+44 (0)7766-525433

Monday 4th November 16:40 (UK)

Archive for July, 2017

Cyber security – a scenario of the 2030s

Tuesday, July 11th, 2017

‘Knowledge is power’ is an old maxim attributed to Sir Francis Bacon, the Elizabethan scientist and philosopher and ‘father’ of the scientific method, writing in 1597. In today’s global interconnected world, knowledge – specifically digitally represented knowledge – truly powers our lives and our businesses. Within the last twenty years digital information has replaced many once-familiar physical assets, such as notes & coins (‘cash’), CDs, DVDs, photographs, books, the need to travel (other than for pleasure), the need to visit physical shops or offices – the list goes on.

Our digital world – the good and the bad

Our digital connectivity enables almost instant response to events through access to information transferred between computing devices and thus people and organisations. This increasingly frictionless information access powers our economy, linking businesses, suppliers and customers and people with their families, friends and social networks. However this powerful and easy exchange of information can be a double-edged sword – for information can move in any direction and sometimes when and where we don’t want it to. The increasing impact of information theft, hacking, infection and related disruption is becoming clearer with recent events showing that damage is not limited to the virtual, but can also impact physical infrastructure and thus degrade social, governmental and business processes and services.

Our values lag the new information paradigm

Our values and our business models have been slow to keep up with these changes. Illegal downloads of music and video and ‘copy and paste’ of copyrighted information from the internet is commonplace and not considered as ‘theft’ by all-too-many people – unlike the taking without paying of a physical good from a shop or a home. We still instinctively assess the value of an asset with its ease of replication. So we can relate the price of a physical product – like clothing, a mobile phone or a car – with its cost of creation or duplication. But many find this difficult to do with a digital product – since it can be copied in an instant effectively at ‘zero’ cost – surely that makes it ‘cheap’ or ‘free’? goes the justification. Our values and indeed our ways of living and working need to adapt to these relatively sudden changes in the paradigm of value.

So how do business models need to change?

It is increasingly clear that businesses will need to transform their strategies, processes and organisations to survive and prosper in this new information paradigm. To explore the potential impact of these changes, it is useful to construct and analyse plausible scenarios and use the learning to develop appropriate strategies. To construct a useful scenario, I have taken a relevant extract from my recent fiction book ‘A joy to serve the company’.
Let me set the scene: It’s the late 2030s and we’re in a car factory in the North of England run by a major Japanese automotive company. Alex Hunter is an experienced factory engineer called to a meeting with Yasuhisa Akiba, a senior leader in Corporate Excellence – known as ‘CEX’. Read the excerpt and reflect on its likelihood and what it might mean for today’s business models…….

Akiba had been standing, leaning against the wall, as he spoke to Alex Hunter who sat on the other side of the table in the large stark white-walled conference room on the top floor of the Eden Bridge administration building.

“Anyone with money can make cars, if they have the knowledge,” he’d said. “Differentiation of products and competitive advantage is founded solely on the intellectual assets owned by a company. Information is not only important; it is the key to our success. There is no way we can compete with the Chinese majors on the basis of costs – they will always have the economies of scale. PAG’s new megafactory at Dalian will have almost one hundred and fifty thousand employees and two hundred and fifty thousand robots when it is fully operational next spring. Even their European factories in Tatabanya, Prague and Koln are five times the size of Eden Bridge. We can’t compete with their scale! We must compete on the basis of innovation. And innovation is founded on our dynamic open culture and our leverage of our information assets. Far from information being a support to our business, as you claim Alex Hunter, it is the core of our business. It is for that reason that company information protection and offensive competitive analysis are so fundamental to our success.” He stared at her. She met his gaze.

“Do you understand?”

She nodded. “Yes.”

“Look at your left wrist.”

“What?”

“Tell me what you see.”

She frowned and looked down at the thin rounded metallic black rectangle strapped to her left wrist with a dark red band. “It’s just my iband,” she said with a shrug.

“’Just my iband’. You speak as if it is nothing special.”

“Well it isn’t really is it? Everyone has one these days.”

“You talk as if it is simply a common mobile communications device. Does everyone have a subcutaneous high bandwidth network implanted under their skin and linked to an implanted telecommunications module with an interface security unit?”

“Well no. Only other professionals have that sort of tech. Most people just have a basic comms module on their wrist.”

