 2020 and 2025,” says Lewis.

Looking to the future

With Tetra eventually on the way out, it is inevitable Airwave will have to evolve. Lewis is leading the firm down the route towards becoming a company less known for its network asset and more for its services offering.

Airwave has taken to 4G services like a duck to water, supplying its Pronto application suite to a number of police forces, enabling officers on the beat to easily and quickly go through processes such as issuing tickets and fines, booking an arrest or checking someone’s details on the Police National Computer.

To date, 15 forces have bought into Pronto, says Lewis, which he sees as an indication of the relationships Airwave has built up with its users.

“We are the trusted brand for emergency services. They know and like the quality – a third of the police forces have entrusted us with dealing with the digitisation of their capabilities, and there are a few more we are talking to and hope to bring on board as well, so there’s a big aspect of evolving the system in the market, which is a big part of what we do,” says Lewis.

Tetra isn’t going to go away for at least five years: The fire service has recently signed a national extension to keep using its radios right up until the network is switched off at the end of 2020; the ambulance service’s contracts don’t expire until then either.

Elsewhere, Airwave is taking Tetra into Germany, where it is currently advising the government on its network build, and has also opened a satellite office in Dubai to support its work in the Middle East.

Rural broadband

But what of Tetra? What of its sites and what of its spectrum? The spectrum will ultimately be returned to the Ministry of Defence when Tetra is switched off, but that doesn’t mean it will necessarily be taken out of use.

One area Airwave is actively exploring alongside the Department for Culture, Media and Sport (DCMS) is the repurposing of its infrastructure for rural broadband. Lewis believes the demand is clearly there and the will from government could be there to repurpose Airwave’s infrastructure into a much-needed element of the consumer broadband roll-out.

Lewis concludes: “I guess the re-issue of Lot 4 is interesting because it says the Home Office doesn’t have an answer to the complete challenge it’s trying to solve.

“It neatly fits into the discussion about rural broadband – if the government is trying to solve the rural problem in multiple ways, there’s a sensible answer there, which is to do it once. I think this seems to be leading to a proper debate about how you address rural communities. We’re excited to see where that leads in the coming months.”

Read More »

London launches cyber defence centre for small businesses

London’s deputy mayor for policing and crime Stephen Greenhalgh has launched a public-private partnership initiative to help the city’s small businesses protect themselves from cyber criminals.

The first of its kind in England, the London Digital Security Centre (LDSC) has been set up by the Mayor’s Office for Policing and Crime (Mopac) as part of the mayor’s business crime strategy and is staffed by a team of professionals from the civil service, law enforcement and industry.

“This is a landmark because we have moved from strategy and aspiration to action, and today sees the start point of thinking about how we protect London’s micro to medium-sized businesses,” said Greenhalgh.

There is a “huge amount of goodwill”, he said of bringing together policing, technology, business and ethical hacking expertise. The LDSC offers the latest cyber industry guidance through its website, roadshows and advice surgeries. It also offers expert security assessments and digital footprint reports to enable small and medium-sized enterprises (SMEs) to identify and resolve vulnerabilities.

“Above all, the mission is to prevent crime from happening in the first place by ensuring that businesses are as diligent in ensuring their digital infrastructure is robust and as hard to penetrate as they are about protecting their physical office space and assets,” said Greenhalgh.

“It is hugely important that we focus on London which has a massive part to play in the national economy as do small businesses which provide around 50% of employment in the capital.”

Mopac is providing £325,000 funding over two years to establish the LDSC, after which it will be self-sufficient, paid for through revenues generated from the sale of its services and from donations.

“The success of the LDSC will depend on the good will of London’s businesses and the Metropolitan Police’s Falcon cyber crime and fraud unit, and the expertise of technologists to come together to provide a one-stop shop for small businesses to help ensure that London is the best and safest place for small businesses to thrive,” Greenhalgh said.

Falcon officers will be working with the LDSC to help arm SMEs with the tools and knowledge they need to better protect themselves from fraud and cyber crime.

In addition to the Met’s Falcon unit, the LDSC involves the National Crime Agency and the City of London Police, working in partnership with academics, and businesses and technology firms, including Barclays, the Royal Bank of Scotland and BT.

Read more about cyber security for SMEs

SMEs lacking resources to fight cyber crime

Millions of pounds are lost to cyber crime each year and online security is a growing concern for SMEs with 250 or fewer employees that face many of the same threats as larger organisations, but typically lack the resources to address them.

According to the government-sponsored 2015 Information security breaches survey conducted by PwC, 74% of UK SMEs were hit by cyber attacks in 2014-2015 and 16% had their network hit, losing both sensitive data and the ability to trade.

The LDSC, which builds on the model used in Scotland by the Scottish Business Resilience Centre, is aimed at providing affordable access to support from the professionals in the fields of digital policing and cyber security.

LDSC head Patrick Nuttall said: “We have consulted extensively with SMEs in London and we know the demand is there for a trusted, affordable resource to provide cyber security advice and support.

“The LDSC is here to help London businesses that may not be able to afford the in-house expertise found in larger companies to identify and manage cyber risks, enabling them to safely harness the power of technology,” he added.

Nuttall said the aim of the LDSC is not to compete with commercial service providers. “We are here to fill a gap, but once SME have started to do basic infrastructure hardening and looking at more complex issues such as user behaviour, that is when the private sector can start to help,” he told Computer Weekly at the launch.

“Once SMEs start doing the activities, they will start to understand the business impact of cyber crime and appreciate that they really need to make the investment in professional services.”

Alan Seldon, operations director at Voneus Limited, a digital telecommunications agency whose systems have undergone testing by the LDSC, said: “No company should be complacent about the possibility of being targeted by cyber criminals and held to ransom, which is massively under-reported because companies do not want to risk any reputational damage or loss of confidence.

“Like all SMEs, we cannot dedicate a full-time resource, so it makes sense to bring in the experts at the LDSC to test our systems and to provide advice,” he added. A small investment could potentially mitigate against a large loss, and by using the LDSC we are able to protect ourselves as much as possible.”

Read More »

Facebook court judgement threatens Safe Harbour data-sharing agreement with US

The European Court of Justice (ECJ) will give its final judgement in the case against the Irish data protection commissioner Helen Dixon and Facebook on 6 October 2015 at 9.30am.

The judgement could have profound implications for the high-tech relationship between the US and the European Union (EU), if it rules as illegal the Safe Harbour agreement that permits US corporations to send European data to the US.

The Safe Harbour agreement is at the heart of the case, because Facebook – the other defendant – cannot use its US-based cloud storage without the consent of the EC through the Safe Harbour agreement.

The case was brought by the Austrian law student Max Schrems, 27. He challenged the legality and effectiveness of the EU/US Safe Harbour data-sharing agreement.

Schrems asked Irish data protection commissioner Helen Dixon to investigate Facebook, which has a European base in the Republic of Ireland. Dixon refused and Schrems went to the Irish High Court, in effect to seek a judicial review.

NSA used Safe Harbour data for ‘mass surveillance’

In a judgement scathing of the data protection commissioner, Irish High Court judge Gerard Hogan found the US was using Safe Harbour to impose mass surveillance on the citizens of Europe through its Prism programme.

He wrote that "only the naive or the credulous could really have been greatly surprised over these forms of mass surveillance".

The judge further found “that personal data transferred by companies such as Facebook Ireland to its parent company in the United States is thereafter capable of being accessed by the NSA in the course of a mass and indiscriminate surveillance of such data.

"Indeed, in the wake of the Snowden revelations, the available evidence presently admits of no other realistic conclusion.”

Ireland refers Facebook dispute to European Court of Justice

Judge Hogan referred the matter to the ECJ, the highest court in the EU. That court does not go back to the facts, but takes them as found in the Irish Court, and looks at how they relate to EU law.

