Month: December 2014

Machine to Machine (M2M) and the Internet of Things (IoT) systems seem to be the top of the hype. Massively deployed M2M systems are promoted as the next “big thing” for the telecommunication world. At the same time, endemic security issues in the industry are raising concerns about the risk M2M imposes on our LTE deployments. This risk might threaten the vision of an expansive M2M deployment. What are the realities to the M2M security risk? Here are three things that would help clarify the real risk.

First, be mindful that we’ve been living the “connected world” of M2M since around 1994. Once the internet model emerged as the dominate force in telecommunications, innovators found ways to interconnect machines to benefit of their endeavors. People think of Nest thermostats as something new, but MIT had every thermostat wired in the late 90s. People think of the connected car as new, but On-Star was deployed and running in 1996. Moore’s law has continued to push the computational power/size factors to where today the “machines” are flexible, wearable and will soon draw power from the environment. What has changed is the cost, size, and connectivity. 3G and 4G deployments are allowing for new M2M deployments that were not possible before. The M2M security risks in the late ‘90s are no different from the risk today. Cyber-criminals will and do break into M2M devices and use them for their criminal activities. The M2M “security risk” is not a new risk, just one that has evolved with the mass deployment of M2M.

Second, recognize that cyber-criminal forces have no real deterrence. The threat of criminal abuse of M2M systems is real. But the people who break into M2M systems, when caught, cannot be legally prosecuted. All cyber-crime is international. Cyber-criminals build “criminal clouds” out of violated equipment, launch their crimes, and face no consequences. The “white hat” community will find these “criminal clouds,” tear them down, blog about them, use them to sell more “security products,” and then look for the next one. In the meantime, the cyber-criminal takes a break, learns from their mistakes, builds better tools, and then builds a better “criminal cloud.” As more M2M devices get deployed, the threat from the criminals to violate and use these devices for their criminal activities is real and just a matter of time. This is a dysfunctional economic cycle which increases the cost of business. But there are no easy answers. Organizations with M2M deployments need to put security as a top priority. Security professionals need to track down and dismantle criminal clouds and malware systems. This means that creating totally safe systems is never going to happen.

Finally, plan on one to two M2M system criminal “security incidents” for each calendar year. Yes, plan for the security break-ins. Expect them to happen. Given the threat vector, organizations that plan on effective M2M deployments need to stop thinking they can stop the criminal violation. There are tools to make the system more resilient, but there are not tools to make the system absolutely “secure.” Planning for a security break-in has two principal factors. First, the organization’s team needs to have a process to detect and react to the security violation. Proactive planning is critical. Second, have the tools ready to reset, patch, flatten, and rebuild the entire M2M deployment. Traditional vulnerability patch management does not work when managing tens of thousands of M2M elements. The lessons learned in big virtual and cloud deployments are directly applicable to massive M2M deployments.

What should a telco do to be ready for the security risk of M2M?

First, don’t avoid M2M and the IoT. Dive in full speed with profitable business models. Security issues are factors that need to be a priority with the design, but should not be a barrier to profitable deployment. As mentioned, the movement towards M2M and IoT is not new. Telecommunications companies should leverage their network investment to facilitate and benefit M2M deployments.

Second, have a health security relationship with your vendors. Companies building M2M need to think security as an integral part of their solution. This checklist is a tool that can validate whether the M2M vendor has the “security clue” that will allow for a successful deployment. “Success” in this context is an M2M solution that can survive two to three break-ins a year.

Third, build an M2M system that can be flattened and re-built in a pervasive network that can be compartmentalized. In the cloud and virtualized world, flattening a system is where you delete everything down to the base microcode, load new updated operating systems, and then deploy the configuration. This approach allows for rapid and scalable upgrade through the entire virtualized infrastructure. This same approach can be used on thousands of small systems in a massive M2M deployment.

M2M and IoT are realities of the our network today. The pervasive security issues are critical but manageable. Don’t wait.

Submitted by Barry Raveedran Greene

Ensuring universal broadband connectivity, especially in landlocked nations, depends not only on creating affordable international backhaul – it also about creating the right political, regulatory and market environment for investment, liberalization and competition, concluded this lively, informed panel ably moderated by Abu Saeed Khan, Senior Policy Fellow, LIRNEasia.

As Doug Madory, Director of Internet Analysis, Dyn Research, pointed out, from a purely technical perspective, when it comes to creating an ICT hub, there is little difference whether a country is landlocked or on the coast. Switzerland is as fully connected as any the nation on earth, despite being far from the sea, its status as an internationally- renowned banking hub meaning telcos invest heavily to ensure its network reliability. Why, then, should this not apply to similarly geographically-challenged countries such as Bhutan or Afghanistan?

