Although it still feels like 2017 has only just arrived, we’re very nearly into May, which means it’s time for our next Client Forum!
Thanks to a brand new structure (and a little help from a beautiful City venue) our Autumn Forum in October last year was by far our best to date, and we can’t wait to share what we’ve been up to since then.
As part of our commitment to great customer support, we believe it’s important to keep running these forums in order to give you the chance to hear about new products and services, industry trends and future developments first hand. With this in mind, the next Unicorn Client Forum will be held on Thursday 8th June, at the O2 Intercontinental Hotel, 1 Waterview Drive, London.
The Summer Forum will offer a range of sessions from our Senior Relationship Management Team, Product Managers, Executive Team, Clients and Special Guests (keynote). Following the launch of our Learning Ecosphere whitepaper at Learning Technologies back in February, we will continue to address themes of new technology, engagement and changing behaviours in corporate learning.
Throughout the day we will also be offering sessions on Cyber Awareness, GRC (including T&C, GDPR and MiFID II) and showcasing our brand new reinforcement app, Minds-i, following its official launch at ATD in Atlanta.
A full session breakdown and registration portal will be available this week and can be found by contacting your Unicorn Relationship Manager, or the Marketing Team.
**Please note that we will be starting this event late morning to allow you time to vote in the UK General Election. We will have a live feed throughout the day, and anyone concerned about timings can still register for a postal vote by following this link.**
After what can only be described as a fantastic Learning Technologies show this month, we’re also delighted to announce that Unicorn LMS has been ranked third in the world – and top overall for financial services for the third successive year. The news comes as Craig Weiss releases his latest Top 50 LMS Report for 2017.
The much-anticipated annual report analyses more than 1,000 LMSs from across world and looks at each system’s niche assets to rank the best of the best.
It’s been a big 12 months for Unicorn LMS, which has not only undergone a name change from SkillsServe but has also again upped the ante, particularly in terms of usability and mobile integration, as acknowledged by Weiss in unveiling his report.
“The name is changing from SkillsServe and the product stayed the same. Wait, scratch that, it has gotten way better,” he said.
“A new UI/UX makes a huge difference for this very strong system for compliance / regulatory (regardless of your vertical). If you are in financial services mind you, this is a system you should be looking at.”
The report also singles out the newest addition to Unicorn LMS’ compatible app suite, Minds-I, for special attention, with Weiss describing it as “by far the coolest thing I’ve seen this year”.
Minds-i harnesses the power of informal learning by enabling firms to take the best of the web and expertly curate content on topics of their choice to encourage the learner to explore. Learning becomes self-directed, user driven and personal while its just-in-time micro-bite content makes learning relevant in a real world context.
Unicorn LMS, which is set to get its official re-launch this April, first featured in the Top 50 LMSs Report top five in 2015 and has moved up a place each year since while holding on to the best financial services LMS throughout that time too.
Peter Phillips, Unicorn CEO, said: We are honoured to have been ranked number one in the world for our sector for the third year in succession.
The improvement in our overall global ranking to a new high of #3 in 2017 reflects Unicorn’s commitment to continued investment in improving our LMS, to anticipate and meet the developing needs of our customers.
I would also like to congratulate the other LMS products in Craig’s top 3, Growth Engineering and eLogic, both of which are outstanding solutions in their chosen markets. It is particularly pleasing to see two UK companies in the top three!”
Unicorn is to launch the Learning Ecosphere at next month’s Learning Technologies show, which introduces a brand new way of reimagining the dichotomy of traditional vs new eLearning.
The explosion in digital and social technologies holds great promise for L&D professionals, and the learning community is rightly excited by the potential of collaborative learning, point-of-need performance support, serious games and even augmented reality.
But amid the hype, how do enterprises identify what is relevant, affordable and good value, in the context of the practical day to day demands on time, budgets and resources?
This is the focus of a new White Paper being launched by Unicorn Training at the Learning Technologies conference and exhibition next month.
The Unicorn ‘Learning Ecosphere’ reimagines learning in the context of balancing enterprise-focused ‘you must learn’ and learner-focused ‘I want to learn’ demands.
The White Paper argues that a firm’s learning strategy does not have to sit on one side or the other, rather seeing the possibilities for utilising different technologies to create a better blend and balance in an overall learning approach.
The free ‘Learning Ecosphere’ White Paper can be picked up from stand P14 on both days of the Learning Technologies exhibition at Olympia on 1-2 February.
Governance, Risk and Compliance (GRC), custom content, LMS and apps/games are all key elements within the Learning Ecosphere, and Unicorn will be showcasing its solutions in each of these and explaining how, far from being in competition, the ‘new’ and ‘old worlds of learning technologies, are, in fact, complementary.
