‘Where in the World is Peter Carlisle’: Around the world in 20 days (special edition)

‘Where in the World is Peter Carlisle’: Around the world in 20 days (special edition)

nCipher: So what is this all about?

PC: In October 2019, we attempted something ambitious. We set out to run three channel partner conferences back-to-back covering our three major world-wide territories. The branding and the core content needed to be the same and the partner experience needed to be consistent. However, we had to leave enough space to allow for a regional flavour at each event.

The venues were:

EMEA: Amsterdam – APAC: Ho Chi Minh City – AMS: New Orleans

We chose venues based on accessibility for international travellers, choice of cultural activities and availability of suitable venues for the various aspects of the event.

Here are some of the headlines in terms of what we had to deliver across 12 days and on three continents:

  • We hosted 400 delegates from 55 countries and needed to help procure 108 visas for travel
  • We needed 1378 hotel nights for our guests who nibbled over 2500 canapés and ate over 3000 meals.
  • There were 35 main stage presentations, 102 workshops and 67 awards and prizes given out.

nCipher: Sounds complicated and a lot of work – why would you do this?

PC: Well, the channel is vital to the success of the nCipher business. You could say it is our life blood. All of our business in EMEA and APAC is done in partnership with the channel and over half of our AMS business is too. nCipher sells into 153 countries world-wide and we need the channel for their local relationships, cultural and local knowledge, export and import skills, regulatory compliance and language abilities. No matter how big I grow my sales team, I can never replicate the amazing network our channel brings to us.

nCipher: But did you have to do them all so close together?

PC: We wanted to do that so that the messaging could be 100% consistent at all three events in terms of company updates, product roadmaps, industry news and so forth.

nCipher: What makes a good channel partner conference?

PC: As someone once said - long after people have forgotten what you said or what you did, they will remember how you made them feel. A good conference needs to create a feeling of positivity that will survive in the delegate’s minds long after they have returned to their day jobs.. In order to achieve this we focus on a few key deliverables: education, motivation, information and appreciation.

Getting that balance right means a lot of focus on honing the agenda so that it covers all of those areas. I have attended many events where I felt the balance was wrong and the opportunity to connect with the attendees got lost. A good event needs to flow and move along at a lively pace. No session should outstay its welcome and there needs to be variety to keep the delegates engaged. We move regularly from larger main stage sessions to smaller workshop sessions as that helps to keep energy levels up.

Messaging needs to be clear and any slideware highly visual. We are, after all, dealing with a wide range of nationalities at our events and English is not everyone’s first language. There also need to be plenty of breaks to allow people to digest what they have heard, but also to network, as all of the side conversations that take place at conferences are some of the most valuable parts of the puzzle as people get to know each other and develop real relationships.

nCipher: Seems like there’s a lot of moving parts to think about. What else do you have to consider?

PC: The nCipher team needs to be visible and accessible to the delegates throughout the event. I believe that our openness and transparency as a leadership team is a key strength and we can really focus on that by networking, running feedback sessions and giving our time to the partners throughout the event.

Finally, and not to be underestimated, is a bit of showbiz glitz. A slick event with high quality audio visuals, great sound and lighting, and professional set design will help to hold the audience in a really effective way. People respond well to the fact that the event team has clearly thought about the delegate experience and made an effort to deliver an enjoyable event. A good conference should not have to be “endured”.

nCipher: So what was on the agenda across the events?

PC: There were plenary sessions on all of the “big picture” topics, company strategy, the Entrust Datacard business, product roadmap, partner program and so forth. Then, we had multiple workshops getting into the details of our use cases and discussing how to engage effectively in the marketplace. Finally, we had a “Tech Expo” area supported by a number of nCipher technology partners, an awards dinner and the chance to participate in some local cultural activities before heading home.

nCipher: How do you ensure that everything works? There is clearly a lot that could go wrong!

PC: Planning and attention to detail are critical. Firstly, I would never host an event at a venue that I have not visited personally along with the core event team. You need to meet the hotel management, walk the floor, check the bedrooms and be comfortable that you really know the venue. Then, it’s about storyboarding the delegate experience and making sure every element is covered. This includes pre-event travel support, understanding special requirements, clear direction and signage throughout the event and the right quality of catering and entertainment.

nCipher: Speaking of catering and entertainment, how did you entertain guests in each location??

PC: We really worked on this aspect to give our partners in each venue a night to remember.

