Researchers detect nearly 10,000 exposed databases with more than 10 billion credentials available for the world to see. When databases are left unprotected, hackers don’t even need to hack
According to NordPass’s research, the web is swirling with exposed databases. Recently, researchers have identified a total of 9,517 unsecured databases containing 10,463,315,645 entries with such data as emails, passwords, and phone numbers.
The databases were found across 20 different countries, with China being at the top of the list — the country had nearly 4,000 exposed databases. This means that potentially more than 2.6 billion users could have had their accounts breached.
The United States comes second, with nearly 3,000 unsecured databases and almost 2.3 billion entries made available online.
India was third, with 520 unsecured databases and 4,878,723 entries.
While the idea of searching for exposed databases may seem complex, the process itself is quite straightforward. Search engines like Censys or Shodan scan the web constantly and let anyone view open databases in just a few clicks. If the database managers used the default logins, getting into one would be a piece of cake.
“In fact, with proper equipment, you could easily scan the whole internet on your own in just 40 minutes,” says Chad Hammond, security expert at NordPass.
Attacks against unsecured databases
Recently, unsecured databases have been hit by a “Meow” attack, which wiped clean thousands of them. “These kinds of attacks are very frequent. Usually, the attacker asks for ransom. This attack seems to be different only because the hackers deleted the data instead of asking for ransom,” says Chad Hammond, security expert at NordPass.
The NordPass security expert estimates that 39% of all databases have already been hit by one of these ransomware attacks.
“The Meow attack against unsecured databases should only reinforce the need for proper data security. And while some of the affected databases only contained testing data, the Meow attack targeted some high-level victims, among which was one of the biggest payment platforms in Africa,” says Chad Hammond.
The essentials of database security
Data security and protection should be a top priority. “Every company, entity, or developer should make sure they never leave any database exposed, as this is obviously a huge threat to user data,” says Chad Hammond.
When asked to highlight the main points of database security, the expert emphasized:
“Proper protection should include data encryption at rest, wire (in motion) data encryption, identity management, and vulnerability management.
Data can be exposed to risks both in transit and at rest and therefore requires protection in both states. While there are several different approaches, encryption plays a major role in data protection and is a popular tool for securing data both in transit and at rest.
Nevertheless, all data should be encrypted using trusted and robust algorithms instead of custom or random methods. It’s also important to select appropriate key lengths to protect your system from attacks.
Identity management is another important step and should be used to ensure that only the relevant people in an enterprise have access to technological resources.
Finally, every company should have a local security team responsible for vulnerability management and able to detect any vulnerabilities early on,” says Chad Hammond.
As for the users, the security expert yet again draws attention to the importance of a strong password. “The fact that we have more than 10 billion passwords up for grabs should only encourage people to think of strong, lengthy passwords. If your password is “12345”, no firewall in the world will protect your data. Your password shouldn’t be a dictionary word either — an average person uses only about 20,000-30,000 words, so chances are that all of them are already among those 10 billion,” says the NordPass security expert.
Methodology: NordPass partnered up with a white hat hacker, who scanned elasticsearch and mongoDB libraries, looking for exposed, unprotected databases. Once found, he logged into those public databases and checked what kind of data could be found there. The white hat hacker has shared with NordPass how many exposed databases and entries he had found. The hacker requested to stay anonymous. Time frame: June 2019 to June 2020.
Becoming a carbonneutralbusiness isn’t just great for the environment, it’s a fantastic way for your business to show customers how much you care for the world around you.
Plus, it’s not as hard as you might think. Conquest Consultancy has taken just that step and decided to offset their carbon ommissions with a commitment to plant trees in Nairobi. Managing Director Dan Adams said: “Climate change is the most urgent topic of our time. We are in a now-or-never situation, which requires us to take immediate action.”
Here Conquest Consultancy gives 5 ways small businesses can become carbon neutral:
Know your baseline – using a calculator from a website such as DEFRA you should be able to work out the value of your carbon footprint. This will take into account your travel, energy use and so on.
Plan for the long term – becoming carbon neutral isn’t a quick fix and it doesn’t happen overnight. Instead take a look at taking actions that will make an impact for the foreseeable future and not just knee-jerk reactions.
But look for the quick fixes – limiting how much you print is an easy fix and one can that can be implemented fairly quickly. Move over to digital file keeping and green up your office use of paper.
Hearts and minds – without the support of your whole team, it’s going to be next to impossible to implement real change. Talk to your teams, get them on board not just because they have to but because they believe in it as much as you.
Get hold of a project – this might be anything from tree planting in Africa to investing in recycling projects in a developing country. Get behind a cause and you’ll see your business win plaudits from customers and staff alike.
NEOM Co. announced its first step to create the world’s leading cognitive cities that rely on leading technology for digital services after signing a contract with stc group to establish a 5G network infrastructure that will accelerate NEOM’s digital ambitions. In addition to the one-year contract to develop the network, the partnership also includes the development of an innovation center in NEOM to explore new 5G opportunities.
