Risky business

Kim imageThe world loves a bogeyman.  And Kim Jong Un certainly fits the bill. But the fallout from the alleged hacking of Sony by North Korea has revealed much about how governments, corporations and individuals view the subject of risk.

Certainly emails have been swiped, to the intense annoyance or schadenfreude-tinged fascination of participants in, and fans of, the movie industry. After that the story gets more speculative and interesting. Online statements threatening movie-goers by the previously unheard-of Guardians of Peace, suggesting “remember the 11th of September 2001”, “we recommend you to keep yourself distant from the places at that time (sic)”, and “if your house is nearby you’d better leave” suggest the ability to cause mass destruction and terror.  But to believe the demonstration of email hacking should unquestionably lead to an acceptance that the subsequent threats are credible suggests that Sony do not understand how to think about risk, threat and probability.

The chance of an event – good or bad – occurring, is a constantly shifting dynamic.  A gloomy scenario more readily explains this melting pot.  For a bad event to be realised three things need to align: an ability and intent on the part of an adversary to create mischief and an opportunity accorded to that adversary.  An understanding of these variables produces the threat.  But this is still no guarantor of an event happening; mitigating strategies employed by those at risk must be considered.  These vary from simply hoping things won’t go wrong, to making the issue somebody else’s problem (by, say, taking out insurance), through to taking steps to reduce or even eradicate the chances of a bad event occurring. (These four T’s are collectively known in the risk management business as tolerate, transfer, treat and terminate.) Pulling down metal shutters on shop fronts eradicates the possibility of a smashed window, for example.  It is, therefore, a strong mitigation measure, terminating the threat from brick-toting thugs. Alternatively, using only the letter ‘z’ as a computer password (as one former editor of an international newspaper did) is a poor mitigation strategy, as it treats to a minimal degree only the issue of computer security.

Taken together, the variables of the adversary’s choosing (capability, intent and opportunity) when undermined by mitigation measures (the ‘four T’s’) enables a security professional to have an idea about the probability of a threat being realised. The individual, corporation or government subject to this probability then has to decide the scale of the impact that would be produced if the probability came to pass.  The resultant position on a probability-impact graph (conceived with low-medium-high on each axis) is the true expression of risk.  As a mental construct, it is a best guess only. Firm figures are impossible, but it is no less important for that. For example, the chances of a massive earthquake damaging the Royal Navy’s nuclear submarine base in Faslane, Scotland, is extremely remote.  But as the impact of a nuclear incident could be catastrophic the base has earthquake protection to a level unseen elsewhere in Britain.

It is this fluid, imprecise and intangible relationship between threat, mitigation, probability and impact that enables risk to seem confusing and unfathomable.  Is medium probability, high impact worse than high probability, low impact? How much will it cost to reduce the probability? If the impact is felt beyond the corporate balance sheet and in the political arena, who should pay to prepare society? Managing risk is not easy.

Is Sony vulnerable to the threat from hacking? Of course.  Did they put in place a strong mitigating strategy after their PlayStation network was hacked in 2011? Who knows? But either they did and this current adversary has much more capability than Sony has defences, or they did not, in which case heads should roll. Sony’s current adversary took advantage of an opportunity to demonstrate the ability and intent to hack emails. But by so swiftly leaping to a belief that movie theatres and the public are now at too high a threat of actual violence in the real world indicates either Sony do not understand risk, or there is more to this than the public are being told.  President Obama’s criticism of Sony suggests the former.

Advertisements

Crime data reveal a very British attitude to theft

To interact with this data sheet click here.

According to the recently released Crime Survey of England and Wales recorded crime levels are falling, which is a good thing. Dig further and the data for the last decade reveal curious insights into the changing nature of crime against the person. Perceptions that such crime is very serious have dropped. It also seems we are much safer on the streets than in a pub or on a bus. And despite the value of stolen items rocketing we are becoming less and less angry; we are increasingly merely annoyed. How very British.

Crime data story

Sir Richard Branson quietly shelves Virgin submarine plan

By Robert Mendick and Dominic Nicholls

Virgin Oceanic’s DeepFlight Challenger submarine, whose mission was described by Sir Richard Branson as “the last great challenge for humans”, has been mothballed.

Sir Richard Branson has quietly shelved his latest adventure: an ambitious plan to pilot a submarine to the deepest points of the world’s five oceans. The entrepreneur had a grand scheme to explore both space and sea. But his plan for the first rocket ship charging passengers for trips to the edge of space is in jeopardy after the craft crashed during a test flight, killing a pilot. Now Sir Richard’s dream of exploring the lowest points on Earth is also on hold.

