Monthly Archives: February 2019

Bursary winner shares learning from InfoSec 2018 with colleagues and future IT professionals

Haydn Tarr
IT Service Development Manager
The University of Chichester

 

InfoSecurity Europe 2018 Conference

Back in June 2018, I was very fortunate to be offered the UCISA bursary to attend InfoSecurity Europe conference in London. InfoSec as a conference offers attendees insights into the latest trends surrounding information security, and largely focusses on cyber security threat prevention and mitigation.
Attending this conference was refreshing for me in two ways. I was exposed to a number of new and emerging themes and it was great to meet new people with exciting ideas, and a real drive to provide a safe, digital environment for colleagues and customers. I hope that with this blog post, I can give you a sense of my overall experience and share some of the information from the event.
Throughout the years I have supported The University of Chichester’s IT infrastructure journey from being based solely on site, to having a blend of both hosted and on-premise deployments. As Chichester grows both in terms of its IT deployment but also in numbers of students, staff members and other types of users, it is inevitable that our cloud footprint will grow too. With this, my role is focussing more and more on security whilst enabling digital transformation projects, which, by their own nature have implications when it comes to protecting the data of our user-base. One of the things I value most from being able to attend InfoSec was being able to share Chichester’s story with other representatives from both commercial and non-profit organisations and learn that they were too, facing the same challenges.

It’s not a case of ‘if’, but ‘when’….

A common discussion point which came up regularly at InfoSec was prevention and mitigation methods against cyber-attacks. However, vendors and consumers generally agree that total prevention isn’t guaranteed and that it’s only a matter of time until an organisation’s next cyber incident. One session that I attended, had determined the average time taken to expose a breach is 191 days. For some organisations this presents potential cultural challenges as the workforce isn’t always empowered to blow the whistle when a breach is identified. Should a breach be discovered from outside the organisation however, the repercussions could be irreparable. One of my personal takeaways from InfoSec from the sessions was using repositories such as ‘haveibeenpwned.com’ and cross referencing these with our global email address lists to determine if any of email addresses had been leaked. Someone was even so kind as to point me in the direction of the PowerShell script which carries out the comparison, which we’re still using regularly now.

Old tricks are still the most effective

In the sessions and general conversations, email continues to thrive as the primary threat to an organisation’s information security. Email attacks have been at play for over twenty years now and yet commercial, education and non-profit organisations are still struggling to deal with these attacks. It was reassuring to hear that we weren’t alone in this battle.
I took many technical recommendations away with me from the conference, such as providing banners on external emails, identifying cloned addresses and recommendations to use Office 365’s security assessment, which identifies any vulnerabilities in your tenancy and makes the appropriate recommendations.

In light of the above, what was promising to hear is that many organisations are attempting to strike a balance between prevention measures and training. Implementing proactive measures to prevent threats is the immediate go-to action, however, both commercial organisations and HEIs are investing more into providing user training and assessing their security vulnerabilities within the workforce. I came out of InfoSec in high spirits, knowing that in the absence of an unlimited budget for investing in security measures, we are fortunate to have at Chichester an open dialogue with our students and staff with regards to awareness of cyber threats and good digital security practice in a modern University.

Reflections and future prospects

InfoSec really broadened my horizons to information security in a way that I hadn’t been exposed to previously. So much so that it has had an impact on my academic studies where leadership in cyber security forms the main subject area of the final year dissertation for my master’s. Recently I have been invited into teaching sessions to talk with degree apprenticeship students about some of the subject areas covered at InfoSec in the hope that it could have a positive impact in their professional lives.
Lastly, I would like to extend my gratitude once more to UCISA for providing me with the opportunity to visit InfoSec.
Interested in finding out more about a UCISA bursary, then visit UCISA Bursary Scheme.

Digital and society – true love or an unhealthy obsession?

Rachel Drinkwater
Senior Business Analyst
University of Coventry

Reflections from a bursary winner

In his book ‘The Rise of the Humans’, Dave Coplin  expounds that technology is neither good, nor bad. It is simply an amplifier of whatever we, as society and individuals, choose to use it for.

The media however certainly seem keen on amplifying the negative aspects of our relationship with technology, with often rather sensationalist reports of children as young as seven ‘sexting’ , a mental health “epidemic” in young people being directly attributed to social media usage, a decrease in the age and an increase in the severity of reported loneliness  an increase in divorces attributed to gaming addiction and claims of reducing memory and attention spans in young people and adults alike. Indeed it’s not just the media reporting these bad news stories. Numerous academics and researchers have produced literature reinforcing this rhetoric. I myself spent six months researching the impacts of digital technology and devices on ‘millennial’ learners and their ability to learn and retain information for my Master’s degree. Whilst my findings were not as negatively polarised as those of writers such as Nicholas Carr, Sherry Truckle and Susan Greenfield, I did conclude that there could be significant impacts on individuals and wider society if we fail to exercise caution, control and discipline when using digital technologies and if we fail to pass these skills onto new generations.
I feel I must defend myself a little at this point. I’m not anti-technology or anti-digital. I work in the field of IT, I have a passion for digital technology and I love the convenience of my digital devices and streaming services. I fully-support Coplin’s theory – it is our adoption and attitude towards and use of digital technology that is causing issues in society, not technology itself.
Positive applications of technology can save lives, help us to protect the planet, bring people together and introduce all manner of convenience and efficiency into our working, social and family lives. I don’t believe that we’re creating a new generation of zombie-like device-users incapable of building real life human relationships or employing critical thought. I have met twelve year olds that have astounded me with their common sense, intelligence, curiosity and yes, technical capabilities. The student who gave the opening and closing speech for Coplin’s lecture at Warwick School could have stood in front of any corporate board room and held his own.
I genuinely believe that today’s young people have as much talent, promise and potential as any other generation but that the technological advancements and the amount of information readily available to them, literally at their fingertips, gives them both advantages and disadvantages. Indeed Pew Research Centre concluded their in-depth 2012 research study into the future of technology with the somewhat inconclusively titled report “Millennials will benefit and suffer due to their hyperconnected lives“.
In my research, the evidence suggested that those who are able to efficiently use social media and other technologies and practice ‘multi-tasking’ when it is appropriate to do so, stand to do well in today’s digital society and workplaces. However, it is also apparent that if left unchecked and unmanaged, the issues we are seeing in society could continue and increase in prevelance and severity, creating negative knock-on impacts and detracting from the positive impacts.