NEOM’s next generation cognitive cities will support its cutting-edge urban environments, improving the lives of residents and businesses far beyond the capabilities of today’s smart cities. NEOM will use one of the most advanced 5G technology in the world, to enable the proactive exchange and analysis of data between NEOM residents and city infrastructure.
stc will build a wireless 5G network enabling present and future 5G applications across NEOM. With a speed and capacity 10 times higher than standard 4G networks, 5G in NEOM will enable numerous segments such as Internet of Things (IoT), data analytics, virtual reality, augmented reality, smart homes, and autonomous vehicles. It will also provide the public safety network for NEOM security services.
Commenting on the agreement, NEOM CEO Nadhmi Al Nasr said: “We are glad to form this partnership with a leading national digital enabler such as stc to support our ambition and goal to be an accelerator of human progress and to create the world’s leading digitally sustainable, cognitive cities. NEOM’s infrastructure will utilize AI, robotics, and human-machine fusion to deliver greater predictive intelligence and enable faster decision making across all NEOM sectors. The procurement and deployment of a future-proof wireless network is a critical first for NEOM in realising our goal of driving innovation in the future digital economy.”
The CEO of stc Group, Eng. Nasser bin Sulaiman Al Nasser,added: “This agreement reflects stc’s commitment to enabling digital transformation and providing digital solutions across the Kingdom. We are proud to have been chosen to build the infrastructure for the 5G network and an innovation centre in NEOM – the land of the future and a model for sustainability, innovation, development, and prosperity. This agreement comes in line with stc’s vision as a digital enabler to develop infrastructure and provide the latest technologies that will enrich the experience of societies and foster innovation, which in turn will contribute to improve the customer experience and moving the digital transformation forward.
NEOM will also trial and test 5G solutions that will allow it to lead in fast-growing, future-focused sectors such as robotics, Artificial Intelligence (AI), and human machine interface technologies. Leveraging such technology will open up the enormous potential of NEOM as a new economic driver across a range of industry sectors for the Kingdom.
NEOM is an accelerator of human progress and a vision of what a New Future might look like. It is a region in northwest Saudi Arabia on the Red Sea being built from the ground up as a living laboratory – a place where entrepreneurship will chart the course for this New Future. It will be a destination and a home for people who dream big and want to be part of building a new model for exceptional livability, creating thriving businesses, and reinventing environmental conservation.
NEOM will be the home and workplace to more than a million residents from around the world. It will include hyperconnected, cognitive towns and cities, ports and enterprise zones, research centers, sports and entertainment venues, and tourist destinations. As a hub for innovation, entrepreneurs, business leaders and companies will come to research, incubate and commercialize new technologies and enterprises in ground-breaking ways. Residents of NEOM will embody an international ethos and embrace a culture of exploration, risk-taking and diversity – all supported by a progressive law compatible with international norms and conducive to economic growth.
Across sub-Saharan Africa, sports, media & entertainment have increasingly become revenue-generating industries for African countries, pillars of jobs creation, and important drivers of economic diversification. Pan-African Group Centurion’s new practice will offer a bridge between private and public sector, ensuring that regulations embrace market trends, promote an enabling environment for investors, and protect the interests of African entrepreneurs and companies operating in that space.
African athletes, along with the continent’s entertainment, sports, advertising, and media industries are important to the regional and the global economy. In order to further support the rapidly growing sports & entertainment industry across Africa, Centurion Law Group has announced the launch of a new dedicated practice.
Across sub-Saharan Africa, sports, media & entertainment have increasingly become revenue-generating industries for African countries, pillars of jobs creation, and important drivers of economic diversification. Beyond just Nollywood, the African entertainment and sports industries have become at the center of global investments, and have capitalized on increasing technology adoption to become globally competitive.
“With its track record of delivering high-profile and high-quality deal making, Centurion is the perfect fit for Africa’s sports, entertainment and media industries,” stated Oneyka Ojogbo, Sports & Entertainment Practice Head. “We are witnessing the rise of a true African sports & entertainment industry that now requires the best possible legal and business support services coming out of the continent itself,” she added Ojogbo
As the industry grows and attracts investments, it is even more crucial to adequately protect its essence, local players, revenue streams and overall bankability. Centurion’s new practice will offer a bridge between private and public sector, ensuring that regulations embrace market trends, promote an enabling environment for investors, and protect the interests of African entrepreneurs and companies operating in that space.
“Our job goes beyond legal advice. We provide counsel for career and life, and help clients build a business around their brand, protect their assets, and take advantage of strategic business opportunities during and after their career,” concluded Ojogbo.
The practice will be offering local and international companies and stakeholders a full suite of legal and management services including finance, licensing, intellectual property rights and enforcement, competition, advertising, representation and negotiation, sponsorship, investments and compliance.
Centurion is a pan-African legal and energy advisory group with extensive experience in the oil and gas sector. The group provides outsourced legal representation and covers a full suite of practice areas for its clients, including arbitration and commercial litigation, corporate law, tax and anti-corruption advisory and contract negotiation. Centurion specializes in assisting clients that are starting or growing a business in Africa with offices and Affiliates in Ghana, Cameroon, Canada, Germany, Congo, Equatorial Guinea, South Africa, South Sudan, Nigeria, Gabon, Angola and Senegal.