Virgin Oceanic’s DeepFlight Challenger submarine was unveiled in a blaze of publicity in April 2011, with Sir Richard describing its mission as “the last great challenge for humans”. He had hoped the 18ft-long submarine, designed to “fly” along the ocean floor, would make its maiden voyage to the bottom of the Pacific’s Mariana Trench – at a depth of 36,000ft, the lowest known point on Earth – by the end of 2011, or failing that, by 2012.It would then move on to the Puerto Rico trench at 28,000ft in the Atlantic, followed by dives in the Arctic, Indian and Southern oceans. The plan was for alternating pilots in the single-seater craft, with Chris Welsh, a sailor and explorer, taking the first dive and Sir Richard the second.

Three years on, the DeepFlight Challenger has been mothballed, never having reached the bottom of any of the oceans. The Virgin Oceanic website – which had promised “five dives, five oceans, two years, one epic adventure” – no longer exists, apparently taken down earlier this year.

Virgin Oceanic had planned to charge a future generation of “aquanauts” up to $500,000 (£318,000), according to one source, to pilot submarines to the ocean floor. But the company that built DeepFlight Challenger has told The Telegraph it refused to back the project, insisting the submarine was suitable for only one dive and could not be reused because of the pressure on its structure at such depths. In a little-noticed statement three months ago on the Virgin group website, Sir Richard alluded to the project being scrapped but stopped short of admitting defeat. He said: “Starting new ventures takes a ‘screw it, let’s do it’ attitude and finding the right partners to help us achieve the unthinkable… However, business is also about knowing when to change tack. “We are still highly passionate about exploring the bottom of the ocean. However, we are now widening the focus of the project and looking for new technology to help us explore the ocean and democratise access at reduced cost and increased safety.”

Last week, Virgin confirmed the original plan for five ocean dives using DeepFlight Challenger had been scrapped. A spokesman said there were concerns about making the dives safely, adding: “We were not sure it [DeepFlight Challenger] would make it down. That project has been put on ice while we look at other technology that works.” The spokesman said Sir Richard still had ambitions to explore the ocean trenches, but there was no rush. “The name [Virgin Oceanic] remains our name, so no doubt we will revive it.”

DeepFlight Challenger was the invention of Steve Fossett, the multi-millionaire adventurer, who commissioned its construction in 2005. He planned to pilot the submarine to the bottom of the Mariana Trench in a one-off trip, then donate the craft to the Smithsonian’s National Air and Space Museum in Washington DC.
But in tests simulating the pressure at 38,000ft below the sea, the vessel’s domed glass cockpit showed signs of cracking, meaning that a replacement would need to be made from stronger material. That appears to be as far as the DeepFlight Challenger ever got. When Fossett, a close friend of Sir Richard, died in a plane crash in 2007, the ownership of the submarine passed to his estate. Four years later, Mr Welsh, who is also a Californian property magnate, bought the craft and a huge catamaran from which to launch it from Fossett’s estate for less than $1 million. He approached Sir Richard for further investment and the pair set up Virgin Oceanic in 2011. At the company’s launch in California, Sir Richard admitted the dives might be dangerous but appeared aware of future commercial possibilities, saying: “We believe there are thousands of people who’d like to explore the oceans and become aquanauts.”

But DeepFlight, the company that designed and built the submarine, said it expressed concerns about its suitability for repeated dives. Adam Wright, the firm’s president, said last week: “The Challenger was built for a very specialised contract with Steve Fossett. It was designed for one dive down to the Mariana Trench. The idea was to set the record for the deepest dive and then give it to the Smithsonian to put on display.
“Once Virgin took over the project, the importance of the one-off record dive shifted and they wanted to repurpose the craft. They wanted to do five dives. The problem is the strength of the vessel does decrease after each dive. It is strongest on the first dive.”
Mr Wright said DeepFlight had talks with Virgin about providing a consulting and engineering service, but pulled out. “As soon as we heard about the five dives and that they wanted to repurpose it [the submarine] and sell tickets, we didn’t want to be associated with that.”They were trying to sell tickets; they wanted to charge half a million dollars. We were extremely concerned about it… We didn’t want the liability of being the manufacturer of that vessel. “Had the focus of the project been maintained to the initial purpose, it would have been totally different. The problem was not the technology or the lack of knowhow.” DeepFlight was beaten to the record dive by another submarine, piloted by James Cameron, the Oscar-winning film director, who took his submersible on a solo voyage to the bottom of the Mariana Trench in 2012.

This article was published in the Sunday Telegraph on 14th December 2014. See this link.

Hearts and minds

CIA-made-doctors-torture--009The report into the CIA’s detention and interrogation programme is a grim read. Not because it is 524 pages long, or that this heavily redacted offering to the public is tiny compared to the more than 6,700 pages of the full classified Committee Study. Rather, it is grim because it is real. Think Homeland was an exaggeration? Take a deep breath, click here and think again.

