Book Review in the HR Director by Perry Timms

Authors: Minter Dial & Caleb Storkey

Review by: Perry Timms (published in HR Director)


Futureproof BBA 2018Disruption is an oft-used term for that fact that we can rent out someone’s spare room online or order a restaurant’s food to take away and someone on a pushbike delivers it to us all using an app on our phone.

Disruptive Business Models and Disruptive Innovation have been with us for a surprising long 23 years.

It’s the term used to headline this book – Future Proof – on how to get your business ready for the next disruption.  Whatever that may be.

A digital branding and strategy consultant with an AI consultant as co-authors, feels like this could be one of those journeys perhaps overly obsessed with Silicon Valley’s ways; and predicting all sorts of technologically induced utopia or dystopia depending on whether you’re a Kurzweil or Lanier fan.

So does this book do what it says?  Mostly, yes it does.

First of all, I found it more practical than I expected.  Simpler language, not jargon-fuelled acronym fests of overly excitable futurology.  It’s written gently.  Philosophical quotes to open each chapter is used by many authors, but in this book they serve as a very relevant intro to what’s to come in the 21st century words of the authors.

Secondly, this felt like every useful article I’ve ever read on LinkedIn about any of this stuff had been curated, edited and set out for me to read on one plane journey to SXSW in Texas.  If you don’t know what SXSW is, then this book might be a great gap filler for you.  If you’ve been to SXSW, it’s my guess that you won’t need this book.

Thirdly, the book is really trying to be your field guide for the next 2 years or so.  Practical advice is included in the form of a suggestion or a prompting question.  My guess is that this has come from the author’s experience in consulting and advising – it feels like a consultant’s book.  But that’s not necessarily a bad thing.  When so many of these concepts in the book are in-development, emerging technologies of the digital and analogue sense (like collaborative economies and platform based, algorithm-led learning apps), such consultants have to get to grips with to help their clients.  This book feels like it’s being helpful to “clients” who happen to be readers.

If you are thinking “So, is this book for me?” and you already read Lanier and/or Kurzweil, I’d say not.

If you’re only just a little aware of Don Tapscott, Robert Ford, Bettina Warburg, Gerd Leonhard and Nathalie Nahai, then this book will bring a lot of things they share and talk about into a digestible sprint.  Through areas like the Cloud, Blockchain, 3D Printing and Cyber Security.  It’s not all digital but there’s a lot of digital in here.

I come across a lot of HR professionals a bit overwhelmed by things they hear about but don’t quite understand, because such things (blockchain and AI) are not influencing their practice – yet.  This book will give some people a head start on catching up.  I’d even suggest this book is aimed at those in corporate roles a little bit distant from the cutting edge of new product development.

So I liked it – well put together.

Did I learn much?  Not really but I still enjoyed how they presented practical advice on things that to some are far far away technologies.

Well done Minter and Caleb.  I hope your readers will urge you for a revised version 3 years hence when Quantum Computing; 4D printing; Neuralinks and Nanobots are the next wave of disruptions to future proof ourselves against.

Perry Timms, Founder and Chief Energy Officer, PTHR

Published by Pearson

Original review is here on HR Director

Futureproof Offered To Conrad Hotel NYC Guests

Futureproof at Executive-Suites-Conrad-New-YorkWe are excited to announce that, starting in August, Futureproof will be given away to guests at the Conrad Hotel in New York as part of a bedside reading offer. The initiative received some unexpected press coverage:

As cited in one of the articles:

“Bedside Reading®, the only program to place complimentary best-sellers at the bedside of luxury hotels across the U.S., is introducing the Beside Reading program to Conrad New York as the first business-focused hotel to provide both business and leisure travellers with a way to unplug and enrich their minds while travelling.”

Caleb and I are thrilled that Conrad accepted Futureproof. It’s a prestigious hotel in the high season! We’ll have to wait to see how it rubs off!

Futureproof Wins Business Book Award 2018 for Embracing Change

Business Book Award for Futureproof smallerCaleb and I are delighted to announce that our book, Futureproof, has won the Business Book Award 2018 in the category of Embracing Change. While I was away at SXSW, fortunately Caleb was on hand to receive the award. By all accounts, it was a grand evening. The Business Book Awards (BBA) has been organised by the ebullient Lucy McCarraher, who is also the co-founder and Managing Editor of Rethink Press. The MC was Nadine Dereza and my friend, Dan Priestley, gave an apparently very inspirational keynote speech.