Two weeks ago the judge advocate general on the case – French jurist Yves Bot – advised the court that the US was, as Judge Hogan had found, using mass surveillance via the NSA, to take European data; and that the Safe Harbour agreement did not protect European data.

This week the US government launched a stinging attack on judge Hogan's facts and Yves Bot's opinion, via its ambassador in Brussels, Anthony Gardner.

US ‘risked perjury’ if it gave evidence

The ambassador said there had been "no actual fact-finding in this case". Gardner added: "The US does not and is not engaged in indiscriminate surveillance of anyone, including ordinary European citizens."

Read more about Max Schrems vs Facebook

This caused a furious reaction at the court where an official – who wished to remain anonymous – said the US failed to exercise its right to make its case during the hearing.

"The US had a proper and legal opportunity to make it's case at the Irish Court. The procedures of the European court are well-known to the US authorities," he said.

Speaking to Computer Weekly, plaintiff Max Schrems was more cynical.

"If the US had appeared in Dublin, they would have had to swear their evidence under oath. They would not be able to deny Prism without committing perjury," he said.

The problem for ambassador Gardner is that both the US government and the UK government have publicly acknowledged Prism. That programme is a mass surveillance programme, the full workings of which were originally disclosed in the Guardian in 2013 by NSA whistleblower Edward Snowden.

Court reacts with unprecedented speed

Dai Davis, a solicitor who specialises in information technology law, said he cannot remember a case where the judgement has followed so fast on the judge advocate's opinion.

"I do speculate that the final judgement will closely follow the judge advocate's opinion," he said.

The judgement is bound to make an impact on current negotiations between the US and the EU, about the renewal of Safe Harbour, underway in Brussels.

Jim Killock, executive director of the Open Rights Group – a group campaigning against surveillance and censorship – said Safe Harbour rules were ineffective.

“Safe Harbour is in an untenable position, claiming to protect European citizens’ privacy right while the USA places everyone under mass surveillance," said Killock.

"The advocate’s opinion shows that the court is considering the right issues, so we hope they will produce a strong judgment that insists on our right to protection of our privacy when using US companies’ services."

Read More »

Digital inclusion agency funds libraries to teach digital skills

Digital inclusion agency Tinder has funded an innovation project to allow libraries across the UK to teach community members digital skills.

The funding has been awarded to 16 libraries to run innovative pilots of digital inclusion projects using new approaches.

This initiative is part of a six-month research pilot into ways to teach and support socially excluded members of the population to learn digital skills. It will also allow the libraries to investigate partnerships and new technology to establish support models for members of their communities.

Tinder Foundation chief executive Helen Milner said: “We’re delighted to have been able to award funding to 16 library services, which all demonstrated innovate ideas for engaging with their local communities, reaching new people and having a real impact on closing the digital divide.”

Milner highlighted the work already done by the Tinder-managed UK online centres network to support people learning digital skills, and hopes this new funding project will help to reach more people and scale the support effort.

The libraries that will receive funding are: Barnet Library; Jubilee Library in Brighton & Hove; Hounslow Library; Coventry Central Library; Workington Library; Chesterfield Library; Doncaster Central Library; Gateshead Central Library; Leeds Central Library; Warrington Library; Newcastle City Library; Nottingham City Library; Northumberland Libraries; Oswestry Library; Portsmouth Central Library; and Somerset Library.

Read more about digital inclusion

  • Government Digital Service launches Digital Inclusion Outcomes Framework to act as a template for digital inclusion evaluation
  • TechUK called on the next government to implement a properly funded digital inclusion strategy and provide assisted digital support

Some of the libraries plan to develop initiatives such as a pop-up digital skills centre that will visit rural communities, services for low-income families to search for jobs through model devices, a tablet-lending scheme, training members of low-income families to be “IT buddies”, and visits to housebound or disabled people.

The pilot will allow the Tinder network to collect research and case studies about the successes and best practices of the libraries' projects, as well as identify what resources the libraries will need to help progress digital inclusion, in partnership with the Leadership for Libraries Taskforce and Society of Chief Librarians.

A representative from the the Leadership for Libraries Taskforce described the project as "an exciting opportunity" for various libraries to further develop digital access for their communities.

"It is important to help all users to grow in confidence and awareness of the wide range of services that libraries provide,” they said.

In implementing the project, organisations involved hope to address not just the digital skills gap but also cater to the 20% of the population who do not have access to digital by offering them the ability to learn to use technology to apply for jobs and stay connected.

Read More »

Worldwide #peacehack hackathons use technology to promote peace

Hackathons dubbed #peacehack have been staged in four cities to encourage the use of technology for promoting peace.

Run by International Alert, the hackathons held simultaneously in London, Beirut, Washington DC and Barcelona during September 2015 were designed to act as an outlet for people with digital skills to use technology for good.

Dan Marsh, who joined International Alert as head of technology in 2013, explained how a small London-based hackathon in 2014 led to the team pursing bigger and better ideas the following year.

Rather than a general hackathon, the 2015 worldwide hackathons focused on specific subject areas to target a problem each city has.

“We were more focused this time on the problem statements we faced. We took a look at the issues that were happening in each of those cities,” said Marsh.

“We started to think about technologies that could solve some of the problems in the particular context we were talking about.”

In London and Washington DC, the subject area the hackers had to tackle was countering violent extremism. Hackers in Beirut and Barcelona were tasked with developing technological systems to deal with the refugee crisis.

The hackathons took place with the help of associated partners – Build Up in Barcelona, Creative Associates international in Washington and Chayn in Beirut.

Technology as a power for good

Participants in the hackathon explained that when the subject matter is something you care about, you become more creative at finding ways to solve the problem.

Marsh said many technologists attended the event because they wanted to help peace-building causes, but were not sure how, and could only offer their experience with technology as a tool.

“It’s just an outlet for people who are using technology in their day-to-day lives to use it as a power for good,” said Marsh.

The London hackathon hosted around 40 participants, with more than 200 technologists and peace practitioners involved across all of the events.

“The one thing that’s interesting with peacehacks is that we have to try to teach people about the peace-building context to start with. That got the participants thinking about some of the relevant technology they can use,” said Marsh.

The two joint winners of the London branch of peacehacks each built community platforms for individuals with little access to like-minded people or wider communities.

One team did this through the development of a Tinder-style application allowing marginalised members of society to connect to others in their community. The other team created an online platform to allow people to take part in events near them to fuel community engagement.

The teams will work together to combine their ideas and create a joint project. They also won a place on the next hackathon and tickets to the Build Peace event.

Community collaboration

“Young people who don’t have access to good support networks or might not have jobs or interests – they’re the people who can become vulnerable to violent extremism,” said Marsh.

“We’re trying to build communities so people have a safe space to discuss difficult issues and can meet like-minded individuals or individuals in their community.”

Marsh explained many of the participants used real-life experiences as the inspiration for their projects, often to prevent the same experiences from happening to other people.

“This is a way they can engage and make a real difference,” he said.

After the event, the code for all of the systems contributed is opened sourced and stored in a Github repository so people can collaborate and work on building what has already been done to continue to build peace.

Two more peacehacks will take place before the end of 2015 in Colombia and Northern Ireland. In 2016, Marsh hopes the event will scale to 30 cities worldwide.

“We’re using these hackathons to come up with ideas or even repurpose old ideas to help us with our peace-building work around the globe,” he said.

Read more about hackathons

Read More »

Brightsolid opens Tier III datacentre in Aberdeen to support oil and gas sector

Scottish datacentre operator Brightsolid has claimed its new £5m facility in Aberdeen can store the same amount of data as Facebook does globally, and will turn a profit within six months of opening.

The company, part of the DC Thompson publishing group, already has two datacentres north of the border, including one in Dundee and another in Edinburgh.