Dr. Mark Lomax is a seasoned healthcareentrepreneur and medical doctor. Prior to establishing PEP Health, Dr. Lomax founded, built and sold an award winning business, MediHome- that tackled where patients should receive their healthcare. Dr. Lomax has worked,and still is, closely working with the NHS to present his thoughts of “How to Crack the NHS” at various conferences. Dr. Mark Lomax has extensive experience in healthtech, raising growth capital, international healthcare delivery, delivering high growth and building high-performing teams; delivering commercial success from the NHS.
Dr. Mark Lomax’s latest company, PEP Health is trying to transform how patient experience is tracked and measured. It can provide reports and insights to hospitals, insurers, commissioners, national bodies and consultancies about the quality of care experienced. It was selected to be part of the NHS InnovationAccelerator in 2020.
Mark Lomax Interview focus
1. An introduction from you – background, overview, education…
2. Career highlights
3. Your company / companies, organisations and focus?
4. How do you tackle the areas of data privacy and protection?
5. How do you see healthcare in the context of Society 5.0 – 4IR and all areas of digital transformation?
6. What are your views on our society, technology and digital transformation when it comes to wellness and healthcare?
7. With Covid-19 what ways do you envision to redesign our society with technology and social impact, especially when it comes to healthcare?
I am a doctor who has worked in hospitals, not only in the UK but also in the US and other parts of the world. As a medical doctor I saw there were various challenges that needed to be tackled in healthcare, especially regarding integrating technology to help specialists make better decisions, with better insights and data. It drove me to become an entrepreneur.
I created MediHome following international best practices , especially to tackle that challenge. It was ethical and sustainable and we tried to take everything into consideration, a responsible use of data and technology in the sector, etc. By the time we exited, it was a win win. Patients loved it and it was a successful business.
These kinds of solutions are the way to go in my opinion. Hospitals are not always the best place to be. They can be noisy, lack privacy and the comfort to recover faster. In fact, what I have learned all these years is that people at home recover quicker, but they still need to be monitored.For hospitals and healthcare systems, it was a great tool as they did not have to build new infrastructure or hire more personnel, hence saved costs.
That was what PEP Health has been doing since its inception. I wanted to make an even greater impact, with better insights and was introduced to the founders of PEP Health. I immediately recognised the potential of PEP Health and how it could transform healthcare for the better
Challenges in healthcare. There is a paradox here. Healthcare is probably the riskiest industry on the planet. We need to make sure that people are kept safe and so procedures, treatments that work, are really hard to be changed. But there are innovations that can be introduced and professionals trying to do things differently that find it almost impossible to change the way things are, even if their ideas and technology is proven to improve these legacy systems.
About PEPHealth. Alex Griffiths and Megan Leaver are the founders of PEPHealth. Our platform automatically identifies and gathers millions of items of publicly-available feedback from a variety of online platforms including social media. PEP’s custom algorithms categorise and score the feedback providing a proven, accurate and unbiased summary of what patients really think.
People have been wanting this since a long time, and no one has been able to provide this real time experience.
We need to follow a strong ethical procedure to use and manage private data. The key here is to be open and collaborative with the hospitals and the NHS system so we can share that data according to their privacy standards.
Difference between providers/insurers and regulators
Regulator: risk management tool to stratify the hospitals, clinics. People relying on their assessments. We can stratify them and say these are the best, these in the middle, these in the lower quartile.
Insurers: Mindful of the sensitivity of individual data. If people are holding private medical cover, they should be getting high quality service.
How do you see healthcare in the context of Society 5.0 – 4IR and all areas of digital transformation? The next 5 years will see more transformation in the health sector than ever before. And the problem is only getting magnified by COVID-19, and all these routine activities are just getting restarted now that covid is settling. At the moment, these questions are paused rather than knowing what to do about them. Unfortunately, there are going to be difficult decisions on prioritising patients and determining the right services in the future.
In healthcare, and probably in other industries too, there’s a lot of quantitative data, but less qualitative data. We have all these data points feeding our systems with new information, but it is not being utilised correctly. That is what we are trying to achieve. Learning, tracking and monitoring is what currently governments need to do in order to make better decisions in the future.
Mark Lomax initially worked in the NHS as a doctor after completing his undergraduate training at Barts Medical School in 1999. After several years of working as a junior doctor across a range of medical specialities, he founded his first business, the award-winning MediHome. During this time, he created a new market (hospital at home) and disrupted existing services to deliver a scalable, high quality service that patients greatly appreciated. It improved outcomes and saved the NHS £1m per month at the point of a successful exit.
Mark has strategic and operational capability from a start-up- fast growth- to the exit , including raising capital, shareholder/investor relations and major contract negotiations. He is passionate about transforming and improving healthcare.
He joined PEP in 2019 as CEO.
About PEP Healthcare (Patient Experience Platform)
PEP Health is a social media listening tool which offers a radical new approach to collecting and analysing the views of patients on the health services they have received, offering comprehensive real-time reporting of what patients really think about their care.
PEP aggregates millions of social media and online comments about every acute hospital in England, whether NHS or independent. It then uses advanced machine learning, with comments themed into eight quality domains, to give insights which fully reflect each provider’s strengths and weaknesses, including at departmental level. Providers can be benchmarked against each other but PEP’s longitudinal tracking, going back to 2018, also allows individual organisations to track their progress across the different aspects of their care.