Caleb Storkey Futureproof Business Book Award
Caleb Storkey – Winner of Embracing Change Award

In the Embracing Change category, we were up against four other fine finalists:


Caleb and I would like to chance this chance to commend all the competing titles and join in celebrating all the other winners:

  • Start Up Inspiration = It Takes A Tribe (Portfolio, Penguin Random House) by Will Dean
  • Self Development = The Leader’s Guide to Presenting (Pearson) by Tom Bird and Jeremy Cassell
  • Leading the Team = The Change Catalyst (Wiley) by Campbell Macpherson (also the overall winner)
  • Thought Leader = The Startup Way (Portfolio, Penguin Random House) by Eric Ries
  • Selling The Dream = Strategic Tendering For Professional Services (Kogan Page) by Matthew Fuller and Tim Nightingale
  • Judge’s Choice = Client Earth (Scribe UK) by James Thornton and Martin Goodman

Thanks to Lucy for putting on the awards, to our editor Eloise Cook for the hard work and support, as well as the crew at Pearson for the ongoing support. Also, a shoutout to our friends and family for their support!

Announcement – Business Book Award Finalist

Futureproof BBA 2018We are delighted to announce that Futureproof has been voted a finalist in the inaugural Business Book Award 2018 in the category, Embracing Change.

The awards ceremony event will be held on March 16, 2018 at the The Grange City Hotel London. Caleb Storkey (co-author) will be on hand at the event.

The four other finalists are:


** Don’t forget to get your copy of Futureproof now!

Disruptive Forces – Mobile & Artificial Intelligence – Guest Post by Daniel Rowles

Short Term: Mobile and Retail

Mobile technologies will completely transform the world of retail in the very short term. If I can walk in to a store, be immediately recognised by beacon and my existing account data, a whole lot of interesting things can happen. Combine this with new display technology that allows multiple viewers to see different things on the same screen based on viewing angle, and the instore experience can be fully customised. Add the tagging of all products via NFC or similar and my online and in-store experience can be fully integrated and interactive. Why would I shop in a store that doesn’t immediately know my likes and preferences, my shopping history and can offer me exclusive and personalised offers and experiences? The exciting thing about this, is the technology is already here and its just a matter of integration that needs to be fixed.

Medium Term: Artificial Intelligence

Google has been building the technology to achieve huge leaps in artificial intelligence since they started building their search algorithm. The Big Data technologies they have developed are needed to achieve the level of information processing to make truly useful artificial intelligence a reality and we are getting closer and closer to this reality. This will at the heart of transforming every industry. Computer intelligence will not be the same as human intelligence for a long time, but it will excel in some areas. Driving and medical diagnosis are two areas that in the very short term I’d rather trust a machine than a person. AI will also open up world of ethical questions, but starting to question the role of human intelligence and its fallibility can only be a good thing in my opinion.

Daniel Rowles futureproofDaniel Rowles, CEO Target Internet, Author of Mobile Marketing 
and Digital Branding


Different Digital Disruptions – Guest Post By Duncan Stewart

Technological change is almost always told as a story of destruction. A new thing is invented, and it crushes everything in its path. From Frankenstein’s monster terrorising villagers in 1818, through post-nuclear Godzilla stomping Tokyo flat, we have ended up in 2015 with Benedict Evans telling us that “mobile is eating the world.”

But is that view of technology, innovation, and disruption always true?

It sure is some of the time! From 2002 to 2015, US print newspaper ad revenues in constant dollars fell 78%, with a compound annual decline of almost 10%. Coin-operated arcade game revenue fell 89% between 1992 and 2015, again in constant dollars. The largest video rental company in the US went from $6 billion in revenues in 2004 to bankruptcy and zero revenues in 2010, at least in part due to streaming video on demand services. But that was a single company, not an entire industry: the real poster child for digital destruction is what happened to sales of recorded music after the MP3 file and the various players. From 1999 to 2015, US compact disc sales fell 92% in constant dollars.

Can you even imagine being in an industry where revenues – not profits, but revenues – fell 92%? Even Godzilla left more buildings standing!

