The IT Nerd

There’s been substantial growth in the consumer medical devices market in recent years – 320 million consumer medical wearables will ship globally in 2022 (according to Deloitte). These range from heart rate monitors that can be used to detect heart disease and long COVID, to bracelets which aid ovulation prediction and conception. Now, consumers are incorporating this technology in their daily lives to improve their overall health and wellbeing.  

In a new study of more than 12,000 consumers globally, including Canada, Cisco AppDynamics uncovered how quickly consumers are adopting this technology, the level of trust they have when allowing third parties to handle their data, and their expectations for incredible digital experiences when using these services.  

The results show a booming industry, with consumers keen to realize a range of health and wellbeing benefits. But at the same time their expectations for flawless digital experiences are higher than ever. One bad digital experience could be the make-or-break moment in a technology failing to reach its full potential. 

Key Canadian takeaways from the report include: 

• 2% of Canadians think wearable technology has the potential to transform both their personal health and public health as a whole 
• 61% of Canadians say they intend to use more of these types of wearable technologies or applications in the next 12 months 
• 33% of Canadians say they currently use at least one wearable health tech device 
• 73% of Canadians say a bad digital experience may stop them using a specific wearable device or application and 51% say it may put them off trying other health or wellbeing wearables or applications 

• The biggest components of a bad digital experience for Canadians are: 
  • Data privacy / data security leak (61%) 
  • Application or device crashing (58%) 
  • Slow run time / unresponsive (57%) 

• 86% of Canadians say reliable, real-time access to health data and accuracy of this data is critical to a good user experience 

There is a lot more detail on this report which you can find here.

If you use Cisco WebEx to meet with people, you should be aware that it will phone home audio telemetry according to some research performed on the most popular conferencing apps out there and reported by The Register. And muting the app has zero effect on this:

Among the apps studied — Zoom (Enterprise), Slack, Microsoft Teams/Skype, Cisco Webex, Google Meet, BlueJeans, WhereBy, GoToMeeting, Jitsi Meet, and Discord — most presented only limited or theoretical privacy concerns. The researchers found that all of these apps had the ability to capture audio when the mic is muted but most did not take advantage of this capability. One, however, was found to be taking measurements from audio signals even when the mic was supposedly off. “We discovered that all of the apps in our study could actively query (i.e., retrieve raw audio) the microphone when the user is muted,” the paper says. “Interestingly, in both Windows and macOS, we found that Cisco Webex queries the microphone regardless of the status of the mute button.” They found that Webex, every minute or so, sends network packets “containing audio-derived telemetry data to its servers, even when the microphone was muted.” 

This telemetry data is not recorded sound but an audio-derived value that corresponds with the volume level of background activities. Nonetheless, the data proved sufficient for the researchers to construct an 82 per cent accurate background activity classifier to analyze the transmission and infer the likely activity among six possibilities — e.g. cooking, cleaning, typing, etc. — in the room where the app is active. Worse still from a security standpoint, while other apps encrypted their outgoing data stream before sending it to the operating system’s socket interface, Webex did not. “Only in Webex were we able to intercept plaintext immediately before it is passed to the Windows network socket API,” the paper says, noting that the app’s monitoring behavior is inconsistent with the Webex privacy policy. The app’s privacy policy states Cisco Webex Meetings does not “monitor or interfere with you your [sic] meeting traffic or content.”

Well, clearly what is in their privacy policy is at best inconsistent with what they actually do. And at worst it’s a lie. But don’t worry, Cisco “fixed” this after it was pointed out to them:

Cisco told The Register that it altered Webex after the researchers got in touch so that it no longer transmits microphone telemetry data.

“Cisco is aware of this report, and thanks the researchers for notifying us about their research,” said a Cisco spokesperson. “Webex uses microphone telemetry data to tell a user they are muted, referred to as the ‘mute notification’ feature. Cisco takes the security of its products very seriously, and this is not a vulnerability in Webex.”

No it’s not a vulnerability. But it’s pretty bad from an optics standpoint and from a trust standpoint. Hopefully they don’t have anything else in their products that someone can trip over and call them out on. Because that’s won’t end well from a PR standpoint.

