The deadline for submissions to the consultation on the implementation of the apprenticeship levy programme announced in the budget is on Friday. The questions asked indicate just how flawed the proposal is. As I said when I blogged on the skill proposals in the budget, the case for a return to 1970s style levies and grants is based on a model of off-the-job training which has been made largely obsolete by the rise of on-line distance learning and assessment to global, as opposed to UK-centric standards. The “killer” statistics used to justify the proposal (Figure 8 on Page 20 of “Fixing a Broken Training System) effectively “blame” the rise of employer driven Sector Skills Councils for a collapse in the number of “employees attending training outside their workplace” (alias classroom based FE Courses). They should instead be used to “blame” the Internet for changing the model of training used by those employers who take skills development seriously.
The proposal distracts attention from better ways of addressing our skills shortages and may help accelerate the trend to rely on supposedly skilled immigrants rather than consider those who are the “wrong” sex or colour or from the “wrong” University let alone retrain those whose legacy skills are no longer in demand or who are seeking to return to work after a career break.
I sympathise with those in the Sector Skills Councils who have been tasked to get employers views on how to try to implement this sadly mislead proposal and apologise for not making time earlier to ask those of you who read this blog to respond to their attempt to get employer inputs. I also strongly suggest you respond to the main BIS consultation. My own response, typos and all, is already available on-line . I would like to congratulate who-ever organised this facility as not only a welcome extension to open government and but also an encouragement to more rigorous proof-reading.
We regularly see headlines about skills shortages and hear employers complaining they cannot get the skills they need. Meanwhile they recruit supposedly skilled staff in India rather than unemployed UK graduates who are the wrong sex or colour or from the “wrong” university . Few even consider retraining those whose legacy skills are no longer in demand or who are seeking to return to work after a career break.
The problems are not new.
Studies every few years use much the same analyses to produce much the same recommendations. Few are ever implemented. Bottom up skills initiatives that succeed in meeting the needs of local employers, like the TOPS programme or City and Guilds 726, are killed off because they place students into jobs instead of onto other courses. Meanwhile schemes based on “national figures” often fail to fit local needs because so many “travel to work” communities do not fit “the national average”. Publicity for success, to enable it to grow organically, is commonly limited by the way public funding programmes work in practice. The problems are compounded by the rarity of business models that facilitate funding across the public-private divide from the recruitment/training budgets of employers or the agencies they use, let alone across the budgets of different funding agencies.
Hence my previous Groundhog day blogs leading up to the question of who really wants to break out of the comfort zone of Groundhog day and turn the UK into a global skills hub.
But there is good news. The Government has set ambitious targets although arguments about how to avoid a return to the failed training levy and grant mechanisms of the1970s are likely to prove a distraction from meeting these. We have a large and growing number of national and local skills programmes: from work experience, internships and careers guidance through and apprenticeships and vocational degrees to continuous career development and returner programmes. Some are excellent. But few MPs, employers or those providing or seeking careers advice, understand how they fit together, let alone which are likely to succeed, where or why.
Experience indicates, that success correlates with a focus on local needs – because these vary so widely: from areas where employers are competing hard for talent,(including trainees, (such as the Thames Valley) to clusters of high tech SMEs, needing fast-changing, innovative skills, adjacent to areas of high youth unemployment (such as Shoreditch and East London). SMEs in some industries now require all employees to have digital skills. Others need only one or two support staff. Rural areas often have high tech clusters, (like Suffolk with Martlesham). Then there are the new towns, (like Telford).
The information needed to plan and/or improve activity to meet local needs resides with a mix of local authorities and the employers active with the national and local sector skills councils. Hence the need for a bottom up look at strategies for achieving the government targets and creating a workforce fit for the evolving and changing needs of the 21st Century
I am therefore working on the pilot for a programme to help MPs make sense of what is happening in their own constituencies so that they can work with their local authorities, local employers and local schools, colleges and universities to achieve results. Given the pressures on their time and the effort necessary, that means identifying employers who employ staff across the UK and professional bodies and trade associations who are willing to encourage their local staff/members to help their constituency MP, and his or her staff, to stimulate local action. That action may be very different according to local needs and whether there are already vibrant local partnerships.
