This document outlines a proposal for a trustmark for IoT devices. The trustmark would aim to increase transparency and empower consumers to make informed decisions about connected products. It would evaluate products across 5 dimensions: privacy and data practices, transparency, security, openness, and stability. Compliance would be determined through a pledge and self-reported documentation that answers a standardized set of questions. The trustmark is envisioned as decentralized, with companies independently applying it by providing publicly available compliance documentation. The goal is to establish an ecosystem where this foundational trustmark information can be built upon by third-party services. Feedback is sought on aspects to evaluate and how to structure the compliance process.
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few.
Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched.
Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem.
He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.
Copy of presentation delivered at the CHASS 2015 National Forum in Melbourne (October 2015), The Council for Humanities, Arts and Social Sciences in Australia is the peak body supporting more than 75 member organisations in their relationships with Federal and State Government policy makers, Academia and the broader community within Australia.
Career implications for the Business Analyst in the age of digital disruptionLivingstone Advisory
The fact that business and societal change is being fueled by innovative, emerging and disruptive information technologies is well known. Its impacts being felt in almost every facet of life. However, the forces driving the evolution and adoption of such technologies are complex, diverse and not always well understood. In addition, the rate of change is accelerating.
Knowledge intensive IT careers, once considered to be at the forefront of information technology developments are being progressively impacted by the new world of IT, shifting customer expectations and business change.
Question is, how will the IT professions - in particular, the BA - be redefined? More importantly what steps should the BA profession consider taking now, to ensure its continued relevance in years to come
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few.
Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched.
Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem.
He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.
Copy of presentation delivered at the CHASS 2015 National Forum in Melbourne (October 2015), The Council for Humanities, Arts and Social Sciences in Australia is the peak body supporting more than 75 member organisations in their relationships with Federal and State Government policy makers, Academia and the broader community within Australia.
Career implications for the Business Analyst in the age of digital disruptionLivingstone Advisory
The fact that business and societal change is being fueled by innovative, emerging and disruptive information technologies is well known. Its impacts being felt in almost every facet of life. However, the forces driving the evolution and adoption of such technologies are complex, diverse and not always well understood. In addition, the rate of change is accelerating.
Knowledge intensive IT careers, once considered to be at the forefront of information technology developments are being progressively impacted by the new world of IT, shifting customer expectations and business change.
Question is, how will the IT professions - in particular, the BA - be redefined? More importantly what steps should the BA profession consider taking now, to ensure its continued relevance in years to come
Cloud computing implications for project management methodologiesLivingstone Advisory
Cloud based technologies are becoming increasingly pervasive across society and are considered by many in business as the next major disruptive innovation. For the first time, organizations can consume, as needed, on-demand, business ready Cloud based enterprise services. This is also known as the Consumerization of IT.
Transitioning to, or deploying new IT systems and services using Cloud technologies present their own unique set of challenges to the IT Departments, Project managers and Pproject management Offices (PMO) alike.
The primary objective of this presentation is to provide a number of key considerations for Project Managers in dealing with projects involving Cloud computing technologies.
This was presented at the 25th International Project Management Institute's Global Conference in Australia on the 11th October 2011 by Rob Livingstone
Cloud computing: What you need to know as an Australian Finance DirectorLivingstone Advisory
Cloud computing: What you need to know as an Australian Finance Director.
Presentation made to 2nd Annual Future of Cloud Computing in Financial Services Conference in Sydney and Melbourne - September 2011
All rights reserved: FST Media and Rob Livingstone Advisory
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...Livingstone Advisory
This Keynote presentation was delivered by Rob Livingstone at the Inaugural Cloud Security Alliance NSW Chapter meeting. The primary focus of my presentation was to take a business / non-IT Executive's position on the whole topic. If anyone would like more information on my other presentations, please visit http://www.navigatingthroughthecloud.com/
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
Ryerson’s Privacy and Big Data Institute's inaugural seminar on Privacy by Design (PbD), the revolutionary privacy framework created by Dr. Ann Cavoukian which was unanimously passed as an international privacy standard in 2010 (translated into 37 languages). Dr. Cavoukian is now the Executive Director of the Privacy and Big Data Institute at Ryerson, and formerly served as the Information and Privacy Commissioner of Ontario for three terms. Dr. Cavoukian gave a presentation on Privacy by Design and its application to big data analytics, followed by a Q&A session.
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...Livingstone Advisory
Organisations that have successfully implemented standalone cloud systems may feel that they have won the war against complex and expensive enterprise IT. That feeling may not last too long once these systems need to be integrated with other systems, cloud or otherwise. The minute you start integrating your cloud with these other systems, you have what is termed a Hybrid Cloud.