The tool has been shown to identify many patient safety issues and to be a helpful predictor of CQC rating. This new technology represents a paradigm shift in how we listen to patients and learn from their insights.
PEP Health is the trading name of Statica Research Ltd. It is an Anglo-Dutch collaboration and was selected to be part of the NHS Innovation Accelerator in 2020 and has won a prestigious Innovate UK competition to identify the best early stage technologies in the UK.
Their solution is keen to provide to:
Providers – Quickly and easily understand what your patients are saying about the quality of your care across multiple platforms. Easily recognise and learn from outstanding areas of care, whilst rapidly identifying and correcting safety concerns or areas for improvement before they worsen.
Insurers & Commissioners – Identify and monitor which providers your patients are most satisfied with, and those where you may need to re-evaluate existing arrangements. Use feedback to demonstrate the quality of your service over that of your competitors.
Regulators – Comprehensively and cost-effectively monitor in real-time what millions of patients and their families are saying about the quality of care , you are responsible for overseeing. Automatically identifying high-risk providers, departments or pathways for further investigation.
The numbers show that the U.S.’s performance in response to the pandemic has been shockingly poor, if not disastrous. They reflect a failure to control the spread of new cases, continuing deaths, inadequate testing, and the politicization of decisions that should be purely science- and data-based. All this has happened in spite of available resources in and economic sacrifices by the U.S. that are comparable to the other countries of the Wealthy West. Clearly, a sober, honest national discussion about balancing individual freedom with publicsafety and economic well-being with personal health is necessary, or history is doomed to repeat itself.
After six months of COVID-19 pandemic, let’s pause, and assess the performance of countries and their leaders. Sadly, by most standards the U.S. has little to be proud of. (All data come from Worldometers.)
Since it’s only fair to compare countries with comparable resources and healthcare infrastructure, we’ll look at the “Wealthy West” – the U.S., Canada, and a dozen Western European nations. (Others, like Japan, Taiwan, Australia, and New Zealand, aren’t shown because their COVID-19 numbers are too small to show up on these graphs.) Also, to level the playing field statistically, we’ll present per capita numbers rather than the raw numbers.
Total Cases. We begin with the daily progress of new cases, the most widely-used measure of the pandemic’s spread:
Every nation’s curve peaked 4-6 weeks after the pandemic first took hold, but with peaks several times greater in the hardest-hit countries (Spain and Belgium) than in the least-hard-hit (throughout Scandinavia). As measures like face masks and social distancing took hold, twelve of the fourteen countries then saw a dramatic, steady decline in new cases. Those countries now typically see fewer than 10 new cases per MM in a typical day.
Sweden and the U.S. are the outliers, with little or no decline from the initial peak and a further surge around week 13. Sweden’s new cases are now down more than 50% from their peak, while the U.S.’s have risen to levels never seen in even the hardest-hit countries. Sweden is noteworthy because it alone chose to take a laissez-faire approach, keeping schools and many businesses open throughout. But in the U.S., there is simply no positive way to spin the pandemic’s progression. Some try to attribute the U.S.’s current surge to an increase in testing, but even if that were true (see below), more testing just cannot explain that many new cases.
Deaths. With fewer cases comes fewer deaths. Also, all over the world the case fatality rate – i.e., the ratio of deaths to reported cases – for COVID-19 is declining. Reasons include better medical understanding of how to treat the most serious cases, healthcare systems that are now less heavily stressed, and a demographic shift in infections to younger patients, since COVID-19 is clearly most destructive to the elderly.
The following graph shows reported COVID-19 deaths by month, with the most recent months shown darkest and to the left. Countries are sorted in descending order of total deaths per capita since June 1 – roughly when most economies began to reopen:
April saw the most deaths for every country shown, with steady monthly declines since then. Many countries are now reporting just a handful of COVID-19-related deaths per week. However, three countries stand out for deaths since June 1 – the U.S., Sweden, and the U.K. Sweden saw high deaths continuing into June because of its continued surge, but the pace has slowed significantly in July. The U.K.’s ongoing high number of deaths continues to baffle, but the U.S.’s does not: the continuing surge in cases makes more deaths inevitable for at least a few more weeks, even at the lower mortality rates we’re now seeing.
To put the U.S.’s deaths in harsher perspective: the European countries shown (excluding Sweden and the U.K.) plus Canada, have a combined population roughly equal to the U.S.’s. Yet in the nearly two months from June 1 through July 22, that group of twelve countries has reported a total of only 6,311 COVID-19 deaths, compared to 37,357 in the U.S.; proportionally, the comparison is even starker for July alone.
Testing. Second only to motivating or mandating safe public practices, testing is the most important action a nation can take to control a pandemic’s spread, especially when a significant portion of those infected are asymptomatic. It’s critically important that nations test strategically – that is, testing people as the result of contact tracing, periodic testing in high-risk and high-contact occupations like health care and food service, and testing individuals when a recent experience justifies it.
By contrast, necessary testing occurs simply because people show symptoms. At least one test is needed to confirm a COVID-19 diagnosis, at least two more to confirm a recovery, and a few additional tests for obvious candidates like the patient’s housemates. Testing for these reasons doesn’t really enable a nation to control a pandemic’s spread. The following graph shows the progress of total strategic tests performed in 40 relatively affluent countries worldwide – we assume that each reported case generates six necessary tests, with the remainder of a nation’s total tests considered as strategic tests:
The U.S. has significantly ramped up its strategic testing, but so has virtually everyone else. Even today, the U.S. ranks just in the middle of the pack. Claims that the U.S. leads the world in testing are flatly untrue – and would be even if we showed total rather than strategic testing as the metric.