The immediate objective is to identify no more than three or four pilot constituencies to test the concept. The current shortlist, based on volunteers to date, includes Kingston and Surbiton, Telford, Eastleigh, Northamptonshire and Devon. Please let me know if you would like to help. I am particularly interested in hearing from employers who want to use the opportunity to improve their choice of local recruits – of all ages and backgrounds.
When the Prime Minister David Cameron reiterated his pre-election pledge to “curb access to pornographic web sites by under 18s” there was a widespread assumption that this only mattered to those providing access to such websites. I recently tried to explain why the approaches that would be used have the potential to transform the business models for advertising funded services. It is not just that almost every on-line retailer and content provider is potentially liable if they facilitate product (e.g knives, alcohol or tobacco) or content supply to those who are under age.
There are a growing number of businesses who need to check that customers are within a given age range (e.g. over five and under thirteen, over 60 or 65, etc.) but face a backlash (e.g. 2/3rd or more of transactions abandoned) if they ask questions which are seen as intrusive by those who no longer trust those they have never meet. It does not matter that some of the latter make irrational decisions, downloading apps which monitor their every move, while getting upset at the thought that their phone number and address might be in the hands of a stranger when all they wanted was to “prove” they were old enough to enter a night club.
Next week you have the opportunity to hear from those more expert than me as to why the tone of debate and the business models being considered by major on-line advertisers and retailers have changed over the past few months – and the implications. A world class line-up of speakers and panelists has been assembled for the seminar on On-line Checking next Tuesday (22nd September).
The format is unusual in that those from all sides, including politicians, on-line service operators and product and service suppliers have been juxtaposed in panels to discuss the issues, implications, business case and practical implementation.
The event opens with scene setting presentations from the UK Minister Baroness Shields of Tech City fame) and the relevant Head of Unit from DG Connect in Brussels. The panelists for the “proof of concept” discussion range from Mind Candy and JISC (hub for the UK educational networks) to OIX (the hub for HMG identity policy) and ISOC (where the issues are discussed globally). When it comes to the panels on data sources, business cases, links to payment and safeguarding, the participants include the Post Office, Barclays, Payments UK (the trade association for payment service providers), NSPCC, ATVOD (the content regulator), Equifax, Yoti (one of simplest and most disruptive of ID business models), Portland TV, Telecom2 and the Better Regulation Delivery Office.
There is not much time left event and the event is remarkably inexpensive (to enable social enterprises and cash strapped Fintech start ups to attend). I therefore recommend booking immediately. If you fail to do so you risk getting caught out when your complex and expensive Identity and Access management “solution” is rendered obsolete before you have got it working. Cheap, robust, anonymised age checking services are not just a way of placating politicians and parents. They “threaten” to transform the on-line world.
Recent surveys indicate that the “Millennial” generation is losing faith in the security of on-line players in the face of the growing flood of data breach stories. Those who stick their heads in the cloud of collective wisdom lack credibility compared to those who respond positively to the concerns of their users. The Amazon ban on Flash Adverts, because so many users are now blocking them because of security and response time concerns ,indicates how major players are responding to changes in customer behaviour. This also helps explain interest of major US players, from Disney to Playboy in the UK idea of using one-way data minimisation services as the basis of anonymised but robust age verification – to serve those who see no need to give their personal details to some-one they neither know nor trust, in order to visit an age-controlled website. I blogged on the business case back in April and was delighted when the Prime Minister not only made mandatory age verification, in the case of access to pornographic websites, one of his election pledges but repeated his commitment after the election.
