It is said that imitation is the sincerest form of flattery. If true, it should follow then that China are huge fans of most consumer electronics brands. We’ve written before about threats to intellectual property. The impact of such imitators is most keenly felt by the end user, and can be mixed. In India, back in 2011, counterfeit DVDs of The Dark Knight sold for over $600 a pop. In China, where a limited embargo on foreign films exists, scarcity has spurred innovation, leading to grey-market DVDs with more special features for viewers to enjoy.
Such innovation still flouts the law, however, and is nothing new. In his book A History of Future Cities, Daniel Brook writes in detail of the Westernisation of Shanghai at the end of the 19th century:
“As early as 1863, the British food company, Lea & Perrins, was taking out ads in the North China Herald to warn Shanghai consumers of ‘spurious imitations of their celebrated Worcestershire sauce [with] labels closely resembling those of the genuine Sauce’ and threatening lawsuits against anyone who dared to manufacture or sell the knockoff product”
Today, China still struggles to build powerful brands that work outside the country as well as they perform domestically. An editorial earlier this week in the Financial Times confirmed this status, with a focus on handset manufacturer Xiaomi. The editorial rightly points out Xiaomi have made good attempts at brand cultivation, including a strong social media following that cultivates a sense of belonging that results in people attending new product releases in the same uniform and plush toys (see header photo). More could be done though. Ultimately the brand can be as glitzy as you want, but without an exciting business beneath, generating excitement will be hard: “It is a sound business, but not an innovative one”. Its product specs borrow from Samsung, its product design and launch motif from Apple, albeit with some mildly diverting software additions of there own, such as a way to navigate automated phone systems.
The risk of failure in markets outside of China has potentially been heightened by the centrally planned market environment present there, which rewards and protects national incumbents while doing its best to hinder new, foreign entrants. A domestic market with over a billion people is not a bad starting place, but as the FT concludes, “If Chinese brands are going to take on their rivals around the world, they need to dazzle us with something we have never seen before, much like Sony did with its life-altering Walkman“. Sony though will feel keenly that such dazzlers do not a sustainable competitive advantage make.
We’ve written several times over the years about the deployment of Big Data. One of the key challenges with such tools is the seductive risk of treating the data as a catch-all answer to a question not asked. Zeitgeist in the past worked with a large client in the public sector that understood this pitfall and studiously avoided it by knowing beforehand what Big Data meant to them, and how it could be used to improve its strategy and operations.
Without such forethought, applications of Big Data can be ineffectual, if not outright harmful, as the president of eBay Marketplaces said last year in an interview with McKinsey. Governments around the world – particularly in the West – have been using Big Data for some time now to help identify extremists. The jury is still out for some as to how harmful government digital surveillance can be. The deliberate weakening of virtual systems has its root in the fact that the US government originally classified once-arcane cryptography as a munition, which when licensed abroad was watered down. “The idea of deliberately weakening cryptography in the name of national security has not gone away”, writes The Economist. An article published in The New Yorker earlier this year investigated the NSA’s uses of Big Data – specifically mass surveillance of individuals in the US and beyond over cellphone metadata, social media, etc. – and found it wanting. This appears to be partly because there is no pre-determined strategy for what they want the data to do, other than to figuratively chuck it onto the pile with the rest of the data they have, which at some point might be used. The efficacy of such a practice, according to the article, has been minimal. In all of its surveillance, the article claims there was but a single case “
“Patrick Skinner, a former C.I.A. case officer who works with the Soufan Group, a security company, told me… ‘We knew about these networks,’ he said, speaking of the Charlie Hebdo attacks. Mass surveillance, he continued, ‘gives a false sense of security. It sounds great when you say you’re monitoring every phone call in the United States. You can put that in a PowerPoint. But, actually, you have no idea what’s going on.’
