Network security – and the lack thereof – continues to be a concern in the Caribbean. Although some incidents get reported; most are kept under wraps by the affected organisations, whilst there are still others that are not (yet!) aware that their networks have been compromised.

To help us all get a handle on what is going on in the IT/network security space in the region, we are engaging Caribbean-based network security experts. To kick off the 2017 series, we are thrilled, once again, to have Niel Harper, who is no stranger to ICT Pulse and the Expert Insights series!

Niel is the Founder and Managing Director of Octave Consulting Group, a boutique advisory firm specializing in CIO advisory, cybersecurity, IT assurance and information risk management services. He has had management responsibility, consulting engagements, and short-term assignments in over 20 countries, and has worked with organizations such as the Internet Society, United Nations Volunteers, Cable & Wireless, AT&T, Bermuda Commercial Bank, CIBC, and the Internet Engineering Task Force. Niel is a Fellow to: the British Computer Society; the OECD Technology Foresight Forum; and the Royal Society of Arts. He is an Incorporated Engineer (IEng) registered with the UK Engineering Council, and holds a number of industry certifications in information security, IT auditing, and business continuity management, and in 2014, he was recognized by the World Economic Forum as a Young Global Leader.

ICT Pulse:  Niel, give us a quick recap of what have been the most prevalent types of incidents in Barbados and/or in the Caribbean region over the past year or so? How has the threat landscape changed?

Neil Harper:  Michele, it’s always difficult to quantify or qualify the number and types of cyber incidents that occur in the Caribbean because there are no mandatory breach notifications or transparency obligations in the various jurisdictions across the region. As such, public and private sector organizations do not notify the general public or individual data subjects when networks or personal data stores are compromised (yes I have said this a number of times, but it is still relevant and quite important). That being said, ransomware attacks have been quite prevalent across the region, and particularly targeting hospitals, educational institutions, government systems, financial services, and small-to-medium enterprises with insufficient resources to adequately respond to cyber threats.

ICTP:  Over the past year, ransomware incidents appeared to have been quite plentiful across the region. Are they still as huge a threat?

NH:  On a regional (and global) scale, ransomware has continued to be the most persistent business model for cybercriminals. One of the key reasons that ransomware has remained a major threat is because the tools used to initiate attacks are being continuously evolved and improved. For example, there was an over 150% increase in new ransomware variants in the first half of 2016. Moreover, cybercriminals are now operating Ransomware-as-a-Service (RaaS) with lower buy-in costs that allow less tech-savvy perpetrators to distribute ransomware. And the success of ransomware attacks is high because related exploit kits have been popping up more and more on legitimate websites.

ICTP:  What are some of the new and emerging threats of which we should be more aware? And are there any particular areas of concern that you have for Caribbean organisations?

NH:  One of my biggest concerns with regards to new and emerging threats is that nation states are increasingly developing offensive cyber capabilities, essentially weaponizing exploits and actively eroding trust online through disproportionate mass surveillance, targeted attacks, and information manipulation (fake news). On the other hand, threat actors are ramping up attacks against hardware and firmware vulnerabilities in processors, DRAM technologies, BIOS, and in firmware on devices such as USB, chargers, and external hard drives. IoT malware is on the rise and threatening individual privacy via regular household appliances and consumer devices. In 2017, ransomware continues to grow, and malware authors are focusing their efforts on mobile devices — attacking data repositories both on devices and in the cloud. ‘Dronejacking’ has become a growing threat with a noticeable increase in attacks due to consumer drones shipping with weak protection mechanisms. While not necessarily a new or emerging threats, the pervasive insecurity of IoT devices is fueling the perpetual threat of DDoS attacks, especially against ISPs with unsecured services such as DNS and BGP. All of these threat areas should be of concern to Caribbean organizations and individuals due to increased use of Internet-enabled devices at home and in the workplace.

ICTP:  At the CARICOM/regional level, there has been a growing awareness of cybercrime and cybersecurity, and calls by leaders for something be done. In your opinion, has there been any improvement in the cybersecurity-associated resources or support structures in Barbados, and/or perhaps regionally? What might still be missing?

NH:  I think the challenges with regards to cybercrime and cybersecurity are pretty constant across the Caribbean region — so I won’t just focus on Barbados. While I think that awareness is increasing, I am deeply concerned that the response to these issues across CARICOM and the broader region is (still) severely lacking. For one, the vast majority of the countries in the Caribbean do not have a national cyber crime strategy. This includes legislative reform (e.g. computer misuse, data protection, privacy, e-commerce, etc.), incident response capabilities, threat intelligence sharing, cybersecurity education & training, and other important elements. The HIPCAR project to harmonize regional cyber legislation ended around 2012, and most countries have still not updated their national laws. That being said, this may actually be an opportunity as the final outputs from the project were largely inadequate, and regional leaders should now be looking towards options like signing on to the Budapest Convention and/or modeling new data protection laws on the EU’s General Data Protection Regulations (GDPR).

