If you are having trouble viewing this email, click here to view this online



   ISSUE 46

13 May 2015

Article of the Month  Around the World

Plethora of data


Gone are the days where the only means to connect to the Internet was through the use of a desktop personal computer connected through a land telephone line found at only predetermined places. With the current evolution in microchip technology, a wide availability of new and innovative technologies is now readily available. Technology such as mobile phones, tablet PC, laptops, etc., has changed the landscape of how we perceive what the Internet is, from a global system of interconnected computer networks, to an "Internet of things� has arrived. This has enabled services, which were once never thought possible (through a seamless integration between devices and the applications present within it) are now present.

These services are now a reality because of the deployment of technology that has enabled faster internet, from a dial up mechanism to wireless broadband technology such as 3G and to now 4G. This has ensured that the accessibility of the internet has become ubiquitous. The evidence is now prevalent, by the convergence of social, mobile, and cloud software readily available on any single piece of technology, be it mobile to hand held PC.

In order to obtain a competitive edge in the market, in today�s growing economy; businesses are in leaps and bounce trying to use this flexibility present in today�s technology, which heavily utilizes the Internet, to optimize what IT can bring to business. This enables business with an innate ability to provision and/or de-provision resources to meet business needs, for example seasonal demands, so as to be able to reduce cost but at the same time service more customers. This is not a utopian idea, as stated by Gartner in their 2013 Chief Information Officers (CIO) survey, where "55% of CIOs indicated that they would source all their critical application in the cloud by 2020"[1],

The result is an upsurge in the amount of data that is in constant circulation in this network of networks known as the Internet. Today, data is more deeply woven into the fabric of our lives than ever before. As such aspirations to use data to solve problems, improve well-being, and generate economic prosperity is fast becoming a reality. The collection, storage, and analysis of data is on an upward and seemingly unbounded trajectory, fueled by increases in processing power, the catering costs of computation and storage, and the growing number of sensor technologies embedded in devices of all kinds[13]. Technological advances has also have driven down the cost of creating, capturing, managing, and storing information to one- sixth of what it was in 2005. And since 2005, business investments in hardware, software, talent, and services have increased as much as 50 percent, to $4 trillion. [13]

However, with the increase in speed, frequency and complexity by which transactions are processed, data trails have become a labyrinth of information which at times would be difficult to navigate through. On the face, it could seem an overwhelming unsurmountable task in trying to collate, compile these Big datasets, Coined Big data. Big datasets are �large, diverse, complex, longitudinal, and/or distributed datasets generated from instruments, sensors, Internet transactions, email, video, click streams, and/or all other digital sources available today and in the future�. The task, of focusing on what are the bare minimum amounts data that a corporate needs to harvest in order to provide time-critical up to the mark information verses managing resources and the corresponding escalation of costs to store and mine these data, could seem a daunting task.




The use of Business intelligence seems to be a viable solution. According to Forrester, Business Intelligence (BI) is �A set of methodologies, processes, architectures, and technologies that leverage the output of information management processes for analysis, reporting, performance management, and information delivery. Research coverage includes executive dashboards as well as query and reporting tools.� [6] BI has come to represent analysis and reporting, that were traditionally used in determining trends in historical data, but the results of which are presented in a way that even a laymen could understand. In 2013, according to Gartner, BI and analytics software had grown by 8 % in 2013 [8].
As a result, organizations utilizing BI have now the ability to make truly informed management decisions. These results in the days of intuitive style management decisions are being gradually faced out. In the present economic climate, as a fact, organizations know that an analytical-driven approach into these data sets could provide valuable insight into customers, processes and business patterns to better drive real-time decision and actions in every corner of the organizations. As such, blue chip corporations invest in analytics system, so as to gain a deeper understanding of information that are readily available, such as which areas in a county have higher insurance claim, lending patterns, buying trends, product profitability, etc. in order to make smarter decisions that are critical for them in relation to the specific business in order to be competitive in the ever changing market conditions. �Data is now available faster, has greater coverage and scope, and includes new types of observations and measurements that previously were not available.� [14]

However the methods or means of how best BI analysis can help transform or break new grounds for businesses are still in its infancy and are a challenge even for top organizations. According to Forester, many instances are noted where projects that analyze big data have been abandoned, the reason stated is that the use of big data is like �finding the proverbial needle in the haystack�; �gaining insights that was never known�; �discovering new patterns�, �however, such successes don�t start with a data scientist or other expert simply �exploring� the data or running random algorithms. Sure, such techniques will yield results, but without context, there is no way of telling whether these are noise or signal� [9] It further stated that �a lot of time typically gets wasted on aimlessly �wandering about� amid the data, trying to see what there is to be seen. In either case, projects are either quietly abandoned, or funding doesn�t get renewed.� [9] So much so that at times the possibilities that this could be the enabler to business would seem a moot point. Even if business were to use data scientist whose sole purpose was to crunch numbers to deliver the much anticipated insights may not be able to meet the expectations, as oppose to a seasoned businessmen knowing the ins and outs of his trade can deliver.