By flooding the system with false positives, big-data approaches to counterterrorism might actually make it harder to identify real terrorists before they act. Two years before the Boston Marathon bombing, Tamerlan Tsarnaev, the older of the two brothers alleged to have committed the attack, was assessed by the city’s Joint Terrorism Task Force. They determined that he was not a threat. This was one of about a thousand assessments that the Boston J.T.T.F. conducted that year, a number that had nearly doubled in the previous two years, according to the Boston F.B.I. As of 2013, the Justice Department has trained nearly three hundred thousand law-enforcement officers in how to file ‘suspicious-activity reports.’ In 2010, a central database held about three thousand of these reports; by 2012 it had grown to almost twenty-eight thousand. ‘The bigger haystack makes it harder to find the needle,’ Sensenbrenner told me. Thomas Drake, a former N.S.A. executive and whistle-blower who has become one of the agency’s most vocal critics, told me, ‘If you target everything, there’s no target.’“
This last quotation applies to strategy in general. Without anything specific to focus on as a strategic achievement or direction, one shouldn’t expect any improvement in that area.
We all seem to have less time to ourselves these days. But there seems to be more to watch – on more platforms – than ever before. What trends have led to this, and what’s the result? Much editorial ink has been spilled over the years about how our lives seem to be getting busier, with less free time to ourselves. This is somewhat of a painful irony given that many of our more intellectual ancestors thought our evolution as a species would quickly lead to a civilisation mostly consumed by thoughts of how to fill the days of leisure. In last week’s New Yorker, Harvard professor Thales Teixeira noted there are three major “fungible” resources we have as people – money, time and attention. The third, according to Teixeira, is the “least explored”. Interestingly, Teixeira calculated the inherent price of attention and how it fluctuates, by correlating it with rising ad rates for the Super Bowl. Last year, the price of attention jumped more than 20%. The article elaborates,
“The jump had obvious implications: attention—at least, the kind worth selling—is becoming increasingly scarce, as people spend their free time distracted by a growing array of devices. And, just as the increasing scarcity of oil has led to more exotic methods of recovery, the scarcity of attention, combined with a growing economy built around its exchange, has prompted R. & D. in the [retaining of attention].”
It’s such thinking that has persuaded executives to invest in increasingly multi-platform, creative advertising during the Super Bowl, and to media production companies taking their wares to the likes of YouTube and Netflix. But it’s all circular , as demonstrated last week when Amazon announced it would be producing films for cinema release. The plurality of such content over different channels carries important connotations for pricing strategies. At its most fundamental, what is a product worth when it is intangible and potentially only available in digital form? It chimes with an article written earlier this month in The Economist on the customer benefits of e-commerce. Though most knee-jerk reactions would assume price is the biggest benefit to customers, recent research illustrates this is not always the case. Researchers at MIT showed on average people paid an extra 50% for books online versus in-store. This isn’t because that latest David Baldacci is sold for more on Amazon, but rather because of the long tail. Which means more products are able to find the right owner, for a price, whereas in store comparatively they go unsold. More channels have meant more availability for content, which should benefit consumers in that more content destined to be a hit now finds a home, where once it might have been lost if turned down by the major TV or radio network stations. The Economist elaborates,
“Seasoned publishers have only a vague idea what book, film or song will be a hit. A major record label can sign only a fraction of the artists available, knowing full well it will unwittingly reject a future superstar. Thanks to cheap digital recording technology, file sharing, YouTube, streaming music and social media, however, barriers to entry have been dismantled. Artists can now record and distribute a song without signing to a major label. Independent labels have proliferated, and they are taking on the artists passed over by major labels. Hit songs are still a lottery, but the public gets three times as many lottery tickets.”
So while we may have less time to consume it, more content over more channels will allow for greater chances for breakout hits, particularly with avid niche audiences. Amazon Prime video content was until recently confined to a niche audience, and the show Transparent dealt with niche subject matter. But the show has broken out into the zeitgeist and won two awards at the recent Golden Globes ceremony. (Full disclosure, we know a producer on the show and were lucky enough to visit the set on the Paramount lot in Los Angeles last summer). It is likely such a great show – recently made available free for 24 hours as a way to upsell customers to Prime – would not have found a home on traditional TV networks, and thus in people’s homes, were it not for this plurality.
Plus ça change, plus c’est la même chose… TV executives’ concern over changing viewing habits is nothing new. Sports coverage continues to deliver; it’s such thinking that pushed BT to pay almost GBP900m to show some football matches. But it’s not just knowing the score as it happens that has kept audiences from time-shifting. We wrote a piece back in 2011 detailing how the industry was trying to put a renewed focus on live events. Social media have contributed to this; having a constant stream of wry comments on Twitter to snark at while watching Downton Abbey can vastly improve the viewing experience. This is somewhat lost if viewing the show later.