“That is right. You loosely call this device an ‘iband’, but that is simply lazy western slang for all body-mounted or implanted data processing and communication devices. Your iband is actually a company AMU7, the product of two decades of development of mobile communications and decision support technologies in the company laboratories. It was a massively expensive undertaking. Do you understand?”

Alex nodded.

“So tell me this: Why did we simply not buy it from Samsung or Huawei? Get them to develop it for us? It would have been a lot cheaper.”

“Er, I’m not sure.” She shrugged. “Maybe we should have. That sort of stuff is their core competency. Ours is making cars.”

Akiba appraised her for several seconds. “So you would have been comfortable with Huawei, a major Chinese-owned electronics company developing the technology that all our associates use to develop and share our most sensitive company information across our entire global operations. Or for Samsung, which is partly owned by Leno Investments, a major Chinese investment house, to have done the same?”
Alex Hunter felt her cheeks redden. She avoided his eyes. “Oh, I see.”

Akiba walked across to the window and stood in silence looking out. For a long time. It felt like minutes to Alex who began to feel even more unnerved. Then suddenly he turned back and faced her.

“As I explained. It is not good enough to be able to just make cars. Information is critical and it must be kept secure. The AMU7 is a key tool for empowering our associates with the knowledge assets within the company – linking them with other associates, with our AIs and with our knowledge management databases. And it does so in a way that protects our information assets from external intrusion. With built-in industry-leading firewall and anti-virus capabilities. With the ability to sense other intelligent devices and autonomously launch intrusion attacks to gather information. To link you automatically to the company for vmail, voice or data sharing. To work seamlessly with personal surgical enhancements such as optical or neural implants. With encrypted signatures on external devices such as your wrist unit, so that they will only work when connected to your subcutaneous network. Indeed if the AMU7 senses an attempted connection to another network or tampering of its external seals it will auto wipe its data and destroy its key bioengineered chips.” He snorted loudly. “Your so-called ‘iband’ is a key company asset. It easily triples the productivity of an associate in their work. It also turns each associate into an active information gathering asset. Do you understand?”

“Yes,” Alex nodded.

“Let me give you an example of this. Last year the AMU7 of one of our Chinese marketing associates was able to extract a design data file on the transmission system of a new PAG coupe under development, from a PAG associate, whilst boarding a flight at Beijing airport. The latest AMU7 software AI sensed the PAG associate’s device within its monitoring range and was able to overcome its firewall and remain undetected whilst it found and extracted that file and a number of others that were of interest. Neither the PAG associate nor indeed our associate was aware of this action taking place. Our associate’s AMU7 encrypted and sent the files to our Competitive Analysis AI once it was within range of a company-approved network. The information contained within them proved to be extremely valuable as the PAG associate turned out to be a senior team leader on the new car project. It allowed us to adjust the design parameters in the development programme for our new competitive vehicle to enhance the vehicle’s performance.”

Alex frowned. “Wasn’t that illegal?”

Akiba appraised her. “Illegal? In what way?”

She swallowed. “Well, theft of information.”

“Was there theft?”

“You just said…”

“All that happened was two associates from competing automotive companies boarded the same flight. There’s nothing illegal in that, is there?”

“Well no. But that’s not the point. What about the data theft.”

“What data theft?”

Alex frowned again, with growing irritation. Akiba continued before she could speak. “No-one was aware that this data exchange had happened. Certainly no bystanders and not even the associates themselves. This was not a pre-meditated action by our associate. As I said, he was not even aware it had occurred. His only involvement was that he happened to be wearing the AMU7. So no crime occurred. It was simply the operating software on the AMU7 acting on the basis of its own capabilities. You might say that the software AI had committed a theft of data, but does the concept of ‘theft’ apply to a piece of software? I think not.”

“Surely the responsibility lies with those that designed the AMU7 software in the first place? They were the ones who programmed in this functionality.”

“But they did not programme it to take such an action. They merely gave the embedded AI certain capabilities and set its overall objectives as a company asset. The AI decided to take this action. It saw the benefits to the company in doing so.”

“But still, it stole information –“

“Did it really steal information? If you were standing at an airport and overheard someone talking about some aspect of their business that interested you and so you continued to listen and absorb what you heard, would you be stealing that information?”