That is only one of the use cases, but it gives a cutting edge to the approach now being explored by the DPA Age Verification group (e-mail DPA to join) in a BSI PAS. This has growing support from large internet advertisers: from childrens’ games, entertainment and education providers, through on-line gaming and adult entertainment, to those giving discounts to old age pensioners. The concept is simple: why should a girl who wishes entry to a night club have to carry a passport, potentially giving her name and address to the bouncers, when she need only carry a photopass with a QR code (such as provided by Yoti) which they can scan and their app will show she is over or under whatever the age is for admission. Feedback from mainstream credit reference agencies and financial services identity providers in providing necessary support infrastructure indicates that the concept can be applied cheaply and reliably on-line. Given that their business models already depend on combining, low cost, rapid, secure response (often while transactions are in progress) with higher levels of security than are achieved by almost any government agency, the consequences are profound.
Hence the growing interest in an event on 22nd September where the idea will be publicly explored. The presence of Mind Candy (alias Moshi Monsters) and Equifax among the lead sponsors indicates the range of serious commercial interest. The range of speakers indicates how the issues go to the heart of not only child safety but of national and international on-line identity strategies. They speakers include Baroness Joanna Shield, (once the Tech City Champion, now the responsible minister), Peter Wanless, (now CEO of the NSPCC) and Peter Johnson, (CEO of the on-line content regulator ATVOD). But they also include Don Thibeau, founder and prime mover of OIX, which lies at the heart of the Cabinet Office ID strategy, Pat Walshe (on the Kantara initiative) and Robin Wilton (ISOC global outreach Director for Identity and Privacy).
The event will be structured as a series of discussions which are expected to not only provide feedback into UK and EU political and regulatory policy but also into the commercial policies of some of the world’s largest on-line advertisers: from drinks, gaming and entertainment to on-line retailing (anyone whose product lines include age-controlled products) as whole. I suspect this may prove to be one of those seminal events that has a global impact. Book now or else for-ever hold your peace.
The difference between the costs quoted by BT for upgrading its legacy network and those quoted by its competitors for building new fibre networks puzzles those in Devon and Somerset who compare the compare the deal their council was being pressured to accept with those made by Gloucestershire and Berkshire with Gigaclear. They are right to be puzzled. It is not just because BT is saddled with cross-subsidising UK Sport and overhead charges which can treble its civil engineering costs. It is also at a massive disadvantage when it comes to access and wayleave charges, It is not easy for an outsider to unravel its costs but it appears these may well account for over half of them (and those of Virgin, Vodafone, EE or the other Mobile Operators) when it comes to new build, whether urban or rural.
Hence the pressure to update the Electronic Communications Code. But this will address only a fraction of the difference. The national agreement with Country Land and Business and the National Farmers Union, allows farmers to waive charges in return for services to themselves or the local community. This has been used by at least one of the “great estates” to provide better (fibre-based) services to rural business parks and other tenants than is available to its inner London properties. Far sighted local councils may allow similar uncharged use of their wayleaves, buildings, street furniture and in-house communications infrastructures (including CCTV, traffic management etc.) in return for service. Until Ofcom allows BT to exploit the opportunities available to its rivals, cannot match such deals. Its only option is to form partnerships with those who can. I hope to hear something of its plans to do so when I attend the INCA event in Bristol on the 15th and 16th September.
Even where BT has existing infrastructure sharing arrangements, as with the electricity companies, and wants to replace copper with fibre, it is charged fancy prices – because the electricity companies do not wants its engineers up their poles. There are similar problems with access to city centre rooftops on the part of mobile operators – because the risk of business disruption caused by damage to the equipment already there, perhaps serving high value applications in the building below, far outweighs any revenue.
Hence the need for a new look at the constraints on BT and go beyond “one size fits all” access and wayleave arrangements. When that happens we can cut the current estimates of the capital cost of replacing copper by fibre and of replacing mobile and wifi notspots by ubiquitous high bandwidth mobile (4G and 5G) by at least 50%, perhaps by as much as 75%.