There was a time when live events were much more common on network TV. Back then it was other formats – radio and cinema – that were running scared from the box in the corner. Now it is television that is trying to retain eyeballs; DVRs and OTT rivals are diminishing its sway; the cable industry lost 2.2m subscribes last quarter and Fox COO Chase Carey recently conceded the cable cord was “fraying”. TV viewing in general dropped 4% last quarter, Nielsen reported on Friday. Mobile use in general seems to be the largest culprit (see chart, below). As part of a strategy to keep viewers glued to scheduled, linear TV, NBC has previously screened the live performance of Sound of Music, and recently announced plans for a live rendition of A Few Good Men. Like the latter piece on content, Peter Pan similarly began as a play, and this past week saw its own broadcast, live, on NBC. It was a fine tactic in a broader strategy. Sadly, execution, and timing, are everything. Salon saw much room for improvement. The New Yorker compared it with earlier TV adaptations (NBC did a live version back in 1955) and found it lacking. More damningly, it also saw a broader disconnection from reality, as protests swept the nation in reaction to events unfolding in Ferguson. Viewing figures were half what the network got for Sound of Music. As The Wall Street Journal points out, live events may be losing their pull; both the Emmys and MTV Music Awards saw dips in ratings this year. Meanwhile though, marketers are still willing to pay a premium for advertising during such shows. Brands are said to have paid as much as $400,000 per-30 second commercial for the telecast.
“The nature of the internet as a platform for art is double-edged. The thing that makes it attractive — the fast turnover of content produced by unusual, gifted people — may be what stops it from bringing about a Golden Age 2.0.”
– India Ross, Financial Times
Another tactic in the strategy to retain eyeballs has been to license old seasons of shows still running to OTT providers like Hulu, Amazon and Netflix. On the one hand this may cannibalise viewers who are just as happy watching old episodes as new ones. On the other, it could provide a new platform to find audiences and increase advocacy and engagement. What Nielsen has found is that both are happening. As the WSJ reports, “Dounia Turrill, Nielsen’s senior vice president of client insights, said she analyzed the results of 16 such shows and found an even split of shows that benefited and those that didn’t”. Netflix, meanwhile, closed down its public API and is seeking world domination with culturally diverse content in the form of Marco Polo. Such OTT providers have their own problems to worry about, too; their niche is becoming increasingly cluttered. Vimeo is not mentioned often as a competitor to the likes of Amazon’s services, but it too is now producing original content for streaming, in much the same way as its peers, where shows are greenlit by popular demand and creatives given full rein. An article in this weekend’s Financial Times points out the limits of such a business model, “the internet audience — vehement but fleeting in its interests — may not always know what makes the best content for a more substantial series… returns are unreliable in a marketplace where even established services suffer at the hands of a capricious audience”.
In film, new possibilities arise in the form of ticket-booking innovation. While TV is recycling old ideas of content and engagement, these new tactics look to push the industry onward. This month through January 17, New York’s MOMA hosts a Robert Altman retrospective. One of his seminal films, The Player, shows in some ways how far the film industry has come, and in others how we haven’t moved on at all. The New Yorker wrote a brief feature on the retrospective. It’s insightful enough to quote at length, below:
“In the opening shot of “The Player,” from 1992, Robert Altman makes an explicit attempt to outdo Orson Welles’s famous opening to “Touch of Evil.” He has the camera zoom in and out, track left and right, pan one way and the other, and, before a cut finally comes, pick up with most of the major characters of the film. The scene also situates “The Player”—a movie about a studio created on a Hollywood studio lot—in film history, with passing references to silent film, forties genre work, the sixties, and, finally, the Japanese, who were then moving in on Hollywood, and are seen looking the studio over.