The latest addition to its burgeoning datacentre portfolio will reportedly help capitalise on the success the company has already had with serving the datacentre needs of the public sector – through the company’s inclusion on the Scottish government’s datacentre hosting framework in May 2015.

The energy industry has also proven a keen adopter of the firm’s services to date, and with many firms in the oil and gas sector located in Aberdeen, Brightsolid CEO Richard Higgs said the area emerged as the best site for its next facility.

“The business we’re already transacting means that within six months of opening, we’ll be profitable. The demand has been such that we’ve already exceeded our expectations and the business case for the pre-signed contracts we have in place before we’ve actually opened,” he told Computer Weekly ahead of the site’s opening.

However, amid the recent slump in oil prices, Higgs said the board did take some convincing that ploughing investment into a datacentre to help address the energy sector's hosting needs was the right way to go.

He explained: “When the DC Thompson board saw the oil price going south, we hadn’t actually committed to investing in the datacentre, and they said – quite rightly – ‘Are you sure you want to be investing such a large sum of money in Aberdeen right now?’

“We said yes, because we knew we could fill the facility with non-energy sector demand from the wider UK.”

Read more about datacentre investments

As it stands, the economic challenges the oil and gas sector are facing are actually working in the firm’s favour, Higgs claimed, as their appetite for cheaper datacentre space is growing.

“When we looked at a lot of the costs for the energy sector and where they do a lot of their data hosting, one of the stats that emerged was that more than 50% of the energy sector’s data processing takes place in or around the M25,” he explained. 

“That is a heck of a lot more expensive than hosting in Aberdeen. Our thinking was, if the market goes into a cost-conscious phase and needs to save money, we have our Aberdeen facility.”

The datacentre officially opened today (1 October 2015), and the 2,200m2 site will initially contain 400 high-density, 25 kW racks but will have the capacity to house up to 400PB of data. This, the company has claimed, is the same amount as social networking giant Facebook holds globally.

It has been a year in the making, with Brightsolid first announcing news of the build in October 2014.

To achieve its goal of having rack power densities of up to 25kw the company has deployed the Ecofris cooling technology created by datacentre building consultancy Keysource.

The Tier III facility also reinforces Brightsolid’s position as Scotland’s only Microsoft Cloud OS partner, said Higgs, which means the company can deploy the software giant’s technologies earlier than its Scottish competitors.

“We absolutely believe that there is a requirement for regional datacentres, as well as huge utility datacentres, and see ourselves as effectively a virtual integrator of the future, where people will have part of their data in-house, some with us and with others,” he added.

Read More »

HP Cloud 28+ enters beta and introduces self-certification scheme for providers

Hewlett-Packard's’s bid to create a Europe-wide one-stop cloud shop has moved up a gear, with the introduction of a self-certification system for providers that want to sell their services through it.

Dubbed Cloud 28+, the initiative was formally unveiled by HP in March 2015 after a year of preparation, and is geared towards driving adoption of off-premise technologies across Europe by providing users with a centralised catalogue of cloud services.

HP claims this will help make it easier for commercial and public sector organisations to adopt cloud – as they can consult the catalogue before embarking on a deployment, to find a provider and service that fits the bill.

Speaking at the Cloud 28+ in Action event on 30 September 2015 in Brussels, Xavier Poisson, Emea vice-president of HP Converged Cloud, marked the beta launch of the project by talking up the attention it has garnered in other parts of the world looking to replicate what HP is trying to achieve.

Similarly, the cloud provider community has also thrown its weight behind it, he continued, helping the firm exceed its target of having 200 services listed through it by September 2015.

“We had a dream in March that the catalogue would be live in September and we would have 200 cloud services in the catalogue for this meeting,” he said.

“Not only is Cloud 28+ live, but it is hosted by one of the members and we have 320 cloud services.”

In light of this, Poisson said the aim now is to have 600 services listed on the catalogue by the time of its official go-live date in early December.

Turning his attention back to the problems providers face when trying to do business with users in other countries, he claimed it can cost up to €9,000 to ensure a service does not infringe on local laws.

And it’s those kinds of financial and legislative barriers to doing business across borders, Cloud 28+ is looking to eradicate, he said.

“I’m hoping to generate what all of us are working for everyday. That’s employment and to generate growth. That’s the ‘why’ of everything we’re doing today with Cloud 28+.” 

Cloud 28+ self-certification scheme

Every cloud provider, reseller or independent software vendor (ISV) that secures a listing on the portal can now have their offerings rated via Eurocloud’s Star Audit system – a move HP claims will make it easier for users to pit one firm’s offerings against another.

Eurocloud board member Tobias Höllwarth told attendees the rating system should streamline the procurement process by providing users with certified assurances about the quality of the services they provide.

Otherwise, providers can find themselves repeatedly fielding the same questions about security and uptime, from users trying to work out whether or not to trust those suppliers with their data.

This results in slower and more expensive cloud procurements, driving up the costs of doing business.

“Answering the same questions again is boring and is not generating business,” he said.

Read more about HP's Cloud 28+

For smaller firms – that don’t have access to dedicated IT, legal or procurement teams to guide them through the process – knowing which provider to go with can be fraught with challenges.

“They need to buy cloud services as they may have a big competitive disadvantage if they don’t,” he said, adding that the rating system should accelerate the buying process for them too.

The EC Digital Single Market

Cloud 28+ initiative has drawn parallels in the past with the UK government’s G-Cloud scheme, and – in the light of that programme's success – on the continent, attention has focused on recreating a similar cloud services procurement portal for European public-sector users.

Similarly, what HP is trying to achieve with Cloud 28+ fits in quite well with the European Commission’s Digital Single Market initiative, which seeks to create a single marketplace for digital services within the European Union (EU).

Speaking at the event, Francisco Medeiros, deputy head of the software and services and cloud computing unit at the EC, said that – while the organisation could not directly endorse the work HP is doing with Cloud 28+ – such initiatives had an important role to play in supporting the EC’s cloud goals.

“This is indeed a promising and enriching initiative that has the potential to substantially contribute to the development of the European cloud services market and will provide opportunities for small and large cloud service providers,” Medeiros said.

"Of course, we – as the commission – are not in a position to endorse specific market initiatives but, in general terms, I can tell you initiatives like Cloud 28+ and others are key, in our view, for the establishment of a competitive market for cloud services.”

Read More »

How technology is helping deliver aid to Syrian refugees in the Middle East

The United Nations predicts there will be 4,270,000 Syrian refugees by the end of 2015. The majority of these displaced people will be hosted in Turkey, Lebanon, Jordan, Iraq and Egypt – with 88% living outside the region’s vast refugee camps.

The humanitarian aid effort is led by UN agencies working with the national governments and a multitude of non-governmental aid organisations (NGOs). The momentous task of registering and delivering aid such as food, healthcare and education relies on an array of often innovative information and communications technology (ICT).

It isn’t just the magnitude, the longevity or the geographical spread that makes the Syrian refugee crisis unique – compared with many recent humanitarian missions, such as Afghanistan, Pakistan, Sudan, Congo, Haiti and Nepal, the host countries and the Syrians themselves are, on the whole, more tech-savvy. Forget the stereotype of the aid worker with the clipboard, the Syrian aid effort is digital – registration with biometric verification, smartcard-based aid, smart device data collection, mobile communications and telemedicine.

“All these digital forms of aid have one underlying dependency – and that is robust networks. None of this will actually work unless people – both the aid workers and the beneficiaries – have access to communications. Where communications was a ‘nice to have’ at one point, now it is a ‘need to have’,” says Patrick Gordon, chair of the WGET Forum at the United Nations Office for the Co-ordination of Humanitarian Affairs (UNOCHA).

Digital registration

The first priority for a Syrian arriving in a host country is registration in the United Nations High Commissioner for Refugees (UNHCR) ProGres database. Until registered, they are not officially a refugee, thus not entitled to protection or eligible for aid – shelter, food, money, healthcare, education – from other UN agencies or the NGOs which fulfil day-to-day operations.