In Amsterdam we took over a 15th century landmark in the city centre for a wonderful candlelit dinner. We also hosted the daytime sessions in a beautiful 17th century domed former church so the historical element of one of Europe’s great cities really came to the fore.

In Ho Chi Minh City we took our partners down the Saigon River to a beautiful outdoor location lit with hundreds of bamboo lanterns for a night of traditional Vietnamese food and entertainment.

New Orleans led us to having the street closed by the police while we walked behind a band and a group of stilt-walkers to the banks of the Mississippi where we boarded a traditional paddle steamer for a dinner cruise with live jazz along with tarot readings on the lower deck. We were also in town over Halloween, which was highly entertaining!

All very much of their place and all highly memorable.

nCipher: There must have been a lot of travel for you and the nCipher team?

PC. My own October agenda involved nine flights covering close to 30,000 miles. I touched down in Qatar, Vietnam, Japan and the US before getting back to the UK. Many of the team had similarly complex journeys to manage but no-one missed a single day!

nCipher: Have you received feedback from the partners?

PC: We are still collecting feedback, but, with over 100 surveys received so far we are scoring 4.9 out of 5 across the board on all aspects of the events, which I’m pretty happy with.

nCipher: Traditionally, we always close these sessions with a question about whether you have been inspired to write a song for your Blues band. Well?

PC: Oh yes! “Halloween on Bourbon Street” has already taken shape and will feature in our rehearsal sessions next month!

If you’d like to learn even more about Peter, please visit his LinkedIn page. If you’d like to learn more about nCipher, please follow the company on Twitter, LinkedIn, and Facebook.

How cloud migration trends translate to HSM in the cloud

How cloud migration trends translate to HSM in the cloud

Jim DeLorenzo | Solutions Marketing Manager More About This Author >

The public cloud big bang

Since cloud computing was introduced around the turn of the century its use has exploded. Consider a few illuminating data points from two recent reports about cloud computing trends:

  • 91% of enterprises now use public cloud
  • 84% of enterprises have a multi-cloud strategy
  • Further, an estimated 83% of enterprise workloads will run in the cloud by 2020

It’s also notable that between 2018 and 2020 the fastest growing trends or factors driving public cloud adoption are artificial intelligence/machine learning (16% growth) and the Internet of Things (13% growth). Cloud computing has clearly matured beyond merely digitizing traditional ways of doing business and is now foundational to new use cases.

More cloud workloads = more security requirements

With many organizations taking a cloud-first – or even cloud-only – approach for their workloads, the need for stringent security strategies is more critical than ever. Indeed, the biggest challenge for organizations using public cloud is security. Cloud workloads deserve the same levels of security planning and design as is given to on-premises computing and storage.

How cloud migration trends translate to HSM in the cloud

However, some aspects of the security stack have traditionally functioned best on-premises, including hardware security modules. HSMs are central to an enterprise’s security as they protect critical keys and cryptographic material, but because they have traditionally been housed within the organization’s data center, connecting them with cloud-based applications and services has been challenging. Until now.

HSM as a Service – across any cloud

nCipher’s nShield as a Service delivers a cloud-native, subscription-based solution to these challenges. Instead of acquiring and maintaining physical devices, nShield as a Service customers are able to generate, access and protect their cryptographic key material, separately from sensitive data, using dedicated FIPS 140-2 Level 3-certified nShield Connect HSMs. Critically, this solution also provides a secure execution capability that allows developers to run sensitive code within the HSM’s boundaries, whether that’s business logic associated with banking, smart metering, digital signatures or custom encryption processes.

Because nShield as a Service is cloud-agnostic, customers can continue with their multi-cloud strategies with the peace of mind that if they want to move data or workloads from one cloud to another, their encryption keys are not locked into a particular cloud provider’s HSM. nShield as a Service customers own and maintain full control over their keys at all times.

As organizations continue to move beyond proofs of concept with artificial intelligence, machine learning and IoT projects, more and more sensitive data and intellectual property will come into play. Anytime that encryption is required to protect this information, nShield as a Service provides easy, efficient access to cryptography as a service.

For more information about nShield as a Service, please visit nCipher’s dedicated landing page. You can also follow the company on Twitter, LinkedIn, and Facebook.