Lastly, turnaround time matters! Having to wait 8-10 days for the results of a COVID-19 test is a little like waiting four months for the results of a pregnancy test. The average turnaround at the two major U.S. testing labs is now 4-6 days, and that doesn’t include the time needed to schedule a test, deliver it to the testing lab, and communicate the result back to the patient. This is a huge problem, especially with the current surge creating high demand for necessary tests.
Red state/blue state. The following graph tracks the weekly progression of new cases in 34 states that collectively comprise almost 90% of the U.S.’s population. States won by Donald Trump in 2016 are shown in red and by Hilary Clinton in blue. The intensity of the color varies with the candidate’s margin of victory, and the thickness of each state’s graph line roughly in proportion to its population:
A clear pattern emerges. In the early stages of the pandemic, a small but populous group of states, virtually all in the Northeast or the industrial Midwest, was hit the hardest, and most were heavily blue states in 2016. Then, from mid-April to mid-May, virtually every hard-hit state saw declines in new cases, while the others stayed low. Now, in the recent surge, the hardest-hit states include every state in the South, plus California, Arizona, and three less populous mountain states.
This graph is not intended as a political statement – it is, after all, nothing more than publicly available data. The enormous state-to-state differences in how COVID-19 has spread are clearly attributable to how quickly states chose to reopen their economies, and how closely their residents observed sound personal practices. But the underlying causes of those differences bear discussion.
Colm Murphy, Cyber Security Advisor at Huawei is the new guest in this new interviewseries for citiesabc. Hosted by Dinis Guarda, both technology specialists discuss some of the main challenges in today’s technology world, including the development and implementation of 5G, the importance of Cyber Security and addressing the rising concerns around transparency.
Colm Murphy is a Cyber Security Advisor working from Huawei’s Cyber Security Transparency Center in Brussels. Prior to joining Huawei, Colm was the International Director of BSI Group’s cyber security and Information Resilience professional services business, responsible for this business units growth beyond the UK and Ireland. Before that he worked with Deloitte and McAfee.
Colm Murphy, CSO from Huawei Brussels Office Interview Focus
Can you tell us about your Profile and background?
How do you see the cyber security industry best practices?
There is no doubt about the importance of cyber security, so how do you cope with that and prepare?
How to protect cities and governments from cyber threats?
5G is out there with a lot of challenges and opportunities. How do you see that?
How do you see the unified or verified security standards in the 5G or telecom industry?
What kind of challenges the industries are facing when the security standards are missing and the development progress of some security standards, such as 3GPP, NESAS?
How could we measure cyber security? Both for countries, cities and businesses and what is the meaning of developing the security standards for public and industries?
Can you tell us about Huawei’s progress in cyber security and security verifications, especially the ERNW Reviews Source Code for Huawei 5G Core Network UDG?
Can you share some case studies that you highlight as good practices?
Colm Murphy Key Takeaways
About Colm’s professional background:
I started in a small company in Dublin, Ireland. After graduating from college, I was interested in learning more about business: sales and marketing, human resources, and international relations. After a while I moved to cyber security, which back then, it was mainly focused on network security, data security, etc., on a business level.
I started my professional career just as the digital transformation began to take off, amid the dot-com bubble and the commercial Internet. I have always been interested in computing and IT and specialized in cyber security solutions, working initially setting up firewalls and helping to implement this type of security solutions.
My journey took me throughout Asia-Pacific, auditing large companies in security screening, penetration testing, and ethical hacking. Some of the companies I have been involved with are Network Associates (now known as McAfee) and Deloitte.
In 2002, some of my friends from Ireland asked me if I wanted to join them in their new company and I came on board as the cyber security technical specialist. So I did it. The company grew and expanded abroad and I was part of their incredible journey. Eventually, BSI acquired this business that became the heart of the enterprise’s cyber security business.
In 2019 I wanted to do something different. Huawei approached me and I joined its global office for cyber security and privacy.
Views on how businesses and governments can cope with digital transformation
When we think about digital transformation, we point to specific events that turn our world upside down. However, digital transformation is much more than that. Digital transformation is a journey that needs to be funneled by leaders, companies and users altogether. Sometimes things happen that aren’t transformative in the big sense, but with time it may become clearer. Eg: Cloud- security risks, privacy problems.
Likewise, some things happen under the radar and take some time to stick and to be implemented. Cyber security has been seen as an obstacle for digital transformation but, actually, it can be an enabler. Without a proper cyber security in place, every digital system isn’t complete and at risk of being shut down. If that happens we are actually moving backwards in the digital transformation journey.
Cyber security industry best practices
First word that comes to mind is ‘fragmented.’. In terms of best practices, it’s difficult to keep up – consolidate them, validate them, meet the security requirements- hence the word fragmented. Eg: Huawei has more than 240 different certifications for various products and dozens of management certifications. This is enough to provide assurance that they follow best practices. If it’s hard for us, think about how hard it is for SMEs and startups.