The good news is that much of the necessary spadework in already under way. back in February I referred to the first meeting of a group of property owners and network operators to look at wayleave and access agreements that are suitable for inner city buildings in multiple occupancy. There are a number of issues to be addressed but the core message was that the value of giving tenants a choice of world-class services was far greater than any likely rental, but so too was the cost of any disruption to the services used by existing tenants. Several operators had, however, already agreed contracts with some some of the “great estates” and were willing to share these. With support from DCMS (a most helpful letter from the Minister commending the approach to other relevant players), a subsequent meeting decided to pool efforts with an exercises being organised by some of the London Local authorities consortium and the result is an exercise to use the BSI PAS approach to produce a package of agreements and clauses that will, hopefully, meet most situations and be suitable for adoption as guidance by players like the Law Society, the RICS and RIBA. If so, co-operation – with Ministerial support – will have achieved far more than legislation or regulation.
I am hopeful that the same group will also take a look at producing similar guidance for landlords and property developers regarding the equipment and cabling space they should allow for for the communications networks that will be needed to serve the tenants of “future proof smart buildings” – including rolling upgrades as tenants change, not just renovations and new build.
I hope that some of the great estates and landlords, not just property owners, will use the opportunity of the INCA event in Bristol to explore the potential for also co-operating with network operators and local authorities outside London so as to get better connectivity for their tenants at lower cost. In this context I include social as well as commercial and industrial landlords because providing low cost, high reliabllity fibre connectivity can help slash the cost of overcoming social exclusion and bring employment back to sink estates.
It was delighted to see the reference to Gigaplus Argyll in the article on Nicola Sturgeon’s launch of a new funding programme for rural broadband, funded from the state aid clawback mandated by the EU. As previous readers of this blog will know, our family croft is in the area to be served and I registered our interest some months ago.
One of the topics of discussion when I was on Mull earlier this month, (while waiting in vain for a data signal from the mast on the other side of Loch Scridain or a download over the wifi in the local pubs in Bunessan and Fionnphort), was the logistics of getting a signal to the Ross Of Mull and/or Iona. Local connectivity is not a problem, our neighbours have all the digging and trenching kit necessary for laying fibre and, as the B4RN team might say, building the network is “not rocket science, just a WAN in a hostile environment”.
Apparently the plan is, however, to trunk a radio service over the centre of the Isle of Mull through the area where the signals for the current BT, O2/Vodafone and terrestrial TV services are regularly degraded by storms and/or the equipment “taken out” by lightning strikes, pending the arrival of repair crews from the mainland, days or even weeks later. Hence the reason for basing support and maintenance for the new service on the island. The most hostile part of the environment for any community broadband service is, however, political – hence the importance of INCA and events like that in Bristol on the 15th and 16th September
If you are having problems with your broadband (urban or rural), write to your MP suggesting he ask who your local council is sending to the INCA events in Bristol to learn how to provide better service at lower cost, help attract the jobs of the future and promote social cohesion by:
- getting better value from their existing BDUK contract
- going out to competitive tender using the clawbacks available under that contract
- offering access to the council’s own infrastructure and wayleaves for next generation networks and providing help with planning and regulation.
The transformation of the UK broadband market over the past year is illustrated by presence of BT, CISCO, Microsoft, Virgin and Vodafone as well as City Fibre, Gigaclear, Hyperoptic ITS, Metronet, Callflow and Satellite Internet at an event that was originally intended to help use enhanced take-up of the broadband vouchers to pull through the City of Bristol’s plans to leapfrog Manchester and Leeds, let alone London, as a hub for inter-active media development and on-line creativity.
That event has now grown into a one stop briefing that is ideal for for the senior officers and politicians of any local authority, from parish to city or county council and those landlords and business park owners who are looking to work with their local Council or LEP to provide 21st century connectivity for their tenants. I also commend it to large business users who are getting pissed off with the way their needs are being ignored by those who assume they afford leased lines for their many sites (some on every high street or forecourt) and home-based users (who may need secure, inter-active global access to complex design and technical information). It should be a great opportunity to make contact with policy makers who might listen, as well as those who would love to be on your short list of delivery partners or alternative accommodation sites.
