Vol 5 Issue 1
ISO27001 Event Guide
Ward Solutions predicts €1.2m
Data Solutions survey find Irish businesses
held at ransom
Innovative designs for data centres storage
Driven By The Need For
Information Security In Ireland
Data is one of the most valuable
assets any business has today. Our
dependence on information systems
and services means organisations
are more vulnerable to security
threats than ever before. Keeping
your data secure – whether its
customer, staff or supplier data – is
critical in most businesses, but most
especially those dealing with
sensitive data. Data security is a hot
topic in the media so ISO 27001 not
only protects your business against
hackers but also safeguards your
For further information please contact
616 Edenderry Business Campus,
Tel: +353 (0) 46 977 3434
Website : www.iso27001ireland.com
KEY BENEFITS TO YOUR BUSINESS
• Improves and maintains competitive edge.
• Win more business particularly where procurement
specifications require higher IT security
• Compliance with legal, statutory, regulatory and
• Provide assurance to stakeholders, such as clients
• Business continuity is assured through
management of risk, security issues and concerns.
Predicts €1.2M from ISO27001.
Say goodbye to the cheque book
€140M fund for tech companies.
The puzzling future of data security.
New jobs and €5M investment
Cheque books a thing of
3 issues defining data protection
Event Guide & Workshop.
Managing Editor: Ronan McGlade
Sub Editor: Mark Collins
Business Development: Susan Doyle
Production: Helen King
Production/Operations: Paula Dempsey
Sales & Marketing: Alan Carolan
Sales & Marketing: Ciaran Hurley
IT Department: Thomas McCarthy
80% do not have adequate security
measures in place.
Do you need one.
Business Solutions is published by BoxMedia and its Directors.
616 Edenderry Business Campus, Edenderry, Co Offaly
Tel: + 353 46 9773434
BoxMedia and its Directors can accept no responsibility for the accuracy of contributors’ articles or statements
appearing in this magazine. Any views or opinions expressed are not necessarily those of BoxMedia and its
Directors. No responsibility for loss or distress occasioned to any person acting or refraining from acting as a
result of the material in this publication can be accepted by the authors, contributors, editor and publisher. A
reader should access separate advice when acting on specific editorial in this publication!
BoxMedia is a Premier Business Media Ltd Company
Design, Origination and Separations by Fullpoint Design (057) 8680873
Printed by GPS Colour Graphics.
VOL 5 ISSUE 1
Half of Irish (47 per cent) find endless
junk mail more annoying than their
commute to work
New research reveals one in three consumers in Ireland and the UK will even
move their custom elsewhere if this trend of irrelevant overcommunication persists
New research reveals the
standard of communication -
inundation of irrelevant
whether paper-based or digital,
to ensure consumer loyalty.”
junk mail is pushing
A majority of consumers in
consumer loyalty in the UK and
Ireland to breaking point, with the
majority (84 per cent) ready to take
action against brands.
The research, commissioned by
global IT services company Ricoh and
carried out by Coleman Parkes,
examined the relationship between
Ireland and the UK (65 per cent)
believe more could be done to
tailor communications to their
individual circumstances. Three
quarters (76 per cent) would
even be willing to share personal
data to make this happen,
including occupation, salary,
brand communications and
Internet browsing habits and
Irrelevant communications, both
online and paper-based, are a huge
bug-bear for more than two-thirds of
consumers in Ireland and the UK,
Consumers also increasingly
view digital communications as
their preferred method to receive
information from brands and
who consider a quarter of what they
service providers: for new offers
Chas Moloney, director, Ricoh Ireland & UK
receive to be junk. Nearly half (47
and upgrades (71 per cent),
per cent) of consumers even see junk
mail as more frustrating than their commute to work.
Beyond the mere frustration factor, consumers are suffering
from being unable to sift through the flood of irrelevant
information and poor quality comms. Nearly one in five (17 per
cent) have missed a payment deadline, and 22 per cent have
been unsure how much they owe for a service or even missed
offers they were entitled to (33 per cent).
Brands need to beware that irrelevant communications are
having a significantly detrimental impact on customer loyalty,
trust and spend, and consumers are unafraid to bite back. Twothirds
(69 per cent) of consumers in Ireland and the UK report
feeling less loyal to a brand spamming with irrelevant
information, whilst a similar number would also spend less (68
per cent) and even go so far as to stop being a customer
completely (57 per cent). Nearly a third (32 per cent) of
consumers have moved their custom elsewhere, another fifth (22
per cent) have complained to a service provider, and over one in
ten (14 per cent) have taken their complaint to an authoritative
Chas Moloney, director, Ricoh Ireland & UK, said: “Irish
consumers are clearly saying ‘enough is enough’ when it comes
to the irrelevance and high volume of communication sent out
by brands and service providers. In the digital age, it has never
been more convenient to instantly communicate with customers,
but it is equally just as easy to spam.
“Brands need to find that crucial middle ground -
communicating regularly and effectively without alienating
customers. In today’s competitive landscape, businesses must do
more to listen to their customers and provide a tailored, quality
statements and bills (66 per
cent) and updates to terms and conditions (64 per cent).
Moloney continued: “Consumers want to feel like a brand
knows them and is creating the most tailored and bespoke
communication to cater for their needs and interests. This should
not be taken as an excuse to ‘spam’ though. Using consumer
data correctly is imperative here. No matter whether they have a
preference for digital communications – such as online bank
statements – or a mix of electronic and paper-based, there is
simply no excuse not to harness this insights to ensure
communications are truly targeted, which in turn makes them
effective and powerful.”
The industries viewed as currently sending the most relevant
communications to consumers are the public sector (39 per
cent), financial services (37 per cent), utilities (45 per cent) and
healthcare (32 per cent). With the exception of utilities, these
industries were similarly seen to be the most trustworthy handlers
of customer data. However, no single sector is viewed positively
by more than half of consumers, which goes to show significant
work still needs to be done by brands across all industries to
bring confidence in their customer communications up to
“Businesses across Ireland have to streamline how they
manage, distribute and collect data to ensure consistency across
all channels. Information provided by customers should be used
to create promotional offers and updates that are not only
personal to the consumer, but also highly relevant to them. This
results in the customer feeling truly valued, which ultimately
drives loyalty and tangible benefits to the business,” concluded
VOL 5 ISSUE 1
Data breach four-times worse than
CEO quitting – BT study
New research undertaken by Amárach for BT Ireland has shown that a company’s
data protection is priority No 1, with a data breach considered four-times worse
than a CEO quitting.
The likelihood of a
company suffering a data
breach has increased tenfold
in today’s age of heightened
cyberattacks and an abundance
of devices connected
to the internet of things (IoT).
In the last few days alone, three hospitals in the US have been
the victims of ransomware attacks, with attackers demanding
cash to allow the hospital’s IT staff to gain access once again to
A recent poll conducted for BT Ireland has highlighted that
data protection concerns are shared by both those at the coal
face of a company’s security operation, and by those at the
highest level of the company as well.
Data protection more important than financial health
The poll, of 115 senior Irish IT decision makers in companies with
an average employee size of 300 staff, showed that fear of a data
breach is now the biggest
worry for a company, fourtimes
bigger than the sudden
departure of an influential
Likewise, of those polled,
67pc said they believe that a company’s statements to investors
should specifically address data management capabilities in the
future and, additionally, 62pc said they believe that future
investors will use data management capabilities to assess a
company’s financial health, just as they do with profits and assets
Shay Walsh, managing director of BT Ireland, said of the
study’s findings: “Our research reveals that Ireland’s savvy IT
leaders recognise and understand the need for their employers to
invest in the right infrastructure now that will enable them to
better manage and extract value from data and, ultimately,
protect themselves from serious data management risk in the
Has your mouse been hacked?
Wireless mice and keyboards are prime for hacking, with
a “massive vulnerability” leaving “billions” of devices
at risk, according to a new report.
US cybersecurity company Bastille claims to have found
the issue, calling it MouseJack, which sounds pretty cool,
with the company saying the vulnerability is massive.
Manufacturers like Logitech, Dell and Lenovo are
namechecked as those affected by the issue, but most non-
Bluetooth wireless dongles are vulnerable.
Basically, hackers can take over a computer through a flaw
in the dongles. Once paired, the MouseJack operator can
insert keystrokes or malicious code with the full privileges of
the PC owner and infiltrate networks to access sensitive data.
The attack is at the keyboard level, therefore, PCs, Macs,
and Linux machines using wireless dongles can all be
“MouseJack poses a huge threat, to individuals and
enterprises, as virtually any employee using one of these
devices can be compromised by a hacker and used as a
portal to gain access into an organisation’s network,” said
Chris Rouland, founder and CTO of Bastille.
MouseJack, an IoT nightmare
Take a step back from the millions of laptops around the
world, and think of where we’re all going. An IoT world means
tonnes more interconnected devices, tonnes more wireless
interconnected devices. So, if what Bastille found is as bad as it
says, we could be in a bit of bother.
“The MouseJack discovery validates our thesis that wireless
IoT technology is already being rolled out in enterprises that
don’t realise they are using these protocols,” said Rouland.
“As protocols are being developed so quickly, they have not
been through sufficient security vetting.”
Bastille says the top 10 wearables on the market have
already been hacked, an ominous sign for those operating
below that threshold.
What’s worrying is the large amount of wireless mice and
keyboards that can’t be updated, thus rendering any hope of a
“Consumers will need to check with their vendor to
determine if a fix is available or consider replacing their
existing mouse with a secure one,” said the company, with
www.mousejack.com set up to help with this.
VOL 5 ISSUE 1
Data Solutions Survey finds 20% of
Irish businesses have been held to
• Despite this 93% say they would never pay a ransom
• 80% of businesses upgraded IT security in past year due to
rise in cyberattacks
• 55% expect to spend more on cyber security in 2016 than
• More than 40% consider brand and reputation damage the
biggest concern of an attack
• Less than 10% are ‘absolutely confident’ their information
security measures are effective
• Full survey results to be announced at Data Solutions’
Secure Computing Forum on 12th May.
Data Solutions, the leading Irish distributor for IT
solutions, has revealed the results of its 2016
Information Security Survey. The survey found that
20% of Irish businesses have fallen victim to
ransomware attacks, a serious form of cybercrime that sees
hackers hold a business’ sensitive and critical data for ransom.
Despite the serious nature of such an attack, 93% of respondents
stated that they would never pay a ransom to hackers.
The survey was carried out in association with TechPro
magazine among 137 senior IT decision makers in Irish businesses
during February and March 2016. The full results of the research
will be revealed at the Data Solutions Secure Computing Forum
taking place in the Mansion House, Dawson Street, Dublin 2 on
In a clear sign of the changing landscape of information
security, and increased awareness of the threat of cybercrime, the
survey also found that 80% of businesses upgraded their IT
security in the past year, and that more than 55% of companies
Pictured at the announcement of the 2016 Data Solutions survey results are: (l-r) Michael O'Hara,
managing director, Data Solutions, and David Keating, security sales manager, Data Solutions.
expect to spend more on security measures in 2016 than they
did in the previous year.
Despite this growing awareness, less than 10% of respondents
stated that they were ‘absolutely confident’ that their information
security measures are effective. More than 40% said that they
considered brand and reputational damage to be the main risks
of a data breach with just 0.8% saying they would consider job
loss their primary concern. Brand protection from cybercrime will
be an important discussion point at this year’s Secure Computing
Other notable stats highlight that businesses are concerned
about the risk of data loss or disclosure as a direct result of
cybercrime, with 55% stating that this was their main concern.
Other causes of concern were DDoS attacks – which recently
plagued Irish government and public sector websites and the
national lottery – social engineering and data destruction.
Although almost half of respondents stated that they were
concerned about attacks through the supply chain, nearly a
quarter (23%) do not build specific requirements for information
security into the contracts of third party suppliers. This is a 12%
increase from last year’s research, and highlights that businesses
are at even higher risk of a breach in the supply chain, the cause
of many high profile breaches such as the attack on retail giant
Micheal O’Hara, group managing director, Data Solutions,
said: “The results of this survey present an interesting and
worrying picture of the current state of the Irish information
security landscape and the approaches being taken by companies
to protect themselves. The Secure Computing Forum will focus
on where Irish businesses are falling short and what they need to
do to ensure their infrastructure is safe.