Your IT risks are now becoming systemic risks – a point not lost in the most recent KPMG 2012 Audit Institute Report which identified “IT Risk & Emerging Technologies” as the second highest concern for 2012
In this presentation, Rob Livingstone, suggests some practical approaches that CEOs, COOs and CFOs should be considering in the identification and mitigation of the pitfalls of Cloud computing in the enterprise.
The world of computing is moving to the cloud —shared infrastructure, shared systems, instant provisioning, and pay-as-you-go services. And users can enjoy anytime, anywhere access to services and their data, on any device. But are we secure within the new cloud environments? Are information assets adequately protected as they move around in the cloud? The answer to both is yes— as long as your underlying security architecture has been designed for the cloud. In this session, Rob Livingstone will examine key security considerations surrounding the convergence of hybrid clouds, mobile devices and BYOD, and provide practical guidance on how to identify, mitigate and the key technical and systemic risks in your Cloud journey.
The ‘success trap’ of new, emerging and disruptive technologiesLivingstone Advisory
The adoption of these technologies may provide much value in the short term, however may become a liability at some point down the track. How can you and your organizations insulate yourself against the future adverse consequences of these emerging and disruptive technologies – the so called success trap?
Exploring the opportunities and pitfalls of new and emerging technologies in ...Livingstone Advisory
Presentation delivered at Annual Future of Local Government Summit
Rydges, Melbourne, Thursday 23rd May 2013
This is a variant of the presentation delivered in April 2013 to the Municipal Association of Victoria
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Livingstone Advisory
Making real sense of enterprise Cloud computing in the context of your business is not always a trivial task. The volume, diversity and intensity of opinions on what cloud can do for your organization are relentless, as are the pressures to lower IT costs, speed up implementations, simplify enterprise IT and deliver more value in your own organizations.
Shifting your mission critical systems to the cloud presents a formidable range of challenges for many organizations, least of which the potential loss of control over your disaster recovery capability. Conversely, keeping your enterprise IT systems where you can see them, and using the cloud to manage your backups and disaster recovery may appear to run counter to the prevailing perception that the cloud is the ultimate destination for all IT systems.
In this presentation, Rob Livingstone will be covering off some of the key considerations of disaster recovery planning in the hybrid cloud environment and how, paradoxically, cloud could either be the cause of your disaster or has the potential to save you from one. He will be offering practical insights and tips on how you should approach the cloud when it comes to planning for the worst so that you come out looking your best.
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Livingstone Advisory
The rate of business and societal change fuelled by innovative, emerging and disruptive information technologies is well known, with impacts being felt in almost every facet of life. The forces driving the evolution and adoption of such technologies are complex, diverse and not always well understood. How can organisations predict the consequences of future tech? How should they fortify against the chaos of change while taking advantage of innovation?
This public lecture provides a concise perspective on the implications of emerging technologies and offers practical insights on how many enterprises and individuals survive, and also thrive, in a world of rapid technology-induced change.
The conference will contextualise the changing regulatory landscape, considering the business impact of the GDPR and DPA (2018) and how it is changing policy and process in practice.
When GDPR came into force in May it significantly raised the bar of obligation and accountability, ensuring that all organisations who handle personal data adhere to strict regulations around privacy, security and consent. 6 months on from implementation, the conference will consider how data protection procedure has moved on, with insight from frontline practitioners reflecting on how practices within their organisation have changed.
The event will also provide an update from the regulator; exploring regulatory action policy, decision making for fines and penalties, and clarifying some of the most prominent areas of misconception and non-compliance.
Core conference topics include:
• Key legal issues and obligations
• Data security and encryption
• Privacy Impact Assessments
• Databases, data mapping and classification
• Privacy by design
• Practical strategy implementation
Where worlds collide: Agile, Project Management, Risk and Cloud?Livingstone Advisory
The new CIO is expected to be truly agile, deliver transformational value using new technology based services and have a deep understanding of, and engagement with the business – all whilst managing and mitigating risks. In addition to this, the CIO is also expected to be a ‘business partner’ in the real sense of the word. On top of these factors, Cloud is often seen in the eyes of business as a metaphor for timely change, and a convenient ‘get out of jail’ card in their push to lower IT cost, and collapse IT project lead times.
In this context, ensuring the effective orchestration if the various ‘best practice’ methodologies and frameworks in the areas of agile application development, project management and risk management, all whilst managing the whole ‘Cloud’ discussion is not a trivial task.
In this presentation, Rob Livingstone explores the key systemic and technical risks associated with the concurrent adoption and management of agile application development methodologies, project management, hybrid cloud and mobile devices within the enterprise in today’s volatile environment.
Technology is completely changing the face of financial services, driving disruption, displacement and disintermediation within the sector. This has lowered the barriers to entry, opened the door to new market entrants and created fertile ground for innovation and growth.
These market disruptions have also forged new alliances between start-ups and incumbents, blurring the lines of distinction between finance and technology and creating a wave of cross-sector collaboration.