I attended a talk by Adam Thilthorpe of the BCS at Business Analysis Europe 2018 in September courtesy of a UCISA bursary, in which he discussed what he termed the ‘unintended impacts’ of technology – those negative impacts discussed above. He raised the question of where the responsibility lies in pre-empting, identifying and mitigating against such impacts. When companies develop their media and communications platforms, I think we can fairly safely assume that they are not doing so with the intention that 11-year-olds will use them to send ‘sexts’; this is an unintended impact of the technology they have created. On the other hand, there are organisations who may exploit anxieties such as fear of missing out (FOMO), self-esteem issues and device addiction to market and sell products and services.
This raises a number of questions. Who should – or could – be responsible for identifying, pre-empting and mitigating against unintended and/or potentially unethical impacts of emerging technologies? Is it the responsibility of technology companies? Businesses? The Government? Educational Establishments? Parents? Individuals? Pressure groups? All of the above? And how do we begin to pre-empt such impacts when we are dealing with new, disruptive, previously-unseen technologies being released into an ever-changing society?
As a society we are experiencing an unprecedented rate of technological change. We are innovating incredibly quickly and have adopted digital technologies readily and intrinsically into our everyday lives. However, our legislation, regulation, educational systems and social and cultural norms are still changing at the same rate; comparatively slowly. It seems that we have been somewhat blindsided and as such have possibly not put in place measures to enable digital technologies to always be adopted and integrated into people’s lives in a productive, safe and useful manner. At the same time, we are so enamoured with our digital devices and applications and the convenience and opportunities that they bring, that we may not be pausing to consider the unintended and long-term impacts and effects of them.
In her 1979 book ‘Love and Limerence: The Experience of Being in Love’, Dorothy Tennov coined the phrase ‘Limerence’, which she defined as “an involuntary interpersonal state that involves an acute longing for emotional reciprocation, obsessive-compulsive thoughts, feelings, and behaviors, and emotional dependence on another person.” It’s that period of a relationship where your brain is producing a heady cocktail of Dopamine and Oxytocin and the object of your attention becomes your sole focus. It’s the stage where strange habits, bad behaviours and the wider impacts of focusing on one person to the exclusion of all else seem insignificant. That wonderful phase where their window-rattling snores seem adorable and your friends barely see you for six months.
It seems that as a society we are in a state of limerence with technology. We overlook the wider impacts, the bad habits, the potential problems, the metaphorical duvet-stealing, because we are hooked on those little hits of dopamine and oxytocin that are released every time we get a ‘like’ on a photo on Facebook or a connection request on LinkedIn – the exact same checmicals that are released during the limerance stage of a relationship. Indeed neuro-economist Adam Penenburg’s research centres on drawing parallels between the chemicals released when using social media and those released when falling in love. Interestingly, just like with limerence, there are also elements of addictive behaviour displayed when using digital platforms such as social media. Indeed Smartphone and gaming addiction are now recognised as distinct social issues with 73% of the 2016 OFCOM report’s 16-24 respondents professing to be ‘hooked’ on the device they use most to go online and ‘gaming disorder’ being recognised as a mental health condition by the World Health Organisation.
The question this raises is what happens when we fall out of limerence with digital technology? When we come down from that heady chemical rush, will we still be in love and will the relationship still be sustainable?
The media spotlight on some of the social issues in recent years and the acknowledgement by health organisations of some of the health impacts of unhealthy technology suggests that we’re starting to edge out of limerence and into the stark reality of our ongoing relationship with digital technology. Perhaps we’re starting to want to reconnect with our old friends ‘Walk in the Countryside’ and ‘Conversations around the Dinner Table’ who we dropped in favour of the alluring blue glow of our smartphone screens in the late 2000s. Perhaps we’re starting to assert our independence a little, creating screen-free times, rather than being slaves to our devices 24/7. Perhaps we are thinking about how we can strike a balance between our online and offline lives.
As Stephanie Sarkis states: “Time heals the intense pleasure (and suffering) of limerence… in a long-term relationship, it’s when things start getting real.” It’s safe to say that this is a long-term relationship, a multi-generational one in fact. That’s why it’s so important that, as with any relationship, we work out what we want from it, how we can manage and balance it and how to ensure that it is a long, beneficial, happy and healthy partnership for everyone involved.
This article first appeared on Rachel’s blog.
Interested in finding out more about a UCISA bursary, then visit UCISA Bursary Scheme.