Monday, November 30, 2009

The Best Networking Tips for the shy and retiring types

If you're struggling to meet new people, here's some common-sense advice for increasing your networking.

Start Small
If the idea of approaching people you don't know intimidates you, then begin your networking efforts by seeking out familiar faces, such as relatives and friends.

You can do a significant amount of valuable networking without ever having to make a cold call. Start with someone you know instead of a stranger. It demystifies the networking process and helps gets you over the hurdle. A series of successful conversations will make you more confident.

A logical next step after talking with friends and family is to pursue old chums and people who graduated from your college. Your alumni network can be a gold mine of connections, if you have one. It exists for the purpose of networking, so contacting an alum out of the blue shouldn't feel like a cold call. After all, they joined the network to make and take such calls.

Don't Apologise
Introverts and inexperienced networkers often apologise when asking for an individual's help because they see networking as an imposition, not as an exercise in relationship building. They feel like they're asking someone to do them a favour.

Apologising simply demonstrates your lack of professionalism and confidence. It's also annoying and juvenile. You don't have to apologise for asking for help. You don't have to apologise for wanting to learn more about the individual with whom you're networking. One day you may be able to help them out.

Reach down deep

Humans are hard-wired as communal, tribal animals, so the shy person isn't shy by nature. They are made shy by circumstances or design. Something happened to them to make them want to recoil in these situations.

Sometimes, when an introvert hears that he's not inherently a loner, that humans are innately social creatures, the realization helps him emerge from his shell of shyness, he says.

The Wisdom of Dale Carnegie
Dale Carnegie literally wrote the original book on networking in 1936. 'How to Win Friends and Influence People', it demystified the process of making friends out of strangers and inspired legions of business coaches to carry on Carnegie's message.


This is such a simple, basic rule, yet people just don't think about it. They're so focused on needing to network at a conference that they don't realise they're walking around with a scowl on their face. Scowling, serious, expressions are forbidding. People are more likely to warm up to someone who says good morning with a broad smile than they are to someone with a dour countenance.

Ask questions:

Joining a group engaged in conversation can be awkward. The best way to do so is to pose a question to the group after getting the gist of the conversation. You build your credibility by asking a question, and for a shy person, that's a much easier way to engage than by barging in with an opinion, even if you have one.


One of the most profound points Carnegie made in How to Win Friends was that people love to talk about themselves. If you can get people to discuss their experiences and opinions, and listen with (apparent) sincere interest, you can have a great conversation with someone without having to say very much at all.

Business cards:

Always have them handy. That's why you paid so much to have them printed. They're an effective way for you to leave your name behind so that people remember who and what you are.

Speak the person's name:

People like to hear their own name, it's attention getting and holding. A person's name is the sweetest sound to that person. So when you meet someone, use their name in conversation. Doing so makes the other person feel more comfortable, like you really know him and he knows you.

Be Yourself
Many introverted professionals think they have to act like an extrovert in networking situations. While you do have to make an effort to be more gregarious than normal, don't try to fake it too much. You should never come across as artificial.

You don't have to be the golden tongued schmoozer. The problem with the schmoozer's approach to networking is that they don't have the right intent. Their not interested in helping other people, only themself and everyone knows that.

Be Passionate
Join activity clubs or grups and attend events that relate to an interest or activity you enjoy. If you enjoy wine, attend a wine tasting at your local liquor store. If you're a keen reader, join a book club and even better take a leading role.

Yes, you're a technology professional but it doesn't mean that you should only go to technology conferences to network. The advantage of engaging in activities you enjoy with other people is that it makes conversation so much easier. So, there's no reason not to do a bit of networking, even when you're having an amiable conversation.

Attending gatherings where you feel comfortable helps to bring out the best in you but avoid situations where you might be stressed, rushed or distracted from your networking mission.

If you do find yourself in a room full of strangers at a technology conference or party, lead th econversation to the topics that interests you. When you talk about things you're passionate about, you will light up and appear more engaging.

You don't have to find a shared interest to connect with others but it helps. So, ask around. Find out what the people around you what they do in their spare time.

Ask for Introductions
Shy people attending conferences tend to find one person with whom they spend all their time for the duration of the event. This is not good.

Although settling in with one person may be more comfortable for the introvert than introducing himself to lots of new people, it is an avoidance technique and completely defeats the purpose of networking.

The shy person can engage the services of a more outgoing friend and ask them to introduce them around. Equally, you can ask the one guy you have engaged with to introduce you to others that they may know. That may be and easier or softer way for shy people to meet others.

Be Generous
Sometimes shy people have trouble networking because they believe they have come along empty handed i.e. they don't think they have anything valuable or significantto give back to someone who helped them, e.g. a job or a contact.

Although networking works best when you do have something to offer, what you offer doesn't have to be a job. Sincere interest in the other person, and empty flattery, is a form of generosity and goes a long way when you're networking.


If you're afraid you'll freeze up or get tongue-tied in a social setting, prepare yourself in advance. Think of ice-breaker questions you can ask people you meet. If you're attending an event specifically to network your way to a new job, have your personal pitch ready but keep it informal.

Also, try to anticipate questions you may be asked, such as why you're looking for a new job, and have clear, concise answers at the ready. Your delivery has to be attention grabbing, smart and /or witty, to overcome interruptions and compensate for a lack of privacy.

Follow Up /Feedback
Sharing information—whether a website, article, report or phone number—with new contacts builds your credibility. So if you promised to e-mail a report to someone you met on the plane, make sure you do that.

When you do what you've said you were going to do, it gives the other person the impression that you have integrity and can keep your word. Otherwise, you're just going to get classified as another empty schmoozer.

Feel the Fear
In the course of networking, you'll encounter people who can't or don't want to help you . That's life. Don't take it personally and don't dwell on it. It's all part of the process. It's very like the tele sales market, it's a numbers game. Play the percentages. The more you try, the more you succeed.

Take Risks
When you overcome your fear of rejection, it'll be easier to make cold calls and strike up conversations with strangers. The person sitting next to you at a banquet or on an airplane may be feeling as uncomfortable as you are and will appreciate you breaking the ice.

They just might be a fabulous contact for you or know the right person for you to talk to. You just won't know until you try.

Seek Help
If you can't open up to people, you'll never be able to network and if you absolutely can not overcome your shyness on your own, seek help. Someone who can help you understand why you're so shy and give you the tools to change. It may change your career path and it will change your life, for the better.

Networking Do's and Don'ts: 7 Tips for Job Seekers During the Holidays

Networking Do's and Don'ts: 7 Tips for Job Seekers During the Holidays

We're coming up on the best five weeks of networking for the entire year, from Thanksgiving to New Year's," says Dave Sherman, an author, motivational speaker and master networker. "Everyone says there's never any business during the last five weeks of the year, but it's a gold mine for networking because you get invited to so many parties."

Parties are perfect venues for networking because networking is all about making connections with people, sharing interests and finding common ground, says Sherman. The inherently social and relaxed atmosphere of a party facilitates this.

If the importance of networking in your job search still eludes you, consider this fact: An astounding 70 percent of U.S. jobs are never publicly advertised, according to Sherman. "The only way to find those jobs is by meeting people who know people who know about those jobs," he says.

That hidden job market—the market for jobs that companies would like to fill but haven't advertised—has ballooned during the recession. "There are companies that need to hire people right now," Sherman says, "but they're not willing to post the jobs online because they do not want to be inundated with resumes, knowing that 85 percent of the people who apply are unqualified."

What's more, HR professionals polled by outplacement firm Challenger, Gray and Christmas say networking and social networking are the best job search methods.

As your social calendar swells this holiday season, make the most of your networking opportunities by heeding Sherman's seven networking do's and don'ts.

1. DO arrive on time. Showing up fashionably late is a networking faux pas. To get the most out of networking opportunities, arrive on time for parties or 15 to 30 minutes early if the event is a conference, lecture or trade show where your early presence won't impose on a host.

"If you show up early, you'll meet the movers and shakers at the event—the chair, the speakers," says Sherman. "Plus, you never have to worry about having to break into other people's conversations. If you're one of the first people in the room, others will begin to congregate around you."

2. DON'T approach networking events as sales opportunities. Trade shows, conferences and parties are opportunities to meet people, "to create likability and commonality," says Sherman, the two cornerstones of networking. No one at a networking event is going to buy your product right then and there, he says, even if the product is yourself. So don't try so hard to sell yourself. Instead, find common ground with the people you meet. Break the ice by asking people about their interests outside of work.