There are so many tools, standards, procedures, technologies that need to work together to truly build a functional cyber security system. It is difficult to pinpoint a specific thing that makes for a truly secured cyber security. What we need is to approach it holistically. One success story of best practices is probably the GDPR. Prior to that there were 28 different privacy laws, one for each country in the EU. After that, it standardized what was allowed to do and whatnot while putting the user in at the center of it all.
About the importance of cyber security, how do you cope with that and be prepared?
In today’s world, being hacked has more to do with how to handle, respond, contain and learn from that threat. In terms of coping, it’s a shared responsibility, especially regarding security in networks. Huawei, as a multinational tech company, plays a part of that shared responsibility. Then, there are other operators that manage these networks and are experts in doing so, and then you have service providers, the consumers, the government, the policymakers, all stakeholders. One good example of this shared process could be financial institutions. They built a sophisticated learning and threat sharing mechanism which had all players involved.
As such, cyber security is also about rules, literacy, awareness, and technology solutions. What cyber security experts are trying to do is raise awareness and provide the right tools for users, governments and industries to operate more safely in the digital space.
How to protect cities and governments from cyber threats
It is certainly very crucial to maintain cyber security and to continue to manage risks. Especially with things and systems that are going well. The way to do that is by using the best practices standards aforementioned, have a third party to assess the product/service/network (governments for example) and gauge if it is in line with the best practice standard. Then, we offer a certificate which can offer a buyer/service provider user.
5G is out there raising a lot of challenges and opportunities
First of all, 5G is an evolution of 4G working on standards and protocols first implemented in 4G. In fact, 5G is much more secure than 4G; it has better protocols and better encryption. The 5G network architecture is much more like a traditional IT network. It uses a lot of software to function properly better. We are talking about a wireless network that is a step ahead of what we have now, it is an evolution and there are many eyes and people working behind it from different operators to ensure that all protocols, standards and best practices are in place.
Experts have been securing such networks for over 20 years. Operators are very sophisticated and good at securing their networks. They are very well prepared to secure their networks. It is secure and highly configurable.
There are conversations out there about 5G, some of which spread fear and alarm against 5G, but I can say that the industry and all the key players in the supply chain are well prepared to implement and keep this new wireless network safe.
Again, this is a parallel conversation between decision makers and experts, but what I can say is that the cyber security industry is very well equipped to take on most of the challenges.
How do you see the unified or verified security standards in the 5G or telecom industry?
There’s never been a globally adopted cyber security standard for the telecommunications industry, although there are some security standards that are pretty much adopted by important players. I am talking about the NESAS Security Assurance. 3GPP, along with their colleagues in the GSMA, came together and created this standard that caters to the needs of the telecom service.
NESAS was created to serve this purpose –operators globally were part of it and independent governments approved labs that were used to perform these checks. It was done for them to test this.
In fact, Huawei is the first in the world to undergo this certification for its 5G products. Phase 1 is complete, phase 2 will be completed very shortly.
What kind of challenges the industries are facing when the security standards are missing?
Standards are essential. Consumers assume that when they buy a service/product, or they use a specific device connected to the internet, all checks and cyber security measures are in place and they are secure to go.
The UK has an interesting scheme regarding standards called Cyber Essentials. In order to work with the government, you’re supposed to comply with these standards. It’s like the basic level of cyber security hygiene. Long story short, Cyber Essentials is a simple, but effective, government backed scheme that aims to protect organisations, whatever its size, against a whole range of the most common cyber attacks.
How could we measure cyber security for countries, cities and businesses? What is the meaning of developing the security standards for public and industries?
How can we measure cyber security and develop cyber security standards? The cyber security act from the EU is trying to address this point. Decision makers play a really important role in all this but also the companies that develop the certification protocols and that make sure that all companies and industries follow these certifications and standards to create a safe digital environment. The government expects their providers to have these certifications and protections in place. There are a whole range of key points that have to be addressed such as privacy, how they adhere to legal obligations, etc.
Cyber security ratings is an emerging area too that is gaining traction lately. Basically, this practice is based on monitoring the public Internet to identify potential risks. Some companies are already providing this kind of service and they do some real good work from developments in the SS chain, risk management, due diligence. Any given company can get a cyber security rating from this organisation.
Can you tell us about Huawei’s progress in cyber security and security verifications, and specially the ERNW Reviews Source Code for Huawei 5G Core Network UDG?
At Huawei we are truly concerned about cyber security. We do a lot of internal research and work before releasing our services/products to the public. And before that, we send our products and tools to specialized third-party companies for further testing. There is a complete and step-by-step process and testing before launching a new product or service. Our doors are open if someone wants to see our code, our protocols and our technology. From now on, we feel the pressure to be better and I think it’s good for us and our customers because it means we can provide a more polished product and service.
Nearly a third of SMEs (30%) see their profitability increasing slightly over the coming 12 months despite the pandemic
New research (1) commissioned by MBH Corporation plc, a UK headquartered listed diversified investment holding company that acquires successful, strong-performing small to medium enterprises across multiple geographies and sectors, reveals that despite the financial and economic impact of coronavirus, nearly a third (30%) of well-established successful SMEs still expect to see their profits increase over the next 12 months. A further 10% expect to see no change to their profitability over the next year.
Over the longer term, the sense of optimism is even higher, with nearly half (46%) of the SMEs surveyed predicting their profitability will increase between now and 2023. This rises to 52% when looking at the next five years.
However, there are inevitable plans for SMEs to have to reduce headcount as an unavoidable consequence of the global pandemic. Some 96% of those surveyed said they intend to reduce their headcount over the next two years, with 48% predicting a fall of over 20%.
Over the next 24 months, what changes will you make to your business/what changes do you think will be made to the business you work as a result of the Coronavirus crisis?
Reduce the number of employees who work for us by up to 10%
Reduce the number of employees who work for us by between 10% and 20%
Reduce the number of employees who work for us by between 21% and 50%
Reduce the number of employees who work for us by over 50%
Hire more staff as we grow
Callum Laing, CEO of MBH Corporation plc: “Coronavirus has had a devastating impact on businesses around the world. However, SMEs can often be nimbler and more innovative than larger companies when responding to challenges, and our research reveals that despite the current crisis there are many SMEs that are still performing well and who are optimistic about their future. As an investor, there are still many very well-run smaller companies that represent strong value opportunities and exciting growth prospects.”
Recently, MBH Corporation PLC released its annual report for the year ended 31 December 2019, revealing that it achieved a sales growth of 306% to GBP 50.8 million (2018: GBP 12.5 million) and a net profit of GBP 3.6 million – an increase of 190% compared to the previous year (2018: GBP 1.3 million). It also confirmed its first dividend of EUR 0.5 cents corresponding to a dividend yield of 1%.
MBH’s target well established companies that are generally debt free, delivering around GBP0.5m-GBP10m EBITDA and are generally still run by their founders.
By leveraging its unique Agglomeration™ strategy, MBH can create substantial shareholder value through the consistent and accretive acquisition of excellent companies. With Agglomeration™, profitable companies convert their private shares into public shares or bonds in MBH Corporation plc at an agreed multiple.
Fixed for 365 days, company owners are then incentivised to accelerate their growth trajectory using the resources of the plc including expertise, skill transfer of best in class practices, cross-selling to other group companies and where appropriate, zero cost funding for new growth projects.
Each group company retains its autonomy by following appropriate Corporate and Financial Governance, and business owners are also incentivised financially to enhance shareholder value. As shareholders, they benefit personally from this.
•Luxury purchases will continue to increase locally in Mainland China as Chinese customers do not intend to travel abroad in the coming months, even if travel bans are lifted.
•Even though online purchases will strengthen post-COVID-19, Chinese customers still consider visiting the physical store to purchase luxury goods. One of the key reasons is the human interaction with Sales Advisors which is missing when shopping online.
•More than ever, Sales Advisors have a key role to connect the brand with customers however, their role may change. They will not only connect with customers in the store but also interact with them across various digital platforms.
How have Chinese customers appreciated the communication from brands during COVID-19? What about their intention towards travel now and the impact on their luxury purchases? What has changed in Chinese customer’s luxury purchasing habits and their relationship with luxury retail stores in particular?
To answer these key questions, Wisely Insights, the customer research agency of the Customer Experience Group, conducted a survey interviewing Mainland Chinese citizens who are consumers of premium and luxury goods. The research was conducted in May 2020.
Customer Experience Group CEO, Christophe Caïs shares: “We wanted to understand what matters most to Chinese customers now that they are recovering from COVID-19. What are the new trends and opportunities arising from this crisis? How can we better assist our clients to deliver greater customer experience to their Chinese customers?”
How has brands’ communication been perceived during the outbreak?
The Customer Experience Group and its agencies believe that the most successful brands are those who manage to create a memorable and emotional connection with customers. The Chinese customers surveyed validate this point as 73% said they expected brands to keep in touch during the crisis. However, there is a gap between what was expected by customers and the reality as only 51% remember having been in touch with brands during this period. Customers shared mostly positive feedback about the messages sent by brands (‘caring’, ‘appropriate’) but half of them regret that some messages were more sales-centric than customer-centric (‘message of support’).
What are Chinese customers’ intentions towards traveling now?
Chinese travelers played a huge part in driving the luxury industry’s revenue in previous years. With the COVID-19 outbreak, what are the travel intentions of Chinese customers and which country do they intend to visit?
The majority of Chinese customers feel safer in their country than anywhere else: 83% of respondents stated that they felt the worst of the pandemic was over in China, and 94% believe that China is safer from the virus than the rest of the world.
Consequently, Chinese customers prefer to travel domestically (within Mainland China) even when travel bans are lifted. Due to this, luxury purchases will continue to increase locally as domestic traveling is favored among Chinese customers.
How are Chinese customers adapting their purchasing habits?
Chinese customers (93%) are fully confident in China’s economic recovery. However, when it comes to their personal financial situation, roughly one-third of them raised concerns about their financial situation in the near future. Customers stated they will decrease their spending across most categories. There are two categories however that are less impacted with consumers expecting to spend the same or more than before on luxury beauty and high-end technology.
During the COVID-19 period, many customers purchased online, mostly from luxury beauty brands (78%) and they will consider purchasing online more regularly post COVID-19. Some of these notable online platforms used included the brand’s own website; Tmall.com; JD.com; and WeChat Mini Programs. Accordingly, brands need to further enhance their digital reach across these key shopping platforms.
