Ensure your digital front door is not wide open

When any entity is attacked online it is quite common for accusations to be levelled at criminal gangs (presumably on a break from people trafficking).

Of course high level attacks are very sophisticated and are occurring regularly (see this free monitoring service from Google) but from direct experience in the IP piracy management space often the matter is much more mundane.

Companies leave the digital front door wide open and it is fairly likely that at some point someone passing by in cyber space will have a go. TalkTalk may prove to be a case in point if it turns out that the root of the problem was a 15 year old living with Mum & Dad using some freeware on page 1 of Google. The red faces in the security team at Talk Talk will not repair the damage done if, when the case come to trial, it becomes clear how easy it was.

A Digital Audit is a basic requirement now for all companies that use the internet. An independent double check that all is reasonably in order is vital given the multiple standards and skill levels that exist in the digital and IT security industries. Given that a Digital Audit can be obtained for less than £250 cost is not a barrier.

Inevitably one size will not fit all in this space but a minimum level of protection is a requirement for all companies who use email and the internet and manage digital IP.

Talk Talk gets the Tyson treatment

As Mike Tyson once memorably pointed out "Everybody has a plan until they get hit. Then, like a rat, they stop in fear and freeze"

Common sense suggests that Talk Talk as one of the UK's major ISP's would have a good sense of the risks online poses. In fact, in a truth is stranger than fiction moment, Talk Talk Business offer security related services. which really does suggest all is not right with Talk Talk.

The news therefore that a 15 year old boy in Ireland was arrested for suspected offences under the Computer Misuse Act relating to Talk Talk and subsequently bailed until November is a mixed blessing for Dido Harding and her team of cyber security experts.

On one hand it is good news if the attack is now over as the news cycle will roll on and other matters will come to the forefront. On the other hand if this is the work of a 15 year old acting alone (and probably using easily available / free brute force type cyber weapons) it does suggest that the Talk Talk digital front door was not just unlocked but off its hinges.

In fairness when Richard Ledgett, Deputy Director of the NSA comments on the Today programme "If you are connected to the internet you are vulnerable" he does frame the problem in an honest way.

The online attack surface for Talk Talk is huge with multiple points of potential vulnerability. Given that information security is such a broad church with multiple standards (ISO, SANS, NIST, OWASP, Crest, IASME, Cyber Essentials etc) populated by a mix of ex law enforcement, IT people , self categorised "Black Ops" and others it is understandable that a busy CEO gets caught out by some of the flagrant rubbish that gets bandied about. My personal favourite is that all cyber crime is carried out by ruthless gangs of organised criminals. I am sure this exists - but perhaps mainly to add glamour to the job of dealing with it.

Realistically companies are going to need to allocate increased budgets to online security and try to ensure that those budgets are managed by people with a genuine understanding of the new ecosystem to avoid being made to look foolish (and losing 10% of their share price) by a teenager with a broadband connection and £250 laptop (and maybe a white cat ?).

Sky sails on - 133,000 new UK broadband customers in Q1

Very strong results from Sky for the first quarter which now includes the more pan european focus of Germany and Italy (in anticipation perhaps of the potential digital single market).

Much was made at the time of the loss of Champions League rights in both the UK and Italian markets but in response Sky added 134,000 customers in UK with, if I have read this right, 133,000 taking a broadband package and 43,000 taking a TV package. Churn levels might have been expected to jump but stayed on trend at about 10%. As they might say to BT "take that sports lover".

It does not look like Sky engaged in insane levels of marketing spend to achieve this but perhaps that is hidden somewhere in the numbers.

On the specific point of the Champions League rights Jeremy Darroch commented "We've pretty much sailed on as we did in the fourth quarter". He also offered a view that the broadband customer adds had come from other operators not new entrants although suggested we wait for other results to come out in the next few weeks.

This is fascinating and raises a number of questions

1. Does this suggest that the Champions League has no real value to Sky in terms of customer acquisition and retention ? - Yes it looks like it which is not great news for UEFA but does explain why Sky did not try to outbid BT.

2. If so is the reverse true and will BT add relatively few customers as a result. - This is more complicated and will depend on the strength of BT's overall proposition but the quarterly results are out on the 29th October. Broadband penetration in the UK is at about 80% of adults so overall growth is possible without a positive impact from the Champions League.

3. Is this clear evidence that Sky has now diversified its offering via broadband, NowTV, Sky Store etc so much that it is no longer reliant on Premium Sports rights ? To old hands (& potential flat earthers) in the industry this is almost heresy but is starting to look accurate. Therefore is the current rights inflation in the UK of Premier League rights purely a result of competition between BT and Sky ?

This goes some way to explaining the relaxed attitude at Sky to widespread 24/7/365 content leakage via piracy. Content exclusivity is not what is was and the view is perhaps that consumers of pirate content are not ever going to be subscribers.

An alternative view is that due to the high levels of live piracy that exist in sport "exclusive" rights deals no longer have the power to create or shift a subscriber base.

Either way Sky have altered their offering so much that exclusivity of premium content is no longer the main driver but one of many drivers.

BT appear to be taking a more old school approach based on exclusive content  - so very interesting set of results on the 29th.

Crimes Figures Double after cyber offences are included

New figures from the office of national statistics released today show 5.1 million fraud offences and 2.5 million crimes under the computer misuse act.

The figures in respect of the overall increase is misleading as cyber offences were not previously included but this does show the very widespread growth of cyber crime.

Rear view (mirror) - cybercrime statistics and cord nevers

'When faced with a totally new situation,' McLuhan famously says, 'we tend always to attach ourselves to the objects, to the flavor of the most recent past. We look at the present through a rear-view mirror. We march backwards into the future.'

The announcement today that UK cybercrime statistics to be released on Thursday will show a massive jump - making them the biggest single grouping - is coming straight through the windscreen. Definitions are always a challenge but if file sharing etc was included in this then it is no real surprise. The gap in understanding has been caused by the time it takes to collect the figures.

Similarly the emerging data on cord nevers and cord cutting in the TV industry in the US makes sense given the ease of viewing pirate material from most major distributors nothwithstanding the technology that has been thrown at it.

Hawking suggests that the impact of intelligent machines on inequality is largely about re-distribution

There is a lot of concern floating about that as intelligent machines take jobs in "process driven" sectors inequality will grow. Basically the owners of the machines will become wealthy beyond imagination and lots of people will have no job and therefore survive on state support or nothing in the doomsday scenario.

The slight flaw in that argument is that if nobody has any (disposable) income who will buy the goods and services offered by the machines but that is a question for another day.

On a Reddit Q&A session Stephen Hawking offered the following views on this question;

What is the risk of "technological unemployment" where machines take jobs?

The outcome will depend on how things are distributed. Everyone can enjoy a life of luxurious leisure if the machine-produced wealth is shared, or most people can end up miserably poor if the machine owners successfully lobby against wealth redistribution. So far, the trend seems to be toward the second option, with technology driving ever-increasing inequality.

It seems likely that in a democratic society the voters rational self interest would prevent lobbying by machine owners being successful (hints of that already in the FaceBook debate on corporation tax) but that does leave the non-democratic societies open and according to Wikipedia only 12.5% of the worlds population live in full democracies.

Cord Nevers steaming into pay tv - by 2025 50% adults under 32 will not pay for TV

Some new research from James McQuivey of Forrester  suggests that by 2025 50% of adults under the age of 32 will not pay for TV.

He identifies a new group of cord-nevers who are in fact a larger group that cord cutters. On the face of it if armed with a high speed connection and some technical knowledge there is no need to subscribe to pay TV why would you ? This chimes with KLipcorp's less formal research which showed that 57% of people think that there is no need to subscribe to pay TV for sport due to the availability of pirate content.

The bloodbath in US Media stocks recently reflects a bundle of concerns regarding the shift to digital but possibly at its heart is the dawning realisation that control over distribution has been allowed to slip away. Anyone who has seen the fantastic new movie The Martian will agree that anything is possible given sufficient creativity and determination but the traditional distributors of media need to pretty quickly get a grip over distribution to avoid becoming candidates for the Darwin Awards.

A potential first step would be an independent Digital Audit to really identify the scale of current leakage and the adoption of a prioritised approach to fill the gaps.

The sector has a great fondness for machines that go ping but as in The Martian the thing that really saved Matt Damon at a key moment was a roll of gaffer tape.