On the morning of the 15th there is a half day workshop on the voucher scheme for local business followed by a technical showcase (in the afternoon) with many of the potential suppliers and operators. I plan to use the showcase to check whether, as I have been told, all the new suppliers are using IPV6 compliant equipment: i.e. the conversion problems are to do with the legacy equipment and systems of the incumbent operator plus, of course, the legacy applications that major fintech players (for example) are anxious to start converting and testing before they are shredded by overseas competitors.
On the 16th there is a get together of almost all the major players, including the CEO of BDUK, the heads of Broadband Policy for DCMS and BT and the CEOs of many of the alternative network providers. The latter now appear to be in a position to provide local fibre or high speed wireless connectivity to most of the UK for rather less than is currently being quoted by BT. I say “currently” because I anticipate that we may hear that BT is about to change its approach and work with alternative network providers rather than compete.
There is a good reason for such a change of strategy on the part of BT.
It is, financial, akin to the reason why Telia became largest customer of Stokab instead of trying to block a shared municipal network, as BT did with Birmingham. BT and Virgin quietly dropped their case against the Commission for approving the Birmingham plans, because neither can afford to upgrade all their fixed, mobile and wifi infrastructures (including those needed by EE) to give adequate service to IPTV customers, at the same time as subsidising the salaries of the premier league footballers and other sportsmen on whom they are relying to attract new customers. Virgin is about to double its broadband speeds but also appears to be looking at partnerships akin to that which Talk Talk and Sky have in York. Meanwhile, the rocketing traffic being generated by local fibre operators, let alone wifi hotspots and 4G services, is placing increasing strain on BT’s creaking back haul services and it is losing business contracts, like the Defence Fixed Telecoms Service.
It therefore makes sense from BT to focus on that which it does best – provided Ofcom allows it to make money from doing so – i.e. regulating on price and competitive behaviour and not return on capital.
If so, we can predict the consequences.
As in Sweden, the networks of future will be organised and paid for by communities which want globally competitive connectivity, while the former incumbent focuses on linking these to the outside world. Over time it then takes over the operation of the local networks: commonly under contract, so that it does not have to spend shareholders funds to buy them out. Interestingly Teliasonera not only now runs Stokab but disposed of its context operations on the way. This is also akin to the way the UK telephone and telegraph network were created in the first place – municipal enterprise that was nationalised only so that the government could eavesdrop during the run up to World War 1!
As with other INCA events, that in Bristol will be a great opportunity to listen to those who will be crating that future (or another one, or a kaleidoscope of competing futures!). I therefore look forward to meeting representatives from local government who are looking to use the event to learn how to get best value from the 129 million, and rising, of state aid claw back (required by the EU before it would approve the BDUK contracts), and to ensure that local access to world class broadband helps their residents get the jobs of the future, not just surf the net a little faster or watch a wider selection of sport over their smartphone instead of their TV or PC.
The event is, of course ideal, for those authorities looking (as all should be) to go to open tender to serve those left out of the broadband extension plans to date. The scale of the claw back indicates that the 5 million of broadband advertising paid for by BDUK was not wasted state aid – provided of course the resultant claw back is not simply handed to BT. If it were, we could see a number of global law firms having a field day at the expense of BT, HMG and/or a selection of local councils . It is, however, also apparent that the claw back is geographically uneven. Those councils which drove hard to secure both rapid roll out and subsequent marketing and take-up, (not just spend and the achievement of nominal targets for properties theoretically passed), look set to get most. Those which go out to tender and are robust in their response to attempts at arm twisting can also be seen to have got better service from BT (as happened with Essex). It will be interesting to see what happens with Devon and Somerset now that their small business communities have become engaged alongside local MPs.