Based on these examples, it is clear that growth in new technologies always means the end for old industries: digital destroys the old ways of doing news, games, video and music. Case closed.

Not so fast. Being able to read text on a screen has truly changed the world of print newspapers (not to mention print magazines, print directories and print catalogues.) One would therefore reasonably expect the same disruption to occur for print books. Famously, Nicholas Negroponte predicted in 2010 that print books would be dead in five years. Here it is in 2015, and not only are eBook sales stuck under 20% of all books purchased in the US, but sales are actually declining while print book sales are rising.

The gaming market is certainly influenced by new technologies. The rise of the smartphone, tablet and casual games has changed the market, with mobile games surpassing console games in 2015 and predicted to exceed PC games revenues in 2016. But although mobile will be the single largest gaming market, both console and PC games are still growing, up an anticipated five and six percent respectively in 2016. Further, although PC and console titles are not the only game in town (as it were), they will still represent over 60% of the global market in 2016; a far cry from the fate of coin operated arcade games.

Streaming video disruption led to boarded up video rental stores across North America and the largest player will have over 70 million subscribers in over 60 countries by the start of 2016. But what impact has streaming had on traditional TV in North America so far? Although there were fears that 20% of the nearly 100 million subscribers to pay TV service would cancel and ‘cut the cord’ as long ago as 2012, the actual decline was fewer than 170,000 subscribers in 2013 and 2014, and fewer than 10,000 subscribers in 2012. Or between 0.01% and 0.2%. Further, the monthly price paid for pay TV in the US is still rising, and even the number of minutes of TV watched daily has fallen by only seven percent from the peak (of 334 minutes of live and time-shifted TV per day) in 2013. The rise of streaming has had a negative effect on the traditional TV business, but it is orders of magnitude smaller than what happened to rental stores.

Finally, let’s go back to our digital destruction poster child: the music industry. The MP3 file didn’t just change CD revenues into some other kind of physical format revenues, or even into digital revenues, instead the growth and ease of piracy has caused ALL music sales to collapse, right? In fact, between 2008 and 2015 one US live music company saw its concert revenues grow 23% in constant dollars, or 2.8% annually. The digital trend that almost obliterated the CD industry a) didn’t seem to hurt live music at all, and b) may in fact have freed up consumer dollars for spending on live concerts.

Writing from Paris in 1913, Gertrude Stein said “A rose is a rose is a rose is a rose.” She didn’t write it on a smartphone, and a century later I want to modify her quote: digital is not digital is not digital. The forces unleashed by innovation and disruption are not the universal and obliterating things that we imagine or read in the media. The same digital trend that is crushing print in many forms is leaving print books more or less intact. Live music is benefitting from piracy. Sometimes disruption destroys a traditional industry, sometimes it hurts it a bit, and sometimes it actually helps.

Duncan Stewart,
Director of Research at Deloitte Canada

The Disruption Via All Things Web-Enabled – Guest post by Jeremy Goldman

The Web-enabled Force is the most importance force. There, I said it.

It’s hard to imagine anything more important than the flexibility of the Internet accessed through a browser. The scary thing? We have quite a bit of untapped potential left with respect to the Web-enabled Force.

Let’s take a look at the facts, shall we?

For one, e-learning has barely reached the apex of its growth. With the rise of college tuitions sharply on the rise, options such as Khan Academy and Coursera will only continue to grow. This will put onus, eventually, on higher ed institutions to invest deeply in distance learning, as well as to increase the odds that the next captains of industry hail from unexpected circles that would have previously not had access to such education.

 Now in some ways, standing up for the Web-enabled Force as the most crucial force may be cheating, in a sense, and I’ll tell you why. Quite simply, the Web-enabled Force might be one of the most broad and expansive out of all the forces discussed in this book. It touches and layers over so many other forces, it’s hard to ignore its importance. 

For most busy white collar professionals, the Web-enabled Force affects them on not just a regular basis, but on a minute-by-minute basis. So much of our lives are impacted by being connected to the Web, that when Internet connectivity is temporarily lost, we don’t know what to do with ourselves. In fact, I recently encountered some competitors at a nearby agency bemoaning the fact that access to the Web was finally being brought to their underground subway line. They had previously used this time to catch up on offline reading, listen to audiobooks, and ruminate about the day ahead. Once they were Web enabled during their subway ride, their entire process changed in a heartbeat. So Web enablement isn’t always a force for good – but it’s certainly a disruptive one.