Fintech 2018 will explore technological innovation across the financial services sector, from developments in established tier-1 firms to the disruptive innovators within the start-up community that are reshaping the FS market.
Core conference topics will include:
• Landscape: Trends, Culture, Trust, Transparency, Geo-political Climate
• Regulation: GDPR, MiFID II, PSD2, Open Banking, APIs
• Customer Strategy: Engagement, UX, Data Insight, Marketing & ML
• Emerging Tech: Blockchain, Analytics, AI, Payments, Automation
• National Strategy: Skills, Funding, Collaboration, Cyber Security
• Infrastructure: IT, Digital, Cloud, Mobile, XaaS
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
A trustmark for the Internet of Things (IoT). An initiative by ThingsCon with support from the Mozilla Foundation.
Learn more at trustabletech.com and thingscon.com.
Presented at ThingsCon Salon Berlin, 17 July 2018.
Cloud computing implications for project management methodologiesLivingstone Advisory
Cloud based technologies are becoming increasingly pervasive across society and are considered by many in business as the next major disruptive innovation. For the first time, organizations can consume, as needed, on-demand, business ready Cloud based enterprise services. This is also known as the Consumerization of IT.
Transitioning to, or deploying new IT systems and services using Cloud technologies present their own unique set of challenges to the IT Departments, Project managers and Pproject management Offices (PMO) alike.
The primary objective of this presentation is to provide a number of key considerations for Project Managers in dealing with projects involving Cloud computing technologies.
This was presented at the 25th International Project Management Institute's Global Conference in Australia on the 11th October 2011 by Rob Livingstone
Cloud computing: What you need to know as an Australian Finance DirectorLivingstone Advisory
Cloud computing: What you need to know as an Australian Finance Director.
Presentation made to 2nd Annual Future of Cloud Computing in Financial Services Conference in Sydney and Melbourne - September 2011
All rights reserved: FST Media and Rob Livingstone Advisory
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...Livingstone Advisory
This Keynote presentation was delivered by Rob Livingstone at the Inaugural Cloud Security Alliance NSW Chapter meeting. The primary focus of my presentation was to take a business / non-IT Executive's position on the whole topic. If anyone would like more information on my other presentations, please visit http://www.navigatingthroughthecloud.com/
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
Ryerson’s Privacy and Big Data Institute's inaugural seminar on Privacy by Design (PbD), the revolutionary privacy framework created by Dr. Ann Cavoukian which was unanimously passed as an international privacy standard in 2010 (translated into 37 languages). Dr. Cavoukian is now the Executive Director of the Privacy and Big Data Institute at Ryerson, and formerly served as the Information and Privacy Commissioner of Ontario for three terms. Dr. Cavoukian gave a presentation on Privacy by Design and its application to big data analytics, followed by a Q&A session.
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...Livingstone Advisory
Organisations that have successfully implemented standalone cloud systems may feel that they have won the war against complex and expensive enterprise IT. That feeling may not last too long once these systems need to be integrated with other systems, cloud or otherwise. The minute you start integrating your cloud with these other systems, you have what is termed a Hybrid Cloud.
Your IT risks are now becoming systemic risks – a point not lost in the most recent KPMG 2012 Audit Institute Report which identified “IT Risk & Emerging Technologies” as the second highest concern for 2012
In this presentation, Rob Livingstone, suggests some practical approaches that CEOs, COOs and CFOs should be considering in the identification and mitigation of the pitfalls of Cloud computing in the enterprise.
The world of computing is moving to the cloud —shared infrastructure, shared systems, instant provisioning, and pay-as-you-go services. And users can enjoy anytime, anywhere access to services and their data, on any device. But are we secure within the new cloud environments? Are information assets adequately protected as they move around in the cloud? The answer to both is yes— as long as your underlying security architecture has been designed for the cloud. In this session, Rob Livingstone will examine key security considerations surrounding the convergence of hybrid clouds, mobile devices and BYOD, and provide practical guidance on how to identify, mitigate and the key technical and systemic risks in your Cloud journey.
The ‘success trap’ of new, emerging and disruptive technologiesLivingstone Advisory
The adoption of these technologies may provide much value in the short term, however may become a liability at some point down the track. How can you and your organizations insulate yourself against the future adverse consequences of these emerging and disruptive technologies – the so called success trap?
Exploring the opportunities and pitfalls of new and emerging technologies in ...Livingstone Advisory
Presentation delivered at Annual Future of Local Government Summit
Rydges, Melbourne, Thursday 23rd May 2013
This is a variant of the presentation delivered in April 2013 to the Municipal Association of Victoria
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Livingstone Advisory
Making real sense of enterprise Cloud computing in the context of your business is not always a trivial task. The volume, diversity and intensity of opinions on what cloud can do for your organization are relentless, as are the pressures to lower IT costs, speed up implementations, simplify enterprise IT and deliver more value in your own organizations.