“The fact that 80% of businesses are upgrading and changing
their security infrastructure is reassuring,
but it begs the question what are the other
20% doing? Cybercriminals are forever
changing their approach and businesses
need to constantly adapt to keep up.
“93% say that they would never pay a
ransom, but faced with the reality of an
actual ransomware attack I think you’d find
most would. Every business has sensitive or
mission critical data and ultimately it would
come down to a business decision if that
was under threat. Less than 10% have
complete confidence in their information
security measures and this highlights the
pressing need for companies to take the
threat of these and other forms of
cyberattacks more seriously.”
Tickets for Ireland’s largest annual IT
security event the Data Solutions Secure
Computing Forum are available at
event takes place in the Round Room at the
Mansion House, Dawson Street, Dublin 2 on
VOL 5 ISSUE 1
Ward Solutions predicts €1.2M
revenue from new ISO 27001
• Ward is first and only provider in Ireland recognised as an ISO 27001 Associate
Consultant Partner by the British Standards Institution
• Ward invested €50,000 in training staff for certification
Pat Larkin, CEO, Ward Solutions.
Ward Solutions, Ireland’s leading information security
provider, today announces the launch of its new
ISO 27001 consultancy service. It is forecasting
that this service will lead to new revenues of
€1.2M from its security consultancy business within the next
The launch of the new service follows Ward’s investment of
€50,000 in ISO 27001 certification training for staff. More than
ten of Ward’s employees are now ISO 27001 accredited, and
the provider has now been recognised as an Associate
Consultant Partner by the British Standards Institution (BSI), the
organisation that oversees the certification process.
This partnership distinguishes Ward as the first and only
information security provider in the Republic of Ireland certified
to offer ISO 27001 consultation services to organisations hoping
to receive the accreditation. Ward Solutions will be identified to
new customers by the BSI as a specialist that can help with the
Ward Solutions will offer two forms of consultation. The first
will be for organisations testing if they are ready to be assessed
by the BSI, and will consist of a review by Ward to establish this.
The second will be offered to companies in the early stages of
preparation towards becoming ISO 27001 compliant. Ward
Solutions will offer these companies comprehensive step-by-step
consultancy through the complex accreditation process.
Pat Larkin, CEO, Ward Solutions, said: “Irish enterprises and
government bodies are increasingly making ISO 27001
accreditation a mandatory requirement to work with them as
part of their supply chain assurance. As the only company in
Ireland to be recognised as an Associate Consultant Partner by
the BSI, Ward Solutions can provide clients with unique
guidance towards accreditation, something that will provide us
with a strong competitive advantage in Ireland.
”This new service will also allow us to grow our security
consultancy business significantly over the next year as we
forecast new revenues of €1.2M from this service alone. Our
pipeline is very strong as a large number of new and existing
customers are looking to become accredited this year.”
John Whyte of the British Standards Institution said, “Prior to
last year we didn’t have any ISO 27001 Associate Consultant
Partners in the Republic of Ireland and we’re delighted to offer
this to Ward Solutions. This accreditation highlights Ward’s indepth
and unique expertise in the Irish market to provide
consulting services to companies seeking to become ISO 27001
“ISO 27001 is the international benchmark for information
security management systems. It offers a way for companies to
set themselves apart from their competition by exceeding the
industry standard. Ward’s new consulting service will remove
the complexity associated with achieving this standard and will
enable more Irish organisations to become ISO 27001
About Ward Solutions
Ward Solutions is Ireland and Northern Ireland’s largest
information security provider with offices in Dublin, Belfast
and Ennis. It provides a comprehensive range of security
services including security auditing, consulting, incident
response, secure managed services and software
development services. It has the largest team of
information security specialists in Ireland providing a
highly responsive service to more than 300 leading private
and public sector organisations. www.ward.ie
BSI (British Standards Institution) is the business standards
company that equips businesses with the necessary
solutions to turn standards of best practice into habits of
excellence. Formed in 1901, BSI was the world’s first
National Standards Body and a founding member of the
International Organization for Standardization (ISO). Over
a century later it continues to facilitate business
improvement across the globe by helping its clients drive
performance, manage risk and grow sustainably through
the adoption of international management systems
standards, many of which BSI originated. Renowned for its
marks of excellence including the consumer recognized
BSI Kitemark, BSI’s influence spans multiple domains
including Aerospace, Automotive, Built Environment,
Food, Healthcare and IT. With 80,000 clients in 182
countries, BSI is an organization whose standards inspire
excellence across the globe. To learn more, please visit
VOL 5 ISSUE 1
MHC Tech Law: What will the
General Data Protection Regulation
mean for business?
Mason Hayes & Curran introduces the General Data Protection Regulation, which
was agreed upon at the end of last year, and looks at what it will mean for businesses.
In December 2015, three years after the first draft was proposed,
and almost 20 years since the Data Protection Directive was
adopted, EU lawmakers came to agreement on the reform of data
protection law. The new General Data Protection Regulation
(GDPR) was agreed upon and is currently in the process of
formalisation and translation.
The General Data Protection Regulation is expected to come into
force in 2018. Let’s take a look at this piece of legislation and some
of the implications for businesses.
What is the General Data Protection Regulation?
The GDPR will replace the current Data
As a Regulation, and unlike the preceding
Directive, it applies directly. This means that
the GDPR does not need to be implemented
through each member state’s national law.
This should reduce the level of national
variation in relation to data protection law,
though it will not eliminate it entirely, as
member states retain some discretion in
The GDPR will comprehensively regulate
data protection throughout the EU (with the
exception of data processed for law
enforcement purposes). The GDPR builds
upon familiar concepts and rules in the Data
Protection Directive, but in many ways it goes further. It has wider
scope, standards have been raised, and sanctions are much higher.
What does it mean for businesses?
With a greater level of harmonisation of laws across the EU, it should
be easier for businesses that sell goods or services across the EU to
take a unified approach in multiple EU states. However, the
compliance burden is generally greater than that currently in place,
so many organisations will have to review and enhance their existing
In particular, the introduction of the ‘accountability’ principle
means that affected organisations will have to work on their internal
compliance, including record keeping and, for some, the
appointment of a data protection officer.
Businesses have some time before the GDPR comes into effect.
However, getting to grips with a new compliance framework takes
time and, when developing any new products or projects, an eye
should be kept to the future.
Why is it important?
The GDPR represents the future of the regulation of data protection
in the EU. It is particularly important for two reasons. First, the GDPR
has a very wide scope and will capture both data and companies
that previously fell outside the realm of EU data protection
Under the GDPR, a failure to adequately protect
data could lead to large fines.
regulation. Second, the potential fines under the GDPR are
The GDPR provides for a two-tier system of fines, depending on
the type of non-compliance. For the lower tier of offences, a fine up
to the higher of €10m or 2pc of the organisation’s total worldwide
annual turnover in the previous year may be imposed. The lower tier
of offences includes breach of privacy by design obligations, the
rules relating to processor contracts, record-keeping obligations and
processing security requirements.
For the upper tier of offences, there is potential for fines up to the
greater of €20m or 4pc of the organisation’s total worldwide annual
turnover in the previous year. Offences that
attract the higher level of sanction include
breaches of the basic principles for
processing, including conditions for consent,
infringing data subjects’ rights and unlawful
transfers to countries outside the European
For group companies, the percentage fine
seems to attach to the turnover of the group,
not just the individual company in question.
For large multinationals, this is a particularly
There are a number of factors that the data
protection authority must consider when
deciding the amount of the fine to be
• The nature, seriousness and duration of the infringement
• Whether the infringement was intentional or negligent
• Actions taken to mitigate the damage suffered by data subjects
• Relevant previous infringements
• Whether the wrongdoer co-operated with the data protection
• The categories of personal data affected.
As the finalisation and translation of the GDPR is currently in
progress, we can expect the GDPR to be formally adopted in the
The Article 29 Working Party (the group of EU data protection
regulators) has released a statement indicating that its priorities will
Setting up the new European Data Protection Board. The Board
will replace the Article 29 Working Party and have an enhanced role
under the GDPR
Preparing the one-stop shop and consistency mechanism.
Issuing guidance, in particular on data portability, the notion of
‘high risk’ and data protection impact assessments, data protection
officers and certification.
Communication relating to the new European Data Protection
Board and the GDPR.
VOL 5 ISSUE 1
Atlantic Bridge Capital confirms a
new €140m fund for tech
Atlantic Bridge Capital has confirmed the
first close of Atlantic Bridge III, a €140m
fund for technology companies with the
potential to scale globally in the areas of
big data, internet of things (IoT), robotics and cloud
The Dublin-based fund will invest in up to 20
Investments are already closing in seven
The fund will focus on scaling Irish and European
companies in high-growth enterprise technology
sectors such as cloud, big data, augmented and
virtual reality software, robotics and IoT.
“We already have a number of pipeline
investments identified for the fund and are
confident that this will build on the track record of
success of our previous Funds,” explained Brian
Long, managing partner of Atlantic Bridge.
“As a growth equity stage fund, Atlantic Bridge III
will focus on taking companies with a solid and
exciting business model to the next level, scaling
them into key international markets like the US and
The project is supported by the Department of
Jobs through Enterprise Ireland.
Participants in the new fund include existing Atlantic Bridge
investors, the Ireland Strategic Investment Fund, Enterprise
Ireland and the European Investment Fund, along with new
institutional investors, including British Business Bank Investments
Limited, the commercial arm of the British Business Bank, and a
number of institutional pension funds.
Dublin's Atlantic Bridge has closed a major fund worth €140m which it will use
to invest in companies in cloud, big data, robotics and internet of things.
Brian Long, managing partner, Atlantic Bridge Capital, with Minister for Jobs, Enterprise and
Innovation Richard Bruton ,TD, and Kevin Sherry, executive director at Enterprise Ireland. Photo:
AIB is also a new investor in the Atlantic Bridge
In February, we reported that the organisation was close to
closing a major fund.
Atlantic Bridge Capital is a global technology fund with more
than €400m of assets under management across four funds,
investing in technology companies in Europe. Headquartered in
Dublin, it has offices and staff based in London, Silicon Valley,
Beijing and Hong Kong.
Using its international platform and “Bridge model”, the
venture capital firm has scaled a range of European companies
into the US and Chinese markets
Examples of scaled Atlantic Bridge portfolio companies
include Movidius, FieldAware, PolarLake, Metaio, Swrve and
Atlantic Bridge currently has more than 20 companies in its
funds’ portfolio and has achieved 12 realisations with proceeds
totaling over €1.7bn.
“The Atlantic Bridge model of connecting Irish technology
companies with key global markets makes it a key component
of the funding landscape and we are excited to continue our
partnership with Atlantic Bridge for Fund III, following the
strong performance achieved by Fund II,” said Eugene
O’Callaghan, director of the Ireland Strategic Investment Fund.
“This investment aligns with our dual objectives of generating
economic impact and financial returns and we look forward to
seeing it support rapidly growing Irish companies in accessing
customers, investors and partners in global markets in the US,
China and Europe.”
VOL 5 ISSUE 1
Deciphering the puzzling
future of data security
From hackers to unencrypted smartphones and the
spectre of full-scale cyber warfare, the future of data
security is set to be a complex one that will affect us all.
What is the future of data security?
The question is both naïve and unfathomable. Asking the
question in the first place means being ignorant of the reality
that the battle between victims and those who threaten us is a
neverending one. There will never be a full stop.
The World Economic Forum named cyberattacks one of the
greatest threats to businesses and ranked it as a risk higher
than terrorist attacks, explained Theresa Payton, who was CIO
for the White House during the Bush administration from 2006
to 2008 and is now one of America’s leading cybersecurity
experts and CEO of Fortalice Solutions. “The world’s leaders
know that attacks on private sector companies will damage a
country’s economic wellbeing,” she said.