ICTP:  Does it even make sense for small companies to send their network administrators to security training courses when security is not their full-time job, and given the pace at which the security landscape is changing? Or should such companies just accept the fact that they need to outsource this function?

NH:  This is a very good question. A network administrator is employed to oversee the smooth and effective running of the company’s system environment. However, this individual cannot successfully meet the demands of their job if the environment is not adequately secured. Hence, in my opinion, a top-tier network administrator should be trained on security to properly round off his/her capabilities and deliver real value to the organization. However, the tricky aspect is that small businesses generally can’t afford to hire network administrators with such a diverse skill set or to finance security-related training, so outsourcing then becomes the only viable alternative. But then outsourcing of such a sensitive role may not be cost-effective and bring with it an entire new set of risks. It’s somewhat of a Catch 22.

ICTP:  Do you agree that user naiveté is the number one security threat facing organisations? If not, what do you think is the most significant threat?

NH:  I strongly contend that end users remain one of the biggest threats to online security due to their lack of awareness, poor judgement and carelessness with password management, sharing devices with others, accessing unprotected and open public networks, downloading files and apps from untrusted sources, visiting unknown websites and clicking on fraudulent links. However… An increasingly connected society, coupled with a highly complex and constantly evolving threat environment, makes it extremely difficult for an inexperienced end user not to be the weakest link in the chain of trust. This is why end user awareness and training programs are so critical in combating cyber threats.

ICTP:  Should any organisation still be using tapes for data backup purposes?

NH:  I totally understand why this question would be asked, especially given the widespread availability and popularity of alternatives like cloud backups, disk-to-disk backups, low-cost NAS backups, and others. However, I still think that tape backups should be used for a number of reasons. Firstly, newer LTO technologies are allowing for higher capacity, greater transfer rates, and lower total cost of ownership — SMEs generally can’t afford the large Internet pipes or expensive hardware/software required to support cloud and disk-to-disk backups. Tapes also have better reliability (error-rate) and longevity than disks. Additionally, tapes are highly portable with regards to moving them offsite to support disaster recovery. Tapes can also be combined with disk-to-disk or cloud backups to increase the robustness of disaster recover solutions (e.g. when Internet connectivity is unavailable or data center locations are inaccessible due to a major incidents). Other areas where tapes are superior to disks are scalability and backward compatibility.

ICTP:  And finally, what are the top three (3) things businesses should be doing this year to improve their network/IT security?

NH:  An important undertaking for organizations in 2017 should be to hire someone who has a strong skill set in the area of risk evaluation and management — an expert who can take a holistic look at the business to identify and qualify/quantify risk exposures and impacts, decide which risks can be accepted, and develop mitigating actions for those that can’t.

Secondly, businesses need to implement a toolset that provides them with greater visibility into security events and information throughout their IT environment. This should include logs and events from firewalls, intrusion detection/prevention systems, endpoint security, operating systems, network devices, databases, file integrity checkers, and data loss prevention or digital rights management solutions. IT personnel need to be able to identify anomalies across the organization, and proactively address intrusions before they occur or effectively detect and respond to those that have already happened.

Thirdly, businesses should rationalize and implement a cloud strategy (if they haven’t done so already). Cloud-based solutions provide a more affordable solution to traditional on-premise systems. And while they have their own distinct set of associated risks, cloud-based services have become increasingly more secure and reliable over the last couple of years. To ensure that they are well protected when migrating to cloud services, business must focus concerted attention on the service level requirements which their cloud partners must adhere to. Key areas such as jurisdiction, data ownership, security standards, availability, performance, data portability, right to audit, exit clauses, change management and problem management should not be neglected. A robust service level agreement (SLA) is pretty much an insurance policy when entering into a cloud services partnership.

Do you have any questions for Niel, or views you would like to share? Please leave them in the Comments section below. 

Image credits:  Blogtrepreneur (flickr), Niel Harper 

_________________

The terms, ‘analytics’ and ‘data analytics’ are not just buzzwords in today’s business environment, Analytics is a field for which there is great demand for skilled labour, but limited supply. Moreover, that demand is projected to grow well into the future, and it is unclear whether the labour supply will ever meet demand.