"If you're not doing that with every person you meet," Sherman says, "you're prospecting, not networking."

3. DON'T start conversations by giving out your business card. When you immediately hand your business card to people to whom you're introducing yourself, the action suggests that you're interested only in selling a product or service to those people, says Sherman. "Never give out a card until you're asked for one or until you feel a connection has been made."

4. DON'T try to meet everyone at the event. Networking is not a numbers game, Sherman contends. Instead of trying to meet everyone at a party, aim to make meaningful connections with, say, five people.

5. DO make it easy for people to help you. If the topic of your employment situation comes up and you have the opportunity to talk about your job search, Sherman advises job seekers to state specifically what kind of job they're seeking, as well as the industry and any specific companies that interest them.

6. DO focus your elevator speech on the future. When you're fashioning your elevator speech or personal branding statement, make sure it isn't purely historical—a reflection on what you've done in the past, says Sherman. It should state what you can do and how your experiences will move a prospective employer forward.

7. DO remember that you have something to offer. Layoffs can devastate people's self-worth, but just because you're temporarily out of a job doesn't mean you don't have anything to offer and can't attend networking events, says Sherman.

"If people take the time to learn the proper skills to make the most of an event," he says, "they'll attend more events, meet more people, learn about more jobs and land jobs faster."

Suburban spaceman: H1N1: Virus Mutation Increases Death Toll by 1,000 per week

Suburban spaceman: H1N1: Virus Mutation Increases Death Toll by 1,000 per week

Suburban spaceman: H1N1: Dogs diagnosed with swine flu in China

Suburban spaceman: H1N1: Dogs diagnosed with swine flu in China

Suburban spaceman: H1N1:Japan experts go to Canada to study flu vaccine reactions - WHO

Suburban spaceman: H1N1:Japan experts go to Canada to study flu vaccine reactions - WHO

Suburban spaceman: H1N1: Virus Mutation Increases Death Toll by 1,000 per week

Suburban spaceman: H1N1: Virus Mutation Increases Death Toll by 1,000 per week

McAfee report: Cybercrime is the new cyberwar zone

Organised Internet-based crime has reached such intensity and scale that the distinction between cybercrime and cyberwar is being blurred, security giant McAfee said in its annual Virtual Criminology Report.

McAfee Inc., based in Santa Clara, Calif., is the world's largest dedicated security technology company. The report's findings come less than a month after the United States ran a nationwide campaign to raise awareness of cybercrime risks among individuals and businesses.

"Is the age of cyberwar at hand?" McAfee asked in the report, citing evidence that countries hostile to industrial democracies are involved in some of the more serious and sustained cybercrime. In response, McAfee said, "nation-states are arming themselves for the cyberspace battlefield."

The number of reports of cyberattacks and network infiltrations that appear to be linked to nation-states and political goals continues to increase, McAfee said.

"There is active debate as to when a cyberattack reaches the threshold of damage and disruption to warrant being categorized as cyberwarfare," said the report.

"With critical infrastructure as likely targets of cyberattacks, and private company ownership of many of the information systems in these sectors, private companies will likely be caught in the crossfire," the report warned.

McAfee CEO Dave DeWalt said, "Experts disagree about the use of the term 'cyberwar,' and our goal at McAfee is not to create hype or stoke unwarranted fear. But our research has shown that while there may be debate over the definition of cyberwar, there is little disagreement that there are increasing numbers of cyberattacks that more closely resemble political conflict than crime.

"We have also seen evidence that nations around the world are ramping up their capabilities in cyberspace, in what some have referred to as a cyber arms race.

"If cyberspace becomes the next battleground, what are the implications for the global economy and vital citizen services that rely upon the information infrastructure?" DeWalt asked. "What should those of us outside the military do to prepare for the next wave of cyberattacks?"

McAfee believes the private sector at large needs to prepare for cyberattacks, and "those businesses that can weather the storm better than their competitors could be in a position to gain considerable market share."

McAfee also called for greater transparency in current discussions on combating cybercrime. The report said, "Too much of the debate on policies related to cyberwar is happening behind closed doors."

Analysts said although the Obama administration rectified this by bringing the cybercrime debate into the open, many other countries in the industrialized world still insist on confidentiality over the issue.

Industry sources believe criminal organizations have built alliances with adversarial governments that seek to achieve military or political advantage over democracies in the West, Asia, Latin America and elsewhere.

So intense is the interaction between cybercriminality and hostile governments that the distinction between cybercrime and cyberwar is increasingly blurred.

"The line between cybercrime and cyberwar is blurred today in large part because some nation-states see criminal organizations as useful allies. Nation-states have demonstrated that they are willing to tolerate, encourage or event direct criminal organizations and private citizens to attack enemy targets."

In the case of the cyberattacks on Georgia, for example, civilians carried out the cyberattacks on targets while the Russian military invaded Georgia by land and air in August 2008. There is evidence that these civilians were aided and supported by Russian organized crime, as cited in a report by the U.S. Cyber Consequences Unit, an independent research institute.

Russia denied that its government or military provided any help to the attackers or communicated with them. Yet the same US-CCU report found that "the cyberattacks were so close in time to the corresponding military operations that there had to be close cooperation between people in the Russian military and the civilian cyberattackers," McAfee said.

In a sobering conclusion, McAfee said, "While experts may disagree on the definition of cyberwar, there is significant evidence that nations around the world are developing, testing and in some cases using or encouraging cyber means as a method of obtaining political gain."

Although much of that activity is shrouded in secrecy, "there is already a constant, low level of conflict occurring in cyberspace. Whether these attacks are labeled as cyber espionage, cyber activism, cyber conflict or cyberwar, they represent emerging threats in cyberspace that exist outside the realm of cybercrime."

The report said "international cyber conflict has reached the tipping point where it is no longer just a theory, but a significant threat that nations are already wrestling with behind closed doors. The impact of a cyberwar is almost certain to extend far beyond military networks and touch the globally connected information and communications technology infrastructure upon which so many facets of modern society rely.

"With so much at stake, it is time to open the debate on the many issues surrounding cyber warfare to the global community," said the report.

National Sponsorship of Cyber Crime Increases dramatically

S.Korea halves ceiling on text messages to fight spam

Seoul (AFP) Nov 25, 2009 - South Korean authorities on Wednesday halved the daily limit on text messages sent out by mobile phones as part of a campaign against spam, officials said.
The number of text messages that a mobile user can send out a day was restricted to 500, down from 1,000, beginning Wednesday, the Korea Communications Commission said.
The commission said the previous ceiling had been abused by spammers and was ineffective in cutting down on the junk mail. The spreading of spam to people without consent is banned and subject to a heavy fine in South Korea, but the practice dies hard.
South Korea had 47.7 million mobiles registered for use as of October, accounting for 98 percent of the total population.

Hezbollah has global fundraising reach including Colombian drug cartels

U.S. authorities have indicted several Lebanese nationals and others on charges of plotting to smuggle weapons and funds to the Iranian-backed organisation in Lebanon, amid persistent allegations that it has links with Latin American drugs cartels that bankroll its operations.

Hezbollah, founded in 1982 when Israel invaded Lebanon, has been branded a terrorist organisation by the United States but it is also a powerful welfare and political organisation that now has ministers in the new Lebanese government.

There has been speculation Hezbollah has stepped up its fundraising activity because Tehran has had to reduce its annual funding of the regime's main surrogate in the Middle East, estimated at $100 million a year.

Tehran needs Hezbollah, because Iran seeks to expand its influence across the region and to bombard Israel if it ever launched an attack on the Islamic Republic's nuclear program.

Hezbollah has repeatedly denied it gets any funds from abroad, except donations from Tehran but over the years, there has been ample evidence that Hezbollah has a global reach and uses its connections to raise funds and to provide smuggled military equipment to supplement what it gets from Iran and Syria.

In October 2008, U.S. and Colombian law enforcement authorities broke up what they said was a Hezbollah cocaine-smuggling ring funding the group's armed wing through banks from Panama to Hong Kong to Beirut.

According to the U.S. Treasury Department, the ring was headed by Shukri Mahmoud Harb, a money launderer, who was arrested with 130 associates.

In June 2008 the Treasury Department froze the U.S. assets of two Venezuelans with strong family ties to Lebanon who officials said were Hezbollah activists.