When it came out, “The Player” was regarded as a scorching attack on greedy and unimaginative Hollywood: in the film, the industry’s shining past surrounds the executives at the studio and shames many of them. Twenty years later, the huge profits from big-Hollywood movies—digital fantasies based on comic books and video games—have washed away that shame. The executives in “The Player” have stories pitched to them constantly by writers, and then they say yes or no. They don’t consult the marketing division on what will sell in Bangkok and in Bangalore. The thing that Altman may not have anticipated was that one would be able to look back at the world of “The Player” with something almost like nostalgia.”
*Our 2016 trends for the sector can be found here*
Our most popular article this year by far was a piece we wrote on trends in the media and entertainment industry for the coming twelve months. That nothing has been written since January that has proved as popular as that is a little disappointing, but it is a good indication of what users come to this blog for.
It’s been an interesting past month or so in the Technology, Media and Telecoms sector. We’re going to attempt to recap some of the more consequential things here, as well as the impact they may have into next year.
Star Wars – And the blockbuster dilemma
Friday saw the release of the first trailer for Star Wars Episode VII, due for release December 2015. CNBC covered the release at the coda of European Closing Bell, around the point of a segment a story might be done about a cat caught up a tree (“On a lighter note…”). They discussed the trailer and the franchise on a frivolous note at first, mostly joking about the length of time since the original film’s release. One of the anchors then went on to claim that Disney’s purchase of “Lucasfilms” [sic] and the release of this trilogy of films, given the muted reaction to Episodes I-III, constituted a huge bet on Disney’s part. This showed a profound lack of understanding. Collectively, Episodes I-III, disappointing artistically as they may have been, made a cool $1.2bn. And this is just at the box office. Homevideo revenues would probably have been the same again, almost certainly more. Most importantly (whether we like it or not), are revenue streams like toy sales, theme park rides and the like (see below graphic, from StatisticBrain). So we are talking about a product that, despite many not being impressed with, managed to generate several billion dollars for Fox, Lucasfilm, et al. With a more reliable pair of hands at the helm in the form of J.J. Abrams, to say Episodes VII-IX are a huge bet is questionable thinking at best.
It can be easy for pundits to forget those ancillary streams, but in contemporary Hollywood it is such areas that are key, and fundamentally influence what films get made. Kenneth Turan, writing in mid-September for the LA Times, echoed such thinking. As with our Star Wars example; so “with the Harry Potter films, and it is happening again with ‘Frozen’, with Disney announcing just last week that it would construct a ‘Frozen’ attraction at Orlando’s Disney World”. It is why studios have scheduled, as of August this year, some 30 movies based on comicbooks to be released over the coming years. Of course, supply follows demand. Such generic shlock wouldn’t be made again and again (and again) if consumers didn’t exercise their capitalist right to choose it and consume it. We have been given Transformers 4 because the market said it wanted it.
But is this desire driven by a faute de mieux – a lack of anything better – in said market? David Fincher may not have been far off the mark back in September when he mentioned in an interview with Playboy that “studios treat audiences like lemmings, like cattle in a stockyard“. But a shift from such a narrow mindset may prove difficult in a consolidated environment – Variety’s editor-in-chief Peter Bart pointed out recently that “six companies control 90% of the media consumed by Americans, compared with 50 companies some 30 years ago”. Some players of course are trying to change the way the business this works. The most provocative statement of this was in September when Netflix announced a sequel to “Crouching Tiger, Hidden Dragon”, to be released day-and-date across Netflix and in IMAX cinemas. Kudos. It’s the kind of thing this blog has been advocating since its inception. Though not in accordance with a capitalist model, the market is certainly showing a desire for more day-and-date releases. Netflix isn’t a lone outlier as on OTT provider trying to develop exclusive content that goes beyond comicbooks (that in itself should give Netflix pause; about a fifth of its market value has eroded since mid-October). Hulu’s efforts with J.J. Abrams and Stephen King, as well as Amazon’s universally acclaimed Transparent series (full disclosure, a good friend works on the show; Zeitgeist was privileged to take a look around the sets on the Paramount lot while in Los Angeles this summer). And that’s not to say innovative content can’t be developed around blockbuster fare; we really liked 20th Century Fox’s partnership with Vice for ‘Dawn of the Planet of the Apes’, creating short films that filled the gaps between the film and its predecessor. Undoubtedly the model needs to change; unlike last summer, there were no outright bombs this year at the box office, but receipts fell 15% all the same. The first eight months of 2014 were more than $400m behind the same period in 2013. Interviewed in the FT, Robert Fishman, an analyst with MoffettNathanson put it wisely, “It always comes down to the product on the screen. And the product on the screen just hasn’t delivered.” An editorial in The Economist earlier this month praised Hollywood’s business model, suggesting other businesses should emulate it. But beyond some good marketing tactics there seems little that should be copied by others. Indeed, lots more work is needed. Perhaps the first step is merely rising that not all blockbusters need to be released in the summer. Next year, James Bond, Star Wars and The Avengers will all arrive on screens… spread throughout the year. Expect 2015 to feature more innovation on the part of exhibitors too, beyond having their customers be rained on.