Exploring the factors in play, Zaur A. Hasanov, Director, Trans-Eurasian Information Super Highway Project, did not ignore the engrained bias against landlocked countries being well-connected, but highlighted that, “Hubs go beyond the internet to roads, trains and container shipping. If you look at a map of how things move, everything moves through the same 20 hubs around the world – whether it’s a container or a data packet, the contingency factor is the same.”

So having the right policy frameworks to facilitate successful IXPs, promoting demand, and creating liberal, open markets are vitally important, particularly when the terrain is difficult or borders are closed. It’s about “creating platforms and dialogues to overcome historical political economic factors”, understanding that stimulating investment in infrastructure requires enabling regulation and policy. Rwanda is the prime example, commented the panel, of a landlocked country without a direct connection to an undersea cable but with a flourishing ICT-based economy based on government investment, open regulation and a commitment to ICTs empowering education and government services extending, promoting and expanding the industry.

“It is wishful thinking to design developmental projects without the regulatory framework and basic best practices which enable investment in the sector, “ said Khaled Naguib Sedrak, CEO and Founder, NxtVn, pinpointing the clarity of the regulatory framework as the principal driver behind ensuring funding – in addition to the need to “get past the psychological barrier”, moving away from the entrenched mindset which erroneously sees a monopolistic set-up as vital to ensuring national security.

Those psychological factors apply to the choice of connectivity technology, too, as moderator Saeed Khan emphasized: “Politicians love satellite as it brings a huge explosion of coverage, it’s showy and attracts attention, whereas cable is nothing to show off or talk about in comparison.” Yet getting the right balance of technologies for each nation or region is as important as ensuring open access. This means sensible infrastructure, leveraging submarine cable, terrestrial fibre, satellite, access technologies from wifi to wimax, drones to balloons, put together in a mix that makes sense in each individual case.

“Getting the end user on line, starting to generate economic activity, wealth and economic independence depends on a coherent approach relying on technological advancements and regulatory framework supporting an open market,” summed up Steve Collar, Chief Executive Officer, O3b Networks.

For Madory, it is important to remember that some regions such as Central Asia are “doubly behind the curve”, having both very limited international connectivity and a lack of adequate local hosting. Global internet structure fragility is a fact of life, which can be overcome by increasing route diversity to increase robustness and stability. Open access must be comprehensive across the broadband value chain, including data centres and servers as well as transport.

Siddhartha Raja, Policy Specialist, at the World Bank, stressed that the approach to open access should be different in each country, dependent on the current nature of each market and ensuring that the incentive for investment is not diminished. It is important to understand at governmental level that the intention and actual transition to open up the market and allow investment does not happen overnight, but calls for the correct sequencing of actions. And a market such as South East Asia cannot be taken as a whole, varying so extensively as it does between rural remote areas (where 92% of mobile penetration is 2G) to the developed urban hubs where 30% of subscriptions are 3G or 4G.

Policy, dialogue and exploring a diversity of financing options will support connectivity, but smaller-scale actions further down the value chain are equally important – such as ensuring that a ten gigabyte board does not continue to cost five times as much in South East Asia as it currently does in London. Transparency and openness are key across all technologies, reducing state-sponsored monopolies, unnecessary regulation and the dead weight of bureaucracy as quickly as possible to solve the digital divide.

And one of the biggest obstacles is fixing the misconception within the telecom world that infrastructure projects are an investment taboo, according to Khaled Seguib Nedrak. There should be no expectations of swift return on investment, but instead a realistic approach combining public and private financing to remove any anxiety about investment. Structuring the financing from the big picture of mixed infrastructure right down to the smallest boards is essential to affordable international connectivity in all regions, landlocked or not.

 

Moderator

Mr Abu Saeed Khan, Senior Policy Fellow, LIRNEasia, Bangladesh

Panellists

Mr Steve Collar, Chief Executive Officer, O3b Networks, Netherlands

Mr Doug Madory, Director of Internet Analysis, Dyn Research, United Kingdom

Mr Zaur A. Hasanov, Director, Trans-Eurasian Information Super Highway Project, Azerbaijan

Mr Khaled Naguib Sedrak, CEO and Founder, NxtVn, Netherlands

Mr Siddhartha Raja, Policy Specialist, The World Bank, India

 

 

An impressive crowd of delegates and media alike eagerly awaited the results of the Global Cybersecurity Index 2014, which were announced at the Saving Lives Pavillion by ABI Research and the ITU’s Dr. Cosmos Zavazava.