“No of course not, that’s completely different.”

“Is it really? The AMU7 continually ‘listens’ for information across its bandwidth of sensors and if another device is not secured against it, then the AMU7 will capture whatever information interests it. You call it ‘eavesdropping’ in the English do you not? That is what we humans do. We listen to the conversations around us and absorb any information that we happen to find interesting. And that is simply what the AMU7 does.”

“It is a good argument, but whatever you say about its legality it doesn’t sound ethical.”

“Ethical? Now that’s a word I haven’t heard for a while.” A thin smile momentarily cut its way across Akiba’s face as stared at her, his eyes empty and cold. He was a man of middle-height, dressed in company-approved black. His appearance was nondescript. Until you saw his eyes. They were large and dark and they bored into her. She averted her gaze and begun to feel even more uncomfortable. She was sweating. The warm sun on her back, pouring through the large window in the conference room was only one reason.

Why was she here? What did he want? Was he trying to intimidate her? Was this some sort of test? She’d been summoned from the factory floor by an iband call half an hour before and told to report here. To meet a man who had flown in from Japan to meet her. With little introduction, Akiba had lectured her since then on the company and the competitors. Now he walked over to the table and sat down opposite her.

“Ethics are a luxury to be enjoyed once survival is certain. And in this global war of business, even the survival of a company as mighty as ours is not certain.” He nodded. “But Alex Hunter, I have talked enough. It is your turn now. Give me your assessment on the impact of the theft of a data file containing key information on the LC3 engine management system.”

She was taken aback by his sudden question but managed to think quickly and luckily this was an area she was familiar with. But of course Akiba would have known that.

“The LC3 management system is one of our latest control platforms for our mid-range models. And as engine management is one of our core competencies, the LC3 control architecture would be dynamite in the hands of a competitor. They could directly copy the design, with some trivial design re-engineering to mask the fact that it was a copy, and use it. In consequence, we’d suffer a significant loss of competitive advantage, as we’ve always been strong on engine performance and refinement. This would allow a competitor at one stroke to capture the results of a decade of research and development. It would cost us tens of billions of rimbies, er Renminbi, if we were to attempt to regain that lead through further R and D or a long term loss in market share if we did nothing.”

Akiba shrugged. “A satisfactory assessment. So given the serious impact of such information loss, how would you prevent it from happening?”

Alex pursed her lips. “Well, I can’t see any significant deficiencies in the way the company guards its information today; the information fortress approach with entry and exit screening of all personnel, no communications linkage with non-company systems, except for unclassified v-mail running on an isolated system; AI-based firewall and anti-virus protection around all key systems. Er, regular auditing of associate practices, massive key-based encryption protection systems on all our information systems, heavy security presence on all company sites, an endemic need-to-know culture….” She tailed off. “I’m sure there’s more, but then I’m not a security expert, that’s the job of CEX.”

“And what do you know of Corporate Excellence?”

She shrugged. “CEX is just there, in the background. I use its systems, its processes, as just another part of my company life. I pass through the body scanning machine every day, I complete my monthly information audit, I input anything I hear about competitors into the Competitive Analysis database and I keep my mouth shut about the company when I’m outside of work.”

“Well I’m going to talk to you about what happens ‘in the background’ as you call it, Alex Hunter. About some of the messy work – things that some might call unethical,” he gave a tight smile, “– that go on to ensure that people like you can simply do your job. I’m going to tell you about what lengths the company is prepared to go to, and indeed has gone to, many times in the past, to protect its knowledge and assets from outside, and inside, interference and to seize information and assets from our competitors. And in doing so I’m going to destroy a lot of beliefs you may have held about the company; in fact it will never look or be the same to you again after this meeting.”

She suddenly felt light-headed. “Just a moment, Akiba-san, before you start,” she cleared her dry throat. “I may not need to hear this at all. What obligation will hearing this information place on me?” She swallowed. “What I’m asking, is do I really need to know?”

“It’s really very simple Alex Hunter. You do need to know, because you’re going to work for us.”

——————————————————————————————————–

Excerpt taken from ‘A joy to serve the company’ by Alastair Ross.

Available in paperback and Kindle here.

Image sources: Alastair Ross and Pixabay.com. 

Energizing Change

Copyright © Codexx
All rights reserved