From an organizational perspective, so much needs to be done to take advantage of it properly. For example, one has to understand that while face to face connections won’t go away anytime soon – there’s a biological component to that – distance collaboration tools such as Slack for communications, Box for file sharing, and Asana for task management need to be adopted by companies in order to stay competitive. The organization that doesn’t appreciate how employee expectations have changed, all because of the Web-enabled Force, is not likely to succeed in the long run.

At the same time, organizations are not talking enough about the negatives that our always-connected society bring along with them. For example, knowledge workers often don’t know when to “unplug” metaphorically speaking and use their intellect to create unique value for their customers and clients rather than to reactively check their work email account every 5 minutes. 

Any discussion of the Web-enabled Force wouldn’t be complete without a discussion of social media, a form of communication that shouldn’t be underestimated. As a result of social media, we now have the ability to connect with people who we would have never had the ability to discover in previous generations. The Taipei-based entrepreneur looking to build the world’s first solar-powered hovercraft can now connect with a solar-obsessed investor – who’s also a hovercraft aficionado – located in Sao Paolo. The opportunities for this type of collaboration are endless.

 Moreover, previously enterprises might not have gotten off of the ground because of being unable to find the right raw equipment or materials, or they could not be procured at the right price. Thanks to our Web-enabled society, that’s no longer the case for most of society. B2B ecommerce has largely been solved by platforms such as Alibaba, while marketplaces such as Craigslist are not just valuable for small businesses, but for classifieds-style listings, including dating ads. Speaking of dating, apps and websites as diverse as eHarmony, Tinder, Match, and many others have transformed the concept of dating and marriage across many strata of society.

I’m not going to be so bold as to say the Web-enabled Force has barely tapped its potential; far from it. There has been so much transformation in our society due to Web-enablement that it’s hard to believe its impact will only continue to grow over time. One thing is certain: it is hard to imagine a force that could have more of an overall impact to our society from a social, experiential, and professional perspective.

Jeremy Goldman FutureproofJeremy Goldman, @jeremarketer

CEO and Founder of Firebrand Group, Author, and Keynote Speaker, Founder at Mosaic; Author at Going Social: Excite Customers, Generate Buzz, & Energize Your Brand with the Power of Social Media

Inc Magazine & The Next Web (TNW) columnist

Collaborative Economy Disruption – Guest Post by @ScottMonty

As consumers can whip out their phones to get instant, on-demand access to products and services they want, we’re seeing a shift in thinking from ownership to access. It’s almost expected at this point. If your business can’t offer something to compete with this nearly frictionless effort, you’re vulnerable. When highlighted against the four disruptive forces (mobile, mindset, Internet related, emerging technologies), the collaborative economy hits all all four.

And while there is growing concern around sharing startups’ lack of regulation and aggressive global expansion, it hasn’t slowed the growth of the collaborative economy (especially behemoths like Uber and Airbnb), making it critical for established brands to understand consumer sentiment, learn their preferences and capitalize on these shifts now more than ever.

A three-pronged opportunity has emerged for large companies — but it isn’t necessary to pursue all three simultaneously; there may only be one strategy that suits each company. They can choose to compete on price, convenience or brand.

Price is fairly obvious, as financial savings is one of the top drivers of the collaborative economy with 82% of sharing transactions partially motivated by price. Established brands are well-positioned to offer greater value to providers in the collaborative economy, as traditional purchasers would use collaborative economy services for a 25% savings.

Convenience is another strong driver. To be able to pick up a device and get a service (or at least secure a service and view the length of waiting time and status of the request) appeals to the human need for immediate gratification. Convenience poses a major challenge to established companies, because it’s exactly where sharing startups have a structural advantage. However, convenience is a factor that established organizations can compete on, with value-added services that create efficiencies, on-demand access to products and services, mobile apps, and even the sale of locally-sourced and crafted products.

