Singularity University

Space Entrepreneur

Share Button

Interview with Emeline Paat-Dahlstrom.

Emeline Paat-Dahlstrom

Elena Ornig:

What are you passionate about?

Emeline Paat-Dahlstrom:

All my life I’ve always been very passionate about bold endeavours or bold ideas. Anything that has not been done before lights me up – because it’s a challenge. And anything that has not been done before, I feel very inspired to work on. And so for me, my passion has always been to go up into space. I have this very vivid vision of looking at the Earth, from space and seeing Earth as a whole. As opposed to us thinking of nation-states and borders. And this is very similar, I think, to all of the astronauts who have gone up into space. Every time that they go, they have this very peaceful vision of the Earth – as one. It’s our Planet. You become a global citizen as opposed to feeling that you’re an American or you’re from Russia. When you’re up there, you just take ownership of the fact that it’s Planet Earth and it’s ours and we need to make sure that it’s going to last for a long time. Because of that, we take ownership of what we would be doing with it in the future.

With Singularity University (SU), the main mission of the organization  is to make sure that we leverage the technology that we have right now, to solve all of these global issues. Our main vision is to have a global community that will be working towards an abundant future – in contrast to these dystopian futures that most of the movies right now are showing people. We think that with the technology that we have today, and because those technologies are growing exponentially, it means that at a certain time in the future we could potentially create an abundant future for humanity.

Elena Ornig:

How are private ventures unlocking space for everyone since your book “Realizing Tomorrow” was published?

Emeline Paat-Dahlstrom Chief Impact Officer

Emeline Paat-Dahlstrom:

I wrote the book four years ago when the beginning of the movement for private space flight was happening.  Actually this year is the tenth anniversary of Spaceship One, when the X-Prize was won by Burt Rutan. At that time, it was a really amazing event, because at that time, nobody – beyond governments – had gone to space.  Then you have this very small company that used to design planes with a bunch of twenty to thirty very young engineers and with seed money of approximately $20 million – which is not really a lot – they developed a space plane and went up into space.  After two weeks, they launched again – proving it was repeatable. It was a demonstration that private companies can go to space and develop the industry that could do that.

There’s a movement, which we call DIY space (‘do-it-yourself’ space). There’s a lot of small, start-up companies. That are not waiting for big governments or big companies like Lockheed Martin or Boeing, that have the big money, to develop more technology or get us to the next phase. The Shuttle has been retired a few years ago and then there’s nothing else besides the Russians with the Soyuz, except SpaceX, which is a private company, run by Elon Musk.  The DIY movement is happening today. The founders of the Planet Labs company were former faculty members of Singularity University.  I think they raised at least $50 million to date.  They started out originally using cell phones as the main CPU that would power a small satellite.   And of course they have the new developments in design now but because of that and because they were using off-the-shelf technology, they have already launched their first satellites.  Just a few weeks ago, they’ve launched 28 more and now they have 71 successful launches.  They now have the biggest constellation of remote sensing satellites. This is amazing because the next company that has almost this number of satellites is Iridium – which is this huge mega company that has spent billions of dollars, putting big satellites up into space.  Now you have this very small company Planet Labs that has beaten them in the number of satellites.  This is only within one year of their start-up launch, and that’s only one example!

We have another company called Made In Space.  Made In Space was a team project from one of our programs here at Singularity University. Their main goal is to develop a 3D printer that would work in Space.  And the reason why, is so that if you go to the ISS and something breaks down – any component, even very small things – normally you would have to wait for another launch, for that component to be replaced and be fixed. But if you actually bring your own 3D printer to the International Space Station, you’d be able to print whatever you need. So this month, Made In Space is sending the first 3D printer to the International Space Station. This is a very small start-up company that just started with us – we were incubating them and now they’ve moved out.  They have their own building, inside the NASA Park; they were invited to the White House a few weeks ago.  It’s a great triumph for us because these are our students that came from our own programs.

There are several others, like DIYRockets, exploring 3D printed rockets. They have prototypes, and hopefully in the future, when you can 3D print big rockets – you can lower the cost of space exploration. That would also disrupt the industry.  In the past, you would have these very complicated, complex rockets being developed somewhere else, then they get assembled somewhere else, then they get shipped to either Kennedy Space Centre or some other NASA centre and now they’re just 3D printing them all in one place. Another example is Infinity Aerospace, which has come from our program as well.  An offshoot of it is ArduLab - which is like a lab in a box.  Which means, in the past, when you wanted to do experiments in Space, you had to send it through the Space Shuttle or we used to have these big laboratories in space, like Skylab, but now ordinary people, for a few thousand dollars, can send their experiments into Space through Ardulab – its literally like a box that piggy-backs on some of the launches that are happening right now with other components that are being launched up into space.

Elena Ornig:

How many different responsibilities do you have at Singularity University?

Singularity University Students & Faculty

The students and faculty of the inaugural Singularity University summer graduate studies program in 2009. (credit: Dave Lauridsen)

Emeline Paat-Dahlstrom:

I actually wear many hats at Singularity University.  One of them is overseeing the operations of the different programs at SU.  In the past I’ve been concentrating more on program development and curriculum, so I still play a big role on the academic side.  Then there’s the space side as well, where I’m acting as track lead.  This summer for the Graduate Studies Program (GSP), space is one of the academic tracks out of the twelve tracks that we have (AI and Robotics, Medicine, Energy, etc.). I am helping to coordinate the curriculum for the Space track.

In addition I have my Chief Impact Officer hat. One of the things that happened in the history of Singularity University is that, originally we were a non-profit organization with a very big social mission. But then we thought that it would be very hard for us to scale if we remained non-profit. We transitioned about two years ago into a benefit corporation. A benefit corporation is a for-profit entity in the US.  Unlike a non-profit, there are no tax exemptions, but because we are a benefit corporation, we stay true to the mission.  We are not just liable to our board for making sure that we’re profitable, but at the same time we are required, as a benefit corporation, to make sure that every year we work towards the mission of the organization. The mission of Singularity University is educating and empowering leaders of the world to use exponential technology to address global challenges. For me, as an Impact Officer, I need to make sure that all of the programs that we develop, operate, and execute, always support the mission of the organization.

We have debuted many new programs beyond the educational programs that we have right now.  The main flagship is the GSP program. That’s why I was on the Gold Coast for the Global Impact Competition and the GSP scholarship – which was won by Susan Graham.  Susan participated in GSP here, at our NASA Research Park campus. I was hearing her pitch today.  And then, of course, there’s the second person, Lorenn Ruster, who was one of the five runners up during the GIC, also managed to get a scholarship and she’s here at the GSP.  It’s great, there are two people from the Gold Coast that are here working on the programme. We also have executive programs, conferences and we have the SU labs. The projects that potentially become start-ups that come from the programme, we incubate them in SU labs at our headquarters.  We have about 20 to 30 companies right now that have come from the Graduate Studies program. Most of them are here at NASA, but some of them are in other countries.  Even the companies that we’re mentoring need to have the three components, to be able to be an SU company.  They need to use exponential technology, to scale or have the capacity to scale and they have to be solving a global grand challenge.  So we don’t just bring in start-up companies that are big on either making money or doing an app – they have to have all of those three components, which is part of the mission of the organization.