Registration creates a global digital record for every refugee, including the usual personal details, plus time of arrival, place of origin, occupation, education, family members, contact information and permission to share information. The operation has been speeded up by using barcode scanners to scan each refugee’s Syrian ID card.

Rather than using photos and fingerprints to verify a refugee’s identity, UNHCR has started to use iris scanning as verification. According to IrisGuard, the technology provider, 1.6 million Syrian refugees in the region have been registered in this way.

The Independent evaluation of UNHCR response report in January 2015 highlighted the positive impact of innovations including digital registration, barcode ID scanning and IrisGuard on the humanitarian response.

One of the report’s authors, Dorian LaGuardia, director of Third Reef Solutions, explains: “With UNHCR’s iris scans, the key was: accuracy – knowing absolutely who the person is, compared with paper-based data-entry systems where people might register multiple times under different names; convenience – the whole process takes only three to five minutes, compared with 20-30 minutes; and opportunities for better service, for example a record that could be integrated with other organisations’ programmes by capturing specific needs of a family, then linking this information with the relevant organisation.”

Digital delivery of aid

The traditional approach to aid is physical goods – tents, blankets, household goods and food – called “in-kind aid”. This is slowly being replaced by financial aid, allowing beneficiaries to purchase products at designated supermarkets, in town or camp, typically using paper or, increasingly, smartcard-based vouchers.

Digital payments are a more dignified way to provide aid and give greater choice to refugees. They also inject funds into the local economy and allow agencies to collect aggregate data, while reducing waste by not providing unneeded goods and cutting theft and fraud.

This move to cash is supported by the Report of the high level panel on humanitarian cash transfers (September 2015), which recommends: “Give more unconditional cash transfers. The questions should always be asked: ‘Why not cash?’ and ‘If not now, when?’”

The report estimates that only around 6% of aid worldwide is cash, but it is much higher in the Syrian region.

“All [World Food Programme] assistance to Syrian refugees today in the neighbouring countries – around 1.3 million people – is through vouchers and electronic cards. Inside Syria, we still use the traditional mode of delivering in-kind aid,” says Samer AbdelJaber, regional IT officer for Middle East and North Africa at the World Food Programme (WFP).

Digital aid programmes vary considerably between agencies and between the five host countries, depending on local conditions and regulatory environment. The largest implementation is in Lebanon, where more than one million refugees now use either WFP’s smartcard to buy goods at participating retailers, and/or UNHCR-backed ATM cards to withdraw money instead of receiving physical goods. In Egypt, WFP has adopted the store card of the supermarket Carrefour as a delivery mechanism.

WFP is working with other agencies and NGOs in Lebanon and Jordan to develop a single card that can be used for both commodity-based and cash-based assistance for the people jointly served. Common to all these methods, beneficiaries’ cards will be automatically re-credited each month, followed by an SMS notification.

Syrian refugees using ATMsA Syrian woman in Mafraq, Jordan takes cash from an ATM after using iris scanning to identify herself

Jordan is home to the most sophisticated aid delivery methods. At branches of Cairo Amman Bank, refugees are able to withdraw their cash entitlement from UNHCR by placing their eye against an IrisGuard scanner – no card required. The success of this programme has encouraged WFP to pilot use of iris recognition technology to allow refugees to purchase food in participating supermarkets.

“The beneficiaries go to the partner retail shops, which are equipped with the iris scan at the point of sale (POS). The beneficiary just looks into the iris scanner, the system then contacts the WFP database and verifies that he is entitled to this amount of money or these commodities, then confirms to the POS that he is entitled to make the purchases,” says AbdelJaber.

Mobile data collection

Aid organisations are permanently evaluating and monitoring refugees. Rather than a clipboard, aid workers today enter data directly onto a mobile device.

“Most aid organisations do mobile data collection these days,” says Roger Dean, cash assistance project manager at the Middle East regional office of the Norwegian Refugee Council. “When you are conducting structured interviews with potential beneficiaries or key informant interviews, doing it on a smartphone rather than on paper cuts out the data-entry loop, which removes a lot of errors. Plus, it allows the whole thing to be a lot more structured, as a multiple choice question and answer gives you cleaner and quicker data.”

Data sharing and shared resources

The humanitarian mission in the Syria region is complex and involves at least 200 aid organisations across five countries. IT plays a valuable role in co-ordinating aid efforts and preventing needless duplication. These include the information systems provide by UNOCHA, such as the aptly named “Who does what where” contact management directory; and UNHCR’s Inter-agency Information Sharing Portal and Refugee Assistance Information System (RAIS), where partner agencies can update information on refugees.

There is a balance between the necessity of sharing information on refugees between agencies with the need to keep highly sensitive personal information secure – after all, UNHCR’s role includes protecting a refugee’s identity as much as their person. The use of biometrics should facilitate verification of refugee status/entitlement without sharing personal data.

Communications as aid

IT for humanitarian missions is provided by the Emergency Telecoms Cluster (ETC), which includes aid agencies and private organisations such as Ericsson and Cisco, led by WFP. Traditionally this has focused on the IT infrastructure needs of aid agencies, but the new vision enshrined in ETC 2020, adopted in April 2015, extends the remit to meeting the communications needs of the beneficiaries, giving them access to information, and the ability to communicate with agencies, governments and each other.

The aid sector and mobile trade body GSMA hope that all operators will join Axiata, Etisalat, Ooredoo and Smart Communications in signing the Humanitarian Mobile Connectivity Charter (HMCC), launched in March 2015, to guarantee to work together to provide/re-establish connectivity in emergencies.

“Article 19 of the Human Rights Convention indicates that communication is a human right. Providing it should be given the same priority as food, health or shelter. If people cannot communicate, then we don’t know where they are, what they need and if our aid has been appropriate. It is imperative that communities can communicate,” said UNOCHA’s Patrick Gordon.

The Human Rights Convention indicates that communication is a human right. Providing it should be given the same priority as food, health or shelter Patrick GordonUNOCHA

A practical example of this is when refugees arrive at the Zaatari camp in Jordan, UNHCR gives them a SIM card from a local mobile network. This not only ensures that new arrivals are connected, but also that UNHCR has a database of contact numbers. However this is not yet common practice across the UNHCR response in the Syria region.

Information on needs and vulnerabilities, along with contact details, is collected from refugees during the registration process; communications media allows UNHCR to ensure details are up to date and to analyse and respond to refugees ongoing needs.

“While traditional communications and feedback mechanisms such as complaints desks, community outreach workers/volunteers, town hall meetings, flyers, posters and advertising remain essential, agencies are increasingly using technology for two-way communications with refugees and other beneficiaries,” says Ben Farrell, senior external relations officer, UNHCR Middle East and North Africa.

These include the use of the WhatsApp messaging application to send informative or anti-fraud messages, bulk SMS, modern and fully equipped callcentres/helplines, social media channels such as Facebook and dedicated information sites in Arabic, such as Refugees-Lebanon.org and help.unhcr.jo. 

Health aid

With millions of people fleeing from a war zone, then congregating in often close-knit environments, health is a major concern and is tackled by a multi-agency operation led by the World Health Organisation. ICT facilitates healthcare in numerous ways. SMS is commonly used to notify refugees to attend clinics for health checks or to receive vaccinations to help avoid outbreaks of diseases such polio.

Currently under consideration in Lebanon is a project to develop digital medical records for refugees or displaced people that can be downloaded to their personal devices to be taken with them if they leave the country.

WHO Lebanon and WHO Jordan are both working with the national governments to introduce a programme to monitor the health of refugees, maintain a database and improve early warning of disease outbreaks.

“At WHO Jordan, we are implementing a national programme of public health surveillance, in partnership with the Ministry of Health, to monitor the epidemiology of priority public health diseases, conditions and events. The programme uses mobile technology to enable reporting of information in real time from 267 primary and secondary care facilities across the country.