However International Data Corporation (IDC) states that � the Big Data technology and services market will grow at a 27% compound annual growth rate (CAGR) to $32.4 billion through 2017 - or at about six times the growth rate of the overall information and communication technology (ICT) market.�[5]. Business still knows that if used correctly this new immerging fascination could be the proverbial Aladdin�s lamp which could open new avenues, that could be valuable insights in to the next possible fad. For example, say on any particular day, a typical parcel delivery organization would need to deliver packages to 147 destinations, including businesses, homes and pickup locations. The said parcel delivery organization could plan this in the most efficient way, while meeting service levels (including business closing times, premium services, and so forth). Jet engines and delivery trucks can now be outfitted with sensors that monitor hundreds of data points and by using advanced optimization, traffic forecasting algorithms and weather forecasting techniques, management can improve profitability by finding the best possible route (or shortest path algorithm). UPS had estimated that saving just one mile per driver, per day, is worth a total aggregate of $50 million a year [3]. Or the Jet engines� and delivery trucks� automatic sensors can send automatic alerts in order to support a flexible maintenance program/ based on real-time data to reduce maintenance costs [16]. The Rolls-Royce had stated that by the use of this sort of analysis of data to predict engineering and maintenance, reducing customers' costs. Smart data analysis enhanced Rolls-Royce's service strategy, which now represents over half its revenue [10]

The Centers for Medicare and Medicaid Services in the United States have begun using predictive analytics software to flag likely instances of reimbursement fraud before claims are paid. The Fraud Prevention System helps identify the highest risk health care providers for fraud, waste and abuse in real time, and has already stopped, prevented or identified $115 million in fraudulent payments �saving $3 for every $1 spent in the program�s first year [15]

Still care should be taken, for the promised opportunity of these technologies goes hand-in-hand with certain risk arising from possible violation of privacy to consumer that arise in the process of using data that are collated from these technology. In the past, retaining physical control over one�s personal information was often sufficient to ensure privacy [13]. But with the growth in technology this may not be the case. Documents could be destroyed, conversations forgotten, and records expunged. But in the digital world, information can be captured, copied, shared, and transferred at high fidelity and retained indefinitely. [13].For example, in a case of mobile payment mechanism, a mobile service provider could potentially keep all cellular locations update information as opposed to just keeping information on calls or text transaction, or in a case of e-commerce, an Internet service provider (ISP) could keep logs of all sites visited by users for a much longer period of time, for trouble shooting or caching purposes. As users are unaware of the volume of personal data retained by entities for various purposes, particular note should be made as to how much information can be inferred from transaction data that end users would like to keep private and not made available indiscriminately. As such, a question arises as to who has access to these data sets, or who is using and how? For in the above examples, if in the course of business, the company in question that deals with e-commerce wanted to collate the information gathered form its customers in order find out buying patterns, outsources the process of analyzing of these pieces of data to another firm, risk arises as to how safe are their processing infrastructure. Whether they in turn are wary of issues such as data leaks and whether adequate steps were taken by the outsource firm, to ensure the safe protection of these data. [12]
However, corporate have an advantage against class action law suit, as persons claiming a breach of privacy, would have to first quantify the value of privacy. Therefore, in order to succeed, one would have to prove that the person in question had in fact suffered financial loss due to the breach of confidentiality of information. This fact is made severe through the fact that the computer crime Act No. 24 of 2007, of Sri Lanka, does not cover data protection and as such, use of personal identifiable information for other purposes other than for what it was intended, would not be a felony, much less a punishable crime.
I feel, data as a valued asset is undermined, when organization could put a value on data held and explore critically the role that data is used for and how it has a key stake. Then steps could be taken to enhance how we manage confidentiality, integrity and availability risks that are associated to them, as done with any other tangible asset.

By: Kumar Manthri

Kumar is an information system audit and assurance professional, who is currently working as an Assistant Manager - IS Audit at SJMS Associates, Independent Correspondent firm to Deloitte Touche Tohmatsu, and the Vice President of ISACA Sri Lanka Chapter.