In February 2016, US president Barack Obama gained
Capitol Hill support for a budget increase of $5bn in additional
cybersecurity spending. This brings the cybersecurity budget
to $19bn in 2017 for the US government. “President Obama
said that data breaches and cybercrime are, ‘among the most
urgent dangers to America’s economic and national security’,”
Backdoors are bad ideas. Weakening
encryption is an old-school argument
and I’m not sure that’s even what the
Theresa Payton, Former White House
“Up until recently, most data
Theresa Payton, former
breaches did not result in a long-term
White House CIO and CEO
financial impact on the victim. Once
of Fortalice Solutions
the victim cleaned up the breach and
accounted for expenses, usually stock prices or market
reputation returned to previous levels. The status quo will
change and the financial impact going forward is very real and
morphing with today’s threats,” she warned.
Payton cited IBM’s latest study, which revealed the average
cost of a breach rose to $3.8m in 2015. A recent study by
SkyHigh Networks asked companies if they would pay cybercriminals
in the event of a ransomware attack and almost 25pc
said yes, and 14pc of those said they would pay more than
$1m to get their data back.
Under constant threat
Terry Greer-King, the director of cybersecurity at Cisco UK and
Ireland, revealed that there are 3bn Google searches daily and
19.7bn threats detected in the wild every day. The tech sector
is trying to pare down the current industry benchmark for
threat detection but, at the moment, the bad guys have an
average of 100 days to do their worst before a threat is
discovered. Considering that the world in 2030 may have
500bn connected devices through the evolution of the internet
of things (IoT), the threats are only going to skyrocket.
“We are now in the realm of shadow IT where the internet
and devices from fridges to phones and thermostats are all
connected to clouds of clouds, and organisations don’t know
what apps employees are downloading, and businesses are
buying services without talking to IT,” said Greer-King. “The
truth is IT can’t control any bit of technology anymore.”
Paraphrasing Cisco chairman John Chambers, Greer-King
added: “There are only two organisations in the world today:
those that have been hacked and those that don’t know
they’ve been hacked.”
‘There are only two organisations in
the world today: those that have been
hacked and those that don’t know
they’ve been hacked’
– TERRY GREER-KING, CISCO
According to Cisco’s Annual Security
Report for 2016, cyberattacks continue Terry Greer-King, Cisco’s
to be a profitable business for cybercriminals,
who are refining the way security.
European expert on IT
they attack back-end infrastructure.
Last year, Cisco, with the help of Level 3 Threat Research and
Limestone Networks, identified the largest Angler exploit kit
operation in the US, which targeted 90,000 victims every day
and generated tens of millions of dollars a year by demanding
ransoms off victims. Cisco estimates that, currently, 9,515
users in the US are paying ransoms every month, amounting to
an annual revenue of $34m for certain cybercrime gangs.
The public face of a breach
Greer-King explained that 60pc of the “bad stuff” occurs
within the first few hours of an attack happening, when the
cyber-thieves gain access to a company system and accounts
get stolen or compromised. But remember, the industry
average for detecting a breach is 100 days, long after this
damage has been done.
At the rate at which attacks are accelerating, it is going to
be a case of when, and not if, an organisation’s capacity for
crisis management will be tested. How an organisation reacts
in the first 48 hours of detecting an attack or breach will be
revealing, not only for customers, but employees and
“It is like that old military analogy: even the best-laid plans
fall apart after the first five minutes of contact. Cool heads are
important and, unless people are tested and attacks are
simulated, you will never know what is going to happen in the
heat of the moment,” said Kris McConkey, PwC’s partner-incharge
VOL 5 ISSUE 1
It is like that old military analogy, even
the best-laid plans fall apart after the
first five minutes of contact’
– KRIS MCCONKEY, PWC
Evidently, the march of technology is
creating chaos for CIOs and CSOs to
keep on top of, but the narrative is Kris McConkey, partner-incharge
changing. CEOs and boards are now the
fall guys rather than IT professionals. PwC
McConkey posited that cyberattacks are
now a boardroom issue, citing the high-profile attack on Talk
Talk’s servers last year.
“In the UK, breaches like [the Talk Talk breach] have seen the
CEOs of companies suddenly propelled onto [current affairs
show] Newsnight and radio shows,” said McConkey. “This was a
seminal moment because it made boards realise that breaches are
no longer something that can be offloaded to the chief security
officer, but it is actually the boards themselves that are on the
spot when things can go wrong.”
You are the weakest link
Ultimately, the triggers for the biggest attacks and vulnerabilities
are people. No matter what elaborate security defences are put in
place, Accenture’s Bill Phelps explained that it is people – AKA the
‘wet firewall’ – who let the intruders in.
“There were con artists long before technology was ever on the
scene,” said the managing director and global lead for Accenture
Security, who tracks a natural evolution from this to the infamous
emails from Nigerian royalty and, today on social media, where
users try to persuade others to transfer money. “Today, we are
seeing mid-level executives being conned into allowing the bad
people in using phishing attacks.”
‘100pc defence is impossible, but it is
good to constantly test yourself against
– BILL PHELPS, ACCENTURE
Even senior US government officials
who ought to have been at the pinnacle
Bill Phelps, managing of awareness and protection – such as
director and global lead for the head of the CIA, John Brennan –
Accenture Security. were compromised and embarrassed
by amateur hackers. Individuals, as well
as businesses, need to be street smart, but also realise they
can’t protect everything.
“The battle space is so vast and takes in every person and
organisation,” said Phelps.“There are criminal gangs out to
steal your information or credit card numbers. Organisations
are staving off industrial espionage and front-running trading.
There are attacks on banks just to understand M&A activity,
and all of this is very specialised.”
And yet, all of the sophisticated defences in the world can
still be undermined by a human weakness, like falling prey to a
“It is an asymmetrical problem in which the defender has to
close every loophole, but the attacker has to only find one way
in. 100pc defence is impossible, but it is good to constantly
test yourself against mock adversaries.”
The devil is in the data
Mark Hughes, president of BT Security, said he believes
organisations need to prioritise what it is they are trying to
defend rather than locking down everything. He warned that
the era of security beyond the firewall will require granular
controls and privileges that define who can do what with the
data and where they can go with it.
“We are at a juncture where there is only a nuanced
understanding of the differences between sophisticated and
unsophisticated attacks,” he said. “Organisations are often so
busy trying to protect against mainstream, everyday malicious
activity that they are unprepared for the more sophisticated
‘Organisations are often so busy trying
to protect against mainstream,
everyday malicious activity that they
are unprepared for the more
sophisticated targeted attacks’
– MARK HUGHES, BT SECURITY
The head of enterprise at Dropbox, Mark Hughes, president, BT
Ross Piper, is responsible for driving the Security.
US company’s growth in the enterprise
market, building on its presence in 97pc of Fortune 500
companies. Like Hughes, he believes the perimeter is no longer
the defensible part of the network. It’s all about the data.
Cloud services like Dropbox allow everyone from small teams
of creators right up to thousands of individuals in a corporation
to collaborate and share data on any device. In the past, this
would have given a CEO or CIO a heart attack, but the
productivity benefits and the inherent security to protect data
in the cloud have evolved in ways that could frustrate attackers.
‘This is a precursor to a fundamental
shift in security models that we’ve been
talking about for decades but which is
finally coming to fruition’
– ROSS PIPER, DROPBOX
“If you take a 400MB video as an
example. What we do when a user Ross Piper, head of
saves that into Dropbox is we actually enterprise at Dropbox.
break that into a hundred 4MB file
blocks. Each of those file blocks is individually encrypted. They
are stored at random within the storage service with 1bn new
files per day. Imagine 1bn files – that’s well more than 10bn
file blocks,” Piper explained.
To illicitly access a specific file on this service, a hacker
would have to get through the encryption tunnels, find the
right 100 4MB blocks amongst tens of millions of file blocks
saved that day, and individually unencrypt each one of them.
This intelligent breaking up and sequencing of blocks of data
represents the future of security in the cloud.
“This is a precursor to a fundamental shift in security models
that we’ve been talking about for decades but which is finally
coming to fruition,” said Piper.
Protection vs privacy
It’s not just the growth of data that concerns security
professionals and consumers, but the growth of datacollecting
devices. “More devices will simply mean more ways
to attack. Nothing is going to be safe,” said Cisco’s Greer-
King. “There will be sensors everywhere to collect data,
connect cities and ultimately change the way the world
operates. But not every data point, not every sensor, will have
With the advent of IoT and machine-to-machine (M2M)
technology, threats against seemingly harmless consumer and
industrial devices are already accelerating. According to PwC,
the number of attacks on embedded IoT devices among
companies it surveyed increased 152pc in 2015, yet only 36pc
of these companies had a security strategy for IoT.
VOL 5 ISSUE 1
‘We have smart TVs that we didn’t
realise had microphones built in. They
are invisible to us and we don’t know
who captures this data and what it is
being used for’
– DR DIRK PESCH, NIMBUS CENTRE
Dirk Pesch, head of the Dr Dirk Pesch heads up the Nimbus
Nimbus Centre, CIT. Centre at Cork Institute of Technology,
where more than 80 researchers are
working on the future of the internet of things. He believes the
Stuxnet attack on industrial SCADA control systems in nuclear
plants foreshadowed the world that is to come, but instead of
factories and utilities being attacked, it will be the systems we
invite into our homes.
Pesch offered the example of remote meter readings, where an
M2M device with a SIM sends your data to the electricity or
water company. “If hackers know what they are doing and can
breach the system, it won’t take long for an attacker to know if
your house is occupied or not,” he said.
“We have smart TVs that we didn’t realise had microphones
built in. They are invisible to us and we don’t know who captures
this data and what it is being used for. There are huge issues of
How the information stored on the multitude of personal
devices set to occupy our homes in the future will be treated
could well be defined by the outcome of the present legal
wrangle between Apple, the FBI and the US Department of
Justice. The San Bernardino iPhone case could be the defining
issue of our age, technologically and personally, but former
White House CIO Payton said the issue may not be resolved to
the satisfaction of Silicon Valley.
“This is historic. The decision that comes out of this ultimately
decides how we fight terrorism in this country,” she said.
Payton said she thinks it is important to note that other
industries compelled by a court order to produce records have
implemented methods of compliance. “The banks had to create
processes and systems to respond to anti-money laundering
requests and more. The phone companies have had to create
ways to respond,” she explained.
While Apple CEO Tim Cook described the opening of
backdoors into encrypted devices as the “software equivalent of
cancer”, offering no guarantee that the keys will remain in the
hands of the so-called good guys, Payton had a different view of
“Backdoors are bad ideas. Weakening encryption is an oldschool
argument and I’m not sure that’s even what the FBI
wants,” she said. “The FBI is not asking Apple to unlock the
phone or to create a master key to use to unlock all phones.
What the FBI is asking for is for Apple to remove a barrier, to
remove one step, so the FBI themselves can attempt to unlock
It’s no surprise that a smartphone has
taken a central role in defining
information security, as millions of
people are now living their lives
through these devices. With the
evolution of mobile wallets, fingerprint
biometric security – once seen as sci-fi –
Tim Cook, CEO of Apple.
is now a reality, and companies from
Amazon to MasterCard are
experimenting with even more new ways to authenticate
“Payment technologies have never been safer, but criminals
have never been smarter,” said Bob Reany, executive president
of Identity Solutions at MasterCard. “Most of us can agree that
passwords are a real problem. “People forget them often and
it’s a pain to go through the retrieval process.”
Conceding that there is no silver bullet to fight fraud, Reany
said MasterCard implements multiple layers of protection to
protect users every time they pay. Following a trial in the
Netherlands, the credit card brand is rolling out a selfie security
system in 14 territories this summer, in an effort to move away
from the prevalence of passwords.
“I wish passwords were passé!” said Payton, though she’s not
yet satisfied with the proposed alternatives. “I am quite wary of
biometric data until the vendor devices, the storage, and
collection of biometrics are locked down and safe.”