Officials said Ghazi Nasr al Din, a Venezuelan diplomat who had been charge d'affaires in Damascus, was president of a Caracas-based Shiite Islamic center that funneled financial support to Hezbollah.

The Treasury said Lebanese-born Fawzi Kenaan used two travel agencies he owned in Caracas, Biblos and Hilal, to channel funds to Lebanon, where he met senior Hezbollah figures "to discuss operational issues."

Given the hostility of Venezuelan President Hugo Chavez to the United States and his mushrooming relations with Iran, Washington suspects Hezbollah is putting down roots in that country.

In December 2006, nine Hezbollah activists were rounded up for operating a financial network in the so-called triborder zone, a semi-lawless region where the borders of Argentina, Brazil and Paraguay meet.

Thousands of Lebanese live there and the region is considered a haven for Hezbollah and other organisations that run money-laundering and arms smuggling rings there.

In June 2005, security authorities in Ecuador broke up a drug-trafficking network that officials said had a "direct relationship with Hezbollah."

The operation, codenamed "Damascus," also involved Colombian, Brazilian and U.S. law enforcement agencies. The gang's alleged leader, identified as Lebanese-born Radi Zaiter, was arrested in Bogota. Several other Lebanese suspects were also rounded up.

In June 2002, Lebanese-born brothers Mohammad and Shawki Hammoud were convicted by a U.S. court of providing material support for a "terrorist group" after federal investigators broke up their fundraising cell.

According to prosecutors, their group based in Charlotte, N.C., was part of a network responsible for raising money for Hezbollah and procuring dual-use technology for its armed wing.

The Hammouds ran a multimillion-dollar-a-year interstate contraband cigarette operation, as have other Hezbollah support groups in the United States. One such group operating out of Dearborn, Mich., and one in Canada was broken up in 2006.

In July 2007, the U.S. Treasury Department said it cut off a Hezbollah financing operation by banning all transactions with the Tehran-based Martyrs Foundation and the al-Qard al-Hassan finance company of Beirut.

That included a Dearborn fundraising office set up by the Martyrs Foundation under the name of the Goodwill Charitable Organization.

The Treasury Department said Goodwill "is a front organisation that reports directly to the leadership of the Martyrs Foundation in Lebanon."

Hezbollah is also believed to profit considerably from funds provided by Lebanese Shiite immigrants who have dominated the blood diamond business in West Africa since the precious stones were discovered in Sierra Leone in 1930.

Saturday, November 28, 2009

Cyberattacks on U.S. Military Jump Sharply in 2009

Cyberattacks on the U.S. Department of Defense -- many of them coming from China -- have jumped sharply in 2009, a U.S. congressional committee reported Thursday.
Comments By Robert McMillan

Thu, November 19, 2009 — IDG News Service — Cyberattacks on the U.S. Department of Defense -- many of them coming from China -- have jumped sharply in 2009, a U.S. congressional committee reported Thursday.

Citing data provided by the U.S. Strategic Command, the U.S.-China Economic and Security Review Commission said that there were 43,785 malicious cyber incidents targeting Defense systems in the first half of the year. That's a big jump. In all of 2008, there were 54,640 such incidents. If cyber attacks maintain this pace, they will jump 60 percent this year.

The committee is looking into the security implications of the U.S.' trade relationship with China. It released its annual report to Congress Thursday, concluding that a "large body of both circumstantial and forensic evidence strongly indicates Chinese state involvement in such activities."

"The quantity of malicious computer activities against he United states increased in 2008 and is rising sharply in 2009," the report states. "Much of this activity appears to originate in China."

"The cost of such attacks is significant," the report notes. Citing data from the Joint Task Force-Global Network Operations, the report says that the military spent $100 million to fend off these attacks between September 2008 and March 2009. A Defense Department spokesman did not have any immediate comment on the report's numbers Thursday.

Attacks on department systems have been rising steadily for years. In 2000, for example, only 1,415 incidents were reported. The increase is in part due to the fact that the U.S. military is simply better at identifying cyberthreats than it used to be, said Chris Poulin, the chief security officer of Q1 Labs, and formerly a manager of intelligence networks within the U.S. Air Force. The department figures are "probably more accurate now," than they were nine years ago, he said.

Security experts have long known that many computer attacks originate from Chinese IP (Internet Protocol) addresses, but due to the decentralized nature of the Internet, it is very difficult to tell when an attack is actually generated in China, instead of simply using Chinese servers as a steppingstone.

Q1's Poulin says that his company's corporate clients in the U.S. are seeing attacks that come from China, North Korea, and the Middle East. "We do definitely see patterns coming from specific nation states."

He said that because China's government has taken steps to control Internet usage in the country, it could probably throttle attacks if it wanted to. "China's defiantly initiating attacks," he said. "State-sponsored? Who knows. But they're certainly not state-choked."

EU Security Agency Highlights Cloud Computing Risks

Cloud computing users face problems including loss of control over data, difficulties proving compliance, and additional legal risks as data moves from one legal jurisdiction to another, according to a assessement of cloud computing risks from the European Network and Information Security Agency (ENISA).
Comments By Mikael Ricknäs

Fri, November 20, 2009 — IDG News Service — Cloud computing users face problems including loss of control over data, difficulties proving compliance, and additional legal risks as data moves from one legal jurisdiction to another, according to a assessement of cloud computing risks from the European Network and Information Security Agency (ENISA).

The agency highlighted those problems as having the most serious consequences and being among the most likely for companies using cloud computing services, according to ENISA.

ENISA examined the assets that companies put at risk when they turn to cloud computing, including customer data and their own reputation; the vulnerabilities that exist in cloud computing systems; the risks to which those vulnerabilities expose businesses, and the probabilities that those risks will occur.

When moving to cloud-based computing services, companies have to hand over control to the cloud provider on a number of issues, which may affect security negatively. For example, the provider's terms of use may not allow port scans, vulnerability assessment and penetration testing. At the same time, service level agreements (SLAs) may not include those services. The result is a gap in defenses, ENISA said in the report.

Compliance could also prove to be a big problem if the provider can't offer the right levels of certification or the certification scheme hasn't been adapted for cloud services, the report said.

One of the advantages of cloud services is that data can be stored in multiple locations, which could save the day in the event of an incident in one of the data centers. However, it could also be a big risk if the data centers are located in countries with a shaky legal system, according to the report.

Other areas of concern are vendor lock-in, failure of mechanisms separating different companies, management interfaces that get accessed by hackers, data not deleted properly and malicious insiders.

To minimize these risks the report proposes a list of questions that a company needs to ask potential cloud providers. For example, what guarantees does the provider offer that customer resources are fully isolated, what security education program does it run for staff, what measures are taken to ensure third-party service levels are met, and so on.

In the end a good contract can lessen the risks, according to the report. Companies should especially pay attention to their rights and obligations related to data transfers, access to data by law enforcement and notifications of breaches in security, it said.

ENISA's report isn't all doom and gloom, though. Using cloud computing services can result in more robust, scalable and cost-effective defenses against certain kinds of attack, according to the report. For example, the ability to dynamically allocate resources could provide better protection against DDoS (distributed denial-of-service) attacks, ENISA said.

Avoiding Botnets

Banging the drum for security awareness never gets old. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding.

Online, the biggest battle these days is against botnets: networks of infected computers which hackers can use -- unbeknownst to the machine's owner -- for online crimes including sending out spam or launching a denial of service attack.

Unfortunately, the black-hat techniques employed to snare users into a botnet web have evolved to a level that makes them often undetectable by even the most sophisticated security products. Combine that with a lack of user knowledge, and the threat of infection becomes very high. (See: Botnets: Why it's Getting Harder to Find and Fight Them).

"The frustrating thing is they can make their chances of getting infected much, much smaller," said Steve Santorelli, who sees how users fall prey to easily avoidable traps every day. Santorelli, director of global outreach with the non-profit security investigations firm Team Cymru, spends his days monitoring malicious online activity, particularly botnets.

Santorelli notes that while just one strategy probably won't cover you, with several tools in the tool box, the rate of infection within an organization significantly drops.

Tip 1: Have work AND home machines regularly updated with patches and antivirus software

The average user doesn't necessarily have a lot of technological knowledge, said Santorelli. They might not realize the importance of working with IT to ensure they are up to date with patching and software upgrades. This problem may be especially prevalent among workers who are exclusively remote.