I have enjoyed watching INCA grow from a collective of vociferous community broadband enthusiasts into an embryonic trade association with almost every would be community broadband provider (from B4RN to BSkyB) in membership or in the process of joining. I also look to hearing more about its planned services to help Councils get better value for money
However, one of my main objectives in Bristol will be to pick up ideas to help the candidates for Mayor of London to offer credible policies to prevent the “Southern Powerhouse” from falling behind its global competitors when it comes to business and mobile connectivity. I have nothing against the other Cities of the United Kingdom trying to leapfrog London into the 21st Century. I would just like to see London return the complement – so that municipal enterprise and competition helps achieve what state planning never has – world leadership of the type we had in the 19th Century.
A couple of weeks ago I blogged on why insurers regard Big Data as the new asbestos: the source of massive claims triggered by the leakage and legacy of a useful but widely misunderstood and mishandled technology. I referred to the importance of the Long Finance study on cyber reinsurance that was about to report.
The report is now available on-line and I strongly recommend that CIOs (let alone CISOs) read it before it is drawn to the attention of their CEOs and main board directors by the company secretary. The Lloyd’s Market Association Cyber Attack Exclusion Clause (CL380) and the Non-marine Association’s Electronic Data Exclusion Clause NMA2914 probably mean that the organisation is no longer covered for cyber-risk. Serious cover for cyber-related property damage, business interruption and third party liability is difficult to obtain at reasonable cost, especially for a financial institution or an on-line retailer. Damages for the theft of intellectual property are also probably uninsurable.
The John Herrman’s blog entry “Welcome to the first day of the rest of your internet“, takes quick look at the consequences of the on-line posting of the data hacked from Ashley Maddison . These can be placed in context by the growing press cover of the leaked details. for analyses. The potential for legal action illustrates why the cyber insurance now on offer (sometimes called “cyber gap insurance“) is commonly now confined to the legal and administrative costs of notifying customer in the event of a breach market and/or the implementation of a pre-agreed incident management plan. The total UK cyber insurance premium income for this market is said to be little more than the $148 million (barely 25% of which was covered by insurance) of provisional costs included in Target’s second quarter results last year for a single data breach. Those who think insurers will be impressed by “maturity models” should consider the way that Apple’s controls were bypassed in the course of the Celebgate affair. They are more concerned about who might attack the organisation and/or system and why.
Now let us look at the growing scale of the breach of the US Inland Revenue Service systems. The underlying causes of the feuds between the Government Data Service and the rest of Whitehall become to become apparent. The enthusiasm of the GDS greatly impressed the the digerati but not those concerned over the potential of using services like Verify to aid serious fraud or their ability to more reliably identify the socially and digitally excluded or semi-literate (i.e. users aged more than about 35, let alone those over 65) than the derivations of the legacy alternatives used by the banks and those handling medium to high value transactions.
How long will it be until evidence of the growing erosion of confidence in the security of the on-line world , coupled with the inability to insure against third party liability, leads to serious collective attempts to provide users with the protection they want. Until then the arguments in the Long Finance report for a Cyber-Catastrophe Re-insurance pool (to handle systemic risk) should concentrate the minds of those, like main board directors, who are being expected to take responsibility for the irresponsibility of digital enthusiasts.who have forgotten the need for “user friendly” systems that are secure by design – not by afterthought or accident.
Joe Garner, the latest CEO of Openreach, put up a competent defence when interviewed on the Today programme this morning in a follow up to the listeners’ complaints covered on Saturday. His answers, nonetheless, indicate that it is probably only a matter of time before alternative suppliers, from Gigaclear to City Fibre replace BT as “infrastructure supplier” of choice for communities where there is a critical mass of business users who need (and will pay for) fast, reliable, world-class connectivity. If so, we can also expect current quad-play models to be amended with “infrastructure suppliers” offering menus of content providers – akin to the choice of search engine or browser on your PC. The way Ofcom uses its powers to ensure effective and informed consumer choice will, however, be critical. Hence the importance of its Strategic Review and the need for a wide and balanced range of inputs – not just “the usual suspects”. .