The other program that we recently debuted is the Corporate Innovation Exchange, involving Fortune 500 companies.  It’s often hard for them to think out of the box, because they’re huge, it’s harder to move, they’re more bureaucratic – they can’t innovate.  So, we started this membership program where the big corporate organizations also have the small offices that are intermingled with the start-up companies.  We have Coke, Lowes, Hershey’s, UNICEF and Deloitte, who are cohabiting in our start-up space. Because of their contact with SU labs companies, they’re creating partnerships.  They’re creating deals with the small start-up companies – which is actually a great environment to be in.  It was something that we were pleasantly surprised was actually happening pretty fast. We are also looking for impact partners. The impact partnerships we’re looking for are like-minded organizations that have a similar mission as Singularity University. We are hoping that we could either learn from each other or use each other’s resources to solve global issues.

For example, UNICEF is our founding impact partner and for us, it’s a great collaboration because they need potential solutions to a lot of on-the-ground, in-the-field problems.  Their strength is that they’re in hundreds of countries around the world. They’re building innovation labs in different countries.  They have on-the-ground knowledge of the problems. This helps us. I see Silicon Valley as though ‘we’re in a bubble’ – where there’s so much great technology, there’s so much potential, there are a lot of entrepreneurs here in the Valley – that could potentially solve a lot of issues and problems around the world, but we have no idea of what these problems are.  We don’t know if whatever ‘solution’ we create here, is going to work in, say, Burundi or Uganda, unless we have partners who are already on the ground and who know what those specific requirements are.  For us, the UNICEF/SU partnership is really a great one to have.  UNICEF was the first one. Another partner is the Field Innovation Team (FIT), which innovates in the disaster space, in real time.

Elena Ornig:

I assume that with a lot of things going on at Singularity University it would be very hard for you to find some time for visiting the Gold Coast again. However, I hope you will.

Emeline Paat Dahlstrom Exec VP, Operations

 

Emeline Paat-Dahlstrom:

I would love to come back again.  I know that when I came to the Gold Coast, there was interest in doing a Global Summit.  Last year, we started with this, we did a Global Summit in Hungary and we did one in Buenos Aires as well.  What I mean by ‘Global Summit’ – it’s more like a conference for one or two days – where the local hosts would invite everybody, either in the city or the leadership in the Government, the leadership in the local or state-wide system, entrepreneurs, anybody who’s interested in learning about exponential technology.

Dr. Clarence Tan and I went to visit the Mayor’s office, and Glenn Tozer, the Council members of the City of Gold Coast was in Silicon Valley in June.  We’re really excited to see if we can bring Singularity University to the Gold Coast, in the form of a Global Summit next year. The people who we’ve been talking to are pretty excited to do that as well.  Basically, we need to make it happen.

 

 

Share Button

“We ought to unify!” – Michael Blumenstein

Share Button

Interview with Michael Blumenstein

Professor Michael Blumenstein

 

 

 

 

 

Elena Ornig:

Let’s assume that not everyone is familiar with exactly what IT Forum Gold Coast is all about. How would you summarise it for our readers?

Michael Blumenstein:

The major goal of the IT Forum is to grow the IT industry on the Gold Coast, making the IT sector the largest Hub compared to traditional areas in the local economy such as Tourism or Construction.   We believe that the IT sector has huge potential to become a mega contributor to the local economy. There are so many opportunities for Startups and for more mature businesses, ranging from small to medium sizes, right here on the Gold Coast. Our vision is to grow into the largest IT Hub in Australia. We have got the right ingredients right here, basically everything that can enable it to happen.  We just need to get the support of the current industry to grow the rest of the area together.

Elena Ornig:

How do you see the involvement of the local IT Industry?

Michael Blumenstein:

The IT industry can be involved in the number of ways.  The most obvious is to actively participate. To come to the IT Forum meetings or events and to see who is who in the IT industry on the Gold Coast and what is happening. We understand that the IT businesses are busy taking care of their everyday operations. However, the interesting thing is that when they come to our events and get involved in networking activities, they realise that there are so many opportunities for synergy, particularly now, when IT Forum works in very concrete terms. We are developing a business-matching tool that will allow local IT enterprises to show, nationally and internationally, their profile and highlight the most important details of what they do.  Concurrently, we are building this business- matching tool to make sure that the non-IT companies, who are looking for IT solutions and services, will be able to find these solutions among Gold Coast IT enterprises.  We are at the early stages of the implementation phase but even today, we are already in the position to offer registration through our membership system.  Eventually, this will work like this. Companies will have their presence online including their full business-profile and details of their services which will be exposed to non-IT industry companies who are looking for IT assistance in their everyday business. What will happen in reality is that IT companies and non-IT companies will communicate directly on one platform.  If a non-IT company needs a generic or customised IT solution, all they need to do is to look through the system and see which IT company could assist them by providing desirable IT services or an IT solution such as a software for example.

IT Forum Website Being in our system means being referenced by the IT Forum. If an IT company is listed on our website, in a sense, it means that this company is known; it is real. In addition we are creating an extended tool based on a rating system where everyone who used the services of a specific company can rate and review their experience with a specific IT company.  We are living in the world where everyone is now reviewed and rated. I believe that every business wants to do their best and I am sure that this fair system will be a great source of motivation for the IT companies to put their best foot forward.  Maybe not every company likes to be put under the microscope but now-a- days everyone is, anyway. We invite Gold Coast companies who do not mind to be open. We will promote only local, the Gold Coast IT companies on every level: local, state, national and international.  It means that other companies, from different industries globally will see only listed Gold Coast IT companies because the whole idea is about global exposure of the local IT Industry.

Elena Ornig:

At the last IT Forum AGM the strongest message of government support resulted in a very substantial grant to IT Forum.  The $ 125,000 grant was very welcomed by all members but what reassurances are there that the IT Forum Gold Coast will spend this wisely?

Michael Blumenstein:

The City of Gold Coast has been very generous in providing support for the IT Forum Gold Coast but with a specific set of KPI (Key Performance Indicators) outlining a specific outcome for us to deliver.  From a general point of view, we are putting measures in place to encourage growth of the local IT industry, growth of individual IT businesses and influence growth of employment in the City of the Gold Coast, specifically in the IT sector. We are very thankful for such support which means that the City of the Gold Coast has recognised the role of IT Forum and the associated groups such as Gold Coast TechSpace, Silicon Lakes and Silicon Beach Gold Coast.  All these groups are assisting and influencing growth of the IT sector. I already explained the business-matching tool that IT Forum is developing in order to promote growth of the IT industry which subsequently will influence growth of employment.  The IT Forum has created a subsidiary company called PICT (Productive ICT).  That company is responsible for being an alliance, a large entity, associated with IT Forum, to conduct bidding for local, state and federal government tenders; and beyond.  The idea is to make the Gold Coast IT industry a large Hub for small and medium IT businesses to bid for larger tenders or jobs. Our proposal is simple.  We want to use the pool of experts based on the membership we have to orchestrate the entire process of tendering; from writing, to quoting and submitting. This alliance structure will allow us to bid for work as a united group of companies.  The other great thing is that we will be seen as a reputable entity and not as individual companies which will give as the opportunity to work with larger companies from around the world as contractors or sub-contractors. To be part of such a large entity we encourage our members to not just register, come to the meeting and events but to also create some practical solutions that will help to grow the IT sector here, on the Gold Coast.