After two years of rapid digital transformation and firefighting in response to the pandemic, technologists are now ready and primed to drive the next critical wave of innovation in their organizations. To achieve their goals, IT teams are seeking out solutions which will give them full visibility across their IT environment.

They’re looking for a unified view on availability and performance up and down the IT stack, building on their current application monitoring tools. They want full visibility into performance for compute, storage, network and public internet, from the customer-facing application all the way into the back end. For many, they want solutions that provide full visibility into cloud native environments, including the increasing deployment of microservices and container solutions.

In a new study of 1,200 IT professionals worldwide, including Canada, Cisco AppDynamics found that appetite for full-stack observability has markedly increased over the past year, and an overwhelming majority of Canadian IT professionals (92%) said 2022 will be a pivotal year for their organization on the journey towards full-stack observability as they look to unlock the power of data in an application-driven world. 

Other key takeaways from Canadian IT professionals in the report include:

• 91% of Canadian IT professionals believe the shift to full-stack observability will be transformational for their business.
• More than half of Canadian organizations (60%) have started out on the journey to full-stack observability, and a further 35% are planning to do so in the next 12 months.
• 86% of Canadian IT professionals accept that organizations that fail to make significant strides in their journey towards full-stack observability in 2022 will face competitive disadvantage versus their peers. 

A full copy of AppDynamics’ Journey to Observability report can be found here.

Research Methodology

To gauge the extent to which technologists have succeeded in implementing their full-stack observability strategies, and to understand their priorities for the future, AppDynamics has undertaken comprehensive global research, from board-level directors and CIOs, through to senior and mid-level IT management.

This research entailed:

• Interviews with 1,200 IT professionals in organizations with a turnover of at least 500m (with the exception of Colombia, where organizations with a turnover of at least $100m were included in the sample.)
• Interviews were conducted in 14 markets – Australia, Brazil, Canada, Colombia, France, Germany, India, Japan, Mexico, Russia, Singapore, United Arab Emirates, United Kingdom and United States.
• Respondents worked across a range of industries, including IT, financial services, retail, public sector, manufacturing and automotive, and media and communications.
• All research was conducted by Insight Avenue in December 2021 and January 2022.

Uses of Cisco Firepower firewalls need to pay attention to this.

Cisco has put out a Field Notice advised that the SSL certificate authority used to sign certificates for Talos security intelligence updates will be decommissioned and replaced on March 6, 2022. What that means is that Firepower devices “might” not be able to receive Talos updates. Those updates contain lists of sites identified as sources of malware, spam, botnets, and phishing to these firewalls. The firewalls in turn can automatically apply them so that you don’t have to add to the always-growing list of threats manually. So in short, after March 6, you might not be protected from the latest threats that exist on the Interwebs. Which of course is bad.

Users of FirePOWER Services Software for ASA, Firepower Threat Defense (FTD) Software, Firepower Management Center Software, and Firepower 6.1.x through 7.1.x have therefore been advised they’ll need to update their software. The update is required for both physical firewalls and FirePOWER running in clouds. And the deadline for doing the update is March 5th. Which means that you don’t have a lot of time to do these updates which are already available. The only exception is those who run Firepower 7.1.x, who have been warned that their update is “Planned for release by March 1, 2022.” That’s four days which is an insanely short amount of time.

Thus you should prepare to get about patching all the things. Because you know that cybercriminals will be getting ready to pwn those who don’t patch all the things.

By Gregg Ostrowski

Last year in Canada, the Cyber Centre had knowledge of 235 ransomware incidents against Canadian victims from 1 January to 16 November 2021. And the estimated average cost of a data breach, a compromise that includes but is not limited to ransomware, is $6.35M CAD. This presents a massive challenge for organizations to better safeguard their data and the data of their customers. For many, applications and digital services became a lifeline to normality but at the same time their expectations for applications to be high-performing, reliable and secure sky-rocketed.

Launched in 2006 by the European Council to raise awareness around the rights to personal data protection and privacy, Data Privacy Day encourages