Shifting your mission critical systems to the cloud presents a formidable range of challenges for many organizations, least of which the potential loss of control over your disaster recovery capability. Conversely, keeping your enterprise IT systems where you can see them, and using the cloud to manage your backups and disaster recovery may appear to run counter to the prevailing perception that the cloud is the ultimate destination for all IT systems.
In this presentation, Rob Livingstone will be covering off some of the key considerations of disaster recovery planning in the hybrid cloud environment and how, paradoxically, cloud could either be the cause of your disaster or has the potential to save you from one. He will be offering practical insights and tips on how you should approach the cloud when it comes to planning for the worst so that you come out looking your best.
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Livingstone Advisory
The rate of business and societal change fuelled by innovative, emerging and disruptive information technologies is well known, with impacts being felt in almost every facet of life. The forces driving the evolution and adoption of such technologies are complex, diverse and not always well understood. How can organisations predict the consequences of future tech? How should they fortify against the chaos of change while taking advantage of innovation?
This public lecture provides a concise perspective on the implications of emerging technologies and offers practical insights on how many enterprises and individuals survive, and also thrive, in a world of rapid technology-induced change.
The conference will contextualise the changing regulatory landscape, considering the business impact of the GDPR and DPA (2018) and how it is changing policy and process in practice.
When GDPR came into force in May it significantly raised the bar of obligation and accountability, ensuring that all organisations who handle personal data adhere to strict regulations around privacy, security and consent. 6 months on from implementation, the conference will consider how data protection procedure has moved on, with insight from frontline practitioners reflecting on how practices within their organisation have changed.
The event will also provide an update from the regulator; exploring regulatory action policy, decision making for fines and penalties, and clarifying some of the most prominent areas of misconception and non-compliance.
Core conference topics include:
• Key legal issues and obligations
• Data security and encryption
• Privacy Impact Assessments
• Databases, data mapping and classification
• Privacy by design
• Practical strategy implementation
Where worlds collide: Agile, Project Management, Risk and Cloud?Livingstone Advisory
The new CIO is expected to be truly agile, deliver transformational value using new technology based services and have a deep understanding of, and engagement with the business – all whilst managing and mitigating risks. In addition to this, the CIO is also expected to be a ‘business partner’ in the real sense of the word. On top of these factors, Cloud is often seen in the eyes of business as a metaphor for timely change, and a convenient ‘get out of jail’ card in their push to lower IT cost, and collapse IT project lead times.
In this context, ensuring the effective orchestration if the various ‘best practice’ methodologies and frameworks in the areas of agile application development, project management and risk management, all whilst managing the whole ‘Cloud’ discussion is not a trivial task.
In this presentation, Rob Livingstone explores the key systemic and technical risks associated with the concurrent adoption and management of agile application development methodologies, project management, hybrid cloud and mobile devices within the enterprise in today’s volatile environment.
Technology is completely changing the face of financial services, driving disruption, displacement and disintermediation within the sector. This has lowered the barriers to entry, opened the door to new market entrants and created fertile ground for innovation and growth.
These market disruptions have also forged new alliances between start-ups and incumbents, blurring the lines of distinction between finance and technology and creating a wave of cross-sector collaboration.
Fintech 2018 will explore technological innovation across the financial services sector, from developments in established tier-1 firms to the disruptive innovators within the start-up community that are reshaping the FS market.
Core conference topics will include:
• Landscape: Trends, Culture, Trust, Transparency, Geo-political Climate
• Regulation: GDPR, MiFID II, PSD2, Open Banking, APIs
• Customer Strategy: Engagement, UX, Data Insight, Marketing & ML
• Emerging Tech: Blockchain, Analytics, AI, Payments, Automation
• National Strategy: Skills, Funding, Collaboration, Cyber Security
• Infrastructure: IT, Digital, Cloud, Mobile, XaaS
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
A trustmark for the Internet of Things (IoT). An initiative by ThingsCon with support from the Mozilla Foundation.
Learn more at trustabletech.com and thingscon.com.
Presented at ThingsCon Salon Berlin, 17 July 2018.
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoPeter Bihr
Presenting the ThingsCon Trustable Tech Mark at Casa Jasmina's Magic Monday. Torino, 24 September 2018.
Learn more about the ThingsCon Trustable Tech mark at https://thingscon.com/iot-trustmark
Your firm needs to be committed to protecting information assets, including personal data and client documents. As a trusted advisor to our clients, the expectation is that we are aware of threats and are guarding their data. Data privacy and information security are fundamental components of doing business today, no matter how large your firm is.