What do Chinese Customers expect and what have they experienced so far when visiting stores?
Although online purchases will increase post-COVID-19, it does not mean that Chinese customers will give up on visiting stores for luxury purchases. Customers still report a much higher sense of luxury when purchasing in-store versus online.
Feeling safe is a prerequisite for customers visiting a store. Safety measures highlighted as the most important by respondents are masks worn by both staff and customers, as well as continuous sanitizing of the store after each visitor.
These safety measures should not be taken lightly by brands. Our report found that customers would immediately leave the store (98%), assess their loyalty to the brand (86%) and spread poor word of mouth among peers and on social media if brands did not meet health and safety expectations.
Furthermore, customers are highly interested in hybrid services where brands link their online and offline experiences. These hybrid services combine the benefits of both platforms: convenience, human interaction, less time spent in-store and safe environment with less crowded spaces. Initiatives such as in-store reservations and one-on-one shopping appointments can further enhance the customer experience.
Stephen Kelly, recently appointed the Chair of Tech Nation shares his insights on the Business Loan Scheme statistics
In recent months the UK government has made one of the great strategic investments. Arguably by accident as a response to extraordinary events. As the Treasury begins work on tackling the looming corporate debt crisis, it only needs to look as far as the Future Fund and its offer of matched funding, that if not repaid will convert into a share of the business, to find the solution.
Intended as an emergency shoring up, this measure could actually be a longer term masterstroke, and to make the most of this the Government should commit to businesses for the long term to support growth.
Clearly these are extraordinary times, and as such, call for some quite unprecedented measures that we may have never considered before; but our global competitors have been making similar investments for decades. Without heavy state backing, many Chinese technology businesses would have failed years ago. Boston Consulting Group’s 2019 report on tech investment found that China is the biggest driver of deep technology investment growth globally, with funding increasing at an annual rate of more than 80% from 2015 to 2018. Much of this investment is state backed. With a subdued domestic market, that investment was vital, but China has increasingly recognised the geopolitical opportunism and started to reach across borders. Take India as an example, where at the last count some 92 start-ups are funded by China-backed investments. China-backed firms now own majority stakes in nearly two-thirds of India’s known unicorn businesses.
The Indian trade ministry has had to respond, creating new federal rules to ensure that investments from bordering countries require government approval before going ahead. Some countries have gone further. In both Australia and France, FDI investment thresholds have been lowered.
The UK is responding too. Both the new National Security Investment Bill and the strategic folding of our overseas aid into the Foreign Office, show the Government grasping the mettle. Just as our FDI abroad may now be more strategic, perhaps we should also seek our own ‘FDI acceptability threshold’ to determine the maximum investment in a given UK sector or company. Investment in innovative UK businesses must be welcomed, but if the nation is at risk of ceding control of strategically important companies, the Government would require additional assurances, or otherwise block the transaction. It’s a fine line to toe.
This circles us back to the Future Fund, a crucial way of protecting our ideas by investing in them ourselves, thereby de-risking other foreign investment they might be receiving. The most recent extension of the Fund to include companies that significantly contribute to UK jobs and taxes, but which are foreign-owned, is therefore a logical extension.
Such Government intervention in the private sector is anathema to many, I understand that. The reality is that free-market economies are wonderfully productive and resilient when they co-exist together. Rub them up against overseas state-sponsored mercantilism, the picture can change very fast.
Rather than seeking to get the government out of the private sector as quickly as possible we need to look at it the other way. It could be in our national interest that they remain a long term partner and shareholder. Founders shouldn’t feel under pressure to pay back these loans in an arbitrary time frame. If they are, they risk making business decisions for the short term, not the long, and that will stunt the growth they could achieve. One of the structural problems in the UK is that, once at a certain size, businesses look to exit, often ceding their IP to foreign competitors. This is in stark contrast to the successful US mindset of long-term growth and global market leadership. It’s vital that UK businesses are allowed to grow and mature in their own time.
With a domestic agenda of levelling up, Government too will be mindful of the leverage now at its disposal as it pushes for growth. In 2019, 81.2% of UK tech investment went into high growth potential scale-up firms and the top 30 foreign funded tech companies in the UK created more than 5000 jobs. Before the corona crisis, the tech sector was growing at six times faster than the overall economy. By 2030, it is predicted that 50% of the economy will be tech, digital and creative industries. We’re already tracking over 2000 more scaling digital tech companies, many of which will be the unicorns of the future.
I don’t believe the Treasury started out with the intention of a new form of public private sector partnership but having committed the cash, the Treasury’s real imperative here should be to allow businesses to prospect, grow and mature. As such, they must be unequivocal in their role as a passive shareholder, allowing businesses to make the right strategic decisions for longer term growth.
Ex-Sage and Microfocus CEO Stephen Kelly is unique as a CEO who grew NASDAQ, FTSE100 and FTSE250 companies. He has held multiple non-exec directorships and is an early stage investor in over a dozen startups. Stephen has held Government positions, as Chief Operating Officer and the Prime Minister’s Business Ambassador. Stephen was announced as Chair of Tech Nation on 31st May 2020.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.