Featured

The part-time CIO Value Proposition

In 2014 at the World Business Forum in Sydney, Michael Porter said;

“IT has moved into the product. This is changing what the product actually is. It challenges the value chain and your customers.”

This sweeping change that technology brings has resulted in many opportunities and, quite possibly, many more threats and challenges.

Some of the opportunities include:

  • Digital strategies to lower the barriers to market or disrupt traditional channels;
  • Intelligent systems that provide instant customer information to enhance or compliment the customer experience or journey;
  • A connected world that enables seamlessly transfer of information; and
  • Better informed customers than ever before        

On the flip side, the threats and challenges are imposing:

  • Cybercrime;
  • Disruption;
  • Dependence on things we can’t control;
  • A “here and now” mentality; and
  • Customers that may know more about your product than you do and expect to use their channel of choice at their convenience.    

This has led to a demand in a new type of leader; one who understands the commercial landscape AND is tech-savvy. The typical experience and qualities of these new leaders include:

  • Strong commercial background with a business-based tertiary education (MBA, etc);
  • Cyber-smart with a keen eye on emerging risks and weak-links;
  • Proven project expertise that includes several successful “rescue” roles;
  • Deep understanding of the technical aspects of IT (Data, Infrastructure, Software Development, etc.); and
  • Exceptional inter-personal, communication and presentation skills.   

Many companies neither have the structures nor finances to hire someone with the above credentials, however many are turning to part-time CIOs to fill this void. A part-time CIO has the following advantages:

  • C-Level expertise, when needed;
  • Increased competency and reduced business risk;
  • Emerging trends and risks;
  • Significantly reduced cost (when compared to full-time);
  • Supplement or compliment your existing expertise and skills-base; and
  • Coaching and mentoring possibilities.  

The Internet

Is my personal and sensitive information safe?
By Mark Mathieson

The security of our personal information has never been under more threat and yet we continue to transmit our details, pictures and private information over the Internet.

We often do this using email or by sharing our photos in various ways such as SMS or Instagram. Our messages and photos traverse the Internet and normally find their way to their intended destination – or so we hope!

All the while, we often do so without thinking about who could be trying to access the information and how well secured it is. Even more worrying is that our sensitive information may pass through many servers located in different countries before it gets to its destination.

Do you trust the Internet?

Research tells us that over 90% of people do not trust the Internet. When you look at some of the facts, it is not surprising.

One example was the “Heartbleed” vulnerability, which went undetected for 2 years before it was discovered in April 2014. An estimated 60% of the Internet may have been affected including some of the best known companies such as Google, Netflix, NASA and Instagram.

Some of the biggest data loses in recent years include Sony Playstation (77 million people), Target (70 million) and Adobe (38 million).

The trend continues with Malware that attack iPhones breaking into the top 20 most virulent threats and a dangerous Android banking Trojan (Acecard) capable of attacking nearly 50 different online financial apps and services.

The main problem is that your information is valuable. Companies harvest it and store it away for future use. The mere fact that it is there, leaves you vulnerable.

What can you do to help?

There are some simple things that will reduce your risk, including:

  • Ensure you have a strong password that includes capitals, numbers and ^!@.
  • Never re-use a password on different websites
  • Change your passwords regularly
  • Encrypt your personal data
  • Keep an encrypted copy somewhere safe – not on the Internet
  • Don’t accept device or App permissions you don’t understand
  • Don’t send personal information or private pictures by email
  • Don’t open or act on emails that are too good to be true
  • If in doubt stop, think and then stop.
I need to send some personal information – how best to do it?

I was recently asked by a doctor how to safely send a photo of a medical condition (without any specific patient information) to another doctor for a second opinion.

There are a few ways that this can be done. Traditionally, encrypting the email ensures that the contents are very difficult to access, however this is often cumbersome and doesn’t guarantee delivery. It also assumes that the recipient has the necessary decryption tools to open it. There are a variety of Apps that will make this easier.

More recently, services such as Note-Mail let you compose and safely store a message, documents and photos and then notify the recipients that there is something for them to read. This method ensures that the message is not transmitted and also has the benefit of being tracked and safely recalled or deleted before it is accessed, if sent in error. This method works for anyone who wants to keep a message, document or photo private, secret or confidential such as lawyers, doctors, conveyancers or just everyday people that don’t completely trust the Internet.

Give it a go with a 2 week FREE TRIAL.

Cyber-security training is critical

By

There is a lot of talk about Cybercrime and you would think that awareness is high, however knowing that it exists does not protect you from its consequences.

“Awareness” in this context is being aware of the cyber security dangers but, more importantly, what you should do to avoid them.

According to CompTIA, 63% of Australian organisations have had at least one security incident in the past year but that only 23% rate their cyber security training as extremely effective.

This coupled with Symantec’s finding that Australia is number one for ransomware targets in the Southern Hemisphere (up 141% over last year), is a worrying trend.

65% of hack attacks are the result of Phishing and Malware with people accounting for 90% of incidents. Further, with the average breach taking 205 days to discover, costing $15M and taking 45 days to resolve, Companies cannot afford to be exposed.

In most cases, the risks can be significantly reduced by following some basic rules on many common-sense fundamentals, including:

  • Managing your passwords
  • Knowing what “bad” looks like
  • Stop and think AND THEN STOP (Don’t open, Don’t download)
  • Beware of Wi-Fi·

But there are many other topics that are vital and will underpin your understanding of the risks and consequences of poor awareness. These include;

  • Tape up your webcam (literally or otherwise)
  • Sharing Information safely (when and how)
  • Private VPN (what is it and why you need it)
  • Escalation (don’t run your PC as an Admin – your options instead)
  • Back-up (as opposed to “Involuntary Backup”)
  • Update your “Router Thingy” (keeping all your devices up to date and secure)

Effective cyber security awareness training for your people, management and Board is critical in today’s environment – can you afford the risk?