Elena Ornig:

Are we talking about measurable performances and measurable results?

Chairman of IT Forum Michael Blumenstein

Michael Blumenstein: ” Our vision is to grow into the largest IT Hub in Australia.”

Michael Blumenstein:

Absolutely, yes! This is so important for us that we are not sitting on the sideline. We want to be in the thick of it, right in the core of it in order to drive the substantial benefits to the IT industry on the Gold Coast. What is also important to us is that a part of what comes out of this alliance can be fed-back into the IT Forum.  IT Forum is the entity that will provide the support and it needs to become a sustainable association that can move forward without asking for grants.

Elena Ornig:

I think this is a brilliant concept. I believe it is attainable and realistic for the Gold Coast IT companies. However, these companies are business enterprises but what about non-for-profit IT groups and organisations? How do you see an IT Forum relationship with them?

Michael Blumenstein:

We want to be very collaborative. We have people on our committee who are part of non-for-profit IT organisations such as Gold Coast TechSpace, Silicon Lakes and Silicon Beach Gold Coast. We want to work with all the IT groups and organisations. We want to promote all local IT industry innovations and we have done it before, working with the Australian Computer Association Gold Coast Chapter. We are very interested in cooperation and collaboration with everyone from the local IT Industry. In fact, last year we had a joint Christmas Party where all local IT associations, organisations and groups came together. We celebrated the IT industry on the Gold Coast and we organised this event in a cooperative and collaborative manner. It might seem just a fun event but it was much more than that.  It was a fantastic networking event benefiting everyone who participated.  Networking through socialising is very important.  We are constantly looking for the opportunity to organise more events. We are actually planning an event now with a few other associations but I am not in a position to reveal the details. We are trying to organise an event with a very good speaker who knows everything about Startups through personal experience.

Elena Ornig:

Would it be correct to conclude that IT Forum is trying to unite everyone to move in the one direction?

Michael Blumenstein:

Absolutely right! One of our committee members is going to be tasked with that aspect. We have many associations and organisations but we should all come together. We are hoping that some of the initiatives we have will see the industry “glue together” and allow it to work collectively on many opportunities. We ought to unify. Our strategy is to make the Gold Coast flourish with a Startups culture, having a grand IT sector. Right here, where we are in Southport, we have the largest Hospital, next to the largest university in the region; Griffith University, next to a unique Health and Knowledge Precinct and next to the Commonwealth Games village means that opportunities are unlimited. The IT industry can work with all these organisations, including the Gold Coast Council. We can do something very amazing in a knowledge space, and I am a big advocate for that. I envision moving forward as a person with two hats, as the Chairman of IT Forum, former Chairman for ACS GC Chapter and the head of the ICT School at Griffith University. Too many hats…

Elena Ornig:

Too many hats can be a good thing. I guess you know the real capacity and capability of the local IT industry very well.

Michael Blumenstein:

It is true. We need someone who knows what is going on and what is possible. For example, the Health and Knowledge Precinct is a place where we could get a lot of movement. IT companies of all sizes, Startups and non-for profit IT organisations can work on things in the health and knowledge space of IT or health informatics; whatever it might be. The same applies to Griffith University where we can build a little Hub of IT activities. We should strive to utilize this beautiful and unique precinct and make it a center of high innovation and technology activity.  I certainly see myself as one who wants to contribute to the successful future of the IT industry on the Gold Coast which is beyond what we are doing now.  See, potentially it could really put the Gold Coast on the global map of IT and knowledge space. I am very excited about that future.

Elena Ornig:

We all love our Gold Coast and of course we would love to see it prosper.  If, hypothetically, you were to be given everything you needed to create a prosperous future for the Gold Coast, what would it look like?

 

Head of ICT Griffith University

Michael Blumenstein: ” If I had everything in my power that is what we would become – a beacon to the rest of the world.”

Michael Blumenstein:

If I had everything, we would turn into an exemplar smart city.  We would be a city that not just embraces the traditional sectors such as Tourism and Construction but also embraces a pool of intelligent people from the IT industry who have the capacity to develop innovative solutions and applications that are solving current problems for every aspect in our city life. We could portray ourselves as the smartest city to the world.  The new trams are beautiful but what about self-driving trams; new technology transport solutions? What about the new technologies and innovations to make the health sector the best in the world? A smart city which is a living laboratory flourishing on innovations and new technological discoveries.  This is what we shouldn’t dismiss as the opportunity right now.  The Health and Knowledge Precinct could be a mini-laboratory where all new things are formed and all the actions are tested. It could be a concentrated space that potentially becomes a living and breathing city where ideas are developed into practical applications. A city that is exemplar to the rest of the world in all aspects: health, informatics, tourism and intelligent transport. We don’t have to be the new Silicon Valley but we could adopt the Silicon Valley mentality. If I had everything in my power that is what we would become – a beacon to the rest of the world.
Michael Blumenstein at LinkedIn
Michael Blumenstein at Twitter

Share Button

Stop blaming the end-users and regulate the IT industry

Share Button

Interview with William Caelli

Internet Security

William Caelli

 

 

 

Emeritus Professor William (Bill) Caelli is a Director of International Information Security Consultants Pty Ltd (IISEC); an Adjunct Professor at the Queensland University of Technology (QUT) and Griffith University.

Elena Ornig:

Our personal perception can be quite misleading in the understanding of cybersecurity. We might think we are secure but in reality it could be the total opposite, or our devices could be well protected in reality but we could think that they are not. I believe that the reason for such misunderstanding is that the majority of the world populations, who are using new technology, do not know enough to make the correct conclusions. I would like to hear your opinion on some different aspects of viewing cybersecurity:  an academic, the IT industry, business enterprises, governments and the end –users.

William Caelli:

Let us look at some of these areas in reverse order. The end-user is the least knowledgeable in the area of cybersecurity. They don’t know. In many cases they don’t understand. In 2003 there was a major, invitation-only conference for some 50 cybersecurity experts sponsored by the National Science Foundation and Computing Research Association in America, entitled “Grand Challenges in Information Security”. I was invited as an Australian representative. We all finally agreed on four principles one critical statement was – ‘end users must be given security they can understand and easily manage’. It hasn’t happened. End-users do not understand the security environment and they cannot easily manage it. To say that the end-users are totally responsible for their security is downright ridiculous. It is like saying that if a car has no brakes, it is your responsibility to stop it. The end-users are the weakest link; they do not understand. If you maintain this is true then the technology and the associated business systems must cater for exactly that situation.