Taking the top position in the Index was the United States, with Canada coming in a close second place. Three countries shared third place – Oman, Australia and Malaysia – while New Zealand and Norway were placed fourth. Brazil, Estonia, Germany, India, Japan, South Korea and the United Kingdom were all joint fifth. During the presentation by ABI’s Michaela Menting and Stuart Carlaw, several countries were highlighted for their exemplary commitment to cybersecurity, including Oman, Turkey, Azerbaijan, Rwanda and South Korea.

There were several questions from the audience, with many delegates taking particular interest in African countries’ faring in the report, as well as the progress that has been made in this region in recent years.

Attendees enjoyed a special appearance from the ITU’s Secretary General, Dr. Hamadoun Toure, who introduced the new Index. He said:

“There are ever increasing and more worrying cyber threats taking place across the world. Cyber security must be integral as we embrace new technologies; some countries are unaware that cybercrime is active in their countries, although as soon as they are aware they take action. We owe it to our children to put in place infrastructure that will ensure a safer online environment.”

 

Is the Internet of Things (IoT) set to be the ultimate nirvana of connectivity in the very near future, or will the dream be derailed by issues of privacy, security and spectrum? This was the question posed by moderator John Defterios of CNN to an impressive line-up of industry figures debating the Intelligent Future.

Reminding the audience that the Internet of Things is nothing new, François Rancy, Director of ITU’s BR, emphasized that what has changed is the scale of the connections: “Everything which can be measured will be in digital form, will be transmitted, processed, evaluated and better understood.” Mobile networks are essential, and the fuel for those networks is the spectrum upon which they rely. Having the pervasive network which the IoT calls for, in areas such as the connected car, for example, represents a major challenge for regulators seeking to allocate and manage spectrum without compromising on public safety.

Robert Pepper, Vice President, Global Technology Policy, Cisco Systems, pointed out that the value at stake in IoT in economic terms is estimated at 19 trillion dollars in the ten year period to 2023. Machine to machine devices have overtaken smartphones as the fastest growing category of network with IP addresses, with forecasts of an impressive 221 billion connected devices by 2018, with greater and lower penetration depending on region. Enabling all those devices to talk to each would not course, be possible without IPv6.

The implications of IoT are huge, as Ric Tavares CEO, TechPolis pointed out: chips, sensors, IT connections through the cloud will make way for the much-vaunted explosion in cross-sector applications, services and ecosystems, from health to transport to energy. The complexity of alliances, mutual companies, the integration of commercial, technical and regulatory standards, who provides what to whom in terms of equipment – it’s all up for grabs and with that comes the potential for major regulatory headaches.

“Reality will never meet the pace of change of the expectations, especially when talking about embedded devcies and what they can do, “said Robert Middlehurst, VP for International Public Policy, Etisalat, “There are a myriad of things in the melting pot and we have to work together to work out how to change it, as regulatory bodies, institutions and organizations don’t work at that pace.”

The sense that we have not yet come that far on the road to the IoT was echoed by G Young, CEO, Nawras: fifteen years ago we were wowed by a smart fridge, but we haven’t really progressed that far and have to ask ourselves what would drive the consumer to adopt these things. Delivering value is key, he said: “It’s got to deliver the convenience factor, improve quality of life, add comfort, save energy or money. The wow factor of just being able to do it is not enough.”

Roberto Minerva, Chairman, IEEE IoT Initiative, raised the issue of security, in a world where any physical object can be represented in the cloud. He summarized the challenges to implementing the intelligent future as “getting the business model right for the devices to bring in that money as well as the social implications on privacy and ownership of data.”

“We haven’t stopped to think about data ownership, we are just carrying on,” said Minerva. The issues of who owns the data, who collects it for what purpose, and how to balance protection of individual identity with the benefits data brings remain. For Taveres, the answer may not lie in combining ICT regulators with national and international organizations or bodies overseeing other industries, but with a data regulator specifically selected to govern the use and regulation of data.

 

Pepper pointed out a broad heterogeneous set of devices need to be connected within different environments, from distances of a millimetre to the other side of the world, and sending continuous messages or occasional chirps. Different types of spectrum will be required as well as a way of making that data actionable to turn it in knowledge and wealth.