Garner’s comment that services to the final 1%
can never be economic, because some do not even have a power supply, led to questions by Justin Webb about the connectivity on offer to Birmingham, Bristol and South London: on which Bob Neill MP for Bromley and Chislehurst (and chair of the new all-party group for London) has requested a meeting with Ed Vaizey . Meanwhile one of the Conservative Candidates for mayor, Syed Kamall MEP already has London’s mobile and wifi not-spots on his agenda.
I have been catching up on e-mails since returning from a break in our family croft, with line of sight to a mobile mast on the other side of Loch Scridain but no mains power supply (we use solar panels and a generator for lighting, power tools and charging the batteries of laptops and smart phones). Until a few years ago I could access e-mails (albeit slowly and with frequent restarts). Now, thanks to modern bloatware, even my smart phone cannot download more than the headings – on those days when we can get a data signal at all. Meanwhile in the local wifi hot spots it is common for my mobile to indicate “emergency phone calls only” and the pub wifi is, at best, too slow for a Windows 8 laptop. The area is outside BT’s upgrade plans and I have registered with Gigaplus Argyll.The situation was little better across most of Dumfries and Galloway, where we took a break on the way home, although my son (who had joined us for a couple of days) was finally able to complete his Fantasy Football entry over a wifi connection in Kirkcudbright. This time webdid not even try to use our mobiles on M6.
Things are, however, beginning to change in a number of directions – particularly with regard to availability of those competent to install and maintain modern networks. Joe Garner said in the Today Programme that BT Openreach has been expanding staff training in order to reduce reliance on sub-contractors (implying that competition for the latter had become a problem). Meanwhile HyperOptic switched to training their own installation and maintenance staff because of quality, as well as availability, problems with sub-contractors. This has had the added benefit of a sharp improvement in relations with property owners and managers and in the willingness of the latter to not only enter into access and wayleave agreements but to take the initiative in opening discussions on the provision of fibre, whether to high-value tenants who want world-class access or to “social” tenants who need reliable, low cost support. There is a message here for those who expect government legislation to help solve their problems with access to buildings and/or rooftops in order to address urban not-spots.
“World class” raises the question of IPV6. The lobbyists for the main networks still claim there is no demand and Ofcom has said it is not necessary while promoting technologies for which it is essential. Meanwhile players like IFB have to meet the needs of their Oil and Gas customers in Aberdeen who are standardising globally. There are signs that a similar situation is about to happen in London, with innovative Fintech companies, moving direct to IPV6 in order to met the needs of emerging markets, putting those with legacy applications to convert at a significant disadvantage. Until this month, the bulk of UK IPV6 traffic was over JANET and volumes reflected the academic terms. That changed with the launch of the Sky pilot. Traffic is already double that of any previous month this year and mounting. So what is in it for Sky customers? At the basic level, they get up to 40% faster response from those applications, like Facebook which have already converted.
In short the digital divides in the UK have been deepening over the past year, leading to ever more anger on the part of those left out of current programmes. Those divides may, however, be about to change with those deploying lower cost, higher reliability fibre networks also transitioning their customers to IPV6 as part of the connection process. If it is correct that the INCA members presenting in Bristol later this month could provide fibre to 17 million UK customers, provided they are given a level playing field (and thus access to commercial finance), then those stuck with Openreach could end up on the wrong side of the divides.
I doubt that will happen because the shareholder pressure to break up BT and halt the cross subsidy of the Premier League would be irresistible. But “we live in interesting times” and the impending mix of consultations and select committee investigations will give plenty of opportunities for muckraking and mudslinging. Meanwhile also we need to quietly expedite the incremental UK transition to IPV6, lest we face a very expensive hiccup around the end of this parliament. It helps that almost all the equipment installed since the last election is compliant. The problem is the address lengths in the application software – a bit like the date lengths that caused the Y2K non-problem. The solution is the much same – a boring but essential audit job to ensure that no users experience problems. The difference is that this can be taken over time, provided the main ISPs have converted. The good news is that sharp rise in IPV6 traffic over Sky after it took a lead may well concentrate the minds of others. The bad news is that some parts of the UK, like the City of London, may well have less time than we think.