There will even be the chance to win a giant Unicorn (yes you did read that right!) by having a go at Unicorn’s new app-based game, Quizcom. This gamified application allows firms to manage their own question banks to create quizzes and push them to individuals or groups of learners. Who doesn’t need a giant Unicorn in their life?
Peter Phillips, Unicorn CEO, said:
“The mobile revolution has opened up exciting new opportunities for L&D to radically improve the effectiveness of their investment in learning. But mobile learning is inherently different from, and does not replace, the more traditional enterprise led training. We still need to ensure staff are safe and competent to do their jobs.
“The Learning Ecosphere is designed to help businesses to recognise what new pieces of the learning jigsaw might be missing in their business and how it is possible to make the many different elements on both sides work harmoniously together.
“What is needed is balance, and anyone visiting the Unicorn stand at Learning Technologies will go away with a much clearer understanding of how that balance could potentially be achieved within their business.”
More information about Unicorn Training is available at www.unicorntraining.com and registration for free entry to the Learning Technologies and Learning and Skills 2017 exhibitions and seminars is available at www.learningtechnologies.co.uk
With 52,000 more firms due to come under the Senior Managers Regime by 2018, in the new T-C News magazine Simon Mercer, Unicorn ComplianceServe Product Manager, asks ‘What’s your training strategy for compliance?’
“Do not put it under the jurisdiction of Compliance or HR”, Simon argues. “It has to be championed by a Senior Manager and driven from the top down.”
Find out why by downloading the January 2017 edition of T-C News for free from the website at www.t-cnews.co.uk
If you’re anything like us, you may well have been glued to the BBC all morning. It seems ludicrous to think that it’s a whole twelve months since we were last sat here awaiting George Osborne’s spending pledges to infrastructure and changes to personal tax thresholds – in fact, we couldn’t have imagined a more turbulent year if we’d tried. In the wake of the summer’s Brexit vote, as well as Trump’s meteoric rise to office in the US election, many feel that 2016 has been something of a rollercoaster ride, and one that looks set to continue into the foreseeable future.
One thing is for certain – at a critical time in the UK’s political and economic life, we are in need of political leadership with a vision to meet the coming challenges.
Whatever the public feeling about his predecessor, Hammond was keen to highlight the differences between himself and Mr Osborne as he addressed parliament and the watching nation this afternoon. With an overarching message that the government’s aim is to ensure that, “the UK economy is “match-fit” for the transition that will follow the Brexit vote,” Hammond maintained the need to continue with a, “commitment to fiscal discipline”, while recognising the need for investment to drive productivity”.
Three fiscal rules for budget responsibility charter
First, the public finances should be returned to balance as early as possible in the next parliament, and in the interim cyclically adjusted borrowing should be below 2% by the end of this parliament.
Second, public sector net debt as a share of GDP must be falling by the end of this parliament, and third, that welfare spending must be within a cap set by the government and monitored by the OBR.
As the announcements continue to come thick and fast from Westminster’s live stream, here’s a quick rundown of the highlights…
Innovation and infrastructure
- £1.1bn extra investment in English local transport networks
- £220m to reduce traffic pinch points
- More than £1bn for digital infrastructure and 100% business rates relief on new fibre infrastructure
- £2bn per year by 2020 for research and development funding
- A £2.3bn pledge over the next 5 years to help provide 100,000 new homes in high-demand areas
- £1.4bn to deliver 40,000 extra affordable homes
The state of the economy
- Promises of “fiscal headroom” to support the economy through Brexit
- Office for Budget Responsibility growth forecast upgraded to 2.1% in 2016, then downgraded to 1.4% in 2017
- OBR forecasts growth of 1.7% in 2018, 2.1% in 2019 and 2020 and 2% in 2021
- Government no longer seeking a budget surplus in 2019-20 – Mr Hammond says he is committed to returning public finances to balance “as soon as practicable”
- A ban on upfront fees charged by letting agents in England
- National Living Wage to rise to £7.50 from April next year
- Reduction in the rate at which benefits are withdrawn from people when they start work
- Tax on insurance to rise to 12%
- Personal allowance threshold protected at £12,500
- Fuel duty frozen
For a full rundown of this afternoon’s Autumn Statement – including closing announcements that will see future statements delivered in the Spring, with the full budget being moved to Autumn – head over to BBC breaking news for a complete live feed.
Why None of us are Above Cyber Attacks: How Hackers Broke into John Podesta and Colin Powell’s Gmail Accounts
It’s fair to say that when it comes to high profile cyber security failures, the past twelve months have seen more than their fair share.