It is therefore likely, that increasingly, organisations will require a large portion of their employees to possess some knowledge or skill in data analytics. Those skills would not need to be as extensive as those of a specialist, but at the very least, some familiarity would be expected.

Below we suggest a few ways to improve your data analysis competence, which do not require you to be a versed in using any specific applications, but are critical and can be applied in a variety of situations.

1.  Be clear about the desired output and outcome

As obvious as this point might be, all too frequently, the desired outcome of a particular analytics exercise is not clearly defined or expressed, and consequently, the outputs may not facilitate those outcomes. Typically, analysis exercises are considered holistically, and the required steps are mapped out – with the end in mind. Further, data can be processed to address a broad range of situations or problems. It is thus crucial for any team to be clear and agree upon the desired outcomes – which may not be as easy as it seems – as everything else will flow from there.

2.  Ensure the needed data is being collected

For uninitiated, and even among those who you hope would know better, there is an assumption that for any question asked, the data is readily available to provide the desired answers. That is not the case. Systems must be put in place first, to collect or generate that data.

For example, regular surveys might need to be conducted, which requires survey instruments, such as a questionnaire, to be prepared and then administered. Thereafter, there is the likely challenge of securing an adequate number of valid responses, and ensuring that the data received is in a format that allows for easy manipulation and processing. Essentially, data collection can be a tedious and time consuming process, when cannot be implemented ‘now for now’. Hence, it is always advisable to ensure that from the outset, the needed data is being collected.

3.  Understand what is possible with the data collected/available

Although meticulous plans may have been made, inevitably, something comes out of left field that an already established analysis exercise might need to accommodate, such as a request from a senior executive, for which the data already collected could be used. In that regard, some thought should be given to the ways in which the data that is being collected can be used, and correspondingly, in what ways it might be inadequate for certain needs.

Further, it is important to emphasise that the results generated from data collected, and the analysis made, is not infallible. Hence, there ought to be some appreciation of the margin of error, and the extent to which the results can be relied upon. Such considerations are even more critical when when proxy or third-party data is being used to approximate your organisation’s field or situation.

4.  Learn the basics of a few software applications

Finally, in order to deepen the types of discussions you can have within your organisation, along with improving your own understanding of data analytics, it would be beneficial to learn, at the very least, the rudiments of at least one software application. The application selected may one used by your organisation,, such as Tableau, Pentaho, Google Analytics Premium, and  Wave Analytics, to name a few, and so directly relevant. Alternatively, you may wish to start with something like Microsoft Excel, which most of us are familiar with, and is widely used in the corporate world, but is woefully under-utilised, based on the features and capabilities it actually possesses.

Final thoughts…

In summary, the above tips are geared towards the non-technical employee, who needs to participate in data analysis discussions, understand what is going on, and ultimately, many need to be in a position to ask the right questions. Although the field can be quite intimidating. It is still possible, and even necessary, that members of the team can offer a pragmatic perspective: to ensure that the analysis produced satisfied the actual needs of the organisation, and is sufficiently authoritative to support decision making.

Image credit:  NEC Corporation of America (flickr)

________________

The Internet is widely recognised as being a catalyst for economic growth and development, and Caribbean countries have been eager to embrace this platform to achieve those goals. Although many of our countries have implemented a broad range of telecoms and ICT-related policies and initiatives, to a considerable degree, there is still a sense that individual countries, and the region as a whole, have not yet reached the ‘tipping point’ as it relates to the internet, and by extension, realising digital societies.

In a new report, Unleashing the Internet in the Caribbean: Removing Barriers to Connectivity and Stimulating Better Access in the Region, commissioned by the Internet Society, and launched last week, the state of the Internet in the Caribbean was examined. The report also highlights the main challenges being experienced in unleashing the Internet in the region, and recommendations are included on how to better manage those challenges and capitalise on the opportunities.

The report is chock full with data, drawn from a broad range of sources, and reflects what was publicly available mid-2016. Regular readers of our Snapshot series, the information on Internet penetration, Internet affordability, along with upload and download speeds for select Caribbean countries; however, in this report offers more holistic view of the state of the Internet in the Caribbean, which cannot be captured in a 750 or 1000-word article.