We did that back in the earlier 80s when we built systems with the understanding that the end- user is indeed the weakest link. The IT industry itself understood that. Back in those days we build so-called “B2” systems with “mandatory access control (MAC)” security, or “profiling systems”, which did exactly that. They made security very easy for the end-users to use and to understand; they were very secure. Then the microcomputer revolution happened and no one cared about security at all. Bear in mind that the Microsoft’s MS-DOS and even products up to its Windows 3.1 had no security at all. None, zero, zilch, null…

The changing IT industry itself has no compulsion to do anything, the market was not there as they saw it and also governments took no interest in security of IT. The academic world at that time was concentrating very much on mathematical cryptography because they understood that well. Business was concentrating on creating value for shareholders. Therefore, security became a cost-centre that had to be and still has to be minimized.

Right now and for the last 20 years businesses have become totally dependent on IT but in the boardrooms the directors (my age) do not really understand technology very well. They’re thinking about minimizing operational cost and maximizing shareholder value, as they are required to do, and therefore cybersecurity is valued against any compensation that may be due if problem occur. It is cheaper to compensate than to invest in prevention.

Elena Ornig:

I think we’ve moved into risk management which is quite an important aspect of our life. Can we discuss it right now?

William Caelli:

Let’s talk about risk management.  In 1980s and 90s, in the academic world, mostly in America and Europe, there was big interest in the creation of secure computer systems for business but it really died after 2000 and particularly in Australia. In Australia, teaching in security systems is almost now non-existent at any real detailed level. It had gone away simply because students were not enrolling in that area, as was the overall case for IT in general anyway. In addition, in Australia, the ability of academics to create and test large scale projects is very small. In Australia, they do not talk about big experimental software projects such as the operating system research project at Carnegie Mellon University (CMU) in America: the project “Mach” effort.  A good research project requires about 20 research assistants, for start, which costs money, plus test-systems which also cost a lot of money. So, in my opinion, for the last 25 years, the problem we are getting into is that academically we are condensing down into small little problems that can be published quickly but without any impact. Academics cannot produce real, useful and exploitable value without resources.  I was trained as a nuclear physicist and back in my days, I had a six million volt accelerator, multiple detectors. I had the equipment, people and a support group. I was provisioned to do my job. Now, think about IT today. Go across to Griffith University and look around. If you would start substantial software project there, how many support people will you have in terms of programmers to develop and test it? I want you to think seriously. To make scientific impact you have to have resources and if you haven’t got the resources you can only concentrate on very small projects, consequently with very little impact. There have been, of course, small projects resulting in big impacts, such as Google, but these are an exception.

Elena Ornig:

Looks like academics in Australia today are not in a position to help businesses with the creation of secure computer systems…

William Caelli:

I will tell you about some research that I was doing for the last 20 years about hackers. For businesses, in order to do risk assessments they have to understand three things. The first is that they have to know the vulnerability that exists in their system. Twenty five years ago the programs were written inside individual companies or government entities and therefore they knew what their vulnerabilities were.  Secondly, they have to know their threats, what an outside or inside person could do to their system. Thirdly, they have to know what countermeasures they have to solve the problem.

Now follow me. A countermeasure itself introduces another threat. For example, I want you to guard the entrance of my house. I will give you a gun but the baddy comes up to you from behind, hits you on the head, grabs your gun and we are now in a worse situation. The countermeasure is producing vulnerability. With my colleagues we have published a number of papers about the vulnerability created by countermeasures themselves and how factors circle around. So, how do you use that circle to perform your risk assessment..?

Elena Ornig:

Please do not ask me, I honestly do not know the answer. However, I have more questions and particularly about cloud computing. More businesses are moving into cloud computing. What is your view on cloud computing and its vulnerability against cybercrime?

Cyber Wars

William Caelli: “What is today’s value of a nation?”

 William Caelli:

Let’s talk about Cloud. The situation now gets worse. For an example, the Gold Coast City council, and similar public sector entities, have their complete system; the vulnerability that any system might have can be moderately known or identified. If they move to a cloud system, they will be contracting out to a totally unknown identity. They don’t know how and where their programs are executed and what actual hardware is executing it. Cloud system involves virtual machines; multiple virtual computers and when you are in a public cloud you are sharing hardware and all of those virtual machines with others. How isolated is your virtual machine from others and how do you know it is isolated? The protection provided for one virtual machine compared to another virtual machine can be completely different. Therefore by moving to cloud computing you are moving further away from understanding your system vulnerabilities because everything now depends on what your contractors tell you. At the same time, as has been pointed out by a number of USA specialists, enterprises, by moving into cloud computing, lose the very competencies that they depend upon to evaluate any cloud proposal!  Now let’s go back to threats.  If I am a council worker and my computer is in the council system, it is an isolated computer and the attacker will attack that system only if he has an agenda to harm that particular organisation. Now, go back to the cloud and I am an attacker and I know that all councils in Australia could be using cloud computing from a few international vendors. In one go, I can attack them all simultaneously. Therefore the threats are suddenly increased almost exponentially.  The baddy can now attack not just one but multiple platforms simultaneously.

Cloud is seen as being very cheap but with cloud you do not know your system vulnerabilities, and so your threats are increased. So, what countermeasures you can employ now? When you outsource the whole lot to the cloud vendor what can you do? What can you do when you do not have any control over your system? I do not see how any business identity can do any risk assessment, excluding the simply obvious factors, once you are in the cloud. You are totally depending upon the supplier and what you are told.

Elena Ornig:

You have mentioned your research about hackers. What can you tell us about hackers?

William Caelli:

Before, the term “hacker” referred a person who writes programs for the love of it and it had nothing to do with good, bad or anything else.  That’s all it was. They just loved programming.  Professional programmers, like I was, were paid money to write programs.  However, for many it was just a hobby. Unfortunately, the term started to change in the early 80s when programs that can self-replicate and propagate began to be used as what we now call “malware”. I actually saw my first “Trojan Horse” malware program in 1968 inserted into a system I had written and deployed. Since then, a whole pile of different types of malevolent programs have been developed.  Generally, you can write bad viruses and good viruses because if you can propagate bad things you can propagate good things.  It all depends on your intentions.  But now, I wouldn’t call programmers working for criminal purposes – hackers; I would call them professional criminals because their intention is to create malware for illegal and criminal activities.  Organised crime today is actually hiring IT professionals to do a job for them.  Right now, there are organised groups that are offering patching services for you for their own malware!

Today, the value of a company or business identity is based on its information system and the baddies know that. Remember the “ransom-ware” software attack attempted to extort money which recently happened here on the Gold Coast?  Well, suddenly we see an economic opportunity in encrypting your data and then decrypting it for money, for a “ransom”.  The problem I see here is that the current IT industry is not used to these ideas.

Elena Ornig:

How can we summarise this? Are we in deep trouble already or not yet?

William Caelli:

We are absolutely in deep trouble already and especially with cloud computing which will make life easier for the criminals and we have not even entered the state of serious cyber warfare on a global scale as yet. With a New Zealand colleague, I am writing a book right now on cyber defence which will come out at the end of this year.

Elena Ornig:

Can you tell me a title about your new book?