As if the loss of customer data in TalkTalk-gate wasn’t enough, 2016 brought fresh attacks on the SWIFT (Society for Worldwide Interbank Financial Telecommunication) network, costing a number of banks both their reputations and tens of millions in losses. But why do security breaches keep befalling global giants who pump millions into their cyber security initiatives?
Organisations or individuals?
When reports of cyber-attacks hit the headlines, the press are quick to condemn the overarching failings of the organisations in question. Given that global consumer businesses are in possession of vast amounts of private customer data, it’s little wonder that the kneejerk reaction to security failures on this scale is anger. But with user error often relegated to a single line in damming press pieces, it’s easy to miss a common trend across many of these cases: that initial access to an otherwise secure system was granted by the accidental opening of an email, or a click on a seemingly innocuous link by somebody within the organisation.
If we’re looking for evidence in support of this statement, all we need do is delve a little deeper into the mountain of reports into these instances that are available on the web. In fact, one report published earlier this year in the Federal Times noted that as much as fifty percent of all cyber breaches and data leaks can be attributed to human error.
In short, in this era of increasingly sophisticated cyber threats, a critical truth remains: your firewall can be as sophisticated as you like, but it means nothing if your people aren’t armed with the right knowledge.
Falling foul of cybercriminals can happen to anyone
In spite of the usual dialogue of blame that implies a certain ‘stupidity’ on the part of the staff in question, the reality of human-error data breaches is that they happen often enough to highlight a genuine problem with education around information security. There was perhaps a time when malicious phishing emails were laughably obvious, but with the ever-increasing sophistication of available technology, and smarter social engineering, falling foul of a cyber-attack can quite literally happen to anyone.
Never has this been illustrated more than by the recent email leaks from senior officials in Hillary Clinton’s US presidential election campaign.
Case in point: How hackers infiltrated the Clinton Clan
Back in March, John Podesta – former chief of staff to the Whitehouse and Chairman of the 2016 Clinton campaign – received an email that appeared to come from Google. It wasn’t until some months later, in October of this year, when hundreds of Podesta’s private personal emails began to appear on WikiLeaks that officials were alerted to any data breach. Rather than a legitimate Google security alert, what Podesta had received was a well-disguised phishing message designed to dupe him into giving up the password to his Gmail account.
Of course when news of the hack broke, people were quick to point the finger at Russia. With mounting international tensions, and the profile of notorious hacking group Fancy Bears continuing to rise, such accusations were hardly unexpected.
The subsequent investigation into exactly where this particular email came from claimed to have traced the malicious URL contained within it to a single account on the popular URL shortening service, Bitly. Using a Bitly short-link, hackers concealed a longer link which, to the untrained eye, looked very much like a legitimate Google URL. Within this was a 30-character string that contained the encoded Gmail address of John Podesta.
The Bitly account used in this attack was found to be the very same one responsible for generating malicious short links used in a significant number of other hacks on members of the National Democratic Committee (including one on former Secretary of State, Colin Powell, where his private emails later appeared on the website DC Leaks.) Investigators at cyber firm SecureWorks also claimed to have been able to trace ownership of the Bitly to a domain under the control of Fancy Bears when they discovered that privacy settings had not been activated on the account.
Using Bitly allowed third parties to see their entire campaign including all their targets— something you’d want to keep secret
– Tom Finney, Researcher at SecureWorks
“It’s unclear why the hackers used the encoded strings, which effectively reveal their targets to anyone,” said Kyle Ehmke, a threat intelligence researcher at security firm ThreatConnect. “[Perhaps] the strings might help them keep track of or better organize their operations, tailor credential harvesting pages to specific victims, monitor the effectiveness of their operations, or diffuse their operations against various targets across several URLs to facilitate continuity should one of the URLs be discovered.”
As it stands, investigators have drawn connections between nearly 9000 malicious phishing emails used to target 4000 individuals across the US and Europe – all seemingly originating from Fancy Bears. The Podesta hack was not the first time the Bears have made the headlines; their connections to the Kremlin have remained the subject of speculation for some time following their meteoric rise to media fame when they leaked documents from WADA (The World Anti-Doping Agency) incriminating American athletes. Whether there is any truth in claims of suspected Russian ties remains to be seen – but if the authorities are in possession of any hard evidence, such information is unsurprisingly not in the public domain.
The use of popular link shortening services such as Bitly or Tinyurl [that left an uncharacteristic trail] might have a simple explanation – the hackers probably wanted to make sure their phishing attempts went past their targets’ spam filters
– Thomas Rid, King’s College London
What we do know is that in Podesta’s case, something as simple as apparently legitimate account security email has led even some of the most tech-savvy figures down the rabbit hole.