And even if biometrics technology is a step in the right
direction, it is likely cyber-criminals are already working on a
way to circumvent it. “The moment we roll out selfie and big
data, behavioural-based analytics for authentication, it’s time to
go back to the drawing board to invent the next approach,”
We regularly hear that Ireland has
established itself as the ‘data capital
of Europe’, with many of the world’s largest
tech companies basing data centres here,
but what exactly do we know about them?
Ronan Harris, head of Google Ireland,
recently described the country as the data
capital of Europe and, going by industry
reports, it’s hard to disagree.
Specifically, a detailed report published
by global data analyst group 451 Advisors
in 2013 predicted that Ireland’s data centre
industry would overtake the UK and
mainland Europe locations, with a growth
rate of 18pc over the coming years.
What makes a good data centre?
One of the key reasons Ireland is seen as a
good location in which to establish vast
warehouses full of servers is down to the
cold weather that many of us complain
about on a regular basis. Additionally, you’ll
find most Irish data centres clustered along
the M50 motorway, which mirrors the
route of the T50 fibre trunking system
running from north to west Dublin.
While cooling and connectivity are
essential for operations, there are other
technical standards that comprise Irish,
and, indeed, any, data centres.
For example, square footage and energy
usage contributes to what standard a data
centre finds itself in. One such standard
scrutinised by potential clients is power
usage effectiveness (PUE), which divides
the total facility energy into its IT
equipment energy with the most ideal
score being 1.0.
VOL 5 ISSUE 1
5 tips to help protect your business
Businesses of all sizes are at risk from the ongoing threat of cyberattacks and the theft
of sensitive data. George O’Dowd from Novi Technology details the risks businesses
face from cybercrime and the steps they can take to protect their business.
Many businesses have fallen victim to security breaches
without their knowledge. An ageing infrastructure and
a growing trend in the automation of cyberattacks –
making them smarter, harder to detect and more
widespread – is contributing to the increasingly delicate security
SMEs in Ireland are taking risks with their reputation and their
ability to conduct their business by overlooking the dangers of
cybercrime. A recent survey by Zurich Insurance revealed that
nearly half of SMEs surveyed didn’t feel that they needed to
protect their business against cyberattacks, despite listing data
protection as one of their biggest concerns.
Small and medium-sized business owners need to become
acutely aware that they are as likely to be hit with cybercrime as
their bigger competitors but they are less equipped financially
and operationally to absorb the impact.
Below are some of the ways criminals can gain access to your
data – and what you should do to protect yourself.
Using malware hackers can silently transfer your customer data or
intellectual property to external servers where it is collected and
sold for substantial gains. More often than not employees provide
access to systems by clicking on a compromised email or a
disguised file download.
2. Unprotected systems
Criminals can also get inside your network by targeting security
vulnerabilities on unpatched devices. Many businesses have fallen
victim to ransomware, whereby company data becomes
encrypted, leaving the business paralysed unless a ransom is paid
to criminals for the unlocking key.
Nearly a quarter (23pc) of Irish organisations have been held to
ransom by a hacker, and yet the vast majority (93pc) assert they
would never pay a ransom.
3. Exposed Wi-Fi access
Poorly configured wireless access points are often an easy way to
access corporate networks from outside the building, and in
some situations guest access is not partitioned from internal
systems, leaving company data exposed. Organisations, small
and large, should implement more complex password policies
that need to be regularly changed.
4. Unsecured devices
Laptops should be encrypted and you should be wary of the
devices you allow to connect to your internal wireless network.
5. Data storage
If you are using cloud-based service providers ensure they are
credible and that your data is encrypted and protected offsite.
For online businesses it is important that you don’t store
customer payment data on your servers, ensure servers are
regularly patched and updated and consider implementing
safeguards against distributed denial of service (DDoS) attacks. A
DDoS attack consists of hundreds if not thousands of connections
being made to your systems at the same time, causing them to
become overwhelmed and unusable, which can lead to
significant loss by forcing your website offline.
Firms need more focus on detecting IT attacks, event hears
The biggest information technology security challenge for
companies is detecting and responding to threats, according to
Rob Sadowski, director of marketing at security company RSA.
However, many businesses are still wrongly focused on outdated IT
security tactics, trying to prevent attacks by using antivirus software
and firewalls rather than aiming to detect inevitable intrusions and
then prevent or contain damage, he said in an interview at the
company’s annual RSA Security Conference in San Francisco.
“Defences are often built for yesterday’s IT,” he said.
“Companies are warming to that idea that it now isn’t if, but
when, they will be attacked. But for that not to be a fatalistic point of
view, what do you do?”
The goal is to have systems, and increasingly, well-trained IT
specialists in the company that can recognise an attack when it is
happening, and detect it as early as possible to limit loss, he said.
A recent survey of companies by RSA indicated three out of four
organisations were “very dissatisfied with their ability to detect and
investigate those threats,” Mr Sadowski said.
VOL 5 ISSUE 1
Zinopy launches 'inSIght'
To help organisations to manage, monitor and measure their IT Security
posture and Systems performance.
For over a decade, Zinopy has been
Ireland’s Market leading Solutions
Advisor and Services Provider of
Information Security and
We have used our experience and
expertise to bring to the market Ireland’s
first Managed Operational Service called
Zinopy InSIght has been designed to
deliver Business Outcomes through
Operational Excellence in both
Information Security and Citrix
Zinopy InSIght – Security
John Ryan, CEO, Zinopy: “We recognised
there was a gap in the market based
on security skills shortage, rise in
cyber attacks – in both sophistication
and volume – and an increase in the
complexity of today’s security
landscape. Our managed security
service is founded on Security
Intelligence and Analytics and it
provides organisations with full
visibility of their network so that they
can detect intrusions in real time and
respond to breaches effectively”.
Zinopy InSIght – Systems
Book your FREE consultation & demo with Zinopy to discover how our
managed security intelligence service can keep your organisation secure.
Email: firstname.lastname@example.org stating code ZinopyISO-01
Aidan McEvoy, Sales Director,
Zinopy: “We have been Ireland’s
Citrix Platinum Partner for over 10
years and have consistently invested
in the best and brightest talent in
the country; we are uniquely placed
to offer a world class service to our
customers. “Our goal is to help our
Customers deliver a consumer type
experience to their IT users through
the use of innovative tools, business
oriented processes and an
enthusiastic and experienced team
of people with one common
imperative - to deliver a great
The Zinopy inSIght Centre is
based at our dedicated facilities in
Dublin using industryleading
innovative technology, providing
the backbone for Zinopy’s managed
Contact Zinopy to discuss your
VOL 5 ISSUE 1
Tel: +353 (0) 1 207 5700
Tel: +353 (0) 1 642 9300
Managed Security Service
2015 was a year of serious security breaches;
Arkphire with edgescan can help prevent you
from getting hacked while continuously protecting
your business and client data.
Edgescan is a Managed Security Service
providing full stack coverage on both network and
applications with continuous vulnerability
assessment. It detects technical vulnerabilities and
weaknesses before the hackers do. This is a hybrid
offering as a managed service with human
validation (edgescan security analysts) supporting
customers globally. The combination of Arkphire’s
ICT expertise with edgescan will provide an overall
comprehensive solution to address the growing risk
from insecure web applications and hosting
Arkphire combines their Managed Service
Certification Europe is an accredited ISO
Certification Body serving a wide range of
clients from SME's, Multinationals and
Government bodies. Certification Europe
awards certification against a range of ISO
Standards giving you a competitive advantage
as well as driving quality, innovation & cost
savings. ISO standards have helped company’s
open up export markets and increase brand
recognition and prestige.
Proud of our expertise, we are considered an
authority in Energy Management (ISO 50001),
Information Security (ISO 27001),
Environmental (ISO 14001), providing
assessments as well as public and bespoke
offerings with edgescan’s SaaS-based vulnerability
management platform. The edgescan family offers
advanced scanning technology with expert website
and server security analysis, to enable customers to
identify, prioritise, manage and remediate
vulnerabilities. With a SaaS solution, customers can
focus time and resources on the execution of other
information security and ICT activities.
Of all the vulnerabilities discovered by in 2015,
63% could have been mitigated via patch,
configuration and component management
combined. Edgescan detects security weakness
ISO27001 focuses on "continuous improvement",
so does edgescan. Talk with us today and feel free
to measure your cyber resiliency and posture
improvement with the edgescan vulnerability
training courses in these areas.
We partner with our clients to ensure their
ISO certification becomes a valuable asset.
With headquarters located in Dublin, we have
local offices in the United Kingdom, Italy,
Turkey and Japan.
Tel: +353 (0) 1 685 2556
CloudAssist is a certified Microsoft Cloud Depl
oyment Partner and is an Office 365 migrator
for Microsoft Exchange and Sha repoint with a
user-centric approach for improved Business
Process efficien cies and cost savings while
achieving ISO27001 level of IT security includi
ng digital signatures and Mobile Device
We assist our clien ts to adopt the many
cloud features of Office 365 and 3rd party addons
so that their users are more connected
both internally in the organisation and with
external users such as suppliers, partners and,
most importantly, the ir customers. Our aim is
to help our clients to get the most of their
inves tment in Office 365 by understanding
the business needs and their own cloud
readiness. CloudAssist is eligible to provide
Office 365 and SharePoint De ployment
Planning services for clients with more than 50
users which is wor th up to €3K towards their
migration to Office 365 along with furth er
grants for enterprises with more than 150
Office 365 seats and clients w ith Enterprise
Agreements. CloudAssist is the Proud sponsor
of the non-pro fit initiative, Just Social, (Social
Tech donations for Irish Charities) which
includes Microsoft Office 365
Tel: +353 (0) 61 477 888
CalQRisk was established to provide
organisations with world class Enterprise-wide
Risk Management software solutions-enabling
them to identify and manage risks to the
achievement of their objectives.
Using CalQRisk, our flagship product, we
provide access for clients to an extensive
knowledgebase of risks and associated controls
allowing them to measure and improve their
risk management capability. Our
knowledgebase is the product of the
experience and wisdom of over forty subject
matter experts. It continues to grow as
additional sectors are addressed.
Included in our rich knowledgebase are the
risks and associated controls that would be
expected to be in place in organisations that
are ISO27001 compliant. If you are planning to
seek accreditation to this standard you can
carry out a self-assessment simply by
answering the questions in our risk question
sets. The CalQRisk Dashboard will quickly tell
you those areas that need to be addressed to
ensure you are compliant.
For tools to support your Governance, Risk
and Compliance efforts contact us today.
VOL 5 ISSUE 1
Tel: +44 (0) 1 2934 0207
Now in its tenth year, Integrity360 has grown
consistently year on year since its
establishment in 2005, highlighting its position
as the largest IT security specialist in Ireland,
and the fastest growing in the UK.
The company offers a complete 360 degree
security services offering which includes
Managed Security, Security Testing, Incident
Handling, Security Integration and
Governance, Risk & Compliance services.
Its enterprise clients can be found in all
business verticals and include some of the
largest and most well-known brands in the
Tel: + 44 (0) 8450 701 750
IT Governance is one of the foremost global
providers of information security and ISO
Our strong focus on consultancy, training,
penetration testing, software, tools, resources
and guides, combined with flexible and costeffective
delivery options, provide a unique,
integrated alternative to the traditional
information security provider.
Having led ISO 27001 implementations since
the inception of the Standard, our strong
global presence gives us the knowledge and
insight to provide valuable advice, tailored to
meet any organisation’s specific needs and
budget. We have helped hundreds of
companies worldwide achieve ISO 27001
certification, while many thousands of
organisations use our products daily to help
them tackle ISO 27001 implementation
Tel: +353 (0) 1 525 3627
Laztech IT Services is an IT Managed Services
Our mission is to provide peace of mind to
our clients. We consider ourselves to be the IT
Department to our clients. Through
collaboration we aim to ensure that IT systems
are managed to the highest level of efficiency
and performance, whilst maintaining data
security. We are determined to deliver
innovative, practical and cost-effective IT
solutions that improve business performance.