Personal data privacy is an urgent topic today – and the spotlight on this will only get brighter in 2020

Personal data privacy is an urgent topic today – and the spotlight on this will only get brighter in 2020

Cindy Provin | SVP Entrust Datacard and General Manager, nCipher Security More About This Author >

It’s October. That means it’s National Cybersecurity Awareness Month, which emphasizes personal accountability and the importance of taking proactive steps to enhance cybersecurity at home and in the workplace. This year’s theme – Own IT. Secure IT. Protect IT. – puts the focus on topics such as citizen privacy, consumer devices and ecommerce security.

To protect their privacy and security, individuals need to understand their rights and recourses. That is a challenge in today’s dynamic technology and regulatory environments.

The good news is that individuals are gaining more control over the ownership of their data. And that will enable people to take a more active role in protecting their privacy.

GDPR set the stage for legislation in the U.S.

The General Data Protection Regulation is the most high-profile development on the personal data front. GDPR, which took effect in May of 2018, gives European Union residents more control of their personal data. Under GDPR, businesses:

  • can only collect data required for the efforts to which people have agreed
  • must explain why they collect the data that they do
  • have to disclose with which other organizations they share users’ personal data
  • are required to alert EU residents within 72 hours of a breach impacting their data
  • need to correct, delete and/or provide lists of their data at their customers’ request

GDPR – and the Equifax breach and the Facebook-Cambridge Analytical scandal – have prompted legislators and regulators elsewhere on the planet to address cybersecurity and personal data privacy, too. The California Consumer Privacy Act was one of the new regulations that emerged as a result.

California’s new consumer privacy act is nearly here

This ground-breaking law takes effect Jan. 1, 2020.

It applies to academic, biometric, employment, geolocation and internet browsing data. It also impacts data indicating what products individuals have looked at or purchased, as well as inferences drawn to create personal profiles indicating preferences.

The CCPA will:

  • give California residents the right to demand that companies disclose what personal data they have collected about them
  • enable Golden State consumers to ask companies to delete their personal data
  • allow individuals there to forbid companies to share personal data with third parties
  • The CCPA applies to companies that do business in California. That includes companies with more than $25 million in gross revenue, businesses with data on more than 50,000 consumers and firms that make more than half of their revenue selling consumer data. It also covers out-of-state merchants that sell to California residents or display a website in the state.

    How cloud migration trends translate to HSM in the cloud

    Some law and privacy experts actually expect CCPA to have the effect of a national law. Their thinking is that this will happen by default because companies will find it easier to apply CCPA nationwide than to create separate systems for compliance.

    There’s also a push for a national personal data privacy law

    That notion, and the fact that other states might follow suit, greatly concerns companies whose fortunes are tied to personal digital data.

    Many technology organizations have lobbied aggressively for the creation of a federal privacy law.

    Ernesto Falcon, legislative counsel at the Electronic Frontier Foundation, commented: “It’s clear that the strategy here is to neuter California for something much weaker on the federal level. The companies are afraid of California because it sets the bar for other states.”

    How this will all ultimately play out remains to be seen. But at least one report suggests it’s unlikely a federal privacy bill aimed at preempting state law like the CCPA will come before Congress this year. Meanwhile, CCPA appears on track to take effect at the beginning of the new year. And at least one thing is for certain: Cybersecurity and personal data privacy remain in the spotlight well beyond National Cybersecurity Awareness Month and into the year ahead.

    Visit our website to learn how nCipher Security can help protect valuable data. You can also follow the company on Twitter, LinkedIn, and Facebook.

The evolution of how we think about and approach privacy and security

The evolution of how we think about and approach privacy and security

Peter Galvin | Chief Strategy Officer More About This Author >

Lock the door. Shut the windows.

Close the blinds. Draw the curtains.

Never invite a stranger into the house.

These are some of the rules of privacy and security many of us learned when we were young.

Things were so simple then

Those were simpler times, when protecting the physical perimeters of our homes went a long way toward safeguarding our personal privacy and security.

My, how times have changed.

Today, safeguarding our privacy and security is very different and much more challenging.

Protecting our privacy and security in this day and age entails addressing not just the physical world but also the digital one. In this world, “no trespassing” takes on a whole new meaning.

Our connected world opens the door to new threats

The evolution of how we think about and approach privacy and security

IDC projects there will be 41.6 billion connected IoT devices by 2025. But, as we all know, connected devices are already commonly found in today’s homes.

In Europe, the average household has an average of 14 smart devices. It’s even higher here in the U.S., at 17 smart devices per household. These connected devices typically include computers, kitchen appliances, security cameras, smart TVs, and smartphones.