During the consultation health workers use mobile tablets to provide case-based reporting of disease and to introduce electronic modules for prescribing, using the WHO ‘model list of essential medicines’, and clinical diagnostic algorithms, including the integrated management of childhood illness and WHO Mental Health Gap Action Programme,” says John Haskew, technical officer at WHO Jordan.

Read more about IT helping humanitarian aid organisations

To help tackle the huge shortage of medical staff in overstretched intensive care units in war-torn Syria, the US-based Syrian American Medical Society (Sams) offers a three-pronged service of e-learning, telemedicine and telesurgery.

First, it offers medical courses, via e-learning, to supplement the training of physicians, medical staff and nurses. Second, Sams has recruited a global network of specialist physicians (often of Syrian origin) who volunteer to be on call, so Syrian physicians can initiate a consultation via video call when cases are complicated. Sams averages one remote consultation each hour. Third, Sams is now developing the capability to allow overseas specialists to supervise complex operations via web video links in the surgery.

Explaining the telemedicine consultation, Ahmad Tarakji, president of Sams, says: “We have cameras inside the hospital looking directly at each patient, so a physician in North America, for example, will be able to observe a patient through the webcam and view the monitor to read the vital signs. He will also be able to communicate with the patient, if he is awake, and/or his family, and with the local physician and nurses.”

Education aid

War in the Middle East and North Africa is keeping 13 million children out of school, according to a Unicef paper Education under fire (September 2015). Of these, 700,000 are Syrian refugee children in Jordan, Lebanon and Turkey, who are unable to attend school because the overburdened national education infrastructure cannot cope with the extra student load. One way to tackle this chronic educational shortage is online learning, where students access course materials on a mobile device or laptop.

Unicef is developing a programme called the “Virtual School for Education in Crises” (or Sahabati – My Cloud – in Arabic), which will offer courses, assessments and certification in Arabic, English, Maths and science.

Syrian refugee trainingPublic Health Surveillance Training in Aqaba Governorate, Jordan

The Norwegian Refugee Council (NRC) is piloting a distance learning programme with the British Council to teach English to young adult refugees in Jordan. Following an earlier English language pilot programme with the University of Geneva, 78% of students reported they would definitely do an online course – for all, this was their first experience of distance learning.

“We are also discussing with stakeholders the possibility of offering higher education from the [Zaatari] camp for youth through a distant learning programme,” says Amjad Yamin, project co-ordinator for information, media and communications at NRC.

The impact on fraud, waste, duplication, monitoring, transparency and accountability

The digitisation of the humanitarian process – registration, verification, data collection, digital cash, multimedia communications, data sharing and so on – makes the business activity considerably easier to monitor and evaluate than with the historical “analogue” version of paper forms and IDs, clipboards, meetings, convoys and food boxes. In an era where donors are demanding ever more transparency and accountability, ICT will continue to play a crucial role – including big data and analytics.

In Lebanon, WFP and UNHCR are working on a plan with the American University in Beirut to develop a targeting model that will use data from the vulnerability assessment of Syrian refugees and results of the local household census to deliver more evidence-based targeting to ensure aid reaches those who need it most.

As Dorian LaGuardia concludes: “There is an amazing congruence at the moment between technology and humanitarian services. I would like to see technology leveraged to get more and more accurate data from more sources so that humanitarian agencies don’t waste money – they don’t have enough money to be wasteful. They need to become nearly surgical in the way they use scarce funds so they can reach the needs of millions.”

Read More »

A third of firms lack adequate data protection policies, survey finds

Despite an increased emphasis on cyber security, a third of firms still lack polices for information security, data encryption and data classification, a survey has revealed.

The Protiviti 2015 IT Security and Privacy Survey, which gathered insights from more than 700 executives and IT professionals, assesses security and privacy policies, data governance, data retention and storage, data destruction policies and third-party suppliers and access, among other topics that organisations need to manage and improve.

“Cyber security is not solely a technology problem,” said Ryan Rubin, a Protiviti managing director with the consulting firm’s global cyber security practice.

“The survey highlights that simple steps towards better risk management, such as policy and process, still require attention for many,” he said.

The survey also shows that in many companies, information security still comes under the IT department. “This may explain the lack of priority associated in addressing the softer side of security,” said Rubin.

 “It’s increasingly important to ‘set the tone from the top’ and define organisational rules and management expectations that will create sufficient awareness to all in the organisation. This will ensure risk appetite is adequately communicated to protect data, mitigate cyber risks and manage potential breaches,” he said.  

According to the survey report, setting the right tone from the top is as important as any policy and should include strong board engagement in information security and management establishing “best practice” policies.

The survey found only 28% of organisations indicated that there is currently a high level of engagement by the board, compared with 30% in the 2014 survey.

Nearly a third said there was medium engagement and level of understanding, 15% reported the level to be low, while 25% said they did not know the level of board engagement and understanding of information security risks relating to their business.

According to the survey report, a strong security foundation must include the right policies. Organisations that have all of their “core” information security policies in place – including acceptable use, data encryption and more – demonstrate higher levels of confidence and stronger capabilities throughout their IT security activities, the report said.

The survey shows that many companies lack critical policies and an understanding of what are the most important data assets. The majority have a less-than-excellent understanding of their most sensitive data and information and do not have strong awareness levels concerning potential exposures, the report said. According to Protiviti, such gaps open up the organisation to cyber attacks and significant security issues.

Despite these findings, the survey suggests that organisations are now beginning to better understand how to manage and protect sensitive data, such as private customer data, intellectual property, healthcare data and payment card industry information.  

The survey report notes there are not high levels of confidence in the ability to prevent an internal or external cyber attack. While two out of three organisations report being more focused on cyber security, most lack a high level of confidence that they can prevent a targeted cyber attack, either from external parties or insiders.

However, the report said this mindset is not necessarily a bad thing and may prove to be a healthy one if this perspective drives a focus on improvement.

Read more about risk management

Read More »

Education, energy and finance top UK cyber attack targets

More than two-thirds of all advanced cyber attacks in the UK are targeted at the education, energy and financial services sectors, according to a report by security firm FireEye.

The Advanced threat report for the first half of 2015 in the Europe, Middle East and Africa region also highlighted an increase in advanced attacks against UK enterprises.

After education, energy and financial services, the most targeted industry sectors in the UK were revealed to be aerospace and defence, high-tech, telecoms, entertainment and media, local and state government, and manufacturing.

Although FireEye's study showed that the UK remains in the top five most targeted countries in the region, it has dropped from number one in 2014 to fifth place for the first half of 2015. 

The majority of targeted attacks on UK enterprises that are having the most impact come from sticky fingers, malware associated with advanced persistent threat (APT) groups including Chinese APT groups APT18 and APT26.

Sticky fingers, also known as quickball, is a simple dynamic-link library (DLL) backdoor that is used by China-based advanced persistent threat actors to gain reverse shell access to infected systems.

The APT malware has been observed in the healthcare, high-tech, consulting, manufacturing, energy and utilities, telecommunications, aerospace, education, and legal services industries.

“What we once knew as the network perimeter no longer exists and to add to that, advanced attacks are not going away,” said FireEye regional president Richard Turner.

“Organisations need to recognise that the traditional ways of protecting themselves are simply inadequate today and that a single successful advanced attack has the potential to wreak operational and economic havoc on both governments and businesses.”

Read more about advanced persistent threats

According to Turner, cyber-resilient organisations work on the assumption that they will be breached at some point and have rebalanced their security investments to ensure they can rapidly return to normal productive operation following an attack.

“It’s critical that organisations have appropriate response strategies in place, which should include partnerships with organisations that have the technology and expertise to sufficiently mitigate the business risks. These are decisions that need to be made at a boardroom level and not just within the IT department,” he said.