Our services include:
• Telephone, Remote, Offsite & Onsite
Support / Fully Managed Services
• Data Encryption, Virus Protection & SPAM
• Data Protection Compliance
• Online Backup & Disaster Recovery / Cloud
& Web Services
• Hardware & Software Sales / Virtualisation
• Consultancy & project Management
Tel: + 353 1 295 8966
Logicalis is an international IT solutions and
managed services provider with a breadth of
knowledge and expertise in security services, data
centre and cloud services, and managed services.
Our IT security practice delivers a range of
services that will help your organisation to reduce
risk, ensure compliance, and secure sensitive data
and systems across all platforms. We will protect
your network, safeguarding the perimeter, critical
internal assets, data, remote users, customers and
partners. Our services provide key controls for
regulations including PCI, ISO 27001 and 27002.
Logicalis has specialised solutions for
enterprise and medium-sized companies, across a
range of vertical markets. Depending on your
requirements, we can augment your existing
security team or we can manage your entire
security environment. Our services include
security consultation, round-the-clock monitoring
and management of intrusion detection systems
and firewalls, overseeing patch management and
upgrades, performing security assessments and
security audits, and responding to emergencies.
We maintain strong partnerships with
technology leaders such as Cisco, IBM, HP, CA
Technologies, NetApp, Microsoft, Oracle,
VMware and ServiceNow on an international
For more information, visit
VOL 5 ISSUE 1
MM Barcoding Ltd
Tel: +353 (0) 1 846 2902
MM Barcoding (Ireland) Ltd is a long
established company specialising in automatic
We supply a full range of barcode printers,
scanners,verifiers,label making and asset
tracking software as well as portable on line
In line with our policy of continuous product
development,we have just launched our new
unique printer with on board barcode
verification which ensures that no barcodes are
produced which will fall below the required
All products are backed by our in field
service network supplying on site
service,maintenance and parts.
Tel: +353 (0) 87 762 9861
Sungard Availability Services (“Sungard AS”) is
a leading provider of critical production and
recovery services to global enterprise
Sungard AS partners with customers across
the globe to understand their business needs
and provide production and recovery services
tailored to help them achieve their desired
Leveraging 35 years of experience, Sungard
AS designs, builds and runs critical IT services
that help customers manage complex IT,
adapt quickly and build resiliency and
availability. Visit Sungard Availability Services at
www.sungardas.ie or call (+353) 01 467 3650.
Connect with us on Twitter and our Blog.
Tel: +353 (0) 86 1843 722
Ward Solutions are an information security
consultancy and system integration company.
We help organisations protect their brand,
people, assets, intellectual property and profits
by identifying the threats, and minimising the
risks that they face.
Tel: : + 353 (0)1 897 6750
Zinopy is one of Ireland’s leading IT solution
and service providers and specialist in driving
business agility through Security, Virtualisation,
Mobility and Managed Services.
Zinopy offers a unique blend of deep
industry knowledge and specialist technology
expertise to deliver real business value to
organisations of all sizes across a wide range of
The company has 25+ years’ experience in
delivering security solutions and managed
security services to Irish businesses across a
range of verticals in the Public and Private
sectors, including Data Security, Data
Classification, Identity and Access
Management, Application Security, Email and
Web Security, Advanced Threat Protection,
SIEM, Intrusion Prevention and Detection and
Secure File & Data Sharing.
Zinopy is Ireland’s leading Citrix Platinum
Solutions Advisor, an IBM Security Business
Partner and partners with an extensive range
of other world-wide leading vendors in the
virtualisation and security markets.
See www.zinopy.ie for more information.
VOL 5 ISSUE 1
Panama Papers show there’s no place
to hide in a data-centric world
The only guarantee of secrecy in the 21st century will be to have no secrets. In
what is the biggest data set to fall into the hands of journalists, a treasure trove of
data on tax avoidance and dodgy dealings by the so-called great and good has
been laid bare.
The 2.6 terabyte leak of Panama-based shell company
Mossack Fonseca has rocked the establishment
worldwide, revealing a tawdry industry that involved
banks, legal firms and asset management companies all
centred on managing the estates of a motley crew of well-heeled
types ranging from FIFA officials to politicians, celebrities,
professional athletes, property developers and more.
The revelations have even led to calls for the prime minister of
Iceland Sigmundur Daví? Gunnlaugsson to step down and
brought 10,000 protestors to the streets after leaked documents
showed his wife owned a secret offshore company that had a
potential claim on the country’s collapsed banks.
It is a tawdry tale of offshore tax havens for rich and powerful
individuals, including, it is alleged, Russian president Vladimir
Putin and the late father of British prime minister David Cameron,
and shows how Mossack Fonseca allegedly helped clients launder
money and avoid paying taxes for 40 years.
The unfolding drama could potentially touch nerves in every
Panama Papers: the biggest data breach of its kind?
The interesting thing about the Panama Papers is that it signals a
new era in terms of data breaches and the impact they can have.
This has been labelled by the media as the biggest data breach of
its kind in history.
This data, in turn, was quietly studied by more than 400
journalists from more than 100 media organisations in over 80
countries who were part of the International Consortium of
They have spent the past year studying more than 11.5m
documents relating to Mossack Fonseca and the companies
linked to it.
What we are witnessing is merely the tip of the iceberg as more
and more data will get analysed and deciphered by not only 400
journalists but a growing army of volunteers on sites like Reddit
who are only too happy to stick it to the man.
For example, Reddit is currently recruiting translators who can
help translate documents from Spanish, Dutch and Brazilian
Crucially, the entire drama signals a new era for the
whistleblower and could dwarf even the Snowden revelations or
the Wikileaks Cablegate in 2010.
What is unclear is how the data got out there, was it the work
of an insider or whistleblower or the work of a sophisticated hack
made possible by the most basic but insidious of phishing
But what is very clear is this: a new benchmark in how data
matters has been established. A digital trail can be a definitive
And the very notion of corporations, banks, legal firms and
assorted advisers hiding a digital trail of sensitive breadcrumbs for
no one to follow is a fairytale.
A tawdry digital trail mulled over by hundreds of journalists and now a
growing army of Reddit volunteers shows secrecy is a 21st-century
VOL 5 ISSUE 1
Staying In Business
Setting the Scene
You arrive at work and everybody is standing in the car park,
your building looks fine, but your neighbour’s building is
billowing smoke and flames. The fire chief says nobody is
allowed within 100 meters of the building. Your IT manager is
there, looking pleased, you enquire. He says “Now aren’t you
pleased we spent all that money on the remote backup and
server replication. I just tested it last week and it’s all working
fine”. “But”, you say, “Where will we go?” With no place to
go how long will your customers wait for you?
West of the Shannon
For 9 years now Work Area
Recovery Solutions (WARS) have
been providing large and small enterprises with a “place to
go”. The WARS recovery centre is located in Ennis Co Clare
and includes an air-conditioned computer room with UPS and
generator backup, 5 individual rooms with a total of 200
desks, telephones and PCs. The model is simple; you pay an
annual subscription /seat and you come and test your
continuity plans. When disaster does strike, you are ready and
you have a place to go to continue providing service to your
WARS continue to invest in their recovery centre. In March
this year they completed the hardware re-fresh of the
equipment. 206 new Dell Optiplex 3040 PCs were purchased
and installed. This refresh ensures support for latest version of
operating systems can be imaged onto the PCs.
This refresh follows on from last year’s upgrade of the Cisco
Unified Communications System. Gerard Joyce, CTO of WARS,
says “Our customers tell us that their customers are asking
them what their “disaster arrangements” are”. Don Kearns, IT
Manager with Kneat Solutions and customer of WARS says
“We were impressed with the range of services in the Disaster
Recovery space that is provided by WARS. To find this gem in
the Mid-West region was doubly impressive. We found Gerry
and the team at WARS to be extremely helpful and flexible,
providing first class support in the setup and operation of our
Loss Events = Opportunities for Disaster
Loss events come in many guises: fire, flood, storm damage,
utility outage, systems loss, people loss and many more. Any
loss event is an opportunity for disaster. A loss event turns
into a disaster for an enterprise if the Maximum Tolerable
Outage (MTO) is exceeded or the Minimum Essential Service
is lost. The MTO is the point in time at which the loss event
begins to damage your business. It depends on a number of
factors driven by the enterprise objectives and its
commitments. How long can you be “away from the market”
before the objectives are materially impacted? How long
before permanent un-recoverable damage is done to your
revenue, reputation, or the things that matter to your
enterprise? The MTO is a function of time, measured in
minutes, hours or days, depending on the nature of your
enterprise. The Minimum Essential Service (MES) is the
degree to which the enterprise has to recover from a loss
event in order to stem loss of revenue, reputation or the
things that matter to your enterprise.
VOL 5 ISSUE 1
Now in its fifth year, Data Centres Ireland is the county’s leading event for all those
involved with smaller server-rooms and coms-rooms through to to the staff
responsible for Operations, NOC, IT, Networking and Facilities Management, at
large co-location, corporate and cloud data centres.
Data Centres Ireland will be held at the RDS, Dublin on
the 8 – 9 November 2016. This refreshingly intimate
venue adds to the quality of the conference - and the
ability to have unhurried and high quality
conversations with vendors and speakers which makes Data
Centres Ireland well worth taking time to visit.
Feedback received from exhibitors following the 2015 event,
was that exhibitors were extremely impressed with the quality of
attendees delivered and the professional atmosphere created, as
they were able to spend time with clients, discussing their needs
and potential solutions.
“This is a business forum where all those involved can come
together, share knowledge, see the latest in products, services
and solutions which can assist them. As well as an opportunity for
companies providing datacenter services to meet their customers
and be seen to be supporting their industry and their suppliers.”
Say Hugh Robinson, Event Director
Visitors included senior level people from key target companies,
as well as representatives from companies operating their own
data centres and server rooms from across the country. These
included Microsoft, Intel, Ebay, Interxion, Facebook, Digital
Realty, Amazon Web Services, Telecity, Apple, Trinity College,
Boston Scientific and Primark to name but a few.
Many repeat exhibitors, commented that this year’s event had
delivered a greater number of senior level decision makers from
leading organisations, compared to previous years, and that the
opportunity to meet these people in person would not have
occurred, if they had not been exhibiting.
The Data Centres Ireland conference programme will address
three main areas:
Strategy – This will focus on the Development Drivers, Market
Drivers, Finance, People and Opportunities, which Ireland offers.
Operational Issues – Covering the whole remit of design and
operations from the latest updates on standards, the relevance
(or otherwise) of PUE in smaller data centres and server rooms,
and all of the hardware and services from cabling through
cooling, power, UPS, monitoring, DCIM, Construction Products
Regulation & how it applied to DCs, Codes and Standards.
Data Storage – This will look at storage options whether using
your own servers, co-location, managed services, outsourced and
cloud based solutions.
Call for Papers - Get involved
“We would like to invite all those who have
interesting case studies to submit a paper
for consideration and potential inclusion in
the Data Centres Ireland conference
programme. Simply send a 200 word
outline of your proposed paper detailing the
key points it will address to
email@example.com. The deadline for
paper submission is 10 July 2016.
Attendees of Data Centres Ireland can
expect the entire catalogue of high quality
speakers as when the programme is
announced in the coming months.
Those interested in reserving a stand at
the event or wanting to know more about
the opportunities Data Centres Ireland can
offer them should call Hugh Robinson on
+44 (0) 1892 518877, email
firstname.lastname@example.org or visit the website
VOL 5 ISSUE 1
AdaptiveMobile estimates up to 80% of
‘connected’ devices do not have adequate
AdaptiveMobile, the world leader in
mobile network security, predicts
that up to 80% of connected
devices currently deployed do not
have adequate security measures in place,
with four in five devices on the market
vulnerable to malicious or inadvertent
attacks and data breaches.