Security camera systems are the most often hacked connected home devices. You’ve probably heard some of the stories. For example, last year news reports surfaced about someone hacking a Wi-Fi-connected Nest camera in an infant’s bedroom. The boy’s parents awoke one night to a stranger’s voice using “sexual expletives” and threatening to kidnap the baby.

But it’s not just hackers who are infiltrating our homes and privacy via digital devices. Sometimes the companies that sell and supply those devices are, too.

Personal privacy is also at risk

We recently learned that Amazon Echo and Google Home devices – and, in turn, Amazon and Google employees – were listening to users of these devices. And they were not necessarily listening only when their owners wanted them to.

Smart TV manufacturers also have gotten caught with their hands in the virtual cookie jar. For example, in 2017 Vizio ran afoul of state and federal regulators for collecting viewing data without users’ knowledge or consent.

In covering this news, Consumer Reports informed readers that companies need permission before collecting their viewing data. And it mentioned that people can decline that permission while setting up their smart TVs. But, it added, those individuals will need to read each set-up screen carefully rather than just clicking OK to all privacy policies and user agreements.

Individuals need to play a more active role

This advice from Consumer Reports highlights the fact that individuals today need to work harder to safeguard their own privacy and security.

Individuals can do that both by reading the fine print and seeking out connected solutions that employ authentication technology and encryption.

Consumers and their equipment and services suppliers need to work together to ensure that their homes, families and data are secure and have the privacy they want and expect.

Visit our website to learn how nCipher secures critical data. You can also follow us on TwitterLinkedIn, and Facebook.

Where’s the ROI in security?

Where’s the ROI in security?

Brad Beutlich More About This Author >

Most companies cannot do much without someone asking, “What’s the return on investment for this purchase?” Those of us concerned about security are often trapped by this question. Some of us lie and come up with some elaborate formula that calculates the ROI, others simply throw up their hands and privately say “if there’s a breach, don’t blame me: I told them this would happen.” Both responses are irresponsible.

Finding the ROI in security is like predicting an earthquake. Earlier in my security career, I was asked to work on a security project and to sign an agreement that stated that my work would be “hacker proof.” The company was adamant about including this phrase in their contract. I really wanted the job but I wasn’t about to say that my work or any work was “hacker proof.” After much reflection, I told the company’s agent that I would sign the contract immediately after he purchased me a waterproof watch. With a certain sense of glee, the agent thought he trapped me only to find that every advertised waterproof watch had a disclaimer that they were waterproof to a certain depth. In other words, they were all water “resistant.” In the end, the “hacker proof” language was removed.

Security isn’t like other purchases or other contractual obligations. Security should be in a unique category.

Everyone at one time or another has left their house or their car unlocked. During that time, chances are that you weren’t robbed. The problem with any type of security, physical or logical, is that there’s no guarantee that you’ll be robbed in the absence of any security nor is there a guarantee that your security measures will have thwarted a robbery attempt. In the end, wisely spending money on security is like life insurance: it’s the right thing to do.

Think about life insurance. An individual spends money on themselves that doesn’t directly benefit them. A company’s security spending is the same. Outside of the loss of reputation due to a security breach, a company’s security spending doesn’t benefit them; rather it benefits their customers. Where would companies be without customers?

Now, of course there’s a limit on the amount of money you can spend on anything. Rarely, however, have I ever seen a company spend more money than is necessary on security – but I have seen companies spend money foolishly on security. To calculate how much a company should spend on security, they should estimate a breach’s implications, which include the loss in corporate value plus the money they will spend to recover from the breach. I find it rather humorous that a company that cannot find the budget dollars for a specific security initiative will not think twice about spending almost anything to recover from an unexpected breach. There’s an old adage, “you’ll spend whatever it takes the second time.”

This brings me to my final point, the next time you’re at the RSA show in San Francisco or the Black Hat show in Las Vegas, while you’re walking the exhibitor floor, stop, look around, and notice how many companies are selling perimeter security solutions. You will find that most of the largest companies at these events are selling perimeter security or endpoint security. To my previous point about wisely spending your security budgets, companies are still spending an exorbitant amount of money in a misguided attempt to stop the bad actors from getting into their networks. It’s not working. Make it a point of researching every security breach that is publicized in the future. All of them will be perimeter breaches. All of the historic breaches have been as well. A company’s perimeter is far too complicated to properly secure. A company might not know this but I guarantee you that the hackers do.