Pepper saw growth in the near future in wearable, in particular within the healthcare sector. For Ricardo, Iot applications will power connectivity and enable the full benefits for next generation networks in rural areas, combining rural culture with urban services. But there is little or no danger of companies developing devices within the ecosystem crossing over to become operators – the Telecom industry, the panellists concluded, is the most regulated in the ICT ecosystem, and no one would want to join.

Moderator

Mr John Defterios, Anchor & Correspondent, CNN International, United Arab Emirates

Opening Remark

Mr François Rancy, Director of the Radiocommunication Bureau, International Telecommunication Union, Switzerland

Panellists

Mr Greg Young, Chief Executive Officer, Nawras, Oman

Dr Roberto Minerva, Chairman, IEEE IoT Initiative, Italy

Mr Robert Middlehurst, Vice President for International Public Policy, Etisalat, United Arab Emirates

Mr Ricardo Tavares, Chief Executive Officer, TechPolis Technology Policy and Global ICT Regulation, USA

Mr Robert Pepper, Vice President, Global Technology Policy, Cisco Systems, Inc., USA

 

 

 

 

 

Communication, Collaboration and Cooperation. The touchstones of ITU Telecom World, and of the ITU itself, are also the driving force behind a bold and innovative commitment to accelerate sustainable socio-economic development across an entire continent – Smart Africa.

Launched during the Transform Africa Summit in Kigali on 28^th – 31^st October 2013, Smart Africa brings together African governments, the private sector and international organizations to promote and ensure affordable access to broadband and ICTs in general, ushering Africa into the knowledge economy.

Current partners of the Smart Africa initiative include Burkina Faso, Gabon, Kenya, Mali, Rwanda, Senegal, South Sudan, Tchad, Uganda, as well as GSMA, AU Commission, NEPAD Agency, UNECA, AfDB, the World Bank and ITU.

The SMART Africa manifesto, which is at the heart of the ICT agenda in Africa was endorsed by all Heads of State and Government of the African union at the 22^nd Ordinary session of the Assembly of the African Union in Addis Ababa.

Each member country committed to developing and implementing Smart Country programs with clear targets and milestones which will be strongly aligned with the Smart Africa Manifesto pillars: Policy, Access, E-government, Private sector/Entrepreneurship and Sustainable development.

International and private sector members committed to support financially, in kind, technically or otherwise to ensure the realization of the vision, programs and activities of Smart Africa.

Through the Smart Africa scholarship fund, each country will champion a Smart Africa Flagship Initiative ranging from ICT Industry development, SMART cities, Youth Innovation and Job creation, Digital Economy, Green economy to Digital literacy.

Four of the countries are present on the showfloor this year, showcasing ICT industry evolution, projects and investment potential of the continent – and representing the Smart Africa Alliance for the first time at ITU Telecom World.

Visit the Smart Africa Zone on the showfloor to find out more, or come to the Smart Africa Panel Lunch on Tuesday 9 December, where ministers of all four nations will be present. It’s an inspirational initiative, and a testament to the power of working together, sharing knowledge, ideas and experience to move forward into the digital future. Together we are stronger!

Nigeria has emerged as Africa’s largest economy, following a recent statistical “rebasing” exercise, with 2013 GDP estimated at US$ 502 billion.

The Nigerian economy has continued to grow at a rapid 6-8% per annum (pre-rebasing), driven by growth in agriculture, Information Communications Technology (ICT), and services.

The emergence of GSM networks in 2001 resulted in faster economic growth in the sector, with multiple GSM providers operating nationally and a subscribership base nearing 80 per 100 persons. From 450, 000 connected lines in 2001 to a mind-blowing 184 million lines as at September 2014.

In the years ahead, growth in the sector is projected to surpass other sectors of the economy due to its huge local and international investment opportunities.

The Vanguard newspaper of Nigeria elaborates on these achievements in a recent article titled: ICT Sector grows economy 11.6% in Q3, 2014. ICT sector grows economy by 11.6% in Q3, 2014 – Vanguard News

Nigeria is set to showcase its plethora of investment opportunities at ITU Telecom World 2014 in Doha, Qatar on Monday, December 8, 2014 during its Investment Meeting.

A delegation led by the honourable Minister of Communications Ms Omobola Johnson is on the ground at the Qatar National Conference Center, QNCC, Doha to host potential investors and to showcase vibrant and exciting projects and innovations across the dynamic Nigerian ICT Sector.

Nigeria’s theme for this year’s presence at ITU Telecom World is BROADBAND NIGERIA: ENABLING ACCESS, TRANSFORMING COMMUNITIES.