Phishing emails that even evaded Clinton’s IT team
Perhaps the most surprising thing of all in this account is the fact that John Podesta did actually report the email to his IT officers as suspicious – and was reassured that the request to reset is password was indeed ‘legitimate’:
Clearly, Podesta had some awareness of phishing emails as a means to obtaining sensitive private data, but was ultimately still duped into giving hackers access to his account and surrendering sensitive private information to criminals.
Comment from Bitly
When avid tech-reporters Motherboard published their original series of articles covering the Clinton campaign hacks, they approached Bitly directly for comment. Their official reply, amongst stating that they ‘can only do so much’ when it comes to preventing use of their services for unlawful or malicious purposes, read as follows:
“The links and accounts related to this situation were blocked as soon as we were informed. This is not an exploit of Bitly, but an unfortunate exploit of Internet users through social engineering. It serves as a reminder that even the savviest, most sceptical users can be vulnerable to opening unsolicited emails.”
– Bitly, speaking to Motherboard
Lessons learnt – how do businesses protect themselves against cybercrime?
Irrespective of their size or stature, no firm wants to fall foul of cybercriminals. The reality is that the ‘wolf-in-sheep’s-clothing’ analogy runs deep – within an organisation as high-profile as the Clinton camp, even seasoned IT security professionals were tricked into believing that a phishing email sent to one of their most prominent officials was legitimate.
As the tech world continues to advance, there will always be instances where data breaches and malicious attacks mounted on organisations by cybercriminals will be effective. This said, with an estimated fifty-percent of cyber security breaches attributed to human error, businesses need to view the education of their entire workforce as a critical line in the defence against hackers and cybercrime.
“We are all vulnerable, regardless of role or seniority”, says Mark Logsden, former Head of Cyber Security at AXELOS Global Best Practice. “The most effective way of managing this risk is via a good cyber awareness programme that promotes good cyber behaviours and teaches all staff about their role in maintaining the cyber resilience of the company.”
Still want more? Check out these other interesting resources
The fantastic original Motherboard article on the Podesta hack
Another piece on how Clinton’s IT team were duped by hackers
Interactive visualisation of the world’s biggest data breaches by sector/fault
Cyber Security Training from Unicorn in partnership with AXELOS GBP
Downing street is upping the pressure on ministers to begin implementing plans to leave the EU, it was reported this week.
Accusing Liam Fox – one of three cabinet ministers put in charge of overseeing Britain’s withdrawal from the EU – of ‘playing games’, Theresa May has made her position on government in-fighting clear. Such comments come as City sources claim that Britain’s exit from the EU is already looking likely to take place at least a year after first envisaged.
With government insiders talking of ‘chaos’ amongst the two new departments involved in overseeing Brexit, some believe that initial timelines are already well out of scope, and could be delayed even further if action is not taken soon. Indeed, murmurs about undermining public confidence have already started to surface from Tory backbench Eurosceptics.
However, Number 10 has dismissed talk of hesitation or departmental disarray as nonsensical, with Theresa May sending a clear message to press and public alike that Brexit is very much still ‘full steam ahead’. As things currently stand, the government looks set to trigger Article 50 – which will formally start the process for Britain’s departure from the EU – at the start of 2017. A Downing Street source said: ‘Everyone has a view on Article 50 and timetables. The Prime Minister has set up departments to implement Brexit and they need to get their ducks in a row – but we are looking at early next year. That is what the Prime Minister has told leaders of other EU countries. There is no indication that it is going to go further than that. We know that Brexit means Brexit and that we have to get on with it. It is full steam ahead.’
How this sits with senior banking figures – many of whom at June’s Annual Retail Banking Conference said they ‘welcomed the government’s decision not to invoke Article 50 with immediate effect – is still to be seen.
We do welcome the government’s decision not to invoke article 50 for now, as we do need time to plan for a stable and orderly transition for the banking sector. –Noreen Doyle, Chair BBA
Invoking article 50 will simply accelerate decisions that might otherwise have taken a decade. –Justin Bisseker, Pan-European Banks Analyst Schroders
With reports of playground power struggles between the so-called ‘three Brexiteers’ – Dr Fox, Mr Johnson and the Secretary for Exiting the EU, David Davis – Whitehall officials have apparently been braced for tension. In a leaked letter to Foreign Secretary Boris Johnson, International Trade Secretary Liam Fox effectively demanded the break-up of the Foreign Office in order to pass certain key responsibilities to his new department. Mrs May was swift to react to Mr Fox’s demands, wading in from her holiday in Switzerland to quash any rumour of such a shakeup and telling Mr Fox to ‘stop playing games’ and get on with the job in hand.