In fact, a study conducted by security firm Sophos last year found most computer users ignore security updates and turn off their firewalls. Sophos scanned 583 computers for 40 days and found that 81 percent of the machines failed one or more basic security checks. Most machines, 63 percent, were lacking security patches for the operating system, office application and programs like Windows Media Player and Adobe Flash. More than half, 51 percent, had disabled their firewall and another 15 percent had outdated or disabled antivirus and anti-spam software.

Those are exactly the folks that criminals love.

"These people are going to go for the low-hanging fruit and unfortunately there is a lot of it out there," said Santorelli. "There are so many machines without updated AV on it."

If your patching system isn't automated, your users need to be made aware of the risks they are taking by working with unpatched and out-dated security technologies. And while security updates are not the cure-all for malware infection, Santorelli said they certainly serve as a strong deterrent.

"If you are walking down the street as a burglar and you see a house with a Rottweiler, and a visible sign from a security company, you probably won't attack that house," he noted.

Tip 2: Use the latest browser versions

Staying away from dubious sites and sticking to known brands used to offer reasonable online safety. Unfortunately, that's less and less foolproof.

"It used to be that if you surfed to places like CNN, or the Weather Channel, you weren't going to come across great deal of malware," said Santorelli. "That isn't the case anymore. We've seen a number of cases recently where people have gone to a legitimate web site and there is an advertisement up there hosting some kind of malicious code."

That is where the latest safe browsing technologies can help, said Santorelli. The latest versions of today's browsers will often flag potentially dangerous content.

"Browsers are so much more secure now that so many of the holes that existed in these browsers have been patched. There is also a great deal of anti-phishing and anti malware that goes into them now. So if you try and go to a link that contains malware, your AV might not pick it up. But your browser will say: "Are you sure?"

The good news is most browsers are free. You can download the latest version of Internet Explorer or Firefox fairly easily and quickly, too (See: IE or Firefox: Which is More Secure?).

"It will only take you five minutes to have the latest browser technology," said Santorelli. "It is just another string to your bow, so to speak."

Tip 3: Be a little more careful when you get a link or an attachment.

"Don't just blindly click on things and rely on other people to protect your computer," noted Santorelli. "You've got to take some responsibility for your own security."

Team Cymru research reveals that the most common attack vectors for installing malware continue to be links in emails, or drive-by downloads.

"We know from our recent investigations that there is a great deal of success to be had [for hackers] by just sending links out," he said.

Just because you receive the email from someone you know and trust, it doesn't mean it is safe. This includes friends and family, whose systems or accounts may have been compromised, and also well-known web sites you use, like social networking sites or banks. See Five More Facebook, Twitter Scams to Avoid for examples of current attempts to exploit social media sites. And large banks, such as Bank of America, often find their name is used in email phishing scams where thieves send out messages warning that customers their account has been compromised with a link that leads to a fake, but very legitimate-looking login screen.

Of course, whether or not you should click any link or attachment also depends on if you have complied with steps 1 and 2 above.

"You're going to have to take it on a case-by-case basis," said Santorelli "And my concern would be significantly raised if I didn't have my computer up to date with antivirus and browsing technologies."

Risk management - Insider Trading

In 1992, a British bank sent an employee to Singapore to launch and manage its trading operations. The employee engaged in speculative derivatives trading which counted on the Japanese market remaining stable. Unfortunately for him, the Kobe earthquake in 1995 sent the Nikkei into a state of volatility. His risky trades led to $1 billion in losses for the bank.

The employee was Nick Leeson and his actions led to the fire sale of a household name in the British banking industry, Barings Bank, for just 1 GBP in 1995. The problem? Leeson simultaneously held roles as office manager, trader, and IT guy, which allowed him to hide his losses in old error accounts and avoid detection for four years.

Fast forward a decade to 2005. An employee of a global French bank is transferred from a middle-office role in compliance to a front-office role as a trader. In 2007 he begins using a bogus account portfolio to hide risky trades and significantly exceeds his trading limits. In 2008 the bank finally detects the problem but by then the losses exceed $7 billion.

The employee is the now infamous insider Jerome Kerviel who worked for Societe Generale, ranked 43rd on Fortune’s 2008 Global 500 list. The problem? While Kerviel used several ploys such as small trades in high frequency to avoid tripping alert thresholds, the fundamental problem was the same as in the Barings Bank case. Kerviel continued to have access to accounts from his previous role in the compliance and controls division which a trader should never have had.

Both incidents are classic examples of failure to enforce “separation of duties”, a common enabler of insider threats. When it comes to insider threats — or even other cyber threats -- you’ve probably heard over and over, “the clues were in the logs, if only they were picked up!”

Well, often the clues aren’t enough. Consolidation of logs is certainly the first step, but to use those clues and detect separation of duties violations or other insider threats, there are four other important technical challenges that must be addressed:

* Missing user context. Router logs may have shown traffic from Jerome Kerviel’s desktop to a server he was not supposed to access as a trader. However these logs would only contain IP addresses and the same is true for many other sources. To leverage such clues, the source IP address would need to be mapped back to Kerviel as the owner.

* Bridging user identities. As an IT manager Nick Leeson had direct access to backend servers. As a trader he had application accounts. The combination enabled him to create bogus accounts and hide his trades. In this case, accessing logs would only provide partial clues specific to each credential and the underlying application. Simply put, unless you can link log activity from separate credentials to an actual user, many insider threats will go undetected.

* Awareness of roles and privileges.
Logs probably captured Kerviel’s access to old accounts that were never de-provisioned after he transferred into the trading group. However, to detect a separation of duties violation, your log analysis solution would need to contextualize Kerviel’s actions with his current role and the associated privileges. Log analysis solutions must integrate with identity management and directory systems to make this connection.

* Infinite threat scenarios. Compliance folks often suggest that these threats could be stopped through better training and improved processes rather than relying solely on technology. But people, processes and most log analysis solutions (the relevant technology in this case) have limited success in tackling unknown threat patterns. The reality is that for every known insider threat, there are infinite variations. To overcome this limitation, log analysis needs to move past signature-based detection and into pattern-based analysis. Detecting variations and new threats is much easier if you can visualize user activity as patterns rather than in an unending list of log events.

So, as you evaluate solutions that claim to uncover the clues in your logs to curb insider threats, make sure they can connect the clues back to users, identities and roles. Solutions that can tackle those challenges while giving you visibility into user activity patterns and deviations might just prevent the next big insider threat.

UK Young and unemployed people in Trade Union Backed demo

Young people from across the UK are to join a demonstration in London, highlighting growing concerns over youth unemployment and lack of opportunities for jobs.The campaign group Youth Fight for Jobs are the central organisers for the demo.

Trade union leaders support this demonstration and will play a part in the protest in central London to press for more action to tackle youth unemployment. Youth unemployment in the UK is nearing a million.

Students, union activists and other campaigners will travel to the capital from areas which have been badly hit by the rise in youth unemployment, including Hull and Birmingham.

Political support
Labour MP John McDonnell (Hayes and Harlington) said: "This march highlights the plight of the million young people who are now unemployed and the many more who are facing joblessness as a result of this recession."

Young Pay the Price
"Young people are being forced to pay for the economic crisis whilst bankers award themselves another £5 billion in bonuses this month. I support the march and urge people to join this campaign to demand action against youth unemployment."

Union Leaders
Bob Crow, general secretary of the Rail Maritime and Transport union said: "Unemployment is a massive human cost to accept. It's even more damaging with one in five young people being unemployed. It's important that we place young people at the core of our aims and objectives, to achieve developing policies for them."

National Organiser
Sean Figg, national organiser for the campaign, added: "This demonstration is going to make it clear that young people are not prepared to face a future of unemployment, job cuts and attacks on our public services.

"Youth unemployment stands at around one million, and disgracefully the Government is cutting vocational education, and is thinking about raising university fees, whilst increasing the level of qualifications needed to find employment."

All this leads to further cutting out and increased exclusion of the working class youth from further education. When a degree qualification has become the minimum qualification to apply for well paid jobs and this right has been taken away from the poorer classes, you cynically and aggresively remove any chance of the poor from improving their standard of living and their lifestyle.

Excluding and condemning the UK youth to unemployment induced poverty is a recipe for civil unrest and another step towards the breakdown of democracy and a liberal society.