According to Kathy Brown, President & CEO of the Internet Society, Caribbean countries have been positioning themselves to to harness the Internet, but more is still needed:

The Caribbean has done much to increase Internet penetration in the past few years. Every country in the region, including the 11 selected for this research, is connected to the global Internet network via submarine cable systems. This is great news. However, governments have been largely more reactive than proactive in nurturing the development of the Internet to meet their countries’ needs. Among the things that governments can do is provide investment incentives to improve coverage…

…It’s important for Caribbean societies to not only use the Internet for entertainment and consumption of content, but also as a tool to improve efficiencies, optimize processes, and drive innovation…

(Source:  Internet Society)

It is also important to emphasise that this report focusses on the Caribbean islands and Caribbean Community (CARICOM) member states. It is not a report on Latin America and the Caribbean, with a few of the larger Caribbean islands included. It is a document for, and on, the region. Hence it is hoped that it will be read and discussed by all stakeholders.

Finally, and on a personal note, I – through ICT Pulse’s parent company, ICT Pulse Consulting Limited – am one of the authors of the report. As anyone who has prepared any major report can appreciate, it requires the cooperation of no only the authors, but also the stakeholders who were approached and who shared their insights and experience. This report is a demonstration of all of our collective efforts to truly help the region to more fully utilise the Internet, and all of the benefit it offers.

Image credit:  al (flickr); Internet Society

_________________________

In the two years since we last examined this topic, there has been growing demand for software developers. According to the United States Bureau of Labour, software development jobs has been and will continue to be the fastest growing segment of all occupations. However, due to the fact that everything around us is becoming digital, increasingly, the Average Joe also needs to have some basic coding knowledge, if only to improve their marketability, job-wise.

To be clear: there are scores of programming languages out there. Some that are highly specific to certain purposes; others that can be used more broadly. Depending on your field, it may be prudent to identify those that could further your development in that field, whilst also bearing in mind having a general knowledge of programming is becoming increasingly important.

What are the programming languages that are in demand?

As highlighted in Exhibit 1, the Java, JavaScript, and the C family (C, C++, C#, Objective–C) dominate the top 10 most popular, or most in demand programming languages for 2016/2017. To considerable degree, these languages are the bedrock of a lot of the software applications that we take for granted, which is also why year on year, developers which those skills continue to be in demand. Having said this, they can be some of the most challenging to master, which has resulted in newer languages that are simpler to learn, gaining a foothold and offering a more attractive alternative.

Exhibit 1: Top programing languages for 2017 (Sources: Tiobe, IEEE, Stack Overflow, PYPL Index)

It is also worth noting that in addition to what we term here ‘generic programmes’ – those that can be used for a broad range of purposes and applications, the list also includes some specialised languages. The growing popularity of those languages tends to corroborate other trends that have emerged over the past few years, and may continue to gain prominence in the years to come:

• R. Although R has been around for around 20 years, it was used by those who manipulated data, such as statisticians. However, in the context of big data and data analytics, R has come into its stride, and to some degree has eclipsed other heavyweight and longstanding tools, such as Matlab and SAS, based on ease of use.
• Go,  Created by Google, Go is a free and open source programming language, which was developed as an alternative to C. Off the bat, and when compared with C, Go is simple, fast and friendly. Further, several well known websites and companies, including CloudFlare, Dropbox, Google, Netflix, and SoundCloud, to name a few, are using Go, which augur well for its continued use into the future.
• Swift. Swift was created by Apple for use on its for iOS, macOS, watchOS, tvOS operating systems, and as an alternative to Objective-C. Swift is a more modern language when compared with Objective-C. It is thus easier to read and write, which especially beneficial when pages and pages of code must be reviewed. Further, with the continued popularity of Apple, generally, and its devices, there is likely demand for developers who are proficient in Swift.

Image credit:  Pexels

_______________

Yesterday, 7 February, the world commemorated Safer Internet Day (SID): to recognise the importance of being safe online, and to encourage us, users, to inculcate good practices as we use this increasingly essential platform. As noted in the press release issued for SID 2017, the main focus of SID initiatives is children and young people, who tend to be the most vulnerable to the negatives that can be experienced on the Internet, such as cyberbullying, cyberstalking, inappropriate material, and even hacking.

To a considerable degree and in order to be safe, users, and especially children, are encouraged to be more guarded in the amount of information they share – both consciously, for example,  in posts and updates on our social networks, and unconsciously, such as by permitting our networks to automatically include our location with our updates. Similar to the physical world, in which a broad range of dangers abound, the same exists in cyberspace, thus necessitating more prudent behaviour.

Having said this, it must be emphasised that the Internet as we know it today depends, to a considerable degree, on its users, being open – from the cookies we must accept on certain websites that in turn track our behaviour both on their site and as we surf online, to the social network ecosystem of which so many of us are a part. Moreover, all of this openness is driving the need for even more content and data, to inform both personal, and corporate, decisions, and to generate revenue in a variety of ways.