Having a trusted and well-known brand – even when competing with well-liked startups – is an advantage. There’s a close relationship between brand recognition and market dominance. Most people have heard of big collaborative economy players like eBay, Craigslist, Etsy, Uber and Kickstarter, and many of the top-sharing players have positive reputations. Yet more than 25% of would-be sharers will consider traditional buying if it means doing business with a reputable brand. The role of brand in the collaborative economy presents an opportunity for large companies to take advantage by marketing on trust or partnering with sharing services to leverage their brand.

scott montyScott Monty @scottmonty
Scott Monty is the CEO and co-managing partner of Brain+Trust Partners, a strategy consultancy firm specializing in digital transformation, technology selection and executive advising. He speaks to groups about the fundamentals of the human condition that are relevant to business today.

Scott spent six years at Ford Motor Company, as a strategic advisor on crisis communications, influencer relations, digital customer service, innovative product launches and more. He also has a decade of experience in communications and marketing agencies, where he had clients that included IBM Healthcare and Life Sciences, Coca-Cola, American Airlines, T-Mobile, GE Software and more.

He is a board member of the American Marketing Association and an advisor for RPM Ventures, My Dealer Service, Crowd Companies and Clever Girls Collective. He writes about the changing landscape of business, technology, communications, marketing and leadership at, where he distributes the widely acclaimed Week in Digital newsletter, and is the executive editor and co-host of the Sherlock Holmes website and podcast I Hear of Sherlock Everywhere.

A Stream of Meaningfulness – Guest Post by Yu Du and Orlando Fernando

A Dialogue between Yu Du and Orlando Fernando

Yu and Orlando are the co-leaders of the Meaningfulness Movement. This dialogue was one of their many discussions that led to start of the movement.

The Essence

Orlando: Our search for meaning is not a luxury but a duty. For me, meaning is the substance of our joy and the expression of our power. We experience our humanity through meaning. We are the creator and inventor of our meaning; it’s a free choice, not an accident.

Yu: You are spot on about the essence of meaningfulness. We are the creator of our inner and outer worlds. Meaningfulness starts from the moment that we truly recognise the power within us and commit to take full responsibility for our life.

I’m struck by the fact that so many people are disengaged at work and feel unfulfilled in their lives. The crisis of meaning is spreading fast in our modern western society when we seem to have more freedom to define meanings than our ancestors. But why? I think one of the reasons is because we— as a society—have lost the ability to tap into the power of practical wisdom, which was one of the main functions of ancient philosophy.


O: Until the middle of the nineteenth century, philosophy was meant to help us. But then it deserted us. Philosophy no longer integrates knowledge and wisdom, and it’s become the servant of science and logic. Contemporary philosophers are busy writing articles aimed solely at academia. That exercise, however, lacks the power to offer any help toward the crisis.

Y: The failure of contemporary philosophy has prompted individuals to take more responsibilities for themselves: to think deeply and critically about their lives. We acquire wisdom through self-inquiry, through vigorous practice, through expansion of our awareness, through our intentions. That’s the ultimate source of meaningfulness. Earlier on we talked about the importance of recognition of our true power to create meanings. How do we start?

The first step: how not why

O: That depends on who we are and where we are at. One possibility is to find something that has meaning now, or that used to have meaning, and then ask the question of how it has or had meaning.

Not why, but how! Meaning is not a thing or object; it’s a process and a flow. The important thing is not to ask typical questions to “analyse” it, but to try to catch our mind in the process of creating. That’s the first step.

Y: The question of “how” is often overlooked. Some people assume that meaning is somehow hidden, and if we are lucky, it might show up and talk to us. However, if we look very carefully, and trace back to where the meaning was started, clearly it’s not from anywhere else: we are the creator of that meaning. So “how” is the first step to understand the way in which we make meaning, and to realise from our first-hand experience that we as individuals create meaning, no one else. With just this simple realisation, I believe we can create a big shift in many aspects of our lives.

O: Agree. I want to stress the point that meaning is a process. We need to “catch” the mind at the beginning of its creation, and be fully conscious of its dynamism and flow. Meaning is also about taking responsibility and learning how to do it better with greater sense of deliberation. It’s not just being mindful, much more than that.

Meaningfulness and Mindfulness

Y: Interesting that you mention about mindfulness! Mindfulness is about the expansion of our awareness. There is this misperception that “being aware” is enough. Well, I disagree. “Being aware” is just the starting point, and it doesn’t lead to change automatically; only when reflective awareness also takes place and we consciously make the choice to take action, then we see the real shift occurring. I think that’s the power of meaningfulness: it’s a complete process to truly express our creativity.