William Caelli:

Yes, it is tentatively entitled “Cyber Defence for Small States”.  It is about cyber defence, cyber warfare, political postures and so on, and just how small states should response to the problem.  Let’s go back to your previous question.  In my experience of working with some corporate directors, the majority of them seem to have the position – if it’s not an absolute legal requirement for information system “hardening”, then why do something. I rest my case. Government is supposed to protect us, its citizens and our interests, and remember we were talking about the end-user of IT products? The end-users are the least capable of defending themselves and thus they must depend upon government initiatives in the new IT world. Therefore, logically, it is the responsibility of government to put in place a proper regulatory environment to provide appropriate safe-guards in information systems. They haven’t done it. They have not required and enforce safety and security regulations for the IT industry, unlike in other industries and sectors, such cars, air transport, pharmaceuticals, and others.  We cannot continue the way we are now where essentially no one is responsible for the security of IT products and systems offered to the public. . First of all, the law has to change and government should take responsibility to regulate the IT industry. The IT industry has to be responsible for producing and selling safe and secure products, including services such as cloud.  Seriously, tell me about any other industry where you are buying a product and paying money for a product that might not work and if it doesn’t work you have signed an agreement which states that if it doesn’t work the company providing the product takes no responsibility. Therefore good luck! Can you imagine buying a car which states that the wheels might come off but it is not our problem? Have you got the idea? The IT industry has not been regulated.

You came here by a car. How do you know that your car has no faults and it was safe to drive?

Elena Ornig:

I assume it was safe to drive because I believe that car was manufactured under specific standards and regulations set up by industry and government. I recently serviced it with Toyota and I assume that they checked it according to industry standards and government regulations. I trust the manufacturer and I trust Toyota service because I know that this industry is regulated by the Australian government.

The IT industry has not been regulated

William Caelli:

You trusted your car was safe and secure to use on an open highway. So what is the equivalent in IT? There isn’t any scheme that is enforced, although over 30 years ago a security standard for IT was established in the USA, a so-called “Orange Book” now known as the “Common Criteria” for IT security. Remember the words “information super highway” that we used before? How safe is your PC, your smart phone or your tablet to be used on the “information super highway”?  I maintain, it isn’t and how much interest does government pay to it? None; and it always blames the end-user. Why? It is much cheaper. What they did was to establish the website StaySmartOnline.gov.au where they provide advice “stay safe and secure online”, “protect yourself” or “protect your children”. They are avoiding the real question which is the responsibility of the government to regulate manufacturers and service providers, just like they do in most other industries.

Now, think about two things. There is a car manufacturer that makes cars in Australia and according to regulations they cannot sell a car if it is not in compliance with technical specifications and standards under the appropriate Act of parliament. If they sell bad cars deliberately, they will be held liable for any damages. Therefore the industry is controlled. The IT industry cannot be controlled because it doesn’t have serious regulations or associated laws.  In my 50 years in the game, the only time boards of directors listen is if there is a possibility of a criminal offence. Otherwise they will not listen and they will take the risk. Often they see it as being cheaper to compensate a victim rather than provide enhanced security in the information system.

Let’s talk about the IT product. The modern application could be only about 10% written by you with 90% coming from a library of some sort. Where did that library come from? How do you know what is in that library? How do you, a programmer, trust that library? I rest my case.  Take the “OpenSSL” toolkit which was incorporated into security sub-systems by many, many vendors. Did they test it and make sure it was fine? No they didn’t but they used it in their products because it was cheap, it was free. So, do you see the problem?

When you buy a car, you are entering into a contract that you can negotiate. When you buy a copy of Microsoft office, for example, under an End-User License Agreement (EULA), the first activation of this software implies that you have accepted their terms and conditions. I think it is an unconscionable contract.  The contract itself isn’t a contract because a contract has to have room for negotiation but in this case you cannot negotiate. You agree and then you can download it and use it but if you disagree, or want changes, you cannot have it. Yet, government allows that to happen, regardless that this is a one sided contract.

Elena Ornig:

Why do you think that our government is not regulating the IT industry in Australia? Why do they not ask these questions?

William Caelli:

I went through every single politician in our federal government to check their IT background and I found only one or two.  In America, I found about twenty. In my experience, for the last two years, talking to the government about security, regulations or business compliances I hear the same response: “That is what the salesman from Oracle or some other company told me,” when I ask them about what they do know. See the problem?

In our new book, I talk about “technological colonization” or “ICT slave States”. I call Australia a depended ICT Colony because we have no idea of what we are importing and we cannot even evaluate if it is good or bad. In the 80s, in that “galaxy far away”, as an industry we developed what become an ISO standard (IS 15408), usually known as the “Common Criteria” where there was an attempt to build a set of specifications to make information systems secure and trustworthy. Don’t worry about technical details but look at the philosophy of “Common Criteria”.

Common Criteria

I don’t sense the interest from the government to regulate IT industry at all and I am not the only one who says that. Richard Clarke, former White house advisor to the Bush and Clinton administration has been calling for years for governments, particularly in the USA, to regulate the IT industry. However, the lobbying from the IT industry had convinced the US government not to do anything about it is enormous and has been going on for the last thirty years.  Their arguments sound like this: ‘Regulations will stifle development.” This is laughable because regulations didn’t stifle the development of a car industry that is now building electric cars for example, but the lobbying is very intense in America and even in Australia. The good news is that at least in the USA there may be some signs of change to that attitude in Washington. The industry doesn’t want to spend their money.

Elena Ornig:

What about today’s generation of programmers? Do they pay attention to security when they develop their Applications?

William Caelli:

No, and as an example, at the last Gold Coast GovHack 2014, I asked developers from the competition if they looked at the privacy policy on the data.gov.au website and none of them had. Today’s applications development I call ‘hasty tasty’ just like the fast food shop in Sydney.  It is all about “instant gratification”.  What does McDonald sell you? It sells you ‘eating fast’.  The same with GovHack 2014 – ‘I want to develop it fast! I want to sell it fast! I want to go to the market fast!’ They want a quick “app” because it is all about speed to market.  In the IT industry it is always been about speed to market.

So what have we talked about for the last 40 minutes? We’ve talked about the end-user on whom we should not place the responsibility to protect themselves.  I am sick to death of this.  And you know why because technologically we have already solved some of the security problem with the Internet’s “Domain Name System (DNS)”, for example, with a security extension called DNSSEC. Basically, if a fraudulent person sends you an email which looks exactly like email from your bank, for example ANZ, then on the top of the page it will show that this email didn’t come from ANZ.

Elena Ornig:

What happen to the DNSSEC system?

William Caelli:

DNSSEC is the Domain Name System Security Extensions, it uses encryption authentication technology; it is a standard but few have bothered with it because it takes effort. It takes time to set it all up properly and it costs money. (Disclaimer – William Caelli is the Chair of the associated advisory committee on security to auDA.)

Elena Ornig:

Who should be responsible for this overall Internet security situation?

William Caelli:

Government should force it, like in any other industry, but government doesn’t appear to care that much. At present, the auDA DNSSEC situation is experimental.  It is simple to provide regulation where every Internet entity must verify its domain address. Talking about roles and responsibilities? Then it is a government’s responsibility to regulate and not anyone else’s.