Friday, November 27, 2009

Latest Virus Strategy Is to Write in Plain English

Hackers could evade most existing antivirus protection by hiding malicious code within ordinary text, according to security researchers.

One of the most common ways of hijacking other people's computers is to use "code-injection" attacks, in which malicious computer code is delivered to and then run on victims' machines. Current security measures work on the assumption that the code used has a different structure to plain text such as English prose.

Now a team of researchers has highlighted a potential future theatre in the virus-security arms race by working out how to hide malware within English-language sentences.

Josh Mason of John Hopkins University in Baltimore, Maryland, and his colleagues developed a way to search a large set of English text – mostly composed of more than 15,000 Wikipedia articles and roughly 27,000 books from the online library Project Gutenberg – for combinations of words that could be used in code.

Their program highlighted the text to be used in the instruction set in bold, while leaving the sections to be skipped in plain text, as in the following example: There is a major center of economic activity, such as Star Trek, including The Ed Sullivan Show. The former Soviet Union."

It's not the first time the potential weakness has been recognised, but many computer security experts thought the rules of English word and sentence construction would make the task impossible.

In machine code – the raw code that microprocessor chips understand – combinations of characters not seen in plain text, such as strings of mostly capital letters, are required.

"There was not a lot to suggest it could be done because of the restricted instruction set [of machine code]," said Mason. "A lot of people didn't think it could be done."

John Walker, managing director of UK security consultancy Secure-Bastion, said the research highlighted a basic weakness in antivirus tactics, and that hackers would undoubtedly try to exploit it. "There is no doubt in my mind that antivirus software as we know it today has gone well past its sell-by date," he said.

Nicolas Courtois, a security and cryptology researcher at University College London, said malicious code in this form would be "very hard if not impossible to detect reliably".

Mass Exodus out of Dubai by Ex-Pat Workers

Cars that have been abandoned at Dubai International Airport.

Covered in sand and good-bye messages these abandoned cars are the latest sign that the Dubai dream is over.

Ex-pats flee Dubai and the Arab Emirates for fear of reprisals, revenge attacks and victimisation in the face of monetary chaos and debt crisis brought on by optimistic speculation, ego-driven projects and poor balance of 'business acumen versus risk management' expertise.

Historically ex-pat workers and foreigners will be held responsible for the debt crisis, financial problems and lack of fund capital, that have become the harsh reality for the powers that be, in Dubai.

The smart ones have dropped everything and gotten out, knowing all too well the severe consequences of delay, in these troubled times.

Monster Employment Index UK - Oct Report optimistic increase or leveling off?

Thursday, November 26, 2009

Innovation in Candidate Selection Methods - Crossing the Road

The numbers of people applying for jobs these days has grown to enormous proportions.

On average, 200 people apply for every vacancy, depending on the level of experience and qualifications required.

Clearly the non-skilled and semi-skilled marketplace is much more competitive.

HR departments are over busy trying to sift and filter applications and review candidates' applications, using a wide variety of strategies, approaches and homemade tools. Innovation in this area has grown enormously and led to some imaginary and dubious selection methods being adopted, one of which is posted here.

This innovative method is called: Watching how candidates cross the street.

Location, location, location
Now the first problem with this approach is, location. It can be difficult to arrange for an interviewee to cross the street within view of the HR interviewer. Perhaps they need to cross the road to enter your building, if not try to arrange for the interview to be held at a local Starbucks, cafe or restaurant. As long as it is near a busy road. Any reasonably busy city street will do.

Close Observation
The next skill is to be able to watch carefully and take notes. There is little need to undertake secret videotaping, but you can if it is particularly interesting to you.

The innovative thinking on this approach is that these few seconds of interactivity involving a sprinkle of stress / problem solving /danger, will tell you more about their workplace capabilities than an hour of tough questioning.

Consider the five standard types of crosswalkers and how it is claimed, they would perform in the workplace:

The Matador(ess).
A fearless player, the Matador(ess) flaunts their vulnerability. They think nothing of daring the cars and taxis with their elegant dance and slalom through traffic. Pedestrian crossings are just paint on the road to a Matador(ess). Red lights are mere street decorations.

The Matador(ess) cares not if the oncoming traffic shows no sign of swerving or stopping and will risk the possibility of a glancing blow.

Best Roles: These people are best suited to be entrepreneurs, super sales makers /closers, high risk financial mavericks, etc.

Caution! They are also likely to be reckless, head-strong, egotistical and difficult to control. They will need strong leadership and strategic management.

The Wader.
Bold but more attentive than fearless, the Wader is determined and eager to cross, demonstrating ample initiative but a little more common sense and less risk.

Waders may also be on the phone and texting while they are on the move but they will desist when venturing into traffic. They will consider that getting struck by any part of a vehicle, however minor, is a bad thing.

They will eagerly follow a Matador(ess) and let them run interference, slowing traffic and creating a diversion, taking advantage of any safe opening created. While the Matador(ess) is testing their luck and confronting taxi drivers, the Wader will skip to the other side first, with little effort and time to spare.

Best Roles: Excellent CEOs, vice presidents, software designers, project leaders and design heads.

Caution! They can be attentive team players, sensitive to the feelings and emotion of others but can also be non-confrontational, evasive, manipulative, somewhat Machiavellian in approach etc. and will need an intelligent leader that can see the multi-plays in motion and use the excellent team attributes on offer.

The TextWalker.
Having mastered typing, talking and walking at once, the TextWalker tends to forget that crossing a busy road is 'real' life and tapping keys on a little plastic box, is 'virtual reality'. The division between the real world and Second Life is difficult for them to sustain.

TextWalkers may appear to be assertive on the surface, a bit like the Waders or even a pseudo Matador(ess), but they have one critical distinction—progress in their case, is not so much to do with crossing the road but in moving forward with the multiple tasks and ideas that they started in the early hours of the morning.

So progress, e.g. crossing the road to get to an interview or to achieve a specific task, can be more illusionary or conceptual.

The Textwalker will meander, drift, and even pause for thought and re-assimilation midway. They may even retreat momentarily before moving forward again.

They lack the single-mindedness, concentration or presence of mind to stay on task. Especially if that task is mundane or unchallenging.

Best Roles: They are creative thinkers, conceptual designers and programmers. They exhibit creative flashes of raw talent.

Caution!: They are ill-suited and in this form, not yet ready for management or higher-levels of responsibilities and are difficult to integrate as team players. They can lack structure and good communication strategies.

They will require a good paternal leader that can capture their enthusiasm and creativeness and channel them effectively. Someone who has the time and energy and can coach and mentor them in a structured and methodical way.

The Light Jumper.
The Light Jumper is an opportunist. They start out determined to comply and follow the letter of the law, but they are impatient. So, when the crossing light turns from Green to flashing yellow, they can’t help but jump.

The placid, rational Dr. Jekyll becomes Mr. Hyde and once they have embarked on their course, nothing is going to deter them. A Light Jumper is not above shouting and glaring at motorists who narrowly miss them, even though the traffic have the right of way.

Best Roles: Strong civil rights lawyers, human rights campaigners and charismatic managers with badly hidden tattoos.

Caution! These people are looking for a 'cause' or a 'calling' and are excellent drivers in charities and non-profit organisations. They need managers with high scruples and integrity because once they are disillusioned they will become very 'anti' and strongly negative.

The Kerb Huggers.
No matter how empty the road is, Kerb Huggers would never dream of stepping off the pavement and onto the crossing before they have the 'authority' to do so. They will not move a second earlier than the law, or the “Walk” sign, allows.

Ironically, Kerb Huggers rarely make it across the road before the light turns red and, by delaying their walk across the road, they are often victims of anyone who enjoys jumping red lights. Kerb huggers sometimes find themselves having to run or jump the remaining yard or two.

Best Roles: Compliant tax accountants, statisticians, quality management, regulatory or rules-based occupations. Excellent at scheduling, writing agendas and attending meetings, especially when the purpose is to schedule new meetings, if it's on the agenda.

Caution! This group of people are possibly unexciting but easily managed. If you have a suitable rule book that covers all circumstances, just give them that and ask them to check in occasionally. They are not creative or imaginative risk takers and should not be expected to do anything other than follow instructions.

At the risk of re-enforcing misconceptions of stereotypes, I have seen people standing at a pedestrian stop sign at 02.00 am in the middle of the night, waiting for the lights to change to green, when there is no traffic and no threat of traffic for several hours. They will not cross the road until the light changes to green, under any circumstances.