O: Yes! That’s a crucial point: meaningfulness is about creativity. It is not just observation, but also doing, changing, improving with enthusiasm and joy.


Y: By no means is this an easy process. It requires tremendous patience, enthusiasm and consistent practise. I remember we talked in length about developing practical tools to help people in this process. I know you have been working on creating a meditation practise lately.

O: Meditation has become such a buzzword; it’s everywhere, but lots of people only understand it on a superficial level. Meditation is a state of consciousness. There is no better or worse form of meditation. In fact, every moment of our existence is an opportunity to become aware of the fact that we are in a meditative state. The skill of meditation is to direct the power of the mind in a chosen direction, or an object, or a condition.

“Meaningfulness Meditation” is a guided meditation with seven steps. It is designed to help people to enter into a meditative state by concentrating on meaning through the process of thought construction. By tapping into the power of the mind while in a state of concentration, insights and wisdom emerge, and it’s a very empowering experience.


Yu Du futureproofYu Du and Orlando Fernando started the Meaningfulness Movement to create a community with a mission: to create and live meaningful lives. They plan to grow the community through discussions, workshops, events, retreats, tears, laughter, silence and much more.

Entry Point—Ethical Hacking Goes Mainstream – Guest Post By Jennifer Arcuri

There’s a worldwide war underway, and without exception, every man, woman and child is under attack. Are you worried? Possibly, although it’s more likely that you’ll feel apathetic towards the vicious battle that surrounds you. Despite the prevalence, persistence, and devastating consequences of digital crime, as well as the constant peddling of a dystopian future on TV, radio, social media and film, many of us are happy – for now at least – to sleepwalk right through it. The speedy acceptance of the phrase “privacy is dead” sums up the collective apathy towards cyber security, a one-­‐way conflict that we are losing, badly.

It goes without saying that we – governments, corporates, and civilians – need to wake up. Binary constructs of ‘0’s and ‘1’s circulating in the cloud might appear innocuous, but in the wrong hands can severely damage, even obliterate, the very infrastructure upon which we rely for our day-­‐to-­‐day existence. Critical data, networking systems, security functions, can be deleted or changed in the momentary click of a return key.

We are living in a port driven society where almost every John and Jane in the first world, and much of the second, has a smart phone, PC, and tablet. All of these devices are connected in one single cloud, allowing each individual to function in their own telecoms network. But as technology becomes smarter, more connected, ever pervasive and proliferating, the risks to our personal security rise exponentially – it only takes one weak link in the chain for disaster to become a reality.

Are things really that bad?

Thankfully, people are starting to wake up to the fact that digital privacy and security is something to be valued and nurtured.

It may be that cyber crime is only just beginning to touch our everyday lives. For some reason, buried deeply in the human psyche, many of us think nothing of governments being hacked. Perhaps we believe it doesn’t really affect us. When familiar corporates, such as Target, eBay, PayPal, Anthem, get hacked, more people sit up and take notice – after all, these are companies we do business with everyday. Hacking is closer to home.

It’s not long before malicious hacks erase or manipulate normal citizens’ data. We live in a world that is increasingly driven by an online community. All of our devices link to an amorphous network. Our data is in the cloud. Health records, banking details, identities, all are vulnerable. Soon hacking victims will not only be those read about in the newspaper, but relatives, friends, work colleagues. You. Apathy has a price and the cost is becoming clearer.

In this new era of cyber crime, we’re all exposed, but most of us lack the appropriate protection or knowledge to combat the threat. When these networks get hacked (and they will be), the civilian population will get hurt, and governments, their agencies, and industry will be blamed.

Inaction is our worst enemy

Even as I write these lines, I find the subject of cyber security daunting to approach. But we can no longer be put off by great tasks or fear. The point of this essay must be made, and above all, heard.

I organise, manage and run tech events under the Innotech Summit brand. My team and I bring together leaders in the fields of technology, finance and politics to discuss the impact of a digital future and to action change. Content-­‐wise, it’s mostly awe-­‐inspiring, innovative, fun, and positive. But it’s not all good. There’s an undeniably nasty undercurrent of dread that goes hand in hand with technological progress – an anxiety that we can’t keep up with our own creations. People are concerned. And it’s not just the tech nerds and security agencies. The woman and man on the street are worried too.