I’ve made it a personal mission to understand why companies spend so much time and money trying to protect their perimeters. After years of extensive research, I’ve concluded there’s no logical reason. It’s in our DNA to build walls around things that we value. For thousands of years, our ancestors have built walls and obstacles to prevent their enemies from causing harm to their citizens or stealing their treasure. The reality is that for thousands of years, all assets have been physical. It’s really been only 70 years or so that business assets have been intangible.

Let’s put this into perspective: Recorded history is approximately 5,000 years old. For 99% of this time, we’ve had to protect physical assets. For only 1% of the time, we’ve had to worry about intangible assets. If this doesn’t affect our DNA, I don’t know what does.

Companies should finally realize that no matter how complicated or secure they think their perimeter is, it will be breached. Taking a security posture that assumes a breach will occur and that there’s nothing they can do to stop it is the posture that reflects the reality of the world today. Based on the excessive amount of money companies are spending building walls, the reality is that a company could move some of its perimeter security budget to internal protection initiatives without asking for much more unanticipated IT expenditures. In turn, this would actually create a real return on their investment by protecting customer data. ROI and happy customers? That’s a win.

Visit our website to learn how nCipher Security can help protect valuable data. You can also follow the company on Twitter, LinkedIn, and Facebook.

What entertainment gets right and wrong about security

What entertainment gets right and wrong about security

Cindy Provin | SVP Entrust Datacard and General Manager, nCipher Security More About This Author >

The 2019-2020 TV season has begun. And fans of the most hotly anticipated tech-related programs are gearing up to enjoy new episodes.

As you may already know, USA Network’s Mr. Robot premieres Oct. 6. And HBO’s Silicon Valley begins its sixth and final season Oct. 27.

Such tech-focused shows have recently captured our imaginations with what technology can do and where it might be going. Movies have, too.

The big picture

Tech plays a starring role even in movies in which IT is not the focus, such as Ocean’s 8, with an all-star cast featuring Cate Blanchett, Sandra Bullock, Anne Hathaway and Rihanna, and The Hunger Games trilogy with Jennifer Lawrence.

answering the need

People at tech conferences still regularly reference the 2002 Tom Cruise movie Minority Report. Other Hollywood actors, like Harrison Ford, Robert Redford and Will Smith, starred in the respective tech movies Firewall, Sneakers and I, Robot several years ago.

Back in 1983, a young Matthew Broderick played a high school student who unwittingly accesses a NORAD computer and nearly launches World War III. That movie, War Games, is a family favorite. For many of us, it’s one of the earliest tech movies we can remember.

But, in fact, IT has been a popular theme in Hollywood for even longer than that. Back in 1969, Kurt Russell starred in The Computer Wore Tennis Shoes.

This movie tells the story of a young man who gets shocked while fixing a computer during an electrical storm. His brain fuses with that of the computer, and he becomes a genius.

What a difference 50 years makes.

Virtual reality

The entertainment industry has gotten much better at getting us to suspend our disbelief when it comes to tech tales.

PC Mag notes that the show Mr. Robot “goes out of its way to use real-life hacking tools like Kali Linux and a lot of legit command prompt action.”

Even the goofy show Silicon Valley has lots of real-life references. For example, one episode has Pied Piper presenting at the real-life event TechCrunch Disrupt. The Weissman Score compression metric that the makers of HBO’s Silicon Valley introduced to TV viewers has even made its way into the real world.

But not actual reality

While many shows and movies employ technology to tell their stories, it’s important to remember that these are tales, not fact. They’re fiction.

I mention this not to spoil the fun. I enjoy a lot of these shows and movies myself.

However, in TV and film, the heroes frequently manage to fix everything. That’s not how it works in the real world – particularly when we’re talking about cybersecurity.

Rather than the star of the show managing to fix everything, cybersecurity is a team effort. It requires the buy-in, collaboration and participation of a variety of stakeholders. That includes the CEO, CIO, CISO, CTO and other business leaders, managers and players through the organization and business ecosystem.

If there were an Academy Awards category for the best cybersecurity approach, it wouldn’t be a single actor or actress running onstage to collect the little gold man. Instead, it would be one of those situations in which a large group gathers at the podium and gets played off before everybody has a chance to thank the Academy, their parents and their kids watching at home.

Please click here to learn more about nCipher. You can also follow us on Twitter, LinkedIn, and Facebook.

Subscribe to
Want to be part of our team? Explore
Get in contact with a specialist Contact Us