Category Archives: Internet risk management strategies

Kiwi Internet

An unexpected aspect of traveling around New Zealand was how expensive it was to get Internet access. NZ Telecom will sell you (directly or through vendors such as hotels or Starbucks) prepaid access cards for $10 NZ/hour. Most sizeable towns have one or more Internet cafes where you can get rates as low as $6/hour in touristy places like Rotorua or down to $2/hour in Auckland. Actually, the best deal I found was at a library, which didn’t mind at all if I connected my laptop to their Ethernet, but charged me when I used one of their computers, because that was using "their Internet". One Internet cafe offered wireless connectivity, until asked what they charged, when they said they didn’t actually have it.

Home access is apparently mostly DSL or dialup. New Zealand is not very high on the OECD broadband uptake figures.

Continue reading

The Stars Like Dust

Two stars in the handle of an inverted dipper of four stars in the cup, plus another: the seven stars of the Pleiades. I’ve never been able to look straight at them and see them all clearly before. Going outside near Otorohanga in New Zealand near midnight, the Milky Way was also visible as layer upon layer of stars, from the blue white points of Sirius and Procyon like mature glowworm larvae to constellation-drawing stars to sand grains and silt, all the way to the southern cross.

The brightest skyglow occured when Venus was about to set in the west and went behind a cloud.

Continue reading

Science and Security: Informing New Zealand

As you the reader have no doubt deduced, I’m in New Zealand, or birdland, as I like to think of it, due to all the birds that filled niches here that mammals occupy most other places.

My purpose for being here was to fill a niche as someone who could talk about Internet security worldwide at a conference on Science and Security: Informing New Zealand, organized by the Royal Society of New Zealand. I did that, and as the last speaker of the day, I was struck by how many other talks, from geography to social science to amelioration of landslide and flooding risks at popular tourist sites mentioned the same themes, which included:

  • Ongoing, comprehensive data gathering
  • Information production by crossing data with purposes of its users
  • Multiple sources of data
  • Sources of data about different layers of infrastructure
  • Centralized yet redundant respository
  • Data mining for hazards and events
  • Holistic interpretation
  • Continuing dialog with users and producers of data and of the underlying infrastructures
  • Neither government nor private industry can go it alone
  • Avoiding risk is not managing risk
  • Technology alone won’t solve anything: results must be conveyed and affected parties must be pursuaded to act
  • Summary: networks is politics
The first talk, which was about geography, mentioned many of these points. There are, of course, some differences with Internet security and risk management. Continue reading

Royal Collaboration

Attending the Annual  Honours Dinner of the Royal Society of New Zealand in Wellington, at Te Papa, with lamb and a play about Einstein (it’s 2005, after all), what impressed me most was the range of the awards. Unlike the Nobels, which are constrained by whatever Alfred Nobel or his executors who set up the awards thought was important, RSNZ can apparently make up whatever awards they like or someone is willigg to fund. In a refreshing lack of stodginess, the awards thus spread from pure mathematics to forestry. Award winners include someone who invented a method of transmitting power over at least short distances without need for wires or microwaves, a social scientist who has long studied internal migrations of Maoris in New Zealand, such as from country to city, and one who discovered that human brain cells can regenerate, despite the former common wisdom.

Continue reading

Great Barrier Internet

If you lived on a remote island, which modern conveniences
would you consider most important?

Although easily (but not cheaply) reached from Auckland, Great Barrier is a world — and a good 50 years — away. The island has no supermarket, no electricity supply (only private generators), no main drainage (only septic tanks), most roads are unsealed, and petrol costs nearly double the Auckland price. Mobile phone reception is very limited and there are no banks, ATMs or street lights. Still, the great god Internet has found its way here — practically everyone has their own website!
New Zealand, Lonely Planet, p. 141
While these aren’t big businesses on Great Barrier Island, the same principle seems to apply to larger companies: the Internet is at least as important as any other service, perhaps more so.

-jsq

Consensus or an Honest Disagreement?

Here’s an interesting quote:

Consensus cannot be created with verbal formulas. Serious disputes are seldom resolved without a genuine change in the parties’ thinking. And a false consensus may be more productive of conflict than an honest disagreement.
When Jesus Became God: The Struggle to Define Christianity during the Last Days of Rome, by Richard E. Rubenstein, p. 104
The specific subject of the quotation is the negotiations the Roman Emperor Constantine instigated around the Nicene Creed, but it seems much more generally applicable.

-jsq

Risk Management as an Indian Core Competence?

In my forthcoming book I mention that risk management can become a competitive advantage. Looks like it already may be for some companies:
The growth of outsourcing has added to the complexity of the issue. Removing back-office business services to low-cost (and frequently more hazardous) locations leaves firms vulnerable to hard-to-monitor disruptions in those faraway places. Susir Kumar, chief executive of Intelenet, an Indian outsourcing firm that is 50% owned by Britain’s Barclays Bank, says that Indian firms are in fact more diligent about continuity planning than firms in the West—partly because disruptions there are more frequent (so they get more practice), and partly because costs are so much lower they can afford to duplicate more facilities. Indian outsourcers say there was little consequence for their clients from the flooding in Mumbai in July.
Business continuity planning: When lightning strikes, Oct 27th 2005, From The Economist print edition
I wasn’t thinking of India, but that part about more opportunity to practice disaster recovery makes sense.

-jsq

Monoculture Byproducts

Three and a half years ago, I remarked:

In the late nineteenth century an aphid-like insect, Phylloxera vastatrix, destroyed most of the world’s vineyards, leading to the little-known fact that most French wines today are actually grown from Texas grapevine stock. The company that knows where to get disease-resistant vine stock will be in demand.
Monoculture Considered Harmful, by John S. Quarterman, First Monday, volume 7, number 2 (February 2002),

Well, it turns out that back then, something else became in demand, as well:

In 1874, the French sipped 700,000 liters of the stuff; by the turn of the century, consumption had shot up to 36 million liters, driven in part by a phylloxera infestation that had devastated the wine-grape harvest.
The Mystery of the Green Menace by Brian Ashcraft, Wired, Issue 13.11, November 2005.

That something else, the Green Menace, was absinthe.

Continue reading

Historical Amnesia

At a recent talk Dan Geer mentioned that CERT no longer keeps archives of vulnerabilities or incidents since 2003. Apparently they thought the data they were getting was not good enough anymore. This is very unfortunate, since it makes tracking trends and correlating them with other data impossible for years after 2003. It’s hard to handle risk if you don’t know what’s happening.

-jsq