Thus, it should not be surprising that among children and youth, Internet use is not only high, but they are also exposed to both the positive and negative aspects of the medium. Recent research by UK Safer Internet Centre highlighted the following:

• The majority of children (84%) aged 8-17 have shared a photo online, with 1 in 6 doing so in the last hour
• 4 in 5 young people have been inspired by an online image or video to take positive action
• But more than 1 in 5 have been bullied with images or videos online and 70% have seen images and videos not suitable for their age

Further, there has been a growing concern among educators and child development specialists about the impact of those experiences on impressionable minds. The exposure to images – both positive and negative – is rife and to a considerable degree, is being reinforced by mainstream media.

Being of this world, but not of it

Hence, although we are acutely aware of many of the negatives associated with being online, for most of us, it might be near to impossible for us (and our children) to avoid the medium completely. It therefore means that a balance between being safe, whilst being able to avail ourselves of the benefits of the Internet, must be struck.

Many of us are aware of the practices we, as adults, should adopt, and those we, as carers of children, should be implementing. However, we must also recognise that the Internet fosters a false sense of security: that discussions are private; that everyone you interact with is your friend; that all connections are secure; etc. In that regard, a healthy degree of skepticism and caution is advised in order to balance our safety online, with the ability to be able to do all that we need to do whilst there.

Image credit:  photostock (FreeDigitalPhotos.net)

__________________

Last week, regional examining body, the Caribbean Examination Council (CXC) launched electronic (e-) testing of its multiple choice paper for the January Caribbean Secondary Education Certificate (CSEC) examination sitting. The trial comprised 500 candidate in seven countries – Anguilla, Cayman Islands, Dominica, Grenada, Jamaica, Montserrat and Saint Lucia – and was available for 12 subjects.

Most Caribbean residents would be aware that CXC administers its CSEC examination twice per year:  in January and May/June. The January sitting is considerably smaller than the June one, both in the number of subjects tested and the number of candidates. For example, the January 2017 examination sitting had 34,570 subject entries (Source: CXC), whilst the May/June 2016 sitting had 585,223 subject entries, from 132,824 candidates (Source: CXC). It thus provides a less risky set of circumstances in which to introduce and test a new system or feature, such as e-testing, and to iron any significant kinks before wider roll out to the May/June sitting, for example, could be considered.

Having said this, the fact that CXC is finally beginning to introduce e-testing opens up a broad range of issues, opportunities and challenges. We outline a few below.

Bandwidth at examination centres

First, in order to ensure proper examining conditions are maintained, should e-testing be expanded to a larger number of candidates, or even the fully May/June sitting, sufficient bandwidth must be available at the examination centres. Although an approach that could be considered is to have candidates’ answers stored on the device for the duration of a particular examination, eventually those responses would need to be centralised regionally with CXC, for example at the end of that examination.

Hence, consistent and equitable transmission – to minimise delays and failed connections, whilst seeking to ensure that candidates in one location are not disadvantaged when compared with others – is essential. Further, some minimum standard and quality may need not only to be established, but also guaranteed.

Availability of testing devices at examination centres

In order facilitate e-testing, a computing device must be used. Although many candidates across the region may have their own personal computing device, such as a smartphone, tablet computer, or even a laptop, to minimise cheating, and again to foster fair and consistent examining conditions, it would be advisable for the computing device to be provided to the candidate. CXC or the individual countries, through their Ministry of Education, would procure the devices, which would be assigned to each candidate at a particular examination, and returned at the end of the session.

Although a broad range of computing devices are available, at a variety of price points, the number a country would need for all of its candidates is likely to make such an acquisition prohibitive. Although it might be possible to use the devices that have already been supplied, for example as part of laptop and tablet in school programmes, they may need to be checked and tested before examining period commences to ensure they are in proper working order, and can maintain the needed integrity for use in an examination.

Potential for remote testing

In launching e-testing, essentially, CXC can more efficiently administer examinations remotely. Although it might still be too early to know the extent to which that potential will be embraced, as it is vital to proceed with caution, it may eventually be possible that candidates will not have to travel to an examination centre to sit an series of examinations, but rather do so at properly equipped centre in their community, or even at home.

Currently, such a vision is several years away. A number of issues would need to be addressed in order to maintain fairness and equity during the examination process, and to have trustworthy and accepted results.  