In this paper we will look at three specific ways of protecting our clients:
1. Protection through our ability to research and improve intellectual capital
2. Protection through policies, procedures and processes
3. Protection by securing client data
As every digital advancement creates a new vector for risk, trust becomes the cornerstone of the digital economy. To gain the trust of individuals, ecosystems, and regulators in the digital economy, businesses must possess strong security and ethics at each stage of the customer journey.
As every digital advancement creates a new vector for risk, trust becomes the cornerstone of the digital economy. Without trust, digital businesses cannot use and share the data that underpins their operations. To gain the trust of individuals, ecosystems, and regulators in the digital economy, businesses must possess strong security and ethics at each stage of the customer journey.
The year 2018 is the year of blockchain applications with several ongoing use-cases coming to realization and the vendor landscape also gained more depth and a better structure after years of press and vendor hype, fueled equally by commercial self-interest and a genuine desire for innovation.
Introduction
What is Innovation?
Sources of Innovation
Cloud Computing and Innovation
Top Five ways to use cloud for innovation
Q/A
What is Innovation? Lets Define
“The process of translating an idea or invention into a good or service that creates value or for which customers will pay.”
Source – BusinessDictionary.com
What type of (smart) city do we want to live in?Peter Bihr
Presentation about better metrics and design principles for smart cities.
NEXT Conference Hamburg, 19 September 2019.
Learn more at https://thewavingcat.com
Internet of Things: Bestandsaufnahme & Spannungsfelder (Uni Dresden, 18. Okt ...Peter Bihr
Präsentation am Masterstudiengang für angewandte Medienforschung über Spannungsfelder rund um Internet der Dinge, künstliche Intelligenz und algorithmische Entscheidungsfindung.
Netzpolitik13: Das Internet der Dinge: Rechte, Regulierung & SpannungsfelderPeter Bihr
Talk für die Konferenz "Das ist Netzpolitik!" (Berlin, 1. September 2017).
Beschreibung:
Vom Hobby-Basteln bis hin zur Smart City: Das Internet of Things (#IoT) hat zunehmend Berührungspunkte mit allen Bereichen unseres Lebens. Aber wer bestimmt was erlaubt ist, was mit unseren Daten passiert, und ob es OK ist, unter die Haube zu gucken? IoT sitzt an der Schnittstelle vieler Technologie-, Governance- und Regulierungsbereiche—und schafft dadurch gleich eine ganze Reihe von Spannungsfeldern.
Fit für die nächsten 20 Jahre - ForecastingPeter Bihr
Cleaned up German version of a client talk about future-proofing the organization, forecasting as a tool, and an eclectic collection of signals with a focus on humans and machines working together.
ThingsCon Amsterdam: A responsible Internet of ThingsPeter Bihr
Keynote for ThingsCon Amsterdam 2016. Learn more about ThingsCon Amsterdam at http://thingscon.nl and more about ThingsCon at http://thingscon.com
Please note: This upload was converted from Keynote to PPT, so there might be layout issues.
IoT Communities & different modes of productionPeter Bihr
For Retune Festival 2016, a quick overview of various modes of production in IoT communities, and an overview of some of the IoT communities I find most interesting and am most fond of.
Speaking about open innovation, especially around Internet of Things and hardware, at the 10th anniversary of Creative Commons Poland: http://creativecommons.pl/10th-anniversary-of-creative-commons-poland/
Torino IoT Meetup at Casa Jasmina, 20 July 2015.
We ended up having a spontaneous conversation instead of using slides, but these were the notes I drafted before the meetup. They give you a hint as to the angle from which I approached the topic of ethics, policies and interfaces in IoT and smart homes.
Brief talk about the state of IoT and Wearables, and designing connected services for humans rather than just slapping screens on our wrists.
IXDS Pre-Work Talk, Dec 9, 2014 at IXDS Berlin.
Tokyo Samurai Startup Island: Berlin as a hardware startup hub for EuropePeter Bihr
Berlin Night @ Toyko
My presentation as part of a delegation of Berlin technologists and startups to Tokyo.
Presented at Samurai Startup Island, June 2, 2014: http://everevo.com/event/10976
IoT in Berlin: Berlin Innovation Meetup @ Recruit Technologies TokyoPeter Bihr
A presentation about the potential of a talent exchange between Japan and Germany for the IoT scene at the Berlin Innovation Meetup at Recruit Technologies Tokyo:
http://atl.recruit-tech.co.jp/berlin_meetup/
O'Reilly Solid: What Can IoT Entrepreneurs and the Mittelstand Learn from Eac...Peter Bihr
At O'Reilly Solid (http://solidcon.com) I gave a talk exploring one questions: What Can IoT Entrepreneurs and the Mittelstand Learn from Each Other?(http://solidcon.com/solid2014/public/schedule/detail/33139).