That’s why cyber security is a recurring theme at all of my events. The fact that we can no longer hide from cyber threats is an open secret – but it’s getting late to address the issue.

We need an active defence strategy and soldiers on the front line – now. But the reality is that those with the power to employ skilled ‘soldiers’ and direct resources effectively are failing to do so. Is this inaction a manifestation of the paralysing fear of an encroaching cyber security doomsday? Perhaps. But my experience, gathered as a representative on numerous government trade missions and an attendee of some of the biggest international security events, tells me that it’s because those in power fear accountability for making the bold decisions necessary to take us towards a secure future.

A digital neighbourhood watch

My objective here is to highlight the importance of ethical hackers – of which there are many thousands around the globe – as well as hacking in general.

Hacking. A word capable of sending shivers down spines, disapproving looks across rooms, and eyebrows into furrowed foreheads. It’s a word that we need to revisit, because in an ethical context, hacking is capable of being the solution we so desperately need.

Let me explain.

There is great merit in empowering technically competent civilians to take notice of security threats, and a huge opportunity for the authorities to engage with them. But here lies the big misunderstanding – my experience of working with people on both sides of this divide demonstrates that all hackers are lumped into the same ‘vigilante’ category. Sadly, this means that the community spirit potential of a digital neighbourhood watch scheme is overlooked completely.

At a recent Innotech Summit event, Legislating Lulzsec, the ethics of hacking and what we are doing to better prepare the next generation of digital natives was discussed openly. The purpose was not to focus on the potential criminality of hacking, but to ask the question of whether we can use such skills to benefit and protect civilians, companies and governments. The resounding conclusion, unsurprisingly, was yes – that skilled individuals are the soldiers we need to work on the front line, helping people and organisations to identify and ‘patch’ (essentially, rectify) their cyber weaknesses in order to ensure a safe and secure digital presence.

The discussion then evolved into how we can engage, involve, and apply a network of digitally adept, ethically committed individuals to meet the skills deficit. And a deficit it most certainly is – the accelerating litany of security breaches in government and industry alike makes this clear and impossible to ignore.

We see the early signs now. Governments and branches of the military around the globe are recruiting elite cyber security troops. Unfortunately, they’re using the same approach that’s worked for the recruitment of Navy, Army and Air Force personnel — the mentality is that the ‘best of the best’ are corporate, conformist types that have graduated from MIT or Stanford.

The bulk of cyber talent, however, does not fit into such a limited category. Many of the real geniuses are kids who never finished school or college, thrive in online rather than offline communities, and shudder at the thought of desk jobs. As a result, recruitment targets are being missed. Moreover, the police and non-­‐military branches of those same governments are hell-­‐bent on criminalising, prosecuting, and imprisoning these types of hackers. While it is right to punish crime, we must focus on creating a culture that recognises and understands the hacker mind-­‐set, and provides opportunities for such talent to be directed towards something good – ethical hacking.

Hacking – the good, the bad, and the just plain wrong

But before we can even begin to fill the skills void, we must define – and defend – ‘ethical hacking’. This requires all previous taboo-­‐like notions of ‘hacking’, most of which spring from media-­‐hyped stories that revolve around bad guys stealing information and disrupting networks, to be packed up and put away. Indeed, ‘to hack’, as a verb, means to break into something – an undeniably negative connotation. But it’s time to draw a line in the sand, for hacking is not the same as ethical hacking, a compound noun which has a completely different meaning.

Let’s break it down. ‘Ethics’ – the easy one – can be defined as the discipline dealing with what is good and bad in the context of generally expected societal behaviour, an established line in what defines moral obligation. Quite simply, ‘ethics’ defines what is ‘right’ in any given situation.

The ‘hacking’ extension is more complex. There are many reasons to justify the ‘breaking and entering’ implied by hacking, and it’s easy to understand why it is considered illegal and wrong. The notion that all information should be free and that there is no such thing as intellectual property is no basis for justifying hacking. The system in which we live, and from which the majority benefit, would break down without IP protection.