Tech wars – Hacking, piracy and monopolies
Sony Pictures faced some embarrassment this week when hackers claimed to have penetrated the company’s systems, getting away with large volumes of data that included detailed information on talent (such as passport details for the likes of Angelina Jolie and Cameron Diaz). The full story is still unfolding. We’ve written a couple of times recently about cybersecurity; it was disappointing but unsurprising to see the spectre of digital warfare raise its head again twice in the past week. The first instance was with Regin, an impressive bit of malware, which seems to be the successor to Stuxnet, a spying program developed by Israeli and American intelligence forces to undermine Iranian efforts to develop nuclear materials. Symantec said Regin had probably taken years to develop, with “a degree of technical competence rarely seen”. Regin was focused on Saudia Arabia, Russia, but also Ireland and India, which muddies the waters of authorship. However, in these post-Snowden days it is well known that friendly countries go to significant lengths to spy on each other, and The Economist posited at least part of the malware was created by those in the UK. Deloitte, ranked number one globally in security consulting by Gartner, is on the case.
The news in other parts of the world is troubling too. In the US, the net neutrality debate rages. It’s too big an issue to be covered here, but the Financial Times and Harvard Business Review cover the topic intelligently, here and here. In China, regulators are cracking down on online TV, a classic case of a long-gestating occurence that at some arbitrary point grows too big to ignore, suddenly becoming problematic. But, if a recent article on the affair in The Economist is anything to go by, such deeds are likely to merely spur piracy. And in the EU this past week it was disconcerting to see what looked like a mix of jealousy, misunderstanding and outright protectionism when the European Parliament voted for Google to be broken up. No one likes or wants a monopoly; monopolies are bad because they can reduce consumer choice. This is one of the key arguments against the Comcast / Time Warner Cable merger. But Google’s share of advertising revenue is being eaten into by Facebook; its mobile platform Android is popular but is being re-skinned by OEMs looking to put their own branding onto the OS. And Google is not reducing choice in the same way as an offline equivalent, with higher barriers to entry, might. The Economist points out this week:
“[A]lthough switching from Google and other online giants is not costless, their products do not lock customers in as Windows, Microsoft’s operating system, did. And although network effects may persist for a while, they do not confer a lasting advantage… its behaviour is not in the same class as Microsoft’s systematic campaign against the Netscape browser in the late 1990s: there are no e-mails talking about “cutting off” competitors’ ‘air supply'”
The power of lock-in, or substitute products, should not be underestimated. For Apple, this has meant the acquisition of Beats, which they are now planning to bundle in to future iPhones. For Jeff Bezos, this means bundling in Washington Post into future Amazon Fire products. For media and entertainment providers, it means getting customers to extend their relationship with the business into triple- and quad-play services. But it has been telling this month to hear from two CEOs who are questioning the pursuit of quad-play. For the most part, research shows that it can increase customer retention, although not without lowering the cost of the overall product. Sky’s CEO Jeremy Darroch said “If I look at the existing quadplays in the market, not just in the UK, but pretty much everywhere, I think they’re very much driven by the providers who want to extend their offering, rather than, I think, any significant demand from customers”. Vodafone’s CEO Vittorio Colao joined in, “If someone starts bidding for content then you [might] have to yourself… Personally I have doubts that in the long run that this [exclusive content] will really create a lot of value for the platform. It tends to create lots of value for the owner”. Sony meanwhile are pursuing just such a tack of converged services in the form of a new ad campaign. But the benefits of convergence are usually around the customer being able to have multiple touchpoints, not the business being able to streamline assets and services in-house. Sony is in the midst of its own tech war, in consoles, where it is firmly ahead of Microsoft, who were seeking a similar path to that of Sky and Vodafone to dominate the living room. But externalities are impeding – mobile gaming revenues will surpass those of the traditional console next year to become the largest gaming segment; no surprise when by 2020, 90% of the world’s population over 6 years old will have a mobile phone, according to Ericsson. So undoubtedly look for more cyberattacks next year, on a wider range of industries, from film, to telco (lots of customer data there), to politics and economics.