However, we are moving into a new environment, one of – “cyber wars”. Remember in 2007, the wave of DoS cyber-attack on Estonia where many organisations including government were brought down? So what is next? For an example, we have an Air force, a Navy and an Army because we are defending our waterways, our land and airspace. What is today’s value of a nation? The value of a nation is reflected in its information, intellectual property, its accounts and so on, but who is protecting all that?  What about values of businesses? It is their intellectual property, business data and their customer’s information which businesses are supposed to protect; are they really spending money to protect it? Should they?

Here is a simple analogy. If anyone attacks the Gold Coast from the air the citizens are expecting that the Australian Air Force will look after it. In an equivalent to the situation with a cyber-attack, what would happen?   As an Australian citizen I would be expected to have an anti-aircraft gun installed in my company and for ground attack on my property would I be defended by the Australian Army? The problem is just where the cyber defence sits and can you say that this type of cyber defence is the responsibility of a company or individual? No, the company might put some defence equivalent to the gates and fences around its building or a lock on the door which might be enough to keep it safe from local criminals but we are talking about massive cyber-attacks equivalent to a war situation.

Elena Ornig:

But who is responsible for performing cyber-security activities and just how would they be trained?

William Caelli:

Let’s talk about business and IT.  Say I like cats; I decided to open a business for cat owners. I put outside a sign like – ‘Cats “R”US – Bring your cat here and I’ll fix your pussy-cat for you!’ Is it legal? No way, I have to be a registered veterinary. But, I put a big sign up there saying ‘IT Security Gold Coast –Looking after everything IT in your businesses’. How much verification have I got to have? None! You and I cannot even become a bouncer (crowd controller) in a night club without being licensed by the Government. We established that the value of any business is reflected in company IP, data base and customers information; its value critically depends upon IT security and yet, you have invited unlicensed ‘IT Security Gold Coast’ to look after your business. See the problem? Just a few years ago, IT for many businesses didn’t play such a critical part but today they do but who regulates it? No one! So, how can a business do a risk assessment in this situation? How can it assess vulnerability, threats and countermeasures?

So, how can a business do a risk assessment in this situation?

We are living in a very interesting time and I am very scared. The biggest thing that worries me is that the baddies now have a choice to not go just after one business at the time but after many businesses at one time in public Cloud space. Even without an attack, look what happened recently to Exchange Online, Office 365, and other Microsoft cloud products? What could the end-users do to fix it or control it where their data and services were handled by a third party? They could do nothing but only accept apologies.  What can any other business do when the real-time communication stops? I wouldn’t touch public Cloud in a million years unless it is to become far, far more resilient. Different story with a private Cloud which you can do yourself. We did it 40 years ago; just dumb screens and connections to mainframe systems such as IBM System 360, Model 67.

For example, if we look at the Gold Coast Council then using open source, each department could have its own virtual department in a private cloud system – private cloud architecture and the physical boxes would be here, on the Gold Coast.  Open source is what Munich in Germany has been doing for over 10 years. They are now bringing, as a next step, software, processing and data into their own private cloud service, saving money and generating new local support companies and many new jobs.

About three years ago, I went for a briefing on a private cloud for the USA Government in Washington and what are they doing there?  From all government departments they are bringing a few departments with similar information needs into one group under one private cloud system that is servicing all those departments with similar functions. This is much easier, cheaper and simpler to use. Why is private cloud much better? Because all three critical aspects of security which are vulnerability, threats and countermeasures have all of a sudden changed. In a private cloud environment it is a different world all together.

Elena Ornig:

Hypothetically, I am a government representative who is interested in your opinion. What advice you would give to our government today?

William Caelli:

Stop blaming the end-users and regulate the IT industry. However, there is a problem with what I am saying. We do not have an IT industry in Australia.  We are an “IT slave State”.  If I say to you “car industry”, you would think, oh, the industry that makes cars and you would not think of “yellow taxis” that are using cars for a particular service. In Australia, the IT industry is equivalent to yellow taxis. We import IT and use it for applications. Name at least one Internet router or switch made in Australia. Name at least one operating system written in Australia. Name at least one compiler written in Australia. Name at least one office package written in Australia.  Regulating Australian industry is difficult because Australia is a technological colony. However, government can say to the Australian IT industry (the taxi service) – do your risk assessment properly and make sure the systems you buy are fit for purpose. Fit for purpose must become a mandatory legal obligation in IT.  I give you an example of this.  Take a server operated by some public or private enterprise. If you have very private data, I would say immediately that that product must have a “Common Criteria” evaluation that verifies the implementation of strong profiling on an application level.  We call that flexible mandatory access control.

I would like to say to our government that IT is not all the same.  There is a big difference between Mercedes Benz and Tata Nano cars. A computer system made with discretionary access control is cheap and nasty and not suitable for a health care system, for example. The health care system should have the mandatory control system that implements privacy requirements. Basically, we cannot regulate the IT industry in Australia in terms of the real meaning of IT industry and so the law should move to making procurement fit the purpose. It can become an obligation for boards of directors to employ the products and systems which are suitable for purpose, safe and secure on the information super highway. If they do not do that, it can become a criminal offence.

I think, in the next 12 months we will see major cyber-attacks on the information super highway. No doubt in my mind. Even now, we don’t even know what the penetration level is.  You and I are living in an interesting time. What I am really scared about is the fact that we are seeing a massive collapse of student’s enrolment in real IT subjects and particularly in cyber security subjects.  But the number of job vacancies today in cybersecurity, reported in a recent international survey, is over million places.

Watch:  “Online Security and Privacy with Bill Caelli – Southern Cross University”

William (Bill) Caelli on LinkedIn

 

 

 

Share Button

We have mastered many applications

Share Button

Interview with Chrishan Perera

Mr Chrishan Perera

CHRISHAN PERERA

Chrishan Perera is the Head of Business Development at SCIENTER (Scienter Technologies (Pte) Ltd). The company was established in 1995 and has invested in highly qualified personnel.  In 2009, Scienter Technologies was a winner at the Asia Pacific ICT Awards (APICTA) Australia and in the same year became the Gold award winner of the National Best Quality Software Awards (NBQSA).  Their IT solutions include:  Hospitality Management, Financial Applications, Restaurant Management, Membership Management, Procurement & Warehouse Management, Contact Centre Systems, Inventory Control and Human Resource Management.

Elena Ornig:

What was the reason for Scienter Technologies to attend the Gartner Symposium/ITxpo 2013?

Chrishan Perera:

We were informed that ICTA (Information and Communication Technology Agency of Sri Lanka) was planning to take a delegation to the Gartner Symposium. Our company has the biggest market share in the Hospitality Industry in Sri Lanka (about 65%) and we have been recognized as a high quality complete integrated IT solutions provider – and we contacted the ICTA to present our IT solution at the Gartner Symposium.  In the beginning of 2013 we made the decision to go global and we have already started business operations in Dubai while having partners in Malaysia who function as re-sellers. The opportunity to present our product at this prestigious international IT Symposium was a good step for our company. The ICTA had strong selection criteria but we were selected and now we are here, in Australia, looking for partners.