Potential for remote marking

Wider implementation of e-testing, could lead not only to digital marking of the candidates’ papers, such in the case of multiple choice examination papers, but also remote marking of other papers. Currently, the candidates’ papers and the examination markers are flown key centres across the region, such as Barbados, Guyana, Jamaica and Trinidad and Tobago, and in marathon sessions lasting between one and four weeks, all of the papers – from the 35 subjects tested at the CSEC level, from 16 Caribbean countries –  are marked and graded.  

In addition to being stressful on the markers, who comprise active and retired teachers, the marking exercise is expensive to manage and execute. Being able to evaluate the candidate’s papers remotely, could may be more cost-effective to CXC, which would be passed on the the candidates, in terms of the examination fees that must be paid. However, it could also open up new and different approaches that could lessen the stress of this high volume exercise.

Summary

A indicated earlier, the launch of e-testing is still very early. The challenges that so far have emerged in this January CSEC sitting have not been shared, and could ultimately thwart broader implementation. However, should CXC wish to adopt e-testing more fully across its examinations, there will be several logistic and administrative challenges that would need to be addressed. Hence we are unlikely to see it as a permanently offered in the short term.

Image credit:  Alberto G. (flickr)

___________________________

Although we might now take it for granted, without a doubt, the retail industry has irrevocably changed, thanks to customers now having the ability to share their views online, and thus being able to reach a wider audience. The act of an individual purchasing a product or service and ether raving or panning a particular purchasing experience, or the actual product (or service), to family or friends, is by no means new. However, such what has changed over the past 15 to 20 years, is the fact that the Internet has a provided a platform for those views to be shared, potentially, with a global audience. Further, with the advent of social media over the past decade, means those experiences can be communicated almost instantaneously to virtually all of the members of an individual’s social network.

Online reviews have not only affected how we, as consumers, shop for goods and services, but also the attitude of the businesses themselves – both globally, and in the Caribbean. Below we outline three ways in which online reviews have changed the retail and services industries.

Customers are becoming more discerning

Increasingly, the days when an individual would take a chance and purchase a specific product or service, or select a vendor or service provider, are becoming fewer – even here in the Caribbean. Although we might be purchasing something locally, we do not hesitate to go online and do our research. According to a 2014 study,

Eighty-one percent of shoppers conduct online research before they make a purchase. Sixty percent begin by using a search engine to find the products they want, and 61 percent will read product reviews before making any purchase.

(Source:  Social Times)

However, it is useful to note that we are not just using the Internet to determine whether the product or service we might be interested in buying works as we would like, and what others’ experiences have been. Frequently, we are also comparison shopping: for example, where might be the best place to make the purchase, and at what price, based on the experience of others.

Customers are more empowered (to not take crap!)

Following from the previous point, and thanks to all the research that is usually done before an individual steps inside a brick-and-mortar business, or puts an item in his/her online shopping basket, the individual might not be as susceptible to the sales pitches, and up-selling that many firms encourage in order to improve their bottom lines. Now, the customer can be very targeted when engaging the organisation, with greater knowledge and clarity about what they want (or need), along with what they should expect, and how much they should be prepared to pay.

Businesses have become more mindful of their service

With the power that online reviews now have, organisations are beginning to fully appreciate the power of their customers, and the importance of maintaining their reputation and their brand, through the quality of the service they provide. In the case of manufacturers, maintaining the quality of their products is becoming paramount. Ultimately, businesses are recognising that they must become more responsive to their customers – especially when something has gone terribly wrong.

The experience last year with Samsung and its Galaxy Note 7 is a good example of the great lengths firms are prepared to go to, to remedy a situation. In Samsung’s case, it eventually abandoned the device altogether and provided alternatives for its customers when the problem was not permanently rectified, and its brand might have become severely damaged.

Finals thoughts

In summary, consumers have all welcomed the opportunity to learn from the experience of others, in order to increase the chances they will be happy with the decisions they have made. On the flip side, organisations, including those in the Caribbean, are learning that customer opinion/recommendations can make or break their business. Some experts are of the view that we are yet to witness the full impact of online reviews,  but so far, there has been some rebalance of power, in favour of customers, when engaging organisations, or when they are ready to purchase goods and services.

Image credit:  Tristan Schmurr (flickr)

__________________

Ultra personalisation in the delivery of goods and services is a long predicted trend that has been coming to fruition. Today, we may take it for granted with respect to, for example, product or movie recommendations made to us by Amazon or Netflix, or the posts that are included in our news feeds on social media.