The report describes individuals being waterboarded until the subject was “completely unresponsive, with bubbles rising through his open, full mouth”, how detainees were subjected to “rectal feeding without documented medical necessity”, “ice water baths” and how “a detainee who had been held partially nude and chained to a concrete floor died from suspected hypothermia” among many other graphic descriptions of cruelty. There is no point in listing here all the abuses; there are too many and the report too compelling, in a macabre way, for one’s attention to waiver. It is not a chore reading this document; for politicians and the security agencies it should be a duty.

For clarity, the 12 ‘enhanced interrogation techniques’ used by the CIA were as follows: the attention grasp; walling; facial hold; facial slap; cramped confinement; wall standing stress positions; sleep deprivation; waterboarding; use of diapers (sic); use of insects; and mock burial.

Defending the programme, Michael Hayden, Director of the CIA from 2006-2009, wrote a rebuttal to the report in the Daily Telegraph on 10th December. He suggested that the report was overly graphic in an attempt to shock. “So too,” he countered, “would an equally detailed description of drone strikes”. But this moral cut ‘n’ paste is indicative of how such a programme was allowed to exist, and go so wrong, for so many years. Liberal democracies accept that, occasionally, they must go to war and that this will involve killing and maiming people. The humanity comes from ensuring as far as possible that the right people are killed and that any such action takes place in a clearly defined and transparent legal framework. This humanity is notable by its absence from the Senate Committee’s report.

The CIA’s legal position was that “the criminal prohibition on torture would not prohibit the methods proposed by the interrogation team because of the absence of any specific intent to inflict severe physical or mental pain or suffering”. This is splitting definitional hairs: without ‘specific intent’ how does anything happen? And who decides when the line is crossed into ‘severe’ pain?

Apart from the graphic descriptions of abuse, the impression one is left with after reading the report is of an organisation pursuing an agenda of operational permissiveness unconcerned by outside scrutiny and actively seeking to avoid accountability.  In short, a complete failure of leadership. The glib manner in which Michael Hayden treated Congress when discussing detainee numbers is illustrative. The report details how, after Hayden had told Congress there were 98 detainees (in fact, there were 119) a CIA officer was instructed to pick a date that conformed to the 98 figure, so as to avoid suggestions of having misled Congress. The report further states: “Hayden did not view the discrepancy, if it existed, as particularly significant given that, if true, it would increase the total number by just over 10 percent.” As head of an organisation subjecting people to “near drownings” and “sleep deprivation…for up to 180 hours”, one might expect Hayden to know details such as exactly how many people this applied to.

General David Morrison, head of the Australian army, recently issued a powerful reminder of the conduct expected from those bearing arms (see link here). In a little over three minutes his words encapsulate the values the CIA failed to uphold over nearly ten years. John Brennan, the current head of the CIA, refused this week to describe the actions as torture, although President Obama did. The word is irrelevant; the events need no introduction. The standard you walk past is the standard you accept.

Tony Blair’s charity rich list

1292205nBy Robert Mendick and Dominic Nicholls

A trawl of documents reveals how Tony Blair used donations from wealthy friends – as well as the US taxpayer and the Swedish lottery – to bankroll his charities

They are among Tony Blair’s closest — and richest — friends. A small cadre of wealthy benefactors have helped to get the former prime minister’s charities off the ground and keep them afloat. A trawl of charity and company documents shows how Mr Blair has attracted millions of pounds in donations from the super-rich, as well as from the US government and even the Swedish lottery, largely for foundations he has set up since leaving Downing Street. His remarkable ability to network and use contacts made in and out of office has helped him establish two major international organisations with wide-ranging influence: the Tony Blair Africa Governance Initiative and the Tony Blair Faith Foundation.

The documents unearthed by The Telegraph disclose:

– The identities of an American financier and his wife who gave AGI £1 million

– The money was used in part to fund AGI’s move to new offices overlooking Hyde Park in central London

– How AGI plans to expand its operations advising African leaders into half the countries in Sub-Saharan Africa, giving Mr Blair influence over hundreds of millions of people

– How AGI trumpeted its ability to persuade an African president to discard three out of four of his mobile telephones as an example of its achievements.

Documents lodged in the US show that Paolo Pellegrini, an Italian-born banker and his third wife Henrietta, have given AGI $1.5 million (£1 million) in three payments each of $500,000 spread over three years. The Pellegrinis made the payments through their charitable foundation – the Paolo Pellegrini and Henrietta Jones Foundation. The foundation’s most recent US income tax returns, posted last year, include internal documents from AGI, explaining how their money was spent and what AGI has achieved. It includes details not available in accounts lodged with the Charity Commission in the UK. In the report to its benefactors, AGI states its “longer-term, five-year vision of achieving a footprint that touches on 15-20 countries”. If AGI was successful that would see the charity operating in about half Sub-Saharan Africa, giving Mr Blair and his charity — which offers governance and investment advice to presidents, prime ministers and ministers — enormous influence in the region.