Across the region, the report reveals that incidents of malware attacks increased in the first half of 2015 and unique infections grew more steadily each month, demonstrating the persistence of criminal threat actors.

Read More »

JLab’s 2015 startups explain how the accelerator has helped them

Earlier in 2015, a group of startups pitched their ideas to a panel of judges from John Lewis and the wider startup world.

Five of these startups went on to take advantage of retailer John Lewis’s accelerator space JLab, where they received funding and mentoring to help move their ideas and products forward.

On 24 September 2015, the teams made their final pitches before an investment decision is made.

Although not all of the small businesses went on to secure the £100,000 investment and partnership with John Lewis – along with the title of 2015 JLab winner – all of the startups have gained invaluable experience from their time on the accelerator programme.

“It’s not necessarily about winning. Demo day is about showing the progress they’ve made in JLab,” said a representative from JLab. “Overall, it’s been a great experience for all of the teams, and they’ve all come from different starting points.”

Each of the five startups – Space Lounges, Peeple, Alfred, Ikinen and Qudini – explained to Computer Weekly how the accelerator has helped them to progress so far.

Space Lounges

Described as a next-generation coffee shop”, Space Lounges was an idea developed by three teenagers who wanted to rewrite the cafĂ© experience to incorporate smartphones.

All items are ordered by smartphone, eliminating the need for queues and reducing errors during order taking.

James Anderson, managing director of Space Lounges, said the retail focus of John Lewiss JLab made it the best type of incubator programme to help Space Lounges with its launch.

The people we’ve been introduced to have been extremely helpful to our business because of the specific focus they’ve had James Anderson, Space Lounges

“A lot accelerators have wider thinking, whereas JLab is more specific – it’s heavily retail focused,” he said. “The people we’ve been introduced to have been extremely helpful to our business because of the specific focus they’ve had.”

Because the team is made up of three people under 20, the Space Lounges group had previously found it difficult to find funding and support.

“It’s incredibly difficult to find funding and to convince them that your idea is the right one,” said Anderson. “We were still in school at that stage, and we had no prior experience or qualifications.”

Space Lounges can now say it has the trust of a large retailer behind it, backing up the validity of the idea, and being hosted inside the John Lewis building has given the team access to expert advice.

“Having the John Lewis brand behind us is massive because its one of the biggest retailers in the UK,” said Anderson.

The JLab has not only helped Space Lounges by giving it the John Lewis stamp of approval, but Anderson claimed “it could actually turn into a product now” due to the help and mentorship offered by the JLab programme.

Peeple

Peeple is best described as “caller ID for your front door”. It features a camera designed to fit the peepholes on people’s doors and connects to Wi-Fi to alert users of activity near the door.

Chris Chuter, CEO of the US-based smart peephole provider, developed a prototype for his own home after an occasion when his young son had left the house without the rest of the family knowing.

Following a kickstarter fundraising project which led to 700 units being sold, the firm pitched to JLab to join the accelerator programme and learn more about routes to market.

Describing the product, Chuter said: “I can keep track of everything that happens at my front door. Think of it as a virtual doorbell.”

The current iteration of the device screws onto existing peepholes, and is activated by motion or a knock on the door. Data from the peephole is sent to the cloud, which then relays a notification to the owners phone.

“You decide what you want to do with it,” said Chuter. “What I wanted was something surreptitious that people wouldnt see and couldn’t steal.”

After the kickstarter effort, Chuter received lots of feedback from kickstarter investors. “I received about 1,000 emails just asking questions. One of the most frequently asked questions was ‘When will this come to the UK?’, which surprised me,” he said.

But doors in the UK aren’t as uniform as those in the US. This is one of the challenges Chuter will have to address in the future. “You have houses older than my country,” he said.

“The number one use case was women screening people, so [the response time of] the first prototype was too slow,” Chuter claimed.

To cater to this market, Chuter reduced the time it takes from someone arriving at the door to an alert appearing on the user’s smartphone, which is now between five and 10 seconds after a sensor is triggered.

The product currently uses home Wi-Fi, but in the future Chuter wants to build in a Bluetooth accessory system to pair other smart devices in the household, such as a porch light, key box or smart locks.

John Lewis and JLab are very retail focused, customer focused, brand focused – things which, as an inventor and engineer, I don’t tend to focus on, so it’s a different perspective for me Chris Chuter, Peeple

His background as an application developer meant he was quick to ensure the product catered to all platforms. “This is so new it’s really the Wild West, so it’s a case of figuring out who comes up with the best thing first,” he said.

Chuter is currently using JLab as a platform to experiment with the retail space. “John Lewis and JLab are very retail focused, very customer focused, very brand focused. Those are all things which, as an inventor and engineer, I don’t really tend to focus on, so it’s a different perspective for me,” he said.

“It’s helped me in evaluating whether a retail channel is the way to go.”

Peeple was announced as the overall winner of the 2015 John Lewis JLab startup accelerator. The firm will receive an additional £100,000 in funding and a contract to partner with John Lewis to sell its product in the retailer’s stores.

Alfred

Home automation and energy-saving application Alfred is the brainchild of Brain Drain, and is designed to connect existing home automation devices together.

Named after the butler in the Batman comics, the application is designed to allow the user to control all of the smart devices in their home from a single dashboard, rather than having to access several applications for different gadgets.

“Everything is going great, everything is going fantastic, John Lewis is supporting us a lot in almost everything we do,” said chief financial officer and co-founder Marco Matera.

“We have completely changed the way we see the market and the way we’re going to approach the market after JLab. The business model has changed radically from when we started.”

Matera said that because the smart home market is not well-established yet, the team developing Alfred will initially target large business-to-business (B2B) customers, such as John Lewis, which may already have partners and customers using these devices.

It’s all about building a network when you’re a startup, and the way JLab is helping us to build our network is priceless Marco Matera, Alfred

“In a couple of years we believe our profile will be high enough to enter the business-to-customer [B2C] market,” said Matera. “All of the people John Lewis has brought into the JLab are outstanding, and most of them are people I would not have been able to meet otherwise.”

John Lewis has mentored the firm on different types of mobile technologies, how to enter the market and how to build an appropriate strategy.

Matera highlighted that during the startup stage of a business, sometimes a single conversation with the right person can lead to a business change. Alfred was originally meant to be a system allowing people cheaper access to smart home technology, but the approach changed during the JLab experience and the team has built an open framework with the help of bigger market players.

“This is startup life – every day something happens. There are new things coming up,” he said.

This is the first round of funding the Alfred team has taken, because it did not want to give away equity to an entity or person who would not have helped them to progress.

“It’s all about building a network when you’re a startup, and the way JLab is helping us to build our network is priceless,” said Matera.

Ikinen

Phone case maker Ikinen, run by Carlos Bas Gil and Filippo Massarelli, is currently known for bridging the gap between energy efficiency and fashion through aerospace engineering knowledge.

A JLab representative explained that the firm is designing a phone case which also charges the handset using solar energy from both natural and electric light.

The cover is designed to be smaller and lighter than other charging cases on the market, as well as appeal to a fashion-conscious audience.

Ikinen has used social engagement to drive an energy-saving attitude and build a community around the product

“Instead of having a massive, bulky phone cover, you’ll have a sleek, small device that you can put under a light and charge your phone with,” said the JLab representative.

Ikinen has also used social engagement to drive an energy-saving attitude and build a community around the product.

“What they’ve developed with it is an app that can track how much energy you’ve saved,” said JLab’s representative. “The app also allows you to take part in competitions.”

Using the application, users can track how much energy they’ve saved and compare the saving with that of other users. There are prizes for the person who saves the most energy.

“For its first round of development Ikinen is looking to create the product for iPhone 6, but once you’ve got your prototype and you see how it works you can adapt it to other models,” said the JLab representative.