Although it can sometimes be a bit unnerving when the recommendations are made – which also point to how much our movements online are being tracked – frequently, they are appreciated, as they can help us to quickly isolate what we might be looking for out of the deluge of information and options that exist. To businesses, a number of benefits, including the following, can be realised – if they are able personalise the engagement with their customers,

• Greater understanding of individual customers.  Without a doubt, being able to offer truly useful suggestions to one’s customers, or allowing the engagement platform to be adjusted to suit a user’s need, demonstrates that a business wants to understand its customers. Organisations are able to discern not only what drives them, but may also be able to predict future needs, based on, among other things, their profile, online movements and behaviour, along with past purchases.
• Building and nurturing those relationships. A natural follow-on from the previous point is better engagement between a business and its customers, which provides a favorable foundation upon which to build a relationship with one’s customers over the longer term.
• Easier sales and conversions. In being able to provide useful recommendations and advice, can build trust between a business and its customers. Through that trust, customers may be more likely to follow the recommendations made, which can lead to quicker sales and shorter conversion cycles
• Improved customer experience and greater retention. Finally, a desired consequence of all of the previous points are that customers are retained, thus lowering the acquisition cost to the business. Further, in having a great experience when engaging the business, augurs well for that relationship to continue.

Though digital personalisation can be mutually beneficial to both a business and its customers, it is not easy to implement. Collecting sufficient data and implementing the requisite analytics are essential. However, they can be costly to realise, as there are infrastructure technology and expertise that would need to be acquired and maintained. Unfortunately, such initiatives tend to be most viable among large corporates, but MSMEs (Micro, Small, and Medium Enterprises) may actually be the ones to truly benefit. However, they are likely not to have the funds, nor the wherewithal, to develop and manage a comprehensive digital personalisation platform.

Having said this, there are still things that MSMEs can do to improve their relationships with their customers. They may not be completely automated, but technology can be used to facilitate engagement and to gain a better understanding of customers’ needs, and behaviour. Developing those features and capabilities will become even more critical, as they may eventually become a way to distinguish so-so businesses from the gold star ones.\

Image credit:  Timur Saglambilek (Pexels)

——————————

Yesterday, 22 November 2016, the International Telecommunications Union (ITU) published its Measuring the Information Society Report 2016 in which it highlights key ICT developments worldwide and tracks pricing and affordability of ICT services.  The report also includes the results of the organisation’s review of ICT development globally, through its ICT Development Index. In this post, we highlight how well the Caribbean/CARICOM countries included in the exercise performed, and briefly compare those results with those presented and discussed last year.

Methodology

The ICT Development Index (IDI) comprises a variety of indicators that monitor and compare ICT development across the countries being assessed. According to the ITU, the IDI’s main objectives are to measure:

• the level and evolution over time of ICT developments in countries and relative to other countries;
• progress in ICT development in both developed and developing countries: the index should be global and reflect changes taking place in countries at different levels of ICT development;
• the digital divide, i.e. differences between countries with different levels of ICT development;
• the development potential of ICTs or the extent to which countries can make use of ICTs to enhance growth and development, based on available capabilities and skills.

(Source: ITU)

The IDI comprises 11 indicators organised under three pillars: ICT access; ICT use; and ICT skills, as shown in Figure 1.  The indicators and weightings have remained unchanged over the past two years.

Figure 1: IDI indicators and weightings for 2016 exercise (Source: ITU)

Using the weightings shown for the sub-indices, the resulting IDI can have a maximum score of 10. In the latest IDI exercise, 175 economies worldwide were examined, including 15 Caribbean/CARICOM countries.

The Caribbean’s IDI results

The following Caribbean countries were included in the 2016 IDI review: Antigua and Barbuda; the Bahamas, Barbados; Belize; Cuba; Dominica; Dominican Republic; Grenada; Guyana; Jamaica; Saint Kitts and Nevis; Saint Lucia; St. Vincent & the Grenadines; Suriname; and Trinidad anf Tobago. Their 2016 IDI ranking and scores are shown in Table 1.

Table 1: 2016 IDI country rankings and scores for the top 10 economies, plus select Caribbean countries (Source: ITU)

Generally, the IDI scores for all Caribbean countries improved from last year, but was not necessarily reflected in their ranking among all the countries assessed. For example, countries that slipped in the ranking though they had considerably better IDI scores were:

• The Bahamas, which scored 5.80 and was ranked 63^rd in 2015, but scored 5.98 in 2016, but slipped one place to 64^th
• Suriname, which scored 4.89 and was ranked 83^rd in 2015, but scored 5.09 in 2016, but slipped one place to 84^th, and
• Saint Lucia, which scored 4.68 and was ranked 87^th in 2015, but scored 4.85 in 2016, but slipped one place to 94^th.