IT Symposium

(The Sri Lankan delegation at the Gartner Symposium/ITxpo 2013)

Elena Ornig:

Many international companies are proudly presenting their products and solutions at the Gartner Symposium. What makes your products special?

Chrishan Perera:

Our application is very large and used in Sri Lanka by majority of the leading hotels and resorts such as Jetwing Hotels, Avani, Blue Waters and many others. Also companies like Pizza Hut, KFC, McDonald’s, BreadTalk, TGI Fridays and Chinese Dragon all use our application because it is a completely integrated application with a completely integrated application,  our clients do not need to use any other application to do their work. The application deploys in all areas of a business, from ordering to processing, production and logistic operations to billing on a multiple price structures and detailed reporting. For example, Pizza Hut in Sri Lanka is very successful in delivery because as soon as the clients call to order – their profiles are available on screen with the history of previous orders. So, the person at the call center can quickly access your preferable choice and ask if you would like the same order that was placed last time. It is part of the customer relationship management component that is built into the system.

About two weeks ago we won the top award at “Enabling Sri Lanka Tourism 2.0 and beyond” in the ‘Enhance Revenue and Customer Experience’ category for our solution for the hospitality industry. Our solution helps provide a superior and memorable service to guests by allowing, the management access to real time information on every guest, helping them to make quick decisions and eliminate unnecessary overheads.

Scienter

Elena Ornig:

Competitiveness is a part of every business. Do you have serious competitors in Sri Lanka?

Chrishan Perera:

In the, Sri Lankan market we do not have too many competitors. The biggest competitor has about 15% of market share and the rest constitute what is left. However, globally we do have competitors.  One of our global competitors is MICROS Systems, Inc.  They are present in Australia and Dubai offering solutions for the restaurant and hospitality industry and we compete with them globally. However, we do have confidence in our applications because they are completely integrated, which is an advantage compared to our rivals’. Our competition has a well-established brand because they have been in the market for a long time. Their application only covers the fronted component of all operations and the clients need to purchase a different application.  With our application we have a complete integrated backend operation, solution and our clients need to buy only one application.

Elena Ornig:

What about robustness to changes? How flexible are your applications?

Chrishan Perera:

In technical terms it is called parameterization which means you can parameterize various functions of the application. For example take a taxation system – every country has a different system for tax. We have taken this into consideration and our applications are flexible – you can enable any taxation process you wish. So, the parameters are not fixed and that is one of the major advantages that our solution has. We are also constantly improving our applications because we listen to our client’s feedback and that process is helping us to stay ahead of our competition. Every day our applications are going through R&D processes which helps us to constantly upgrade and enhance our products and to roll-out upgraded versions to our customers. I believe that in our business you cannot settle with one version even for just six months.

Sri Lanka Chrishan Perera

Chrishan Perera at the Gartner Symposium/ITxpo 2013

Elena Ornig:

How do you protect your unique solutions from being stolen or copied?

Chrishan Perera:

Developing software takes a lot of work, logic and coding to develop specific applications. For example, if you take calculations, there is a complex methodology of how you make these calculations. That is something that you cannot just see and understand in the whole system. The functions such as the food costing and the accuracy of that system are something that not many companies have mastered. We have actually mastered that system and when foreign companies setup in Sri Lanka – they adopted our software and not any other foreign application.  It is not easy to just look at the application and figure everything out. We also use preventative measures against people who might try to copy it, measures such as license key for validation and others mechanisms in order to control our product.

Elena Ornig:

What do you personally like about Australia?

Chrishan Perera:

I have been here now for three days and this is my first time in Australia. I like it quite a lot! I have been to England many times and I have already noticed a cultural similarity. On Monday, I was speaking to a gentleman at a cocktail party and he said that he starts his work at six in the morning and after two o’clock he is already at home.  I was surprised; I could never walk off from my job at 2 pm. He said that as long as you cover those working hours that is more than enough. He seemed very relaxed about it. We in Sri Lanka start at 8:30 in the morning and officially finish at 5:30 pm. But normally, by the time I leave office it is about 7:30 to 8:00 in the evening.

Elena Ornig:

So, how does your personal life fit into this schedule?

Chrishan Perera:

Saturday and Sunday is the time when I go somewhere with my friends because after work I am too tired. I just go home to sleep. We usually try to get out of the city and spend some quiet time. We are all tired after the long working week. We just try to relax without any heavy activities.

Elena Ornig:

Do you have a message for the Gold Coast IT community?

Chrishan Perera:

We are looking for a partnership with an Australian company that has a presence in the Gold Coast, because we have great applications for the Tourism industry and particularly for the Hospitality sector. Sri Lanka is a great tourist destination so is the Gold Cost. We have mastered many applications and we are well aware of what goes on in day-to day operational processes. We are looking for a company that can represent us here, sell our solutions and provide support. Ideally we would prefer an established company because our application is very large and it needs software support.  In Sri Lanka we provide 24 hours support for our clients because the Hospitality industry works around the clock; one or two people physically wouldn’t be able to handle such a large application. We are ready to go in partnership on a mutually beneficial basis.

Elena Ornig:

Thank you, Chrishan, I will deliver that message to the IT community on the Gold Coast and let’s hope that your company will find a good partner here.

Chrishan Perera:

Thank you, Elena.

Share Button

How to effectively reach and influence your consumer via ultra-personal mobile channel

Share Button

Interview with Jayomi Lokuliyana

Jayomi Lokuliyana portret

Jayomi Lokuliyana is Co-founder and Chief Executive Officer at zMessenger (Pvt) Ltd.

In 2005, Jayomi Lokuliyana was the winner of the Sri Lanka Institute of Marketing’s Brand Champion for Most Innovative Brand of the Year at SLIM Brand Excellence Awards. Jayomi has been lecturing on Marketing at several leading marketing schools. She has also served on the Executive Committee of the Chartered Institute of Marketing (CIM) in Sri Lanka.

Her integrated mobile media company – zMessenger specializes in mobile-based (SMS) marketing and research. zMessenger became a pioneer in introducing SMS to media stations in Sri Lanka and lead the way in the planning, creation, and execution of effective mobile marketing campaigns, branded community applications and content distribution strategies. Incorporated in 2003, zMessenger become an award winning Mobile Value Added Service powerhouse in Mobile Marketing, Enterprise Mobility, Mobile Contents and mCommerce Solutions. Their flagship clients are big and impressive: Unilever, Coca Cola, Allianz, HSBC, Qatar Airways and Sri Lankan Airways.

Mobile Advertising

Elena Ornig:

It is a pleasure to meet you, Jayomi. Tell me more about your company.

Jayomi Lokuliyana:

Our company is Sri Lanka’s leading mobile marketing and business solutions provider. We operate three key domains for mobile marketing solutions, mobile enterprise solutions and mobile payment and content services. If you look at the mobile industry, you can see that it is quite fragmented. Some only provide mobile applications; others only provide mobile websites. What we do – we provide entwined mobile marketing platforms, covering all the touch points of customers’ interactions. It is a service which has three aspects that can be integrated. You can use it as a web service, as a mobile service through SMS or through interactive voice recognition (IVR) or as a mobile web application. We cover different operating systems: Android, iOS, Windows and BlackBerry. The majority of our clients are from marketing agencies or large brands and we also work with government agencies.