As the level of connectivity between
devices continues to grow, a new model
using a ‘big security’ approach of
harnessing big data, telemetry and security algorithms is going to
be needed to effectively protect the billions of devices connected
through the Internet of Things (IoT).
Gartner’s research report, Predict 2016: Security Solution,
discusses how the “security market will continue to evolve
alongside new requirements from the Internet of Things, cloud
computing and sophisticated targeted attacks…Gartner estimates
that a new architectural model will evolve, alongside such
demands, in which security technology and services will be made
available at the device and network layer, characterizing the
emergence of security solutions made within endpoints,
gateways and IoT platform providers.”
AdaptiveMobile’s CTO, Ciaran Bradley, explains, “A new
security architecture is required to deal with the increasing
connectivity of devices belonging to the Internet of Things. There
will be billions of devices connected through IoT – many unable
to run traditional endpoint security – and there is no definitive
ruling on who has responsibility to enforce this security and who
is liable when a vulnerability is exploited.” He continues, “We
need to be able to detect threats at scale –
using a combination of lightweight
telemetry and anomaly detection to give
early indicators of compromise – and then
enforce protection at scale. Not only are
consumer devices at risk but automotive
and industrial categories need to ensure
security is a critical consideration – we do
not believe this will be solved through
current approaches to security, particularly
when it comes to legacy systems.”
Given the increasing number of connected devices on the
market, the frequency at which IoT vulnerabilities are being
exploited and the pressure to keep costs of commercial devices
low, manufacturers need to make security a priority. IoT security
is complex, constantly evolving and needs to be a critical
AdaptiveMobile’s NPP6 is the world’s first converged carrier
security platform, providing consistent security irrespective of
device, operating system or end-user’s technical expertise.
Combining the latest data science techniques, machine learning
and advanced anomaly detection algorithms, with the
Company’s world-class threat intelligence services,
AdaptiveMobile is increasingly working with existing customers
and industry partners to bring its expertise to help secure the
rapid growth of IoT connectivity.
For more information on new IoT security demands and to read
Gartner’s Predicts 2016: Security Solutions please visit
Weekend takeaway: 10 tech stories you need to read right now
Ten nuggets of knowledge to take away for the weekend,
including: the future of security; cool and unusual data
centre designs; and security issues over driverless cars.
1. Deciphering the puzzling future of data security
From hackers to unencrypted smartphones and the spectre
of full-scale cyber warfare, the future of data security is set to
be a complex one that will affect us all.
2. Autonomous cars are terrifying some cybersecurity
Driverless cars are on the way, of this we are sure. But,
truthfully, how safe are they going to be? We asked some
cybersecurity experts and the answers were pretty worrying.
3. Check out 7 cool data centres with oddly innovative
As the growth in data centres continues apace, we look at
some of the more creative ways tech companies store their
mounds and mounds of data.
4. With great amounts of data comes great responsibility –
We are in danger of turning data and privacy into taboo
subjects. Instead, we need to direct the conversation towards
the potential opportunities of a data-centric world, writes
5. Are you ready to jump into hybrid cloud?
Hybrid cloud is the major enterprise trend of today. But what
is it, why does it matter and should you invest in it, asks John
6. 3 issues defining data protection in Ireland today
To mark Data Week, Mason Hayes & Curran looks at three
areas surrounding data protection that are important both
now and for the future.
7. From the pinnacle of knowledge CIOs talk data
Leading CIOs and IT leaders give an insight into the data
challenge, how to manage it and the kind of cutting-edge
projects they are embarking upon.
8. Leaders’ Insights: Bill Kearney, IBM Ireland Lab
Bill Kearney is the vice-president of the IBM Ireland Lab and
its Dublin Technology Campus.
9. How will we store data in the zettabyte era? (Infographic)
The amount of data we produce nowadays is truly mindboggling,
so how will we store it?
10. 4 top employers hiring for data management roles right
When it comes to the glittering world of data jobs, it’s often
all about data science and data analytics. Data management,
sadly, generally gets short shrift.
VOL 5 ISSUE 1
Protect your business online and
Risk of physical attack will always be there, but new threats are emerging
It used to be the case that if somebody tried to steal from
your business, an alarm would go off and the authorities
would act accordingly. In the 21st century however, the
landscape is entirely different and changing rapidly.
Of course, the threat of physical attack is much as it always
has been, and the Garda has guidelines for business owners
on its website as to how best to mitigate the risk to your
business and what to do if the worst happens.
These include keeping the premises well lit, utilising grilles
or shutters at entrances and windows, keeping tills out of the
sight of the public, employing anti-ram bollards outside, and
investing in appropriate locks and CCTV.
But how can you protect your business when the assailant is
not barging through the front door with a spanner in hand
but rather manipulating staff and covertly gaining access to
sensitive information before you have even noticed.
Protecting your business is about knowing what the risks
are, how to recognise the signs when they appear and taking
the necessary action to fend off attacks.
The Irish Small and Medium Enterprises Association (Isme)
produces a crime survey of its members each year. Last year,
79 per cent of companies who responded said they had been
targeted by computer-related criminal activity.
Some 51 per cent said their business had fallen victim to a
“virus infection”; 51 per cent to “hacking or electronic
intrusion”; and 20 per cent to credit card fraud.
Among the things to look out for is “ransomware”. One of
the fastest-growing types of cyber threats, it encrypts data on
infected machines before asking businesses to pay ransoms in
hard-to-trace digital currencies to retrieve their data.
Companies with an online presence are also facing what is
called a “distributed denial of service” attack, which is when
so much traffic is sent to a website that it cannot cope and
legitimate users cannot gain access. Like ransomware, a sum
of money is demanded before normal service can resume.
“It’s become much more prevalent, and particularly with
small- and medium-sized enterprises because they may not
have the resources to dedicate to these types of issues,” says
information security consultant Brian Honan.
“If your website is of high value to your business, you need
to make sure you’re talking to your host and provider to make
sure you have appropriate protection in place.”
In terms of a defence against blackmail or extortion,
something as simple as backing up your data could make all
There is also an attack called “CEO fraud”. This is when
company employees receive emails or correspondence
purporting to be from the chief executive or a senior member
of staff requesting money transfers to specific accounts that
are under the control of the perpetrators.
“The emails will look like they come from the company’s
CEO and sound like the company’s CEO in tone but in actual
fact they’re coming from the criminals, who may have hacked
the CEO’s email account,” says Honan.
Among the most serious type of attack is what is known as
Caption for image - Hacker attack: last year, 79 per cent of companies in an
Isme survey said they had been targeted by computer-related criminal activity.
an “advanced persistent threat”. This uses multiple phases to
break into a network, avoid detection and harvest valuable
information over the long term. Perpetrators will often
employ a combination of social engineering, blackmail and
malware to achieve their aims.
Paul Dwyer, president of the International Cyber Threat
Task Force, believes breaches are inevitable these days.
Criminals, he says, want to “work under the radar” and
detection is key to prevention.
“Data is the new cash,” he says. “What bad guys want is to
get your data. Once they have it, they can sell it a number of
times on underground stock exchanges. All different types of
data have different values.”
Another safeguard is to employ proper anti-malware
controls, and to carry out regular security checks to make
sure the system is actually working.
“People need to look from the inside out as well,” says
Dwyer. “They need to look at whether, if somebody does get
in, they do have any safeguards. If they are in, will we
actually be able to detect them?”
Whether you are protecting your business from physical or
online attack, a key thing to do is identify what is most
valuable to your business, whether that is information, cash
“If you’re connected to the internet, you need to realise the
internet is connected to you,” says Honan. “It doesn’t matter
where you’re located, criminals can still reach out and attack
you or steal information. The biggest and best way to fend
against them is to identify what information it is you’re trying
to protect, where it’s located, and how best to protect it.
“If it’s on a mobile device, make sure it’s encrypted and
that you have anti-virus software installed. On your company
network, make sure you have appropriate firewalls to prevent
malicious traffic getting into your network.”
Another important defence is to train staff to be aware of
the risks and how to identify suspect attacks before it is too
late. Government website makeitsecure.ie provides more
VOL 5 ISSUE 1
information on how best to do this.
On April 1st, the International Cyber Threat Task Force will
host a conference in Dublin’s Shelbourne Hotel to discuss
“cyber risk oversight”. The event is directed towards
business leaders who wish to learn more about cyber
Dwyer says this “collaborative approach” will be vital in
terms of online security. “The criminals collaborate,” he says.
“They share information, intelligence, techniques, and they
assist each other. That’s what businesses need to do. We
need to share intelligence and give each other the heads-up
in terms of the modus operandi, what they do, and what
they’re after, and that’s the best way to thwart these guys.
“You can invest in tonnes of technology, but active
intelligence that can prevent this stuff is far more beneficial,
and it costs next to nothing for businesses to be in touch
with one another on a sector by sector basis.”
Isme estimates the direct cost of crime per enterprise has
risen to €9,539 per annum and the annual cost of
prevention is €4,652 per company. This gives a total
average cost of €14,191 per company annually. Chief
executive Mark Fielding says finding the necessary resources
is often a key constraint preventing businesses from
employing the necessary security measures.
What is a VPN and do you
blocked in their country (One of the common examples is Netflix
which have restrictions in many countries).
2. People who are active in grey or even in dark areas, such as users
who want to watch porn and do not want their internet provider or
Google to know about it (in some countries, this is a criminal act),
terrorists dealing with weapons, criminals encrypting data about their
3. Journalists or people who live in countries that are run by repressive
regimes that want access to social media or blocked news content.
VPN applications were originally designed for big organizations
with more than one PC office. VPN is an acronym for Virtual
Originally, VPN was used by large companies to connect computers in
distant locations and until today, the use of VPN is popular among
organizations with more than one PC office.
Imagine, for example, that the Coca-Cola Company in Atlanta has an
office building where all of the computers are connected to the
company’s server through cables, and there is little danger that hackers
will break into Coca-Cola’s private network.
Now Coca-Cola opens an office in Canada and its employees in
Toronto need access to the private network. But running a cable from
the office in Atlanta to Toronto is a bit too much just to maintain
privacy. Therefore the company uses a VPN to virtually create a private
network (hence the acronym “Virtual Private Network” or VPN).
This is how a connection was formed between the computer in
Toronto and the main server in Atlanta in a secure way (the different
communication protocols of the VPN are responsible for the security,
which is, of course, not as perfect as a real private network, but is close
This connection that is established between these computers without
any real cables is, of course, made through the internet. That is why,
many workers (working from home, working from a hotel, or people
commuting) can connect to Coca-Cola’s virtual private network as long
as they have proper credentials.
The illustration (on right) demonstrates how a VPN works.
What can be done with VPN?
Some of the most common uses of VPN are listed below:
1. Unblocking sites – Some countries block services like Facebook,
YouTube, Twitter and more. A VPN service allows you to be in
China but lets you surf as if you are in the USA. Similarly, some
schools and organizations block the access to popular sites and social
networks and the solution to this is VPN.
2. Hide identify – With VPN you can impersonate a user from a foreign
country for a handful of reasons. (This is very useful in the internet
Recommended VPN services
Nowadays, numerous VPN services are available. It seems as if every
website developer is maintaining servers in different countries and calling
themselves a VPN service.
Nevertheless, load management (so that your surfing will not be
slowed down because many people are using the server), the ability to
slip past Netflix and its counterparts (that constantly try to detect the
VPN services and block them) and more parameters create a distinction
between these VPN services.
There are three main audiences for VPN services:
1. Regular people who simply want to surf anonymously, be it for
security reasons, or the will to watch content over the internet that is
VOL 5 ISSUE 1
‘Irresolvable tension’ exists in data
Conference told Experts say governments want to collect data, but are not
focused on adequately protecting it
An “irresolvable tension” often exists between the
desire of government bodies to collect and use
personal data, and the need to adequately protect
that data, say experts.