The product has potential to expand into other markets too, such as a source of power for smartphones in underdeveloped countries where electricity isn’t available.  

Qudini

Niall Smith, head of marketing at three-year-old company Qudini, said its queue management system is designed to improve in-store customer experience by sending shoppers SMS messages informing them when they will be served.

The company came up through a weekend O2 hackathon and, following backing from Telefonica and completion of the telcos Wayra incubator, began operating in 450 UK O2 stores.

The startup already has an office in Hoxton, housing 17 staff, and is using the JLab as both a permanent space and for meeting with representatives they hope will help drive the business forward.

[We’re looking at] how we can develop our product to be useful to John Lewis and other retailers like it Niall Smith, Qudini

The firm is already working with House of Fraser, EE and restaurants such as Bodeans and Honest Burger to manage queues and organise customer orders.

“We have two sides to our business. The reason we came to John Lewis was because, as with our experience with Wayra, we wanted to get backdoor access that you wouldn’t get if you didn’t come through an incubator like this,” said Smith.

Qudini has been using JLab to look at customer behaviour and how a large retailer like John Lewis handles the procurement process. The firm hopes to gain insight into what it will need to put together when approaching a larger enterprise in the future.

“Were looking at how we can develop our product to be useful to John Lewis and other retailers like it,” said Smith.

His advice for other startups seeking funding is, ‘If you don’t ask, you don’t get’, suggesting they apply for as many schemes and accelerators as possible to gain access to people and experiences otherwise out of bounds.

Read more about retail technology

Read More »

This Car Knows Your Next Misstep Before You Make It

An experimental new dashboard computer can not only keep track of your behavior behind the wheel, but even predict what you’re about to do next.

With the vast majority of road accidents resulting from driver error, and distraction a growing problem thanks to the ubiquity of smartphones, carmakers are increasingly exploring ways to track driver behavior behind the wheel. Volvo, GM, and others are already testing systems that will monitor head and eye positions to pick up on signs of distraction.

A study by researchers at Cornell University and Stanford shows that a more advanced system could be trained to recognize the body language and behavior that precedes a particular maneuver. This could help trigger an early warning system, such as a blind spot alert, much earlier—perhaps thereby helping to prevent serious accidents, according to the academics involved.

“Imagine you are driving on a highway,” says Saxena Ashutosh, the director of a project called Robo Brain at Cornell University and Stanford who oversaw the driving project. “You look to the right for a second, because you are going to make a right turn, and as you are starting to make a right turn, some other driver has pulled into the space that you thought was empty.” A car could then either issue an alert or even prevent you from pulling into the lane.

The system was trained using cutting-edge machine-learning algorithms, and it could predict, with just over 90 percent accuracy, when a driver was about to change lanes in the next few seconds. A lane change was usually signaled by a glance over the shoulder along with telltale head movements and changes in steering, braking, and acceleration. Ashutosh says the accuracy achieved is almost good enough to be used in a production system.

This video shows the features used by the system to track a driver’s head movement.

The researchers behind the work are exploring different ways for a vehicle to monitor and anticipate driver behavior through a project called Brain4Cars.

The work involved using a machine-learning approach called deep learning to recognize the actions that preceded the lane-change maneuver. The algorithms were trained using data collected as 10 different people drove a total of 1,180 miles around different areas of California. The researchers intend to make the resulting data set freely available so that other academics and auto researchers can make use of it.

Deep learning has proven especially useful in recent years for recognizing complex or subtle patterns in data such as video and audio (see “10 Breakthrough Technologies 2013: Deep Learning”). It is already used to enable vehicle computers to recognize different types of obstacles on the road. In the latest work, the team combined data from a video camera with GPS data and information from a car’s computer systems.

Many luxury cars now come with sensors that enable safety warnings, as well as automatic breaking and steering. Ashesh Jain, a student of Saxena’s and project lead on Brain4Cars, says monitoring activity inside a car, as well as outside of it, could make such safety systems more intelligent. “Suppose the driver is distracted for a second,” he says. “If there’s nothing in front, the car should be smart enough, and not alert the driver. It’s about how you use information from all these sensors.”

More than 90 percent of U.S. road accidents are the result of some sort of driver error, according to research conducted by the National Highway Traffic Safety Authority.

Paradoxically, monitoring driver behavior could become more important even as cars become more automated. That’s because even if cars drive themselves in some situations, such as on highways or in parking lots, drivers will still need to retake the wheel occasionally, and research has shown that this can take many seconds depending on a driver’s level of distraction (see “Proceed with Caution toward the Self-Driving Car”). Google has gone so far as to sidestep the problem by removing the pedals and steering wheel from some of its prototypes altogether.

Don Norman, an expert on product design who has served as a consultant for numerous carmakers and computer companies, says the Brain4Car work is promising, but adds that it will need to be improved further and tested in the real world. “These are simulation data, run in the laboratory,” Norman says. “The real world is never as nice as the laboratory. Many factors may change the results when applied to real people driving real cars in real traffic.”

Read More »

The next steps for digital government - a question of accountability

The king is dead – long live the king. The Government Digital Service (GDS) started a new era this week, after its high-profile former chief Mike Bracken left on Friday 25 September 2015 after four and a half years in charge.

In the weeks leading to Bracken’s departure, the tone changed at GDS as it prepared for the next stage of its evolution. Insiders say GDS is a calmer place again, after the shockwaves in August when Bracken surprised many people by quitting, and then several of his senior managers resigned too.

Some of those insiders say the co-ordinated announcements by those key lieutenants – four of them on the same day – left a bad feeling at GDS, hitting a staff morale already winged by Bracken’s revelation. But the message now is that is all in the past, as GDS re-focuses around three core themes - digital, data and technology.

When Bracken quit, he talked to Computer Weekly about the tensions between GDS and Whitehall departments, and his fears that “mandarins” wanted digital to be led from within departmental silos, instead of from a strong, central team – and how that could never work. The language coming from GDS now is much more conciliatory, emphasising – as Bracken also did – how digital transformation has turned on a collaboration between GDS and departments all along.

Last week, deputy director of government technology Andy Beale – deputy to chief technology officer Liam Maxwell – became the first senior figure from GDS to speak publicly since Parliament returned from summer recess. Beale said GDS is “going to be in a different mode”; that its future lies in a “more collegiate and inclusive way of working”.

“The centre's role, GDS's role, is to get behind departments – we need to offer tooling, offer support, continue to offer a route to skills. We are going to be turning the volume down in the centre,” he said.

Head of the civil service Jeremy Heywood also talked of a "different phase" for GDS, in remarks reported by Publictechnology.net. "You can’t run the whole of digital from the Cabinet Office. No permanent secretary could be in charge of departments, unless they’ve got a real grip on the digital agenda of their own department. It’s so core to their mission," he said.

Ahead of chancellor George Osborne’s spending review and autumn statement in November 2015, we’re unlikely to hear much more formally announced about the future remit, scope and budget of GDS.

But some insights can be gleaned elsewhere.

Digital transformation

Michael Beaven was director of the transformation programme at GDS until he left in August – a departure planned for some months before Bracken’s announcement, and unrelated to the other resignations. In that role, he was Bracken’s right-hand man for four years, responsible for the exemplar programme – the digital transformation of 25 of the highest volume transactional services in government; a programme on which GDS’s first few years would largely be judged.

His role at GDS was primarily about liaising with the departments responsible for those transactions and generating the sort of collaborative approach that GDS now wants to be seen as its raison d’etre.

Beaven is back in the private sector, as director of digital at Methods Digital, one of the new breed of digital consultancies working with central and local government to help bring new approaches to technology, digital and data in the public sector.

Michael Beaven

"GDS needs to mature. Digital needs to go from being disruptive to being essential"

Michael Beaven,
ex-GDS transformation director

Interviewed by Computer Weekly, Beaven shared insights into the future of the GDS. Although he wasn’t around when Bracken quit, he knows it led to difficulties for the team.