The immediate headline question is, however, “How many of the councils in receipt of the BDUK state aid clawback (130 mill ion and rising) will use that to go out to open tender for proposals to meet the needs of the final 5%?”.
If BDUK learns from past experience and BT is forced to compete openly for the resultant business, we are likely to see a variety of different funding models emerge, including local partnerships involving BT and its main competitors where they need to co-operate in order the provide the performance and resilience needed. At this point the requirements of some regulators for critical systems to be backed up over networks that may well (and should) inter-operate but are not critically interdependent, should be used help preserve competition.
There is a growing gulf between those who think insurers should give discounts to those who follow “best information security practice” (whatever that is) and underwriters who have been burned by breaches at US retailers (for example) with supposedly “mature” approaches to security. “Cyber” is now routinely deleted from mainstream theft, business continuity, libel or product, professional or director’s liability insurance and underwriter are more concerned whether the operation is at risk of a sophisticated attack using insiders (innocent or otherwise) to bypass technology-based defences.
Most of the policies on offer cover only the cost of implementing a pre-agreed incident management plan: e.g. to minimise the damage when customer data, content and intellectual property right are compromised or a network or cloud goes off air, whether as a result of criminal activity, terrorism or digititis. The reason is the cost of recent US data breaches: $200 per record compromised: to notify those at risk, reissue credit cards and make the changes necessary to retain PCI-DSS status. There is also a test case which implies that, in the absence of evidence of actual financial loss, $1,000 (or pounds) is a reasonable figure for the hassle and distress to an individual whose personal information has been compromised. Now consider the potential cost of a data hack on an organisation where the identity of the users, let alone their credit cards, personal records or transactions is sensitive – such as : AshleyMaddison.
For all the talk of “Big Data” being the new “Oil” and “Cloud” being the way forward, it is now almost impossible to get insurance cover for the potential third party risk taken on by those who accept liability. And why should any of us trust those who do not .[Hence also the big question mark over the value, if any, of identities issued or recognised by government]
Now let us take a quick look at the murky world of product liability where software has long been excluded as ‘service” not a product” but is increasingly embedded in products. The well-publicised use of hacking into an in-car entertainment system to take charge of many of the controls illustrates the risks now being run with the world of interconnected (and insecure) everything. No wonder insurers are steering well clear.
Meanwhile the value of using “Big Data” to support the current surge in on-line advertising has been called in question by reports showing that almost half is blocked and three quarters is designed for PC users while well over half the target audiences already spend most of their time using smart phones. The backlash is under way.
That message has yet to spread from insurers to the world of “Big Data” enthusiasts, eager to collect everything possible about current or would-be customers. But the EURIM (now DPA) studies before the 2010 election on the Unlocking the Value of Information and Security by Design are now most apposite. The current DPA exercise on the use of data minimisation routines for Age Verification has strong government, as well as growing industry support: see the Hansard report of the ministerial response on the second reading of Baroness Howe’s Online Safety Bill 2015.
The good news is that players like IBM and BT are making massive investments in security training and services, not just security technology. The figures for IBM are not public but BT already employs six times as many full time security staff (3,300 in total, 1,700 the Security Division) in as Google (500) and its Security Academy (lead sponsor of the Cyber Security Challenge schools challenge) is by far the UK’s biggest “cybersecurity” trainer outside GCHQ and the Defence Academy.
Hence the importance of the Long Finance “Cyber Catastrophe Reinsurance” study to the wider “Digital” Community, not just to the participating insurers and those who work with them to help manage and reduce risk – as opposed to those who merely sell cyber-security snake oil to the rest of us.