According to a panel on the second day of the RSA Security
Conference, government bodies also are unaware of all the
data they are collecting because it isn’t properly tracked or
In addition, many private organisations, research groups and
other bodies are eager to obtain these large data sets, but
generally have not thought through privacy concerns or
management, said the participants in a session entitled
“Government in the Crossfire: Data Privacy in an Era of
“In order for us to approach how to manage (DATA
PRIVACY), we need to know where it is,” said Flint Waters,
state chief information officer for the state of Wyoming.
Agencies have a long history of mandating various types of
data gathering “and we truly do not know what has been
Wyoming was preparing legislation to change this and
require datasets be inventoried, he said.
Road toll authorities also have gathered large data sets that
they have resisted destroying, because they’ve never had
access to such a range of data and now want to mine it, said
Lee Tien, senior staff attorney with the Electronic Frontier
For example, data from Fastrak devices used to automatically
pay tolls has been of interest to law enforcement but they’ve
had no specific reason for holding it.
“We asked, ‘well, why are you holding all this trip data from
Fastrak?’, and they said, well, just in case,” Mr Tien said,
noting this view was a major problem across agencies as well
However, JR Reagan, global chief
information security officer with Deloitte,
said that general privacy policies were too
broad to cover the more nuanced uses
people might desire their information to be
used for, for example to to receive specific
these blanket policies around privacy, so data can be used for
uses that you would like, but also be protected.”
One problem with government discussions of privacy and
security – such as the current US case where the FBI is pushing
Apple to give access to a terrorist’s iPhone – is that they are
seen as separate when they are actually closely intertwined,
said Mr Tien.
“It doesn’t make sense to talk about either without talking
about the other, especially as people see privacy as security in
many ways,” he said.
In the Congressional hearings for Apple versus the FBI, a lot
of people were resisting any sort of suggestion that there’s any
sort of tension between privacy and security.”
Instead, the government has framed the discussion as
differing approaches to a security debate, he said.
While Mr Reagan argued that privacy is essentially contextual,
Mr Tien said he could not see technology solving that
conundrum any time soon – for example, that people might
someday be able to tag their own information to allow it to be
used in different ways in different contexts.
A large problem was potential misuse, or abuse of such data
by law enforcement, which can be very hard to uncover.
“They’re capturing data and leveraging it against other data
sets only they have access to,” said Mr Waters, noting he
comes from a law enforcement background.
“Then the data goes to private companies. In going to
private companies, we’re seeing partnerships we’ve never seen
before”, and the implications haven’t been adequately
“I don’t see any solutions, except for all sides to accept there
are problems. Denial is the step where we’re at. There are a lot
of folks that don’t want to acknowledge that there’s a privacy
problem in the first place,” said Mr Tien.
‘Yesterday’s privacy constructs’
“We fall into the trap of thinking all issues are
resolved around privacy if we solve for the
bad thing,” he said, noting that to often we
are “trying to apply yesterday’s privacy
constructs to a digital world that keeps
moving faster. We actually need to have
different constructs to manage the data
differently. We need to move away from
VOL 5 ISSUE 1
New FCC rules could require ISPs to
get user permission about data sharing
The US Federal Communications Commission (FCC) is proposing new rules that
will require internet service providers (ISPs) to get permission from users before
they can share data about customers’ online activities with advertisers.
FCC chairman Tom Wheeler has called for broadband
service providers to disclose how data is collected about
users’ online browsing activities. He also wants to see
companies bolster the security of customer data.
This will significantly curb the ability of companies like Comcast
and Verizon, for example, to share advertising data.
In effect, the FCC is establishing privacy rules for companies
that manage web traffic and this is the next major step change in
US telecoms policy after net neutrality.
‘This isn’t about prohibition; it’s about permission’
– TOM WHEELER, FCC CHAIRMAN
“We all know that the social media we join and the websites
we visit collect our personal information, and use it for
advertising purposes. Seldom, however, do we stop to realise that
our ISP is also collecting information about us,” Wheeler said in
an op-ed in the Huffington Post.
“What’s more, we can choose not to visit a website or sign up
for a social network, or choose to drop one and switch to
another. Broadband service is different. Once you subscribe to an
internet service provider – for your home or for your smartphone
– you have little flexibility to change your mind or avoid that
Wheeler pointed out that because the ISP handles all network
traffic it has a broad view of a user’s unencrypted online activity.
ISPs have access to an unencrypted feed all about your
“If you have a mobile device, your provider can track your
physical location throughout the day in real time. Even when
data is encrypted, your broadband provider can piece together
significant amounts of information about you – including private
information such as a chronic medical condition or financial
problems – based on your online activity.”
Wheeler said that strict regulations exist around what phone
companies can do with such information and that similar rules
are required for the information collected by ISPs.
“I’m proposing to my colleagues that we empower consumers
to ensure they have control over how their information is used by
their ISP. Every broadband consumer should have the right to
know what information is being collected and how it is used.
Every broadband consumer should have the right to choose how
their information bits should be used and shared. And every
consumer should be confident that their information is being
“This is not to say network providers shouldn’t be able to use
information they collect – only that since it is your information,
you should decide whether they can do so. This isn’t about
prohibition; it’s about permission.”
Wheeler proposes users can opt in or opt out of the various
uses ISPs could have with the rich trove of data they can glean
from web traffic about users.
“One of the most important things to remember about this
proposal is that it is narrowly focused on the personal information
collected by network providers. The privacy practices of the
websites that you choose to visit are not covered by this
proposal,” Wheeler said.
Plan: At least 10 firms
bid to end Ireland’s
he Irish Government’s long overdue intervention to bring
750,000 postal addresses into the 21st century is gaining
impetus after it emerged that at least 10 players have bid for
two State broadband contracts valued at between €300m
The plan – supported by EU state aid – will fund operators
to compete to deliver a guaranteed minimum of 30Mbps
download speeds and 6Mbps upload speeds with 99.95pc
However, there are indications that bidding firms, which
includeEir, Enet and the ESB/Vodafone joint venture SIRO,
intend to go way beyond this to 1Gbps fibre-to-the-home
services, potentially creating a scenario where rural dwellers
could, in time, have better broadband than their urban
VOL 5 ISSUE 1
Move to electronic payments adds
€1.8bn to Ireland’s coffers
Ireland’s move from being a cheque and cash dependent economy to an electronic
one has resulted in €1.8bn being added to the nation’s GDP in just the last four
years, creating an average of 3,700 jobs each year in the process.
“The cheque is in the post,” were usually the last
words Irish business owners heard from a
customer before having to go to the bank
manager in order to make payroll or before the
bailiffs came calling.
Ireland’s dependence on cheques and cash
payments were a thorn in the side for most business
owners, even if they didn’t realise it themselves, and
this made Ireland something of an anomaly
compared with more progressive countries, especially
But, in the last few years, something has changed
and, according to a new Visa-commissioned study by
Moody’s Analytics, the move to electronic payments
has added €1.8bn to Ireland’s GDP.
The contribution of the growth of electronic
payments in Ireland to Irish GDP was double the
Moody’s economists also estimated that an average
of approximately 3,700 jobs were created per annum
over the four-year period as a result of the increased
The Moody’s Analytics study, which analysed the
impact of electronic payments on economic growth across 70
countries between 2012 and 2015, found that increased use of
electronic payment products, including credit, debit and
prepaid cards, added $296bn to GDP globally. The 70
countries in the study make up almost 95pc of global GDP.
“Electronic payments are a major contributor to
consumption, increased production, economic growth and
employment creation,” noted Mark Zandi, chief economist,
“Those countries which saw large increases in card usage
also saw larger contributions to overall growth in their
The study indicates that the
electronification of payments benefits
governments and contributed to a more
stable and open business environment.
Annual spending on Visa cards –
debit, credit and prepaid – in Ireland
reached a new record of €31.7bn last
As a result, transactions with a Visa
card – debit, credit and prepaid – now
account for more than a third of Irish
This is due to the continued shift from
cash and cheque usage as consumers
opt for the convenience and security of
Caption for image - No longer a cheque-driven backwater, the contribution of the growth of
electronic payments in Ireland to Irish GDP was double the European average.
New technology such as contactless payments for purchases
up to €30 has increased overall card usage, with more than
one million contactless transactions now being made in Ireland
“Over the last 50 years, the rapid proliferation of electronic
payments has enabled and improved how consumers pay for
goods and services, how merchants manage their businesses,
and how governments make and collect all sorts of payments,”
Philip Konopik, Ireland Country Manager for Visa Europe, said.
“The report findings reinforce the positive benefits that
electronic payments have brought to Ireland, as increased
consumption has contributed to
growth in Irish GDP and also seen firms
expand in order to meet increased
demand for goods and services.”
“We ultimately want to see this
positive trend continue and are
working globally with governments,
financial institutions, merchants and
technology companies to develop
innovative payment products and
services that will accelerate electronic
acceptance, grow commerce, and
bring the benefits of card payments to
more people everywhere,” Konopik
VOL 5 ISSUE 1
Data Solutions announces
20 jobs and €5M investment to
triple its business
· Irish company aims to triple its business to €80M turnover
· €5M investment involves new hires and expansion into the UK with new Reading
· 20 jobs across Ireland and UK to be filled by 2018
Data Solutions announced it is investing €5 million and
creating 20 new jobs to bring its team to 40. The
leading Irish IT solutions distributor aims to triple its
business over the next three years to €80 million
turnover on the back of this investment.
Part of the investment will be used to penetrate the
competitive UK market, with new offices in Theale, Reading. This
expansion will be used to bring best-in-class IT solutions from
leading vendors Nutanix and Skyfii to the UK market. Data
Solutions expects its UK operations to grow to the same size as its
Irish business by 2018 and is targeting £30 million in UK turnover
The 20 new positions are being divided evenly between Data
Solutions’ Dublin headquarters and its new offices in Reading.
Roles are spread across technical support, sales and marketing
and will be filled by 2018. The company has already hired two
new account managers in Ireland and a managing director and
sales manager to run operations in the UK.
Along with Nutanix and Skyfii, Data Solutions has also signed
partnerships with leading vendors Arista, CommVault and
Supermicro. Other vendors Data Solutions works with in Ireland
include Aruba, Check Point, Citrix, Dell Wyse, RSA Security and
ShoreTel. It also has channel partnerships with the likes of Capita,
Trilogy Technologies and Integrity 360.
Speaking about the announcement, Michael O’Hara, group
Pictured at the announcement of Data Solutions' expansion at the company's
new UK offices in Theale are (l-r) Michael O'Hara, managing director, Data
Solutions; Andrew Brewerton, channel manager, Nutanix; and Sean Fane, UK
managing director, Data Solutions.
Pictured at the announcement of Data Solutions' expansion at the company's
new UK offices in Theale are (l-r) Brian Davis, datacentre sales manager, Data
Solutions; Andrew Brewerton, channel manager, Nutanix; Michael O'Hara,
managing director, Data Solutions; and Sean Fane, UK managing director, Data
managing director, Data Solutions said: “We’ve achieved
exponential growth in the Irish market over the past few years
and now we want to do that in the UK. We have a strong
network there already and we’re bolstered by our new
partnerships to grow a real presence now.
“Our value comes from being more than a distributor. We’re
passionate for partner growth and our team has the in-depth
sales and marketing skills that can only be developed from being
a true IT specialist unit. We choose products that will grow
quickly and fast-track the introduction of disruptive new
technologies to the market.”
Andrew Brewerton, channel manager, Nutanix added: “We are
committed to establishing strong relationships with our
distributors and partners to deliver the best experience for
customers. With its strong channel and remarkable ability to
bring new technologies to market, Data Solutions has given us
access to top-tier resellers in Ireland, which has been instrumental
to our own growth in the region. We see a lot of opportunities in
delivering invisible infrastructure, where computers, storage and
virtualisation can be converged at any scale. We look forward to
seeing the success with Data Solutions replicated across the UK.”
Data Solutions specialises in security, next generation data
centres and unified communications. The company has achieved
steady year-on-year growth over the past 25 years. Through its
channel, it can mobilise a sales force of more than 600 enterprise
VOL 5 ISSUE 1
Check out 7 cool data centres with
oddly innovative designs
As the growth in data centres continues apace, we look at some of the more
creative ways tech companies store their mounds and mounds of data.