Defining ethical hacking is a little more complex, of course. Some hackers say that they do no harm – they don’t hack to cause damage but to ‘have a go’ at system security work. This, it could be agued, is okay to an extent. There is even some validity in the oft-­‐claimed hacker motivation of ‘keeping big brother at bay’.

However, hackers that make use of idle time on the computers of others, even without looking at private data, have crossed the line. Such behaviour is clearly theft – remote intruders are not in a position to qualify whether another person’s system is being under or over used.

The ethical minefield gets worse from here. For example, there is a fundamental argument that says some computer break-­‐ins are in the interest of the public or greater good, and therefore justified (if not ethical) in the eyes of the hacker. To them, if they fail to take action on security threats, the software developer or network will not act, leading to further vulnerabilities that would inevitably cause greater destruction down the line.

There is a degree of justification to this argument – patching is critical. However the proper authorities need to be involved to ensure that data protection ethics are controlled and enforced (the problems here are who is responsible for controlling these authorities, and what happens when the only way to beat the bad guys is to… but we’ll save that for another day).

What is ethical hacking?

I define ethical hacking as the authorised search for the source of a problem with a moral obligation to patch the security vulnerability in the best interests of a client or system.

An analogy I often use to explain this is of a thug stabbing an innocent victim with a stiletto (a hacker) and a surgeon cutting a patient open in an operating theatre (an ethical hacker). Malicious hacking is carried out on an unwilling victim and can cause untold damage to a system. Ethical hacking, on the other hand, is undertaken with full approval and is designed to locate the source of a problem, or potential problem, to fix it.

To extend this metaphor, just like the surgeon is qualified, licensed, and under a moral and ethical duty to defend a patient’s life, an ethical hacker, whose programming and coding ‘qualifications’ are best gained through experience, should have the avenues available to be licensed to secure and defend systems in the ever-­‐growing cloud – a cloud that no longer contains computers, but phones, cameras, door locks, light switches, baby monitors, glasses…(the impact of have one’s home hacked by the bad guys is truly terrifying).

Ethical hackers understand their place in a rapidly changing society and know that being part of the humanity collective requires being responsible for their actions and decisions on-­‐ and off-­‐line. They are best placed to protect us, since they understand better than anyone else what happens when everything is connected.

The solution is to promote ethical hacking and support ethical hackers, while encouraging a paradigm shift in the attitude toward it. We can only build and execute a defensive strategy to fight cyber criminals by being offensive, and this entails bringing in those who ‘do what the bad guys do’, but wear white hats while doing it. And public policy needs to embrace them, to give out the Sheriff’s deputy badge.

Your country needs you

Every computer has around 60,000 ports. Ports are like entryways and doors to a home. Some of which admit more traffic than others. Who has keys to the house? What happens when someone breaks in? Which doors are vulnerable? Can the house be made more secure by a home security expert or the police?

We urgently need ethical hackers to be on the look out for digital vulnerabilities (with complete authorised permission, of course) so that they can be patched before the bad guys get in. Those in government and industry must ensure that every civilian is aware of the threats that surround them, is educated in basic security and able to run system scans, and has access to ethical hackers.

This means that we need to raise, educate, and train generations of #digitalnatives –the momentum and intensity required to actively keep up with cyber security threats ensures that we have no option. The principles of ethical hacking must be taught to kids everywhere, in the same way that road safety is instilled from an early age. Universities and after school groups should be encouraged and incentivised to organise ethical hacker clubs – places where its cool to learn and practice ethical hacking. In short, public policy, security, and academic institutions need to promote, support, and enable ethical hackers.

We cannot give up the fight for cyber security. The lifetime efforts and struggles –career, family, savings, work – of everyday people can be wiped out in a moment without it. We must respect and value this information to the maximum extent possible within the data constructs. We continue to live in a society where the integrity of information is assured in order to maintain and encourage investment.

If we ignore the threat, we will soon be living in a society where concatenating disasters will drive hurried and urgent attention to cyber security knowledge as one of the pillars of education in a modern digital society. If we start now, we can smooth the path. Let’s start now. Let’s start training our digital natives to respect the Internet, the cloud, what’s visible in the browser… and what’s behind it.

Governments? Are you listening?


Jennifer Arcuri futureproof cyber securityJennifer Arcuri, Founder, The Hacker House