Unfortunately, in my experience, this occurs most often in England, Germany and Sweden but don't take my word for it, set your alarm clock for the middle of the night and go see for yourself.

Let me leave you with another thought; How do you cross the street, and what does that say about your personality and outlook on life?

Tuesday, November 24, 2009

China: Ramps up Cyberwar against USA

A US government report warned Thursday that China is sharply stepping up espionage against the United States as the rising Asian power invests in cyber warfare and grows more sophisticated in recruiting spies.

"China is changing the way that espionage is being done," said Carolyn Bartholomew, the chair of the US-China Economic and Security Review Commission.

In its wide-ranging annual report to Congress, the commission reported a steep rise in the disruption and infiltration of websites of the US government and perceived Beijing rivals such as Tibet's exiled leader the Dalai Lama.

Colonel Gary McAlum, a senior military officer, told the commission the US Defense Department detected 54,640 malicious cyber incidents to its systems in 2008, a 20 percent rise from a year earlier. The figure is on track to jump another 60 percent this year.

While the attacks came from around the world, the commission said China was the largest culprit. Some Chinese "patriotic hackers" may not receive official support, but the report said the government likely planned to deploy them in a conflict to disrupt a foreign adversary's computers.

The bipartisan commission found that China was the most aggressive nation in spying on the United States and was trying to recruit more American spies.

While China historically tried to tap Chinese Americans -- believing, often incorrectly, that they would be sympathetic -- it was now turning to the Soviet model of seeking to bribe informants with cash and gifts, the report said.

It said the Chinese were expanding "false flag" operations, in which sources are deceived into thinking they are providing information elsewhere.

It pointed to the case of Tai Shen Kuo, a furniture salesman in New Orleans arrested last year after persuading two retired US military officials to give sensitive information by telling them it was headed to Taiwan, not mainland China.

The commission also found that China has launched an effort to influence US think-tanks and academia by rewarding scholars with access and depriving visas to more critical voices.

"It becomes self-censorship. If you're in graduate school and want to become a China scholar, you need to go to China. And if you criticize the Chinese government on certain things, you won't get in," said Bartholomew, a former top aide to House Speaker Nancy Pelosi.

"What it means is that we have a generation of China analysts who are being created who don't necessarily have the freedom or the ability to think through a broader range of questions," she said.

The commission also criticized China on its trade policy, recommending that the United States press Beijing to make its yuan more flexible and to turn to the World Trade Organization to fight what it termed predatory trade practices.

Shortly after the release of the report, two lawmakers called for an investigation into China's "currency manipulation," which would set the stage for slapping import duties on Chinese goods.

President Barack Obama this week paid his first visit to China, which is now the top holder of the ballooning US debt. His administration has sought cooperation with China on battling the global slowdown.

The commission paid a field trip to Rochester in upstate New York, where it said core industries such as machine tools, auto parts and optoelectronics were struggling against Chinese competition that often enjoys state support.

"For 20 years we have watched China policy be controlled really by a handful of large multinational corporations. They're the ones who determine the interests," Bartholomew said.

"But there are a lot of constituency interests out there -- particularly small and medium-sized enterprises -- that are being hurt by the current US-China policy," she said.

Separately, the report recommended that the United States "continue to work with Taiwan to modernize its armed forces," saying China was rapidly expanding its military advantage despite easing tensions with the island.

The Obama administration has yet to decide on Taiwan's requests to buy arms, including F-16 jet fighters. Such a step would almost certainly anger China, which considers the island its territory.

China sentences quake 'activist' to three years for 'speaking out'

A Chinese protestor labelled as a 'dissident' who campaigned for the parents of children killed in last year's Sichuan earthquake was sentenced Monday to three years in jail on a state secrets charge, his wife said.

Huang Qi, 46, who had investigated accusations that shoddy school construction contributed to the quake's heavy toll, was found guilty by a court in the city of Chengdu of possessing state secrets, his wife Zeng Li told AFP.

"We will surely appeal," she said by phone from Chengdu, the capital of Sichuan province.

The sentence came just days after US President Barack Obama paid his first visit to China, during which he raised the issue of human rights, saying the United States believed in fundamental rights for all people.

US ambassador Jon Huntsman also specifically brought up Huang's case with the Chinese government in the lead-up to Obama's visit, a US embassy official told AFP.

The sentencing was the second move since Obama's visit by Chinese authorities against dissidents.

On Thursday, Zhou Yongjun, a student leader of China's 1989 Tiananmen Square protests, was tried for fraud, also in Sichuan.

No verdict has been announced in Zhou's case.

The nature of the state secrets in Huang's case was not publicly released, but his lawyer Mo Shaoping denounced the verdict, saying it was information freely available on the Internet, although he declined comment on it.

"We do not acknowledge the verdict. We maintain that he is innocent," Mo said.

Calls to the court, in Chengdu's Wuhou district, went unanswered.

The London-based rights group Amnesty International demanded Huang's immediate release and condemned the use of "vague" state secret laws to silence dissent.

"He should never have been detained in the first place and should be released immediately," Sam Zarifi, Amnesty's Asia Pacific director, said in a statement.

"These laws are used extensively to retroactively penalise lawful human rights activities and restrict freedom of expression."

Amnesty further expressed concern for Huang's "deteriorating health" and allegations of mistreatment while in police custody.

Huang was taken into custody in June 2008, weeks after the 8.0-magnitude quake struck on May 12, leaving nearly 87,000 dead or missing.

The government has said the toll included 5,335 children killed in school collapses.

The high student toll prompted accusations that official corruption left many schools poorly constructed, causing them to collapse while many other adjacent structures withstood the quake.

China Human Rights Defenders, a network of domestic and overseas activists, said it was believed Huang was imprisoned for reporting on the issue and giving interviews to foreign journalists about it.

Earlier this month the US Congress unanimously approved a resolution expressing "support" for Huang and detained activist Tan Zuoren -- who was also working on the school issue -- and called for them to receive fair trials.

Chatter from Salesforce: Information Overload or Filter failure Part I

Dreamforce 2009: The Downturn, Social Media and the Cloud

Chatter in Salesforce: Social Networking in Enterprise Part II

Monday, November 23, 2009

Dr Carl Sagan remembered - Visionary, philosopher and charismatic speaker, an inspiration to to his generation

The late, great Dr Carl Sagan, a professor of astronomy and space science at Cornell University and an adviser to Nasa, played a major role in setting up Seti, the Search for Extra-Terrestrial Intelligence.

However, he is probably best known to the public for the television series Cosmos: A Personal Voyage, and his books Pale Blue Dot and The Demon-Haunted World: Science as a Candle in the Dark.

As well as his research, he was a major science advocate and populariser, and a vociferous supporter of scepticism and rationality.

He was a visionary, philosopher and charismatic speaker, an inspiration to to his generation and hopefully, those that come on behind. A truly great human being and one that is sorely missed.

H1N1: WHO Admit drug resistance in influenza mutation

The World Health Organisation said Friday that a mutation had been found in samples of the swine flu virus taken following the first two deaths from the pandemic in Norway. This is not unusual in itself because viruses, by their nature, will and do, mutate.

However, the WHO denied that the mutation had created a more contagious or more dangerous form of influenza A(H1N1) and they admitted that some similar cases observed elsewhere, had been mild. That was certainly the case for the people who did not die from it.

"The Norwegian Institute of Public Health has informed WHO of a mutation detected in three H1N1 viruses," the WHO said in a briefing note. Realistically, influenza viruses are continually undergoing mutations.

It is important to note that some of these are unsustainable and that some of these will succeed in not only being sustained but also in being drug resistant. It is their nature and follows the normal course of natural variation and selection, that all living things are prone to.

"The viruses were isolated from the first two fatal cases of pandemic influenza in the country (Norway) and one patient with severe illness," the report continued, although it added that no further instances were found in tests.

"Norwegian scientists have analysed samples from more than 70 patients with clinical illness and no further instances of this mutation have been detected (in the lab). This finding suggests that the mutation may not be widespread in the country," the UN health agency assumed, optimistically.

WHO spokesman Gregory Haertl said that the global health watchdog did not believe "that this has any significant impact, for the time being." Presumably, if the mutation proliferates over time, then it will become significant.