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Communications Mining Series - Zero to Hero - Session 1
Towards a Trustmark for IoT (30 May 2018)
1. Fostering the creation of a responsible &
human-centric Internet of Things
Towards a Trustmark for IoT
2. A Trustmark for IoT
- Draſt, May 2018 -
Peter Bihr / ThingsCon
This work is created as part of a Mozilla Fellowship.
Unless otherwise noted, Creative Commons BY-SA 4.0.
Please note that this is early stage concept draſt and a
work in progress.
4. Peter Bihr
The Waving Cat: Managing Director
Research, strategy, foresight for commercial, governmental
& non-profit organizations.
ThingsCon: Co-founder, Chairman
A global community of IoT practitioners with the mission to
foster the creation of a responsible & human-centric IoT.
Mozilla: Fellow
As a Mozilla IoT Fellow, I’ll be developing a trustmark for IoT.
The prototype will focus on voice-enabled IoT.
Contact
Email: peter@thewavingcat.com
Twitter: @peterbihr
Web: thingscon.com
Web: thewavingcat.com
Web: peterbihr.com
5. A Trustmark for IoT
I co-founded the ThingsCon network to explore how
to create IoT products responsibly.
This, and the research that led to our research report
for Mozilla (“A Trustmark for IoT”), led me to pursue
this project—within the ThingsCon network and with
support from Mozilla through a Mozilla IoT Fellowship.
Please note: This project is supported by but
independent from Mozilla—I do not speak for Mozilla.
Read the report at
thingscon.com/iot-trustmark
6. For a human-centric & responsible
Internet of Things
A global community & event platform by and for IoT practitioners
thingscon.com
7. Our theory of change:
Change is made through better
day-to-day decisions
8. IoT - an overview & why we need a trustmark
TL;DR: The Internet of Things increasingly touches all
aspects of our lives, but mostly it consists of black
boxes. We need to make sure that we can trust them.
Note: The next few slides will elaborate on this. If you’re
familiar with IoT, feel free to skip to the next section.
9. Source: Flickr / The Waving Cat (CC BY)
The term Internet of Things (IoT) covers a wide
field of applications
10. Images: Stephen di Donato (Unsplash), Andrew Welch (Unsplash)
Connected
Home
Smart
City
Two areas that manifest underlying issues of IoT
Challenges our traditional
notions of privacy*
* In the West, in the last 150 years or so
In public space, there is no
opt-out (of data collection,
urban analytics, etc.)
11. IoT lacks transparency
The Internet of Things with its dizzying array of connected products
and services is hard to navigate.
Consumers have little insight into how any one connected
product works, what it even might be capable of, or if the
company employs good, responsible data practices.
This is not an oversight on the consumers' side: We lack the tools
to find out.
12. Quelle: The Waving Cat (CC BY)
A simple litmus test: 4 questions
that we should be able to answer
for every connected device.
But for connected products, these
are very hard questions to answer.
13. We need to model
less for efficiency
and more for
resilience.
One part of that is
increasing
transparency of
connected
systems.
Photo: Peter Bi hr (CC BY-NC-SA)
15. Methodological notes
This trustmark concept is based on three main pillars:
The values we believe in and promote within ThingsCon, namely the creation
of a responsible IoT, respect for users and their privacy and other rights,
inclusivity and diversity, and openness.
The research we published with the 2017 report “A Trustmark for IoT” of
existing approaches to consumer protection labels, trustmarks, and certifications.
Conversations within the ThingsCon community of IoT practitioners, as well as
throughout the industry in my other role as managing director of a research &
strategy firm.
16. Goals
The trustmark we’re proposing is aspirational and aims to raise
the bar at the top of the pyramid: This is modeled not just to
filter out crap but to raise the overall bar of the conversation, and
to show that IoT can be done respectfully & responsibly.
Let me be clear: This is a work driven by values, not
pragmatism—because I believe this needs to exist in order to get
to a better IoT, and a better society.
We believe that good ethics are good for business. This is
also the angle we’ll take when pitching the trustmark to potential
industry partners.
Read my first thoughts on the
trustmark on medium.com
17. Characteristics
The trustmark should be
• meaningful: No astroturfing. If a product carries the
trustmark, it needs to be trustworthy.
• hard to earn: Only the best, most trustworthy
products and organizations should be able to carry
it.
• easy to apply: The documentation for the trustmark
should be easy, lightweight, and free. Also, it should
be aligned with the product development process.
18. thingscon.com/iot-trustmark
Early feedback & successes
Our 2017 trustmark research has received great
feedback and reach.
Among other things it was quoted extensively in Brazil’s
National IoT Plan.
Now we want to put our research into action.
19. (A note on how to read this document)
In some slides you’ll find a lock item in the corner.
The closed lock means this part is locked in (within reason).
The open lock means this part is still under discussion.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
20. Why?
To recap, we need a trustmark for IoT…
• to empower consumers to make informed decisions.