The internal report details how well AGI is working in various countries. In Guinea, the report highlights how AGI’s team of four persuaded the president Alpha Conde to change his management style. “When we began, the president had a very personalised style of management. He delegated very little, directly managed nearly all important ministers and most of the more than 30 advisers at the presidency, and scheduled most of his own meetings via his four cellular phones.” AGI states it was able to introduce practical changes including the introduction of a morning meeting with “the president’s top team … and even the reduction in the number of the president’s phones from four to one.”

The Pellegrini foundation money, says the report, was used — among other things — to “contribute to AGI’s London costs” including the nearly £50,000 price tag for moving the charity in 2012 from Mr Blair’s private office in Grosvenor Square to its own offices in Marble Arch nearby. The report reveals that the Swedish Postcode Foundation, a national lottery with headquarters in Stockholm, also provided support for AGI’s London headquarters, as did Tony Blair Governance Initiative-US, an American offshoot of AGI, of which Paolo Pellegrini is president and Henrietta is treasurer. The American offshoot in 2012 sent £1.5 million to AGI in London.The Swedish lottery told The Telegraph it gave AGI more than £750,000. Part of that donation was spent on AGI’s team in South Sudan, a short-lived foray that ended when the country fell into civil war and AGI was forced to pull its team out.

It is not clear how the Pellegrinis came to be introduced to Mr Blair and AGI, of which he is patron. Mr Pellegrini, 57, who largely shuns publicity, made his fortune, estimated at more than £100 million, betting that the American housing bubble was going to burst. The hedge fund he worked for is reckoned to have made more than £13 billion on the 2007 crash in a controversial deal. The close relationship between the Pellegrinis and AGI shows how successful Mr Blair has been in attracting wealthy backers to his numerous philanthropic causes. Bill and Melinda Gates, the richest couple on the planet and good friends of Mr Blair, gave AGI almost £500,000 last year, according to the most recent accounts of the Gates’s own foundation. Mr Gates, founder of Microsoft, has a fortune estimated at £50 billion.

Mr Blair’s other main charity, the Tony Blair Faith Foundation, which attempts to reconcile world religions, has also attracted wealthy backers. Victor Pinchuk, a Ukrainian oligarch with a spectacular collection of contemporary art and owner of one of London’s finest houses, gave TBFF £320,000, according to accounts posted last year. Mr Pinchuk is worth an estimated £2.7 billion and has been a staunch supporter of Ukraine’s bid to join the European Union, a cause which has been backed by Mr Blair. Haim Saban, a US-based Israeli entertainment mogul worth £2.3 billion, gave at least £415,000 to TBFF through the Saban Family Foundation. His wife Cheryl, through her own foundation, has given at least £650,000 to a women’s charity run by Cherie Blair. Oleg Deripaska, a Russian oligarch and close friend of Mr Blair’s former cabinet colleague Lord Mandelson, spent £300,000 co-funding a little-known charity run by Mr Blair, which lobbied governments over climate change, called Breaking the Climate Deadlock. Mr Deripaska, a Russian oligarch worth £4 billion, is president of the world’s largest aluminium company Rusal.

Mr Blair has also lobbied the Government for funding for AGI, but having been turned down on a number of occasions by the Department for International Development (DfID), has given up trying. AGI has been more successful with the US taxpayer. Washington’s equivalent to DfID, called USAID, is committed to giving £4.5 million through three grants. At one stage Mr Blair’s great friend Hillary Clinton was then US secretary of state in overall charge of USAID. Mr Blair has insisted his charity went through proper tendering processes before winning the contracts. Emails obtained by The Telegraph, whose existence has been reported by this newspaper, disclose how Mr Blair and his charity lobbied USAID officials ahead of the award of sizeable grants.

Last month, the US branch of Save the Children gave Mr Blair its global legacy award for his and AGI’s efforts in alleviating poverty in Africa. But the prize caused a huge split inside Save the Children with a letter signed by its own staff demanding the award be revoked while an online petition has attracted 120,000 signatures demanding the same. Last week Mr Blair’s private office disclosed he had given £9.5 million to good causes since leaving office, while estimating his fortune at an equivalent amount but far lower than the £100 million critics have claimed he has earned. Mr Blair gave about £4 million — the advance from his autobiography — to the Royal British Legion. That suggests he has given a further £5.5 million to good causes. It is likely much of that will have been diverted to his own foundations. Mr Blair has repeatedly said that most of his time is taken up with his charitable efforts and work as a Middle East peace envoy and that the moneymaking side of his business ventures is used to support his foundations.

This article was published in the Sunday Telegraph on 7th December 2014. See this link.