“Mike and I had a bit of a philosophical fireside chat some time toward the back end of last year. We had carried this thing for four years between us - he did the Whitehall bit, I did the convincing departments they could deliver stuff better. Someone else needed to get on with the torch-carrying and taking stuff forward. I wasn't around for any of the drama that happened afterwards but it's been tough for a lot of the people inside GDS. He was quite a visible and vocal strong leader,” he said.

For Beaven, new leadership – under executive director Stephen Foreshew-Cain, previously Bracken’s chief operating officer – represents a natural next step in GDS and the development of digital government.

“A lot of people at the time [Bracken left] said GDS must constantly disrupt, and I don't agree with that. GDS needs to mature. Digital needs to go from being disruptive to being essential, that’s what needs to happen in government,” he said.

“It doesn't need to be some kind of, ‘Oh look at that!’ It needs to be: ‘If we don't do that, we're screwed’.

"It needs to move into the mainstream and be part of how we do things now. My team managed to move a lot of big Whitehall departments to the point of saying: ‘We get this now – what do we need to do?’”

Government as a platform

GDS is moving from a focus on transactions to platforms – the government as a platform (GaaP) strategy at the heart of some of Bracken’s frustrations with civil service culture. Beaven is better placed than most to understand the challenges ahead in getting departmental buy-in to GaaP.

“Departments looked at some of the GaaP stuff and thought it was fascinating and great, but they said: 'What I want right now is half a dozen of you in a room, with my frontline people talking about how we can move our thing forward,'” he said.

“The whole culture and structure and governance of the civil service is not conducive to [working together]. All vertical organisations have that endemic problem - they’re not set up to do that.

"I had a long career in Lloyds Bank, and the credit card division would never say: ‘We'll build that for personal lending as well.’ You’ve got to get those departments to collaborate, and that isn't an easy job. That's why you do need something in the centre. The answer is not technology, it's around getting people to collaborate and work together.”

Beaven believes his work with departments on digital transactions shows how it can be done.

“If you get one joint project between two departments off the ground then you're getting somewhere. What GDS can do as a central force is de-badge it as a departmental project. The minute it becomes one department’s project, the other departments say: 'We don't want to do that.' But if you badge it as a GDS thing, it neutralises that,” he said.

“The value of GDS is in an unthreatening programme structure that says we can collaborate because I'm not being subservient to anyone. There are tactics and ways of doing that, but don't underestimate the size of the task. You can't defeat that overnight. You can't tell permanent secretaries to stop protecting their minister and delivering the targets they’ve been set."

"When you look at the last four years of GDS, there’s been a lot of great stuff, but the important thing was showing things can be done differently.

"We proved that departments and front-line civil servants can learn these skills with a bit of support and can churn out services as a good as Amazon or Google or anybody else. The broader impact of GDS has been turning round a lot of misconceptions about what can and can't be achieved.

"I take the misconception that departments will never work together as the next one to be turned around. It’s a fiendishly difficult task.”

Internal incubator

Beaven sees the future of GDS as more of an advisory and support service, and as an internal incubator for digital developments – rather than the extended and sometimes overly complex delivery unit it became.

“You do need a bit of an incubator in GDS to try stuff and see how you do it. The prevailing procurement environment still makes it hard to do that in departments,” he said.

"GDS has a role for that sort of frontier-breaking. It has a role to play around standards and controls. That adoption of open standards – making sure things can interoperate – is a really key role. You need someone to do that in the centre. You can't tell 22 Whitehall departments to go and find some standards.

“But getting departments to do stuff themselves is the only way you get there in the end, because that's where the accountability is. That was always a tricky thing in GDS – if I'm telling the CEO of Student Loans Company, for example, what to do, I'm not the one who gets sacked if it goes wrong. You need that balance of accountability to be right.”

And that is perhaps the biggest challenge for the next phase of digital government. No matter how good GDS is – how big or small its budget – nothing will change the fact that departments are ultimately responsible for delivering public services.

Many of those who helped create GDS did so after highlighting the lack of accountability from the big technology suppliers that dominated government IT. GDS needs to find the right balance between acknowledging departmental accountability, and taking accountability for being the central enabling force that makes digital transformation happen. That’s not necessarily down to GDS to achieve – those decisions ultimately lie at ministerial level with Cabinet Office minister Matt Hancock, and with Whitehall leadership in civil service CEO John Manzoni.

But there’s no doubt there is still work to do in departments. More than 200 digital experts have been recruited to departments in the last four years – with help from the GDS – but the digital message has yet to permeate throughout, according to Beaven.

“There are pockets of people who get it. But in my latter weeks in GDS I found the conversation was totally different. I spent four years in a bit of a siege mentality trying to get people in departments to do things. But in the last couple of months it was more like: ‘Can you help us? When can you get here?’” he said.

“You do need a shared capability platform, but I think there’s a strong appetite in departments to embrace transformation using digital technologies. It’s a business transformation where you bring tech and business together, and the conversation has to be about business process, user need and technology, discussed at the same time.”

Departmental accountability

In the immediate aftermath of Bracken’s departure, much speculation and rumour saw fingers pointed at John Manzoni – who became CEO in October 2014 - as the architect of Bracken’s downfall. According to insiders, there developed tension between the two over Bracken’s plans for GaaP, but Beaven insists that Manzoni is not the bad guy he has been portrayed as in some quarters.

“John has highlighted departmental accountability – it's not workable for the centre to meddle in departmental projects, when the centre can just walk away,” he said.

"You have to get that accountability right. If you want to make people do things differently, you have to measure them on that. That's a hard nut to crack but he has that in his sights. And he's finding his way through government, which can be a frightening experience. I've seen him operate and been quite impressed - he's straight talking.

"John being seen as the bĂȘte noire of Mike leaving is probably not overly justified, because there's a lot of stuff goes on that you don't know about.”

Beaven acknowledges that GDS had developed a negative reputation in some parts of the civil service, but he is convinced – as was Bracken – that it still has a vital role to play, and needs to have the backing to deliver.

“You have to mature the thing – make it less of the enfant terrible in the middle of Whitehall, more of the normal way to do things, and say we're here to help you do it. That's what GDS should become,” he said.

“I'd be devastated if they came out of the spending review and said: 'We’re not doing that anymore.'

"What an opportunity lost that would be. In four years, we went from a laggard to a world leader. To snuff that out for the sake of government money when the GDS budget is just a rounding error compared to departmental spend.

"It needs to carry on doing the great stuff it's been doing, but in a different way. Now it's about maturing it, making it part of the mainstream, so people don't see it as risky or threatening – just the way we do things.

"That's the big tough cultural change piece.”

The GDS digital exemplars - success or failure?

Mike Beaven was in charge of the digital exemplar programme that aimed to get 25 government transactions transformed into digital services. By the end of the last Parliament, just 20 were available to the public, with five of those still classified as beta test versions. Critics pointed to several services as being little more than a new web front end on a pre-existing system. But Beaven defends the exemplars, saying that what was delivered for helping citizens outweighs any criticisms about how many of the 25 were completed.

“You have to be honest about the endeavour – it was to get a wide cross-section of government functions to think differently about how they service citizens. Whether you launch one or 25, it doesn't matter, but you get wrapped in to that whole government target thing. The fact that you have front-line staff involved in multi-disciplinary teams with developers and user researchers, changing the way people apply for services – such as lasting power of attorney – is far more significant than a bunch of numbers on a nice website,” he said.

“Getting the service in front of citizens so they can use it and benefit from it is the important thing. If people say only 15 made it to live – that's missing the point. Over six million people have used those services, and that's a significant chunk of the UK, and that's just doing 20 services. You have to think about it in terms of the impact it has made on people's lives.”

Read More »