However, despite their blind faith and optimism, the agency admitted that a similar mutation had been observed in Brazil, China, Japan, Mexico, Ukraine, and the United States, as early as April 2009. Thus, contradicting themselves, whilst confirming the true nature of influenza viruses.

"The mutations appear to occur sporadically and spontaneously (you think!). To date, no links between the small number of patients infected with the mutated virus have been found and the mutation does not appear to spread," the WHO statement said. Some of those cases also produced mild symptoms, Haertl noted.

The WHO also underlined that there was no evidence of more infections or more deaths as a result, while the antiviral drugs used to treat severe flu, oseltamivir (Tamiflu) and zanamivir (Relenza), were still effective on the mutated virus.

Thus defending their single minded determination to follow this contraversial course of treatment, sponsored by the pharmaceutical agencies involved. Presumably to appear to be doing something in the face of an uncontrollable force of nature.

"Studies show that currently available pandemic vaccines confer(?) protection," it added, as mass vaccine campaigns were slowly gaining ground in the northern hemisphere amid signs of public skepticism in several European nations. (and growing profit margins of pharma companies)

Informed scientists naturally fear that mutations in flu viruses could cause more virulent and deadly pandemic flu. The global health watchdog reiterated a call for close monitoring.

The WHO was still assessing the significance of the latest observation, but it stressed that many such changes in the flu virus do not alter the illness it causes in patients.

"Although further investigation is under way, no evidence currently suggests that these mutations are leading to an unusual increase in the number of H1N1 infections or a greater number of severe or fatal cases," it added.

Norwegian authorities reported the country's first swine flu death on September 3, a 52 year-old Danish truck driver who died just over a week earlier.

On Friday, WHO data showed reported that around 6,750 people had died from swine flu since the virus was first uncovered in Mexico and the United States in April.

That represented an increase of about 500 more than a week ago, as the pandemic took hold in the northern hemisphere during the cold season

The WHO estimates that some 250,000 to 500,000 people die every year from standard seasonal variants of swine flu. Oh well! That's alright then. Sorry we troubled you guys. Let's just let you go back to sleep, whilst the rest of the world sits quietly by, watching people suffer and die.

Npw, the only question left in our minds is whether the WHO's approach to the pandemic is based on blatant incompetence or cynical corruption.

France: Helping to build Polish nuclear plants

French President Nicolas Sarkozy and Poland's Prime Minister Donald Tusk agreed Thursday to work together on a 20-year programme to develop Poland's nuclear industry.

France will train Polish engineers and joint research will be carried out on equipping Poland with nuclear plants by 2030, the leaders said in a joint declaration following talks in Paris.

Tusk said Poland hoped to put a first reactor in service in around 2020 and a second around five years later, hailing the deal with France as the "grand beginning of Poland's nuclear programme."

Sarkozy welcomed "the Polish decision to launch exclusive high-level talks on developing a nuclear industry in Poland."

Warsaw announced plans to develop a nuclear energy programme in a bid to diversify its energy sources, as a row between Russia and Ukraine halted gas supply to Europe. Poland imports around 40 percent of its gas from Russia.

Poland, which currently relies on coal-fired plants for 94 percent of its electricity, has also committed itself to easing its dependence on coal as part of the EU's climate package which limits greenhouse gas emissions.

The three-part cooperation deal was struck on the sidelines of Tusk's visit, between the French Atomic Energy Commission (CEA) and a consortium of Polish institutes and the Polish academy of sciences.

The French-Polish announcement comes days after nuclear regulators raised concerns over the design of France's new-generation EPR reactor, saying its day-by-day control systems were too closely entwined with emergency systems.

Experts have said there was a small chance the regulators' complaint could add to existing delays and cost overruns to the European Pressurised Reactor (EPR) programme, led by French nuclear giant Areva.

But French Prime Minister Francois Fillon insisted Thursday the state had "full confidence" in Areva's ability to address the safety concerns.

France generates more than three-quarters of its electricity through nuclear power, more than any other country by proportion, and Sarkozy has made exporting French know-how a top priority.

China and Finland are already building French-designed new generation reactors, and talks are underway to export the EPR model to Britain, India, Abu Dhabi and the United States.

Iran: Brazil Enjoying Closer Nuclear Co-operation

Iranian President Mahmoud Ahmadinejad defended closer ties with Brazil Friday, hinting at a bilateral nuclear cooperation ahead of a state visit.

Ahmadinejad stressed the "need for cooperation between the two countries in various fields," according to a statement distributed here by the Iranian embassy.

"While there is an unfair polemic in Western countries against Iran's peaceful nuclear program, the people of Brazil side with the Iranian people."

Pointing to Brazil's own nuclear program, Ahmadinejad said Brazilians "understand that a few arrogant powers... are trying to prevent other nations from having access to advanced science."

Ahmadinejad arrives in Brazil on Monday for a busy day-long visit that includes a meeting with President Luiz Inacio Lula da Silva, signing bilateral trade deals, a visit to Congress, a press conference and a speech at a Brasilia university, according to the embassy.

It will be the first visit by an Iranian president to Brazil, and Ahmadinejad's third round of talks with Lula, who is scheduled to visit Tehran in early 2010.

Israel, whose conservative government considers Ahmadinejad-ruled Iran an existential threat, has already blasted Brazil's "mistake" in hosting the firebrand leader.

Brazil has backed Iran's nuclear development program, as long as it serves peaceful, civilian uses. Lula told AFP in September that he was against sanctions on Iran, preferring instead diplomacy.

His stance contrasts with the United States, its Western allies and Israel, which charge that Tehran is seeking to develop a nuclear bomb under the cover of its suspect nuclear program.

World powers are engaged in long-running efforts to persuade Iran to curb its nuclear ambitions but in the latest setback, Tehran has rejected a proposed nuclear fuel deal.

The Iranian leader called for Brasilia's cooperation on Middle East concerns, as Brazil seeks to boost its international profile to match its growing economic heft.

"If the Brazilian people and the Iranian people are united on issues such as the Zionist regime's cruel attack on the defenseless people of Gaza, this will show a mutual desire" for peace, Ahmadinejad said.

He was referring to the 22-day Israeli offensive in the Gaza Strip that ended in January, killing some 1,400 Palestinians and 13 Israelis.

Ahmadinejad's stop in Brazil, part of a broader Latin American tour to boost its influence in the region, comes just over a week after Lula hosted Israeli President Shimon Peres.

Friday, November 20, 2009

Dalai Lama said his death would be a great setback for Tibetan struggle

Rome (AFP) Nov 18, 2009 - The Dalai Lama said Wednesday his death would be a "setback" for Tibetans' struggle, but that he was confident the next generation would carry on his torch. The 74-year-old Nobel peace laureate said his death would be a "setback, there's no doubt" but that the struggle was not that of "just one generation."

A "very, very healthy younger generation (is) now coming up with the potential to lead," the Buddhist leader told a news conference in Rome. The Dalai Lama was in Rome to attend the fifth edition of the World Parliamentarians Convention on Tibet, also attended by US actor Richard Gere, a longtime Buddhist and arch supporter of the Tibetan cause.

Speaking on the day after US President Barack Obama urged an early resumption of talks between Beijing and envoys of the Dalai Lama, the Buddhist leader said the US government had "consistently" supported the Tibetan people.

The White House has been "very sympathetic, very supportive," he said. "All administrations, whether Republican or Democrat, are concerned about human rights violations." "Understandably, there's limitations," he added with a laugh, in an apparent reference to the complex but key bilateral relationship between Beijing and Washington.

The Dalai Lama spoke out against Chinese "communist hard-liners (who) believe power comes from the barrel of a gun." He said Tibetans were "committed to non-violence, we are not seeking separation" -- Beijing's persistent charge. The Dalai Lama has been living in India since he fled Tibet following a failed uprising in 1959 against Chinese rule, nine years after Chinese troops invaded the region.

The Buddhist leader said his faith in the Chinese people had "never been shaken." He said that because of Chinese government "propaganda and censorship" many Chinese people "really developed anger towards us," adding that they "have the right to know the reality."

Predictive Analytics

Knowing the future can make all the difference in the world, even if in reality or probability, you only have a 50 percent chance of being correct.

This is the realm of predictive analytics, being able to determine the best path forward based upon careful analysis of data. These days, predictive analytical models are making a huge impact across a wide range of industries, for companies large and small.

If you are truly concerned about looking into the future and have more faith in the corporate spindoctors than the fortune tellers of old, then you need to be following the lauded experts in this field.