Last month, Microsoft trialled its first underwater data
centre. It had been planning it for years, and the move
beneath the depths is reflective of a growing need to find
better ways to store data. Cloud storage is intangible in
consumers’ eyes, but that mystical, vague concept evaporates
once you see the behemoth centres popping up all over the
Often ugly, often gargantuan, and often major energy
consumers, companies are now searching for ways to do things
more efficiently. The net result is a growing suite of very clever,
very attractive approaches.
Here are 7 of the more innovative centres:
We’ll start with
said its Leona Philpot
data centre (a
a resounding success.
exploring the seafloor
noise than the data
centre inside the container, which consumed computing power
equivalent to 300
desktop PCs,” Microsoft
ected by a steel
door 40cm thick.
Google has revealed
more about its data
centres than most
major tech companies,
with Street View
tours of some of their facilities. Branding is important, even when
its as simple as painting tubes. Council Bluffs, with added deer,
below, and an overview
of the Lenoir
base beneath that.
Now we’re into
some seriously weird
scenarios, with CyberBunker’s
use of a
NATO bunker in the
a colourful history.
Because of its “many controv-ersial customers”, CyberBunker
has seen police forces attempt to break into the bunker to shut it
down multiple times. However, but for a bit of damage to the
doors, nobody has gotten through. The cold water circulation
(below) is almost as old-school as those immensely thick doors.
data centre won a
green award back in
2008 for its use of
spacing and plants to
drastically cut down
on its CO2 emissions.
Bahnhof has a
selection of remarkable
centres, with this
one in Pionen –
located in a nuclear
bunker from the
Cold War – its best
known location. The
entrance is prot-
Located in a former
chapel, the MareNostrum
supercomputer sits in a
wonderful glass case in the
data centre in Stavanger
is built into a
former NATO ammunition
store. Here it is
before they packed in
the servers, with those
below, via Knut Bry
VOL 5 ISSUE 1
3 issues defining data protection in
Mason Hayes & Curran looks at three areas surrounding data protection that are
important both now and for the future.
Data protection in Ireland is being ramped up, with
companies failing to adhere to data laws now in
greater danger of facing fines of up to €20m.
Looking globally, there have been some high-profile
examples of data protection and the legal rights to it being
played out in the courtroom, including the Google Spain ‘right to
be forgotten’ case.
There is then, of course, the EU’s highest court declaring in
2014 that the EU Data Retention Directive was invalid, resulting
in uncertainty for the corresponding national laws across the EU.
In an opinion piece from the European Parliament’s Legal
Services, the organisation said it firmly believed that EU member
states should examine their national data retention measures to
see whether they complied with the decision of the court.
So, what changes has Ireland undergone in recent years and
what precedent has been set by decisions outside of our control?
ISO 27018: Cloud computing privacy standard – one
Last September marked the first anniversary of the publication of
ISO 27018 – an international privacy standard governing the
processing of personal data in the cloud – that has been well
received by data protection experts, but has not been without
challenges for both customers and cloud providers.
The standard confused many analysts and cloud providers as it
made a number of references to both physical storage media and
hard-copy materials, which seems somewhat out of place on a list
of requirements for online cloud services.
However, as Mason Hayes & Curran explains, cloud customers
have been welcoming of the decision in the face of a growing
demand for total company transparency now and in the future.
Personal data and your right to access it — Ireland vs
We might share much in common with our nearest neighbour
but, in some instances, we can be worlds apart.
Highlighted last September by Masan Hayes & Curran, one
such instance of this is when it comes to the legal framework for
data protection surrounding a person’s right to access data
Dropbox is just one of the world’s major cloud service providers adopting ISO
27018. Photo: Connor McKenna.
relating to them in contentious cases.
One area that the two nations differ on was highlighted in the
case of Ali Babitu Kololo, who submitted a subject access request
Kenyan national Kololo was found guilty of robbery with
violence and the kidnapping of British nationals and sentenced to
death by a Kenyan court and, as part of a challenge to his
conviction, lawyers for Kololo submitted a SAR to the UK
Metropolitan Police Service (MPS), which assisted with the
investigation, but the reasoning behind this request was
challenged by the MPS.
Under Ireland’s legal framework, however, there’s much more
power in the hands of the individual
Regular readers will be
familiar with the concept
of the internet of things
(IoT), believed to be the
next step in technology
that will connect billions
of devices sharing vasts
amount of information
with one another.
that, there are major
implications for data protection, which led to think tanks and
governmental organisations putting their minds at work to
develop frameworks that could lead to a regulatory standard for
IoT devices to follow.
What came from this, among other things, was the Article 29
Working Party – a collection of 28 EU national data protection
authorities – which devised a list of 10 of the biggest challenges
facing an IoT future.
VOL 5 ISSUE 1
Irish Government not budging
from original National Broadband
The Department of Communications said last night that the intervention area in
the National Broadband Plan remains at 750,000 premises, despite Eir’s plans to
connect 300,000 homes to 1Gbps broadband.
The issue of broadband in Ireland is
a highly emotive one and it
became an election issue in 2016
as many people who are unable to
receive adequate broadband feel they are
missing out on the social and economic
opportunities provided by it.
Before Christmas, the Government began
the procurement process for the ?275m EUbacked
plan that aims to deliver at least
30Mbps broadband to 1.8m people, or
38pc of the population not served with
broadband of 21st-century quality, by
Around the same time, Eir revealed its
plans to connect 300,000 homes in
broadband-deprived rural areas to its latest
1Gbps service with the first 100,000 home
to be connnected by March 2017.
Such a move would require the
Government to amend the rollout plan as
EU state aid cannot be directed towards
areas supplied by a private sector provider.
Broadband intervention area won’t be
altered… just yet
But it appears the Department of Communications
is sticking to its original plan as
drawn up in 2015.
Five companies had applied for the first stage of the formal
procurement process by the deadline of 12 noon yesterday (31
The department said that certain criteria would need to be
met and a binding agreement signed before premises can be
excluded from the broadband intervention area.
The department said that so far it has assessed the commercial
plans of six operators in 2015 in respect of its criteria and it has
found no reason to alter its plans.
“The department wishes to place on record that, to date, no
company has satisfied all of the relevant criteria and signed a
Commitment Agreement in respect of any proposed commercial
plans,” the Department of Communications stated last night.
“The High-Speed Broadband Map 2020, therefore, remains as
it was when published in 2015, and the intervention area,
therefore, also remains at more than 750,000 premises.
“The Department is monitoring existing commercial rollout
The Irish Government said it is sticking to its multi-million euro EU-backed plan to connect up to 38pc of
the population to high speed broadband.
plans to ensure that all of the 1.6m premises, which commercial
operators indicated they would complete by end 2016, will have
access to high-speed broadband of at least 30mbps by end
The Department of Communications said that while it does
not plan to change the intervention area during the
procurement process, it reserves the right to do so.
“In the event that the department becomes aware of an
increase or decrease in planned private sector investment, the
department may review such changes and if it considers it
appropriate, it may update the High-Speed Broadband Map
2020 and the intervention area. Any review and change to the
intervention area will take account of public procurement rules
as well as State Aid rules and guidelines.
“In this way, the separtment aims to ensure that all
commercial plans are fully assessed and validated, and that the
Government’s commitment to delivering high-speed broadband
to every premises in Ireland is fully realised.”
VOL 5 ISSUE 1
Fastest-ever data transfer
clocked at incredible
Imagine being able to download all of Game of Thrones in one
second? Well, researchers have achieved a data transfer speed
that could do just that.
The fastest-ever data transfer record, achieved by a team from
University College London (UCL), clocked in at a blistering
1.125Tbps, which, the team is quick to point out, is 50,000-
times faster than the average UK household speed of 24Mbps.
With its research published in Scientific Reports, the team
undertook the challenge by building an entirely new optical
system to transmit the data, as well as developing its own
coding techniques to fine-tune the transfer speed to the ultrafast
speed it achieved.
The optical system contains 15 channels, each of which
transmits at a different wavelength and is then combined and
sent to a single optical receiver for detection.
In doing this, the researchers say that it turns it into a ‘superchannel’,
widely believed to be the future of high-capacity
communication, but it is years from being commercially
Looking for a longdistance
The project is part of a UK-funded programme called
UNLOC, which gave the team access to state-of-the-art
Explaining the super-channel concept further, lead
researcher on the project, Dr Robert Maher, said: “Superchannels
are becoming increasingly important for core
optical communications systems, which transfer bulk data
flows between large cities, countries or even continents.
“However, using a single receiver varies the levels of
performance of each optical sub-channel, so we had to
finely optimise both the modulation format and code rate
for each optical channel individually to maximise the net
information data rate. This ultimately resulted in us
achieving the greatest information rate ever recorded using
a single receiver.”
Having only achieved this speed in a lab, the researchers
will now aim to expand their concept to long-distance
transmissions up to thousands of kilometres in distance,
which typically leads to data loss.
A booming time for Cork
Communications infrastructure and the internet economy as a
whole are developing fast in Cork,” said Barry Rhodes, INEX’s
chief executive, when commenting on the news.
“The arrival of the Hibernia Express subsea fibre cable, and the
other international subsea fibre cables that are expected, has
created a momentum in the city that the INEX Cork internet
exchange will help to further stimulate. INEX celebrates its 20th
anniversary in 2016 and we are delighted to be marking this
milestone with the launch of INEX Cork.”
The news today follows the announcement by Interxion that
the group is to open its third data centre in Dublin to better cope
with demand, with the centre to be built in Grange Castle
New INEX internet
exchange to open in Cork
to boost region
Ireland’s Internet Neutral Exchange Association (INEX) is to
open its first regional internet exchange point in Cork to
help facilitate faster internet in the region.
Founded in 1996, INEX has been providing IP peering
facilities to more than 100 members, with six data centres
currently based in the Dublin region.
This, however, will be the association’s first opening outside of
the capital as it looks to expand its national capacity following a
year in which its centres reached peak traffic levels of 110Gbps,
with a total usage of 200 petabytes of data for 2015.
To be designated INEX Cork, the new venture will be located
in the CIX data centre located in Holyhill and is expected to
begin operations by the beginning of Q2 this year.
As part of its remit, INEX Cork will also be operated as a
Banking is undergoing its most
disruptive era ever, with every
aspect of its traditional
business model under attack
from outside forces
– This is bad news for frontline staff
Up to 30pc of employee numbers at traditional banks could
go over the next decade, with growing automation
rendering huge swathes of staff roles outdated.
That’s according to Citi’s report into digital disruption in the
banking world, with it claiming a fintech-driven automation
‘tipping point’ is coming in the immediate future.
Saying branches are soon to become about “advisory and
consultation” rather than transaction, the loading of fintech
investment towards the end-user experience means plenty of
lower-end positions are on the ropes.
“We believe that there could be another 30pc reduction in staff
during 2015-2025, shifting from the recent 2pc per year decline
to 3pc per year, mainly from retail banking automation,” the
Fintech feeding an Uber moment
It’s worse news for countries like Greece and Ireland, where the
financial crises were felt most, with the decline topping out at
5pc per year according to Citi’s estimates.
Fintech investment by financial institutions has risen from
$1.8bn at the start of the decade to $19bn now, with 70pc of it
focused on the customer experience. Given that this experience
used to be ‘in-store’, you can see where the warning signs are.
Calling the impending tipping point “banking’s Uber
moment”, Citi claims it will specifically see a huge shift towards
mobile banking, with it becoming customers’ primary mode of
interaction with their banks.
“Branches will be only one of the distribution channels. They
will still play an important, albeit diminishing, role,” reads the
Last December, the European research institute BearingPoint
found that the vast majority (90pc) of banks’ new digitalisation
prioritisation was needed, however, at that point just 17pc felt up
to the task.
Citi’s findings show that that low base is poised to skyrocket.
VOL 5 ISSUE 1