• to allow for responsible organizations to clearly communicate
their commitment to a higher standard.
21. Why should we sign up?
As an company that makes connected products, why should we adopt the
trustmark?
• This trustmark aims to highlight the work of the most responsible companies
and to clearly communicate their commitment to a higher standard.
• The trustmark increases consumer trust. It is for a highly selective group of
companies that go the extra mile to earn their customers’ trust is committed to
exemplary levels of transparency, openness and responsibility.
• As a secondary effect, the trustmark will attract talent: We believe that only
the best companies attract the best talent, and strong vision & values are a key
aspect.
22. What
We’re proposing a trustmark for IoT that increases transparency and empowers
consumers to make better decisions. This trustmark…
• evaluates 5 key dimensions
• is pledge-based
• builds on verification through publicly available documentation
• (mostly) decentralized
It takes a holistic approach that goes beyond just the device and includes
procedural and organizational aspects. The prototype phase will focus on voice-
enabled IoT (smart speakers, etc.)
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
23. Dimensions
The trustmark evaluates compliance with 5 dimensions that we
identified in our initial research* as most crucial for consumers:
• Privacy & Data Practices
• Transparency
• Security
• Openness
• Stability
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
*See A Trustmark for IoT (2017), p. 56
24. Pledge-based
The trustmark is pledge-based, i.e. based on voluntary commitment & self-
reported information. It is a type of self-certification.
Why?
• To gain critical mass, lightweight and easy-to-adopt beats hard verification.
• As a rule of thumb, (more costly) certification based on third-party audits tend
to provide higher credibility, but we believe that our approach of transparency
through documentation offers both carrot (USP) and stick (public shaming).
• Certification requires a level of centralization we aim to avoid. (Exception: We
might need a governing body of sorts at a later stage.)
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
25. Verification through documentation
The trustmark should convey at a glance the level of trustworthiness and allow to get more
detailed information to back this up. The approach of "self-assessed but verifiable" opens up
trustmark-carrying products to public scrutiny in a similar way that open source software can be
peer reviewed.
Compliance with the trustmark is proven by providing publicly available documentation to answer (in
a structured way) the questions that determine a product's compliance. A company is required to make
this information available and easily accessible/findable on their website (/iot-trustmark or
comparable, details TBD).
Why?
• While we cannot enforce that all information provided this way is accurate, the stick (scrutiny and risk
of public shaming/campaigning) outweighs the advantages of faking compliance.
• In the meantime it's significantly easier, cheaper, and quicker to provide this kind of documentation
over an external audit.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
26. Decentralized
The documentation and pledge based approach also means the
trustmark is largely decentralized: Application to and of this trustmark
is done by each company independently from a centralized
authority. (We are looking into options to make this legally binding
through a licensing model.)
Applying the trustmark will always be free of charge.
Eventually we’ll need a governance system. For the purposes of
prototyping, I’ll be making final decisions based on input from
research, workshops, and the ThingsCon network in particular.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
27. The foundations of an ecosystem
The knowledge encoded in this trustmark—through documentation,
etc.—serves as the foundation of what we hope to be a larger
ecosystem.
The trustmark documentation shall be provided in a standardized form
to allow for third parties to offer services on top of this foundation,
like editorials, ratings & reviews.
Note: This is our goal; year 1 serves to learn and prototype, and to
develop the concept to a stage of maturity that gets this launch-ready.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
28. Elements of a Trustmark Ecosystem
Icons from The Noun Project (CC BY): Lock by Ralf Schmitzer, Checklist by Arafat Uddin,
Checkmark by Beth Bolton, Conversation by Chameleon Design, API by Emily van den Heever
Self-evaluation tool
• Business-facing
• In-depth
Trustmark readiness
• Advisory services
to get companies
compliance-ready
• B2B
Trustmark
• Consumer-facing
• Top-level
Out of scope (3rd parties) In scope (project core)
3rd party services
• Consumer or
business facing
• Enabled by open
licensing &
standardized
format
Out of scope (3rd parties)
29. Elements of a Trustmark Ecosystem
Self-evaluation toolTrustmark readiness Trustmark
• Doubles to assess readiness
and to verify compliance
• Internal use only until passed
• Once passed, the trustmark
can be used and the
evaluation is published
• 3rd party advisory
services like security
consultancy
• Non-public / between
companies and their
advisors
• Consumer-facing trustmark
is glanceable
• Underlying assessment
(results of self-evaluation
tool) is available online
Icons from The Noun Project (CC BY): Lock by Ralf Schmitzer, Checklist by Arafat Uddin,
Checkmark by Beth Bolton, Conversation by Chameleon Design, API by Emily van den Heever
3rd party services
• Open licensing of the self-
assessments enable 3rd
party services (analysis,
rankings, etc.)