You need to talk to Jim Kobielus of Forrester, Eric Siegel of Prediction Impact, Rob Walker of Chordiant and many other predictive analytics expert.

Examine the following and ask probing questions; best practices for designing predictive models; Proven use cases for predictive analytics; Pitfalls to avoid in implementing a program; How to balance different predictive models; Examples of adaptive models that work and have been proven to do so. Taste the pudding.

The most Important Elements of Business Analytics

Five key elements of a modern business analytics strategy can help businesses position themselves for growth in the new economy and continue to work and be smarter, especially in managing costs, improving profit, identifying new opportunities, driving cash flow and managing risk for more effective decision-making.

1. Scorecards/dashboards.
By using scorecards and dashboards, executives are able to monitor data efficiently, better understand performance gaps and quickly drive opportunities with more strategic decision-making.

Understanding how business is performing against predetermined targets is crucial. As companies become increasingly agile, executives simply do not have the time to sift through stacks of reports to discover how their business is performing. Business leaders can look to measurement tools, such as scorecards and dashboards, to monitor data and help manage strategy and performance goals.

There are different scorecard types that provide distinct characteristics to help decision-makers, including those focused on strategy management, business process performance management and basic performance monitoring. Regardless of structure, their impact on decision-making is even more significant.

Scorecards let executives link individual and team performance to organizational strategies. This helps employees understand at a glance how their individual roles drive company-wide performance. With digital scorecards that are tied to key financial and operational data, business leaders don’t have to sift through spreadsheets or paper-based reports. They are effectively able to monitor and manage their strategies as well as make smarter decisions to execute company objectives.

2. Reporting and analysis.
Reporting and analysis abilities allow decision-makers to assess and communicate how their company is performing in the industry and take immediate action accordingly.

Reporting and analysis helps executives see how they are operating in different regions or across product categories, as well as better understand the state of their market sector and industry competition.

With business analytics, Web-based reporting sits on top of core transaction systems so decision-makers can take immediate action on recent financial or operational information. Reporting and analysis creates a common context for decision-making across departments and staff levels and helps companies make data more actionable.

3. Financial performance management.
Deep insight into financial and operational data helps companies streamline business operations in order to increase profitability and sustainability.

Business analytics software for financial performance management helps executives streamline the complex process of tough decision-making by enabling users to evaluate financial results across countries, currencies, general ledger systems and legal entities. This deep insight helps finance make smarter decisions about which assets, resources, initiatives, locations, products or customer relationships may no longer be sustainable.

Armed with detailed financial analytics, business leaders can quickly evaluate how results change over time, in different regions and across various product categories. The ability to identify key financial and operational trends is always vital. By drilling down to transactional-level detail, trends can be spotted more easily so decision-makers can better understand resource requirements and plan accordingly.

4. Continue the planning cycle.
Replacing rigid planning cycles with business analytics software enables businesses to build intelligent plans for future development and growth.

Business analytics software for enterprise planning can help companies replace and revamp rigid annual budgeting and planning processes that tend to make minimal impact on business growth. This type of business analytics technology fosters continuous planning on a monthly, weekly or daily basis, positioning companies to achieve higher performance in both strong and weak economies.

With real-time visibility into up-to-date data, executives can create rolling forecasts that consider a broad range of potential future scenarios. This type of what-if analysis enables business leaders to develop intelligent action plans for variable future outcomes, thus boosting the agility and responsiveness of the company.

5. Continuous monitoring of performance targets.
Monitoring performance targets on an ongoing basis lays the foundation for future growth, providing organizations with a realistic performance outlook based on actual business and industry developments.

Companies should not seek shelter from the stormy clouds brought on by the recession, but rather take careful, intelligent steps to better manage costs, improve efficiencies, reallocate resources and streamline supply chains so that the foundation for future growth is established. Instead of setting targets at specific numbers, company decision-makers need to link performance targets to events, trends and risk factors.

This allows for more realistic performance targets based on actual business and industry developments and provides more flexibility to adapt to changing market conditions. The strategy will require a commitment to rid the company of inefficient processes in favor of intelligent systems capable of driving continuous performance.

For the past four years, BI software, a key component of the business analytics market, has ranked as the number one priority of executive managers surveyed by Gartner. Why? Because choosing the right strategy, executing against it, and ensuring you’re on the right path demands the access to the information and insight that modern business analytics delivers.

This is especially true during uncertain economic times, businesses of all sizes need to analyze operations and performance in an effort to identify the best ways to improve business processes, reduce or optimise enterprise costs and improve overall enterprise workforce effectiveness.

Smart companies need a modern, intelligent business analytics strategy that gives them the ability to understand past performance, get an immediate pulse on what is happening now, and both plan and model the future to gain more predictability and control.

This type of strategy is driven by the business in collaboration with the IT department and combines the elements of scorecards/dashboards, reporting and analysis, financial performance management, continuous planning and performance targets.

Together, this modern business analytics strategy fosters better control over information and visibility into how the new intelligence gained will impact the business value chain. Moreover, an inclusive business analytics strategy is pervasive across lines of business and employee roles, helps organizations find opportunity amidst economic turmoil, accurately measures efficiencies, streamlines the decision-making process, revolutionizes planning, budgeting and forecasting and lays a solid foundation for sustainable 21st century growth.

Thursday, November 19, 2009

Tamiflu exploitation

Consumer warnings have been issued about price variations for a scarce liquid form of the flu-fighting drug Tamiflu.

The consumer protection warnings are about price variations for a scarce liquid form of the flu-fighting drug Tamiflu.

Consumers who suspect price fixing /gouging should call their consumer advice department or state's attorney general. Warnings will be posted soon on local government websites.

For someone to exploit this public health challenge for their own gain is unconscionable but not without precedent.

Wednesday, November 18, 2009

China: 'E-waste capital of the world' tries to clean up image

The southern Chinese city of Guiyu is where pc's, cellphones and Playstations go to die. The workers who recycle them are exposed to dangerous chemicals.

Chen Yinghong hasn't made tea with the water from the well or the little lake behind his workshop for years - not since the tea started foaming, and the women who work in the shop only drink bottled water.

During a recent visit, Yinghong's workshop was a mess of electronic waste: keyboards. motherboards, power cords and pc casings. Women were melting motherboards on cookers to recover the lead and copper in them. For years these acid baths and other chemicals have been dumped unceremoniously into rivers and streams in and around Guiyu.

5 euros a day
Six men wearing protective masks were pounding away at pc's, Playstations, TV's and mobile phones with screwdrivers and hammers. Lead and glass particles danced in the sunlight. The fans are too small and weak to keep the air in the room healthy, and the workers complain of headaches, watery eyes and soar throats - all that for 5 euros and ten hours a day.

Around 70 percent of the world's electronic waste ends up here in Guiyu. It is brought here from the nearby ports of Hong Kong and the Pearl River delta. There are around 7,000 e-waste processing workshops in Guiyu, where more than 60,000 economic migrants from the poorest parts of southern China remove the precious metals from electronic parts by hand.

Their working conditions resemble those of 19th century British factory workers.

For this reason the authorities in Guiyu are not very fond of journalists. When discovered they are strongly advised to leave unless they want to be beaten up.

Chen Yinghong had no problem talking to journalists. The e-waste trade has made him a rich man, as the BMW parked out front and his three sons' new scooters showed. Chen's workers, by contrast, have not gotten rich, or they wouldn't be working here.

And yet Chen complained. There is no shortage of electronic waste, but the economic crisis has led to a severe drop in the price of copper and steel, he said. Worse, Chen is being made to move his workshop to a new industrial location with modern recycling facilities for which he will be charged rent. "First the crisis, now this. They're killing our business," he grumbled.

The working conditions in Guiyu were first exposed seven years ago by US environmental activists, but the Chinese authorities are only now getting around to doing something about them. After all, the e-waste business is good for a 100 million euros a year turnover.

The Economist: Three Habits of Irritating Management Gurus

Alas, Business Information (BI) practitioners can analyse, criticise and debunk the works of popular management gurus till the cows come home, but the demand for expert wisdom grows unabated.

The gurus fill a need of business leaders to provide the magic formulas and quick fixes, for management. Even if we criticise them, they often deliver “...their failures only serve to stoke the demand for their services....the very fact that (management) defies easy solutions, leaving managers in a perpetual state of angst, means there will always be demand...”