We all know what happened – web and then mobile came, saw, and conquered and established businesses had to react and adapt.
What's far more interesting is knowing the ins and outs behind how large, well known businesses coped with this transition and John Boughton, head of mobile for TUI Group, gave us a glimpse of that in his talk at the Apps World London conference.
TUI Group is a huge tourism conglomerate that acquired Thomson in 2000 Mr Boughton's keynote speech discussed the impact of mobile, and how it can be tricky to predict what the next big thing will be (and if it will have longevity).
The talk was titled 'How not to Predict Future Trends – A Holiday Industry Perspective'.
Thomson on mobile – did they jump or were they pushed?
Mr Boughton spoke candidly about the fact the app store opened in 2007 but it was another six years until they launched the first version of the MyThomson app in 2013.
He said that it can be difficult to predict what will be a fad, and it was clear from the talk that he felt this was in hindsight a mistake and didn't make attempts to give excuses.
However, while the market forced Thomson to act, Mr Boughton said he felt they “reacted quickly enough” and they would have got there on their own steam anyway.
He had some general advice for companies: “Fast adaption of innovation is more important now than it has ever been”.
During the talk, he used the depressing example of Blockbuster.
At one point Blockbuster had stores all over the world. They were offered Netflix for £50m in 2000 and declined. By 2010 they had filed for bankruptcy and now they barely exist.
Google as a threat, not an advertising partner
Mr Boughton said Thomson has a “very close” relationship with Google and Facebook, who they advertise with.
During the Q and A, they were asked about this wonderful relationship with Google.
What happens when Google wants to sell holidays and that makes them more money than your advertising?
Mr Boughton had a pretty candid response – that people are worried about Google (though he didn't say Thomson specifically were).
He said the risk was mitigated for Thomson because they own the customer experience, including the tangible hotels and aeroplanes, and they feel they are fairly well protected from disruption.
He finished by saying “I'm not sure anyone has thought through where this ends up”, which was a somewhat ominous, if honest, end to the talk.
I attended a cyber crime conference in Cambridge last week held by Cambridgeshire Police. The event outlined what the police are doing to tackle cyber crime and what we can do to avoid it in the first place. They said 80% of cyber crime is preventable. It was stressed at the conference that not only can you be hit with financial losses, but cyber crime can have significant impact on well being.
Some stats for Cambridgeshire to get us started: There were 142 cyber-dependent crimes in a 150-day periodOne company recorded eight DoS* attacks in a dayLosses of £752,000 during this time*Denial of service attack, basically unable to use your network Here is a quick bullet point take-away from the conference before we delve a bit deeper: Cyber crime is a priority for cambs police and is as high a priority for the country as anti-terrorismAlways report attacks to Action Fraud even if nothing is damaged/takenA lot of damage is preventableReporting cyber crime to police: We heard that without reporting of hacks and attacks, funds will not be given to fighting cyber crime as the extent of the issue would not be known.
What to do if you suspect you are a victim of cyber crime in Cambridgeshire? As soon as you are aware... Phone your bankReport to the local policeKeep evidence (emails, letters, phone call recordings)Report to Action Fraud, even if it is an attempted crimeMandate fraud:
Mandate fraud is the most prolific crime seen by cambs police. Mandate fraud is when someone is convinced to update a suppliers banking details, therefore sending funds to the wrong bank account.
How is mandate fraud carried out and what should I be aware of?
Mandate fraud will be carried out by phone, email, letters, etc. Essentially the scammers are looking to make staff believe them. This may be with an official looking letter, or by frequently calling them, building up a rapport, and then asking them to please update to our new details.
Double check account number changes, do not automatically use a contact number given on a letter and seek further authentication before responding to an email exchange (see more on two step authentication in this blog post).
We were told about two simple ways for someone to gain access to a bank.They may pretend to be a BT engineer, or someone enquiring about a mortgage or new bank account.
So the scammer can say they are from BT, and then have access to the servers while they “do their repairs”. Alternatively, they can pretend to be applying for a mortgage and then use distraction tactics to gain access to hardware.
This is in relation to the bank itself, but can be applied to an office. If you have information stored on computers or servers, someone could still seek to gain physical access to that by pretending to be a customer or service personnel.
Impersonating a CEO:
How this works is that a scammer will send an email pretending to be the CEO. It may appear to be from the CEO's address (or one so close they hope you won't notice).
Even if you have payment processes in place, a request from the boss will often take precedence. If a boss asks you to expedite a payment, staff will want to help out and maybe even not want to bother their boss. CEO spoofing relies on helpful staff not double checking, or not wanting to disturb their CEO.
Small amounts from many bank accounts
Often scammers will take a small amount from many accounts, hoping people won't report it. Keep an eye on all transactions.
“A mobile phone without a pin is the most valuable thing you can find” Put a pin on your mobile.
Apparently thing is a thing. It is when memory sticks are deliberately left outside a business, so helpful/curious people will collect them up and plug into their computer to check the content/find an owner.