  [1] Gartner, " Predicts 2014: Cloud Computing Affects All Aspects of ITPredicts 2014: Cloud Computing Affects All Aspects of IT", 15 October 2014
  [2] Gartner, "Big data and analytics strategy essential ", 15 October 2014
  [3] Gartner, "Gartner Business Intelligence and Analytics Keynote, 2014",15 October 2014
  [4] Thomas Schaefer, Michael Hofmann, Peter Loos, Peter Fettke , �Selecting the Right Cloud Operting Model�, ISACA
  [5] IDC, � Big Data and Analytics� , 2014
  [6] Forrester, �business intelligence�, 2014
  [7] Dataversity, �Distinguishing Analytics, Business Intelligence, Data sicience� , 2014
  [8] Gartner,� Gartner Says Worldwide Business Intelligence and Analytics Software Market Grew 8 Percent in 2013�, 2014
  [9] Forrester, �Why It's Important To Start Every Big Data Project With A Question�,2014
  [10] Forrester, �What Can Big Data Do For You?� ,2014
  [11] Biswajit Mohapatra, Vinay Parisa, Joydipto Banerhee , �The Value of Big Data Analytics to the Business�, ISACA
  [12] Financial Management, October 2013, �Terror Bytes�, 2014
  [13] Executive Office of the President of the United States, May 2014, February 2015
  [14] Liran Einav and Jonathan Levin, �The Data Revolution and Economic Analy sis,� Working Paper, No.
19035, National Bureau of Economic Research, 2013 www.nber.org/papers/w19035

Viktor Maye Schonberger and Kenneth Cukier, Big Data: A Revolution That Will Transform How We Live, Work, and Think, (Houghton Mifflin Harcourt, 2013)




�..In the aftermath of Edward Snowden's revelations, the National Security Agency has "reached a point where a single individual can cause catastrophic harm," said NSA's first chief risk officer, Anne Neuberger.....�


  Money on the mind of security pros

'....In Computerworld's recent salary survey, it laid out what information security professionals are worried about and what is the state of their salaries and total compensation. Here are some highlights of what security professionals had to say...'


Healthcare Data Breaches From Cyberattacks, Criminals Eclipse Employee Error For The First Time



'...Cybercriminals and nation-state actors are indeed targeting healthcare organizations for their valuable data: cyberattacks and physical criminal activity now have officially surpassed insider negligence as the main cause of a data breach in healthcare organizations....'


The Apple Watch and our cyborg future


'...My first week of wearing the Apple Watch has transformed my thinking about the direction of mobile and wearable computing.

It has become clear to me that we're all becoming cyborgs. A cyborg is a person whose normal human abilities are enhanced or magnified by technology. This is different from a person who uses technology as a tool....'

Highways England signs three year end user computing deal with CGI

'...Highways England (formerly The Highways Agency) is bringing in CGI to support a major IT refresh at the organisation, and support its transition from a government agency to a government-owned company.....�

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in April 2015
 Statistics - Sri Lanka CERT|CC

Hybrid IT � What/Where/Why/How? By @CenturyLink | @CloudExpo [#Cloud]

'....Hybrid IT is an approach to delivering IT services that matches business requirements and application needs with different IT deployment modalities.
In their session at 16th Cloud Expo, Jeff Katzen, Director of the Cloud Practice at CenturyLink, and Gary Sloper, Area Vice President, Sales Engineering and Operations, at CenturyLink, will go into more depth around those different modalities and how customers have made decisions to choose between them...'



'...Public-private partnerships are the key to robust national cybersecurity, according to Peter Fonash, chief technology officer for the Department of Homeland Security's Cybersecurity and Communications Office. Still, they're unlikely to happen until both sectors can communicate better....'

Google expands Android One program to Turkey with $262 handset

'...Google is changing up the playbook with its Android One initiative to bring low-cost, standardized Android phones to emerging markets.

On Tuesday, the company announced an Android One phone for Turkey that will retail for $262; far above the many sub-$100 handsets previously introduced. Turkey is now the seventh region for the Android One program, joining Bangladesh, India, Indonesia, Nepal, the Philippines and Sri Lanka....'

Apple, Alibaba thrash out details of Apple Pay launch in China



'....Apple is in discussions with Chinese banks and Alibaba over the potential launch of Apple Pay in China.

Apple CEO Tim Cook landed in China on Monday, visiting in order to promote Apple's new environmental initiative in the country. The new scheme is focused on the protection of forestry and promoting renewable energy, and may protect up to one million acres of managed forests used for pulp, paper and wood the company uses....'





'....China�s military released an ominous warning on May 10, telling troops and the wider public that network-connected wearable devices pose a national security risk when used by military personnel.....'

Notice Board
  Training and Awareness Programmes - May  2015
- 5th - 8th -05- 2015 IPICT Training IPICT Skills Center Colombo 08
11th - 14th - 05-2015 Content mapping ICT Branch
18-05-2015 Office 365 Training 'Microsoft' Sri Lanka Auditorium
18th - 21st - 05-2015 Preparing contents for Tamil medium subjects ICT Branch
19- 05- 2015 Awareness on IPICT Conference room, ICT
23rd - 24th - 05-2015 Capacity development programme CHPD.

Brought to you by: