150526 CeBIT

Cyber Security at CeBIT in retrospect

This year I had a Platinum ticket to CeBIT which allows access to all the presentations, the exhibition and the gala dinner over the 3 day event. I chose the streams Mobile, Cyber Security and the Internet of Things. So what did I learn?

  • Mobile. Apparently mobile is all about the ME generation – that is people are expecting their mobile device to Entertain ME, Connect ME, Empower ME and Complement ME. John Price’s (Nielsen) survey said eight out of the top ten mobile applications (for the 18+ age group) are games and the other two? Both are Facebook! Sounds like an emphasis on Entertain ME and Voyeur ME rather than connect and empower.
  • Cyber Security. This day’s conference seemed to be all about monitoring and setting up systems to understand cyber crime. For example, we had an update on ACORN (the Australian Cybercrime Online Reporting Network) which is about to produce its first report. The key standout point was made by Professor Richard Buckland (University NSW) who hypothesised that the key issue was that humans are remarkably bad at fast frame shifting. In other words, when extra-ordinary happens, humans tend to carry on with their usual programmed response which can lead to disastrous consequences. He gave the example of a Rick Rescorla who demonstrated impressive frame shifting by ignoring the PA systems telling people the stay at their desks during the 9/11 attacks and ordered Morgan Stanley’s employees to leave saving the lives of over 2,500 people.
  • Internet of Things. This drew the largest crowd and for some speakers it was standing room only however I felt that there was little new here. It was interesting to hear what is happening in Barcelona, Brisbane and Adelaide as they connect their cities and objects within them. The concept of providing a city with free wi-fi coverage to see what is developed is compelling although no-one raised the issue of potential damage to babies and children of high radiation fields. Both the Guardian and Forbes have recently filed articles about this issue: adults no problem; children are possibly more susceptible but we don’t know (and there are lots of pressure groups on the internet who say all radio emissions are problematic).

The key notes were highly polished affairs: Guy Kawasaki’s (Chief Evangelist of Canva) “Ten Things I Learnt From Steve Jobs” and David Shing’s (Digital Prophet, AOL) “Recalibrating Digital Conversations” where impressive in their timing and flow. Kevin Mitnick’s “THE ART OF DECEPTION: How Hackers and Con Artists Manipulate You and What You Can Do About It” stood out by having audience participation; being engaging; and having demonstrations failing to work as expected but breaking into them anyway. I’ve illustrated some of the points both he and Professor Buckland raised in my blog “3 Social Attacks Leave Snow White Dying”.

So to the ultimate test question: “Having been to CeBIT, what will I do differently?”

  1. Off-site backups more often. Being more aware of how easily anyone can be caught off guard I’m going to keep more backups which are on physically disconnected media.
  2. Beware documents. Continue to be aware of phishing emails which try to get to open me documents – whom-ever they may claim to be from. Including PDF which I thought was safe. If I need to open a suspect document I can simply open them up in Google Docs and let them take the risk!

But more than these minor things is the concept of Frame shifting.

In general the reason that so many attacks are possible is because most people want to help others most of the time – that’s how society works so well. Identifying when the request for help crosses the boundary into unreasonable is essential. You need to realise when to keep your date of birth private; you need to avoid walking over to see what the demonstration is all about; and you need to know that the phone call isn’t really from your bank.

If you attended some or part of CeBIT I would be interested to know what you are going to do differently… please us all know below by commenting below.

Leave a Reply

Your email address will not be published. Required fields are marked *