Although the IDI summarises an individual country’s performance, greater insight can be obtained from the sub-indices scores, which are combined to create the final result. Figure 2 shows the sub-indices scores for the Caribbean countries.

Figure 2: IDI sub-indices scores for select Caribbean countries as of 2015 (Source: ITU)

As reflected by the overall IDI scores and rankings, Saint Kitts and Nevis, followed by  Barbados and the Bahamas, generally performed the best across all three sub-indices (access, use and skills). The most notable exception continues to be Cuba, which overall had an IDI score of 2.73 and was ranked 135th out of 175 countries, but continues to score highly under the ICT skills sub-index, 7.25, and was fourth behind Barbados (7.69), Saint Kitts and Nevis (7.55) and the Bahamas (7.43).

Across the Caribbean group, and similar to previous years, the countries continue to perform relatively well under the ICT access and skills sub-indices, which indicate that the region has a reasonably good handle on matters related to telecoms access/infrastructure and education. However, they are still challenged with regard to improving ICT readiness, based on the actual take-up (of both wired and wireless broadband subscriptions densities) and use of Internet.

In summary, and we approach the end of 2016, the IDI result suggest that as individual countries and a region, the Caribbean still has not established the requisite systems, nor have they implemented adequate initiatives, that promote better use of technology by their citizens.  It is emphasised that IDI scores not only reflect that the region is still lagging behind in relation to ICT development, it also suggests that they are still not positioning themselves for the possibilities and opportunities those technologies offer.

Image credits:  Philip Dehm (flickr)

_______________

t an event held in Montego Bay, Jamaica, last week, head of the Jamaica Constabulary Force’s Communication Forensic and Cybercrime Unit, Inspector Warren Williams, called for cyber-defamation to be made a criminal offence. Though most of us may have a sense of what defamation is – spoken or written acts that seek to damage an individual’s good reputation, but are proven false – we may not readily think of it in term of the Internet and people’s online behaviour.  However Inspector Williams noted that “that there has been ‘a rapid increase’ in cyber-defamation locally” (Source: The Gleaner).

Currently, and in most jurisdictions, defamation is a civil matter. Neither the police nor the public prosecutions office gets involved, but Inspector Williams is arguing that it should become a criminal matter. Here we share a few thoughts on the subject.

More laxed attitude and behaviour online

Over the years, it can be readily observed that communication online, especially written communication, such as via text messages, and on Twitter, Instagram and Facebook, has become very relaxed.  Too often, and for example, some public figure tweets or posts what might be considered an inappropriate comment, and soon thereafter either tries to delete it or ends up issuing an apology. Whilst it can be argued that perhaps thanks to the immediacy of the Internet, and people feeling considerably freer to share things among their ‘friends’ and followers, on the flipside, personal censorship, or giving more thought to what is expressed, appears to also have decreased.  

Further, the Internet, and social networks in particular, has fostering a sense of ‘false intimacy’. Increasingly, people are prepared to say and share things that they would never do in person, but they feel very comfortable doing so via the Internet. Accordingly, it is changing how we engage online, and arguably, the behaviour that is considered appropriate.

Anonymity online

Currently, many of us who are members of social networks might just be passing acquaintances with many of the people who are part our groups. In other instances, we have no relationship whatsoever with some of those ‘friends’ and followers; the connections might be more of a strategic nature. Further, although the platform may have true and accurate information on its subscribers, many people use aliases, obscure their faces, use avatars, or otherwise do not reveal their real identities online, which in turn fosters anonymity.

Whilst some of that behaviour might be seemingly innocent, there are also trolls among us. Trolls tend  hide behind anonymity and make deliberately offensive or provocative online postings. Sadly, it may be almost next to impossible to determine who they are, and to seek to prosecute them on the grounds of defamation.

Overburdening of the already burdened system

Finally, and without a doubt, Inspector Williams has most likely witnessed the destructive nature of cyber-defamation, and the ease and effectiveness with which one individual can malign someone else thanks to the Internet. However, in making defamation a crime, the burden would be on the police and the public prosecutions office to make the case.

In most Caribbean countries, we struggling under a serious backlog of court cases – from minor traffic and statutory offences, through to major crimes, that have yet to be concluded. Should defamation be made a crime, the floodgates of allegations that the police would need to investigate is likely to demand considerably more resources than they currently possess, thus emphasising the need for governments to increase their support to the police and the courts overall.

Image credit:  FreeDigitalPhotos.net

________________