Elena Ornig:

What attracted them to use your platform?

Jayomi Lokuliyana:

We provide an end-to-end service, from mobile strategy to campaign planning and implementation, including required analytics. Our clients want one mobile contact point and service partner and that is what we offer. When it comes to large corporations we mostly have long-term partnerships of one to two years. We discuss what strategy to choose and how we are going to implement it, execute and manage a specific campaign. When we develop strategy we work with our clients and we bring in smaller marketing agencies to support a big campaign. During a campaign we collect analytics on sales, response rate and so on. We document everything and show our clients the results which make it easier for our clients to see the effectiveness of the specific campaign. For example, two years ago, in Sri Lanka, we started to work with Coca Cola. It had conducted a massive consumer promotion campaign across the entire country. After the campaign we analyzed everything in order to identify trends, limitations, what gifts to give, what makes consumers participate in the promotions and what enticed consumers to buy Coca Cola. Based on that analysis we made a few changes to achieve even better results and now we are Coca Cola’s exclusive mobile partners in Sri Lanka.

Since mobile marketing campaigns are different from traditional marketing campaigns we analyzed frequencies of calls and SMS and now we are better equipped to provide our clients with more effective campaigns. We also use profile building through filtering but we do not sell customers’ profiles – we use them for our own solutions.

Elena Ornig:

You are very young but have managed to achieve so much already. How did you succeed so fast?

Jayomi Lokuliyana:

It was quite a journey. Ten years ago, I quit my job and joined my partner to whom I am now married. It was his idea to start a new company. It was hard financially for the first few years but we took that risk knowing that mobile technology solutions would be the next big thing. My family was pressuring me to migrate to Australia but I said no. My husband is a natural optimist and peace maker and we put all our money into our own company. Four years later, we found a partner in Indonesia. He liked our company and he invested in us. I was handling all marketing operations and my husband was looking after all technical solutions. We come across many difficulties, especially in Sri Lanka. Ten years back, mobile phones weren’t very sophisticated devices and many of my colleagues in marketing were wondering what can be done with mobile marketing. We persevered and went to media stations, convincing them to adopt mobile solutions where they could have interactive relationships with their audience. We were the first in the country to help them use it. I cannot say that we have a monopoly but we are now recognized as the leading mobile solutions’ provider in Sri Lanka. We developed our infrastructure well and it is quite hard for others to compete with us, especially because we continue to innovate and develop more sophisticated solutions. We started with mobile marketing and added two more business units – enterprise solutions and mobile payment services. We also joined a Hong Kong based company, Ambiq Technology, after doing a pilot project for the Russian metro stations in Saint Petersburg. So we are still evolving and adding new revenues.

SYMPOSIUM DELEGATES

(The Sri Lankan delegation at the Gartner Symposium/ITxpo 2013)

Elena Ornig:

You are a trained marketing professional but working so close with actual IT solutions must have had some profound effect on your knowledge of technology. How well do you understand the technical side of your business now?

Jayomi Lokuliyana:

My major expertise is in marketing and customer service. One of my business partners, Janaka Rupasinghe has a strong IT background and knowledge. He graduated with a B.Sc. degree in Management of Information Technology from the University of Kelaniya and acquired an MBA from the Post Graduate Institute of Management (PIM) of the University of Sri Jayewardenepura. My other business partner – Dhushy Thillaivasan, graduated with a B.Sc. degree from the National University of Ireland, has an MBA from the University of Sri Jaywardenepura and a MA from the University of Colombo. Over the last 10 years he has accumulated considerable expertise in merging banking, payments and mobility. So, I am lucky to have highly qualified and experienced professionals working with me.

This year we are moving towards the development of new products. One of our new products is for the Sri Lankan Ministry of Co-Operatives and Internal Trade. It is an entire software platform, connecting together farmers, the market place and consumers. Farmers can get the latest updated trading prices.  They can then decide which market place to send their crops to instead of having to negotiate a price with agents. That platform will enable farmers to achieve better prices for their crops. Consumers will benefit from our platform by getting updated information on the markets and can therefore know where the prices are better for them. This platform is integrated with mobile applications, including voice messaging, calls and SMS and can be used as a website or web application. The data will be continually updated through offices.

Another new product for midwives has been developed together with our government. In Sri Lanka, midwives provide prenatal and postnatal care and currently have to visit pregnant mothers in their homes. During these visits, they have to write everything in a book and then back in the office they have to enter the same data into registry records. This is a very tedious and time consuming process. With our mobile platform, they don’t have to write down every parameter on paper, they just enter these parameters into a mobile application which automatically updates throughout the entire registry system up to district level.

These new platforms can be implemented in different countries because they require only a small customization or modification.

Elena Ornig:

What brought you to the Gartner Symposium/ITxpo 2013? Are you looking for partners or customers?

Jayomi Lokuliyana:

We have two positions that brought us here. First we are looking for partners who can take our solutions/products to the Australian market. The second one is based on our development capabilities and we are looking for companies that are seeking offshore outsourcing or simply business process outsourcing (BPO). This is my second time in Australia and I would like to come back again in December.

In 2005, we did a campaign for the Sri Lankan government election. We deployed a mobile services platform to monitor election violence and we won the GSMA [GSM (Groupe Spéciale Mobile) Association] award for the Best Use of Mobile in Emergency category. In the same year, we received the SLIM Brand Excellence award and became the most renowned brand in Sri Lanka for the introduction of the best mobile-based English learning service. We were also finalists in the selection of a global media company Red Herring and we were proud to receive the Best National eContent Award from eSwabhimani National Awards.

Awards

Elena Ornig:

Do you like it here?

Jayomi Lokuliyana:

Yes, I like it very much. The Gold Coast is a coastal region and very similar to where I live in Sri Lanka.

I see a lot of potential to work with Australian companies and how we can help them to mobilize their customer services and customer interactions. We can make or develop different applications for Australian companies and on average they could save about 30% by outsourcing development.

We have a considerable experience working with international brands in Sri Lanka and I see how we can add value to their development. When we develop applications we follow the highest international standards and specifications from system architecture through all stages of development.  We have very good engineers and IT professionals.

We are not looking for large projects with large numbers of people but we are looking for projects which involve particular specialization. For example, in Sri Lanka, we are the only ones who have an NFC development center with about 30 people and because we specialize in that technology we have the capacity to do entire developments. We are not after quantity – we are after quality. We are also very aware of user experience quality. We have a client from Melbourne and in the development of their product, we are actually using feedback from Sri Lankans who have lived or studied in Australia. They have the cultural knowledge of what Australian users like or dislike. We also consult with other countries to understand how to make user experience better. It is costly, but we always know that users’ experience will affect the quality of our product.

Elena Ornig:

It was a real pleasure to interview you, Jayomi. I’m so impressed with what you’ve achieved; you’re amazing. I wish you and your family all the best.

Jayomi Lokuliyana:

Thank you, Elena.

Share Button