Talent wars – Cui bono?
Our last section is the lightest on content, but perhaps the most important. It is the relation between artist and patron. This relationship took a turn for the worse this year. On a larger, corporate side, this issue played itself out as Amazon and publisher Hachette rowed over fees. Hachette, rather than Amazon, appears to have won the battle; it will set he prices on its books, starting from early 2015. It is unlikely to be the last battle between the ecommerce giant and a publisher, and it may well now give the DoJ the go-ahead to examine the company’s alleged anti-competitive misdeeds.
Elsewhere, artist Taylor Swift’s move to exorcise her catalogue from music streaming service Spotify is a shrewd move on her part. Though an extremely popular platform, driving a large share of revenues to the artists, the problem remains that there is little revenue to start with as much of what there is to do on Spotify can be done for free. The Financial Times writes that it is thanks to artists like Swift that “an era of protectionism is dawning” again (think walled gardens and Compuserve) for content. The danger for the music industry is that other artists take note of what Swift has done and follow suit. This would be of benefit to the individual artists but detrimental to the industry itself. And clearly such an issue doesn’t have to be restricted to the music industry. It’s not hard to anticipate a similar issue affecting film in 2015.
There’s a plethora of activity going on in TMT as the year draws to a close – much of it will impact how businesses behave and customers interact with said media next year. The secret will be in drawing a long-term strategic course that can be agile enough to adapt to disruptive technologies. However what we’ve hopefully shown here in this article is that there are matters to attend to in multiple sectors that need immediate attention over any amorphous future trends.
Back in July of this year, while schoolchildren dreamt of holidays and commuters sweated their way to work, management consultancy McKinsey sat down with president of eBay Marketplaces Devin Wenig. The interview is above; we’re going to pick on some highlights below as Wenig pontificated on the future of bricks and mortar stores, the change needed in marketing, the fallacy of big data and what will make for good competitive advantage over other retailers in the months and years to come. Often with talking heads the output can be generic and anodyne. Wenig though offers some insightful thoughts.
The future of the store: “I think stores are going to become as much distribution and fulfillment centers as they are full-fledged shopping experiences… They’ll become technology enabled so that you can go to a store and see enough inventory, but you may shop “shoppable windows.” We’re building those right now for retailers around the world. You may end up hollowing out the real estate, where the showroom is a much smaller part of the footprint, and the inventory and the distribution center become more of that footprint.”
How marketing needs to change: “There are still many instances that I see where it is old-school marketing. It’s still about major TV campaigns, get people into the stores. That’s still important, and that’s not going to go away. But understanding how to engage in a world of exploding social networks, how to use search, how to use catalog, how to optimize, and how to engage—very different skills.”
Competitive advantage: “I think the answer is data… While from the merchant standpoint incredible selection may seem great, from the consumer standpoint it can be overwhelming. I actually don’t want to shop in a store with a billion items for sale, I’m just looking for this. Data is the way to connect a long-tail advantage with consumers that oftentimes want simplicity.”
Executing on strategy: “Great data is both art and science. There’s a lot of press about the science; there’s not as much about the art. But the truth is that judgment matters a lot… we bring quantitative analysis to that to say, “The right way to look at our customers is this, not this,” even though there are infinite ways we could.”
The fallacy of big data: “It’s not about big data, it’s about small data. Big data is useless… it’s about me connecting with you, my business connecting with you. You don’t want to be part of a big data set; you’re just looking to buy a shirt. And that’s about small data. That’s about understanding insights that I can glean about you that don’t feel intrusive, don’t feel creepy, and don’t feel artificial—but feel natural. That, to me, is the future. There are glimmers of success there. I wouldn’t say the industry has arrived. For all the rhetoric about data, it’s a work in progress, but a critically important work in progress.”