Speakers will include Joseph Tegbe, the principal partner of KPMG in Nigeria; Abdullahi Maikano, Secretary, Universal Service Provision Fund; and telecom operators giving an overview of the benefits of investing in Nigeria, including MTN’s Michael Ikpoki, MD/CEO and Ibrahim Dikko, Director of Regulatory Affairs at Etisalat Nigeria. The session will be moderated by Dr Eugene Juwah, Executive Vice Chairman and CEO of the Nigerian Communication Commission.

Like most Small Island Developing States (SIDS), Vanuatu presents very specific logistical challenges for government, regulators and operators alike when it comes to establishing universal connectivity.

With a population of 255 000 spread over 83 islands in the South Pacific, simply transporting ICT equipment into remote and rural areas is a major issue. A fibre optic network is impossible in this topography, and satellite connectivity often prohibitively expensive. Many isolated areas have little or limited access to power; literacy rates, let alone ICT skills, are low.

But for Vanuatu, these challenges have become an opportunity to show what can be done with political will and stability, commitment and hard work. Between the landing of the first submarine cable in November 2013 and March 2014, all operators and ISPs active in Vanuatu were connected, reducing the cost of wholesale bandwidth by more than 50%. Users have higher quality, reliability and speed in broadband services, driving growth in a range of internet-dependent business sectors such as finance, real estate and tourism – and pushing up GDP.

This represents a major achievement in terms of increasing universal connectivity. But we’ve gone beyond far beyond that with an ambitious, government-backed social development project to provide broadband access to schools and health centres across the nation. Successful pilot schemes have proved that education and community centres are the best locations to establish local hubs of connectivity, bringing broadband to students, teachers, their families and businesses. Starting with 24 sites by the end of 2014, the aim is to connect 98% of all schools by 2018. It’s an holistic approach: ministry programmes are developing curricula, building online content, training teachers and students, ensuring the availability of services and content relevant to local communities.

Thanks to our developed ICT strategy, we’re on target to meet that 2018 deadline. Funding is provided from the government, from development partners and from the industry, with operators obliged to pay into a universal access fund and support connectivity in remote and rural locations as a condition of receiving a licence for commercially- viable areas. Our regulatory body is fair, fully independent, and committed to a light-touch approach, letting the market decide and interfering as little as possible.

We’re proud of our ambitious goals, and of what we’ve achieved in recent years: opening the market to competition, inviting foreign private investment, improving coverage from 16% to 90%, establishing fair, independent regulation and a fully integrated government broadband infrastructure.

We also have the first internet exchange in the Pacific, where we hope to establish a computer incidence response team to collaborate at a regional level on raising awareness of cybersecurity and dealing with cyber crime. The first draft of legislation on cybersecurity and privacy laws is currently on its way through parliament. Vanuatu will follow up its successful hosting of the first-ever ITU Child Online Protection workshop in the Pacific with a series of cybersecurity workshops bringing together governments, financial institutions and other SIDS across the region to discuss best practice and develop a common approach.

We’re at the cutting edge of cybersecurity in the Pacific – and also of disaster preparedness and emergency response. ICTs are vital both to monitoring, predicting and detecting the natural disasters to which we as a region are prone, and to managing emergency response. Our major projects include an SMS alert system in the event of disaster, the result of collaboration between major mobile operators and climate change ministers. We’re investing in automating the collection of all data in remote sites throughout the country on tides, tsunamis, volcanic activities and meteorological indicators. And we are working towards hosting a regional workshop on disaster preparedness and ICTs involving all development partners, operators, governments and disaster stakeholders across the Pacific.

Vanuatu is looking forward to showcasing the success of its ICT strategy at ITU Telecom World 2014 as a part of the Make Your Country an ICT Star forum session. For us, ITU Telecom World is the biggest ICT and telecommunications sector event in the world. All the major stakeholders and partners come together, from regulators to CEOs, vendors, suppliers and development partners. It’s the best event to attend to share your accomplishments, learn from the achievements of others and attract foreign investment and development partners. No other event offers so much opportunity for the ICT industry in Vanuatu.

In addition to our forum session, we also look forward to meeting colleagues, peers and other stakeholders from around the world, seeing what they are doing or intending to do, sharing experiences and expertise. We would in particular like to promote our regional leadership and upcoming activities in cybersecurity and disaster preparedness and response. Vanuatu is a rising ICT star in the Pacific – ITU Telecom World is our chance to shine out on a global stage.