Out of scope (3rd parties) In scope (project core) Out of scope (3rd parties)
30. How
We plan the trustmark to evaluate a
product’s compliance through a
scorecard or checklist of questions to
be answered and documents to be
provided.
Each of them feeds into one of the five
dimensions: 5 dimensions x 5
compliance points for a possible total
of 25 points.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
31. Inputs, processes, outputs
The trustmark will evaluate a mix of
• Inputs: What goes into making a product?
In the textile world, Bluesign is a trustmark that demonstrates that an
apparel manufacturer uses sustainable, eco-friendly materials
• Processes: How is a product made?
Fairtrade with their strong focus on sustainable farming practices and
good labor conditions
• Outputs: What is the product like when it’s finished?
CE certification confirms that the final product fulfills certain EU quality
and safety requirements
32. Format & Examples
We’re drafting the checklist of questions to answer, and documents to provide to pass
the trustmark. We expect a mix of types of input:
• First-party indicators, i.e. questions answered directly by the company. For example,
“Do you follow Security by Design best practices? Please elaborate.” or “Do you have
a business model in place that carries you beyond investments? Please elaborate.”
• Third-party certifications and standards can serve as an indicator of quality. For
example, if a company open-sources their hardware according to OSHWA’s
guidelines, this might count into the openness score. If a product is GDPR compatible
(and hence guarantees data portability as well as privacy by design) this might count
into the privacy score..
Some of this will be fuzzy. We’ll be prototyping how to allow for that.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
33. Format & Examples
The format for the checklist is standardized as checkbox [Yes/No/Not
Applicable) plus a text field to elaborate. If the answer is Yes or Not Applicable
then the text field must be filled in. (No always means 0 points.)
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
The evolving checklist is available for review and input (via comments) here.
Some example questions. This checklist partially builds on the “Open #iotmark principles” (iotmark.org, CC BY-SA 4.0).
34. Format & Examples
This is a deep dive into the product and how its made, and it
requires a high willingness to open up and be transparent.
But all questions inquire into aspects the product team needs to
consider anyway, and this isa good opportunity to be explicit about the
decisions that go into making the product.
While undergoing the trustmark process means some extra work, it is
work that is very closely aligned with the product development process.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
35. Scoring
The passing requirements are to
fulfill two conditions:
• No complete FAIL (0 points) in any
dimension
• At least 20/25 points total
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
36. Example
This examples FAILS the test:
• It does not score 20/25 points.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
37. Example
This examples FAILS the test:
• A complete failure (0 points) in one
dimension (Security).
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
38. Example
This examples PASSES the test:
• It scores 20/25 points total.
• No dimension fails (0 points)
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
39. Example
This examples PASSES the test:
• It scores >20/25 points total.
• No dimension fails (0 points)
Note: It’s still up for debate if the requirement is
• “≥20/25” or
• “minimum 4/5 per dimension”
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
40. Open questions & next steps
• What aspects need to be evaluated through the checklist/
questionnaire (template for documentation)?
• How can we make a pledge legally binding?
• Gather feedback, run prototyping sessions, and fine-tune the
concept.
41. Mood Board
What could the trustmark look like, and how can it communicate
levels of trustworthiness effectively? Some examples from other
projects we liked in our research:
FCC: Broadband
(all rights reserved)
Creative Commons licensing
Bihr/Thorne: Privacy Icons
(CC BY-NC)
Beyond IO: Washing instructions for IoT
(all rights reserved) Adryan: Data Labels
(all rights reserved)
42. Pathways to partnerships & participation
This is a project in an early stage. We’re looking in a number of areas.
Particularly we’re looking for…
• academic partners to accompany the development of this trustmark
• bold commercial partners to help us prototype our requirements list
against their existing or upcoming products
• non-profit and media partners who can help us understand what
they need in order to build third-party offerings on top of a trustmark
Please get in touch if you’d like to get involved.
43. Thank you.
The Waving Cat GmbH
Twitter @thewavingcat
Web thewavingcat.com
Peter Bihr
Twitter @peterbihr
Email peter@thewavingcat.com
Contact ThingsCon
Twitter @thingscon
Web thingscon.com
44. FAQ
Some questions that have been coming up frequently:
• Why isn’t sustainability and manufacturing conditions a larger part of this?
Sustainability is out of scope because it’s not our core area of expertise. We
believe others can tackle this issue more effectively.
• Is this trustmark Mozilla endorsed? Mozilla supports the independent
development of the trustmark under the ThingsCon umbrella by inviting Peter
Bihr to be a Mozilla Fellow.
• How is this different from certification or trustmark initiative XYZ and how do you
position your efforts in relation to it? We believe in diverse voices, and are open
for collaborations. That said, we don’t believe any organization (including
ourselves) has solved this yet.