Merging experiences: “E-commerce [fulfills] a utilitarian function… Stores have an important element of serendipity… The future of digital commerce is trying to get the best of both… we’re trying to spur inspiration.”
Late last month, Zeitgeist went with friends to his local theatre to see “Teh [sic] Internet is a Serious Business”. The play, a story of the founding of the hacktivist group Anonymous, was the most well-publicised dawn of cyberattacks on businesses and governments. The organisation, at its best, set it sights on radical groups that promoted marginalisation of others, whether that was the Church of Scientology in the US or those trying to dampen the Arab Spring in Tunisia. This collective, run by people, some of whom were still in school, showed the world how vulnerable institutions were to being targeted online. We wrote about cybersecurity as recently as this summer, summarising the key points in a recent report from The Economist on what was needed to mitigate against future attacks and how to reduce the damage such attacks inflict. The issue is not going away (and in fact is likely to become worse before it gets better).
It was back in January that management consultancy McKinsey produced a report, ‘Risk and responsibility in a hyperconnected world: Implications for enterprises’, where they estimated the total aggregate impact of cyberattacks at $3 trillion. There is much to be done to avert such losses, but the current picture is far from rosy. Most tech executives gave their institutions “low scores in making the required changes”, the report states; nearly 80% of them said they cannot keep up with attackers’ – be they nation-states or individuals – increasing sophistication. Moreover, though more money is being directed at this area, “larger expenditures have not translated into an increased maturity” yet. And while the attacks themselves carry potentially devastating economic impact on a company, their prevention comes at a price too for the business, beyond the financial. McKinsey reports that security concerns are delaying mobile functionality in enterprises by an average of six months. If attacks continue, the consultancy posits this could result in “a world where a ‘cyberbacklash’ decelerates digitization [sic]”. Revelations about pervasive cyberspying by Western governments on their own citizens could well be a catalyst to this. Seven points are made in the report for enterprises to manage disruptions better:
- Prioritise the greatest business risks to defend and invest in.
- Provide a differentiated approach to defence of assets, based on their importance.
- Move from “simply bolting on security to training their entire staff to incorporate it from day one into technology projects”.
- Be proactive; develop capabilities “to aggregate relevant information” to attune defence systems
- Test. Test. Test again.
- Enlist CxOs to help them understand the value in protection.
- Integrate risk of attack with other corporate risk analysis
Given the amount of business and social issues that involve digital processes – “IP, regulatory compliance, privacy, customer experience, product development, business continuity, legal jurisdiction” – there is a huge amount of disagreement about how much state involvement there should be in the degree to which enterprises must take steps to protect themselves. This is an important point for discussion though, and we touched on it when we wrote about cyberattacks previously.
But that report was way back in January, things must have solved themselves since then, right? Last week, PwC reported that corporate cyber security budgets are being slashed, even while cyberattacks are becoming far more frequent. The FT reported that global security budgets fell 4% YoY in 2014, while the number of reported security incidents increased 48%. Bear in mind these are only reported incidents. This is potentially no bad thing, if we’re to go by McKinsey’s diagnosis of too much money being thrown at the problem in the first place. At the same time, it’s not exactly comforting.
Only a few days after PwC’s figures were published, JP Morgan revealed that personal data for 76 million households – about two-thirds of total US households – had been “compromised” by a cyberattack that had happened earlier in the year. Information stolen included names, phone numbers and email addresses of customers. It was also revealed that other financial institutions were probed too. Worryingly, the WSJ reports that investigators disagree on what exactly the hackers did. It was also unclear who was to blame; nation state or individual. Such disagreements over the ramifications of the attack, the identity of the attackers as well as the delayed revelation of the attack itself, illustrate just how necessary transparency is, if such attacks are to be better protected against and managed in the future.
For those in London at the end of the month, The Economist is hosting an event for those who apply, on October 21, examining “how businesses can and should respond to a data breach, whether it stem from a malicious insider, an external threat or simple carelessness”. Hope to see you there.