Naturally, such bickering has done little for the public’s perception of the key government figures trusted with the delicate and lengthy task of facilitating our departure from the EU.
On Tuesday it was also reported that Euro-sceptic Tories are already starting to fear that the government is shying away from its commitment to get Britain out of the EU – heading instead for what has been widely referred to as ‘Brexit Lite’. Plans are now thought to be in the pipeline for two cross-party groups to pressure the government into committing to a strict, public timeline for leaving. However, ministers are keen to be see to be erring on the side of caution for good reason, insisting that the potentially extended timeline is the best interests for allowing comprehensive negotiations before the departure is formalised.
As far as more clues to post-Brexit conditions, each week seems to bring new developments. Last weekend, Chancellor Philip Hammond announced that the billions of pounds of funding that currently comes from the EU to support farmers, scientists and other projects will now be provided by the Treasury. Estimated at a cost of close to £6billion a year, the Treasury is set to guarantee continued funding for EU-backed schemes signed before this year’s Autumn Statement – meaning relative business as usual for a number of areas previously expected to take a hit.
Indeed, confidence certainly seems to be on the up since an initially hesitant period in the immediate wake of June’s referendum. Perhaps it is testament to national confidence that, for now at least, Britain is not allowing a political shock to become an economic one.
Read more about Brexit and the recent Westminster ‘doom-mongering’ here.
“Something must be done to break the inertia of the UK banking public”, said the BBC yesterday in its report on the latest activity from the Competition and Markets Authority’s latest plans for retail banking.
Following what is reported to have been a two-year investigation, the Competition and Markets Authority (CMA) has concluded that not enough is being done to pressurise banks into offering significantly cheaper or better services to customers. Indeed, only 4% of UK businesses and 3% of individuals currently switch their bank in any one year. As a result of these findings, the BBC yesterday said that, “some very big changes are now in the pipeline for the way people use their bank accounts and the way banks charge their customers”.
In essence, banking’s ‘big five’ (RBS, Barclays, HSBC, Lloyds and Santander) plus the Nationwide building society each have their own significant, but crucially captive markets. “The older and larger banks, which still account for the large majority of the retail banking market, do not have to work hard enough to win and retain customers and it is difficult for new and smaller providers to attract customers,” said the CMA. Thus its latest initiative will look not only to make switching easier, but also aims to encourage customers to look elsewhere for a better deal that will ultimately save them money and offer other benefits – especially if they are likely to go overdrawn.
The topic of overdrafts has itself been a spotlight issue for The CMA throughout its investigations, as it now orders banks to put a hard cap on just how much they can charge customers for going into the red. Historically, this is an area that has caused controversy as banks have been allowed to charge more or less what they like for unauthorised overdraft use. In fact, in 2009 the Office of Fair Trading (now part of the CMA) failed in its legal challenge to overthrow the right of banks to set their own charges as they saw fit.
Forcing banks to cap and declare their overdraft charges does not, of course, go so far as to suggest that a monthly limit on overdraft fees and charges should be set by a regulator, but it will at least make things clearer for customers. “Many personal customers, in particular overdraft users, could make significant savings by switching to a different current account,” says the CMA. It aims to bring this particular change into force by September next year.
Open Banking and the push for further CMA reform
In a bid to stimulate greater competition – and improve options for customers – The CMA is pushing for an industry-wide adoption of what is being referred to as ‘open banking’. In principle, open banking would see the financial technology industry strive to develop a computer application that would allow customers to manage accounts that may be across multiple banks through one central interface.
In recent years, we’ve seen vendor-specific banking apps pop up all over the place, but these only offer management of accounts held with that particular bank. This new, ‘all purpose’ app should also – so The CMA says – allow authorised intermediaries to provide a kind of ‘price and service comparison’, so that customers are able to check their existing provider(s) against others in the market at large, and thus potentially find other providers that are better suited to their specific saving and spending needs.
The CMA hopes that this will encourage customers to move money around – either to avoid upcoming overdraft charges, or to gain higher interest on more generous accounts.
And how soon will all this happen? The CMA’s final report, published yesterday, is just the latest in a very long line of official inquiries into the banking industry that have been held over the past 20 years. With a myriad of proposals on the table, all aimed at improving the customer experience in the retail banking arena, it is hard to say for sure which of these will be carried forward – and indeed when we might see them enforced. However, with plans around competition, overdraft caps and open banking now finalised and published, we’re told that official implementation dates range from the beginning of 2017 to the autumn of 2018. Watch this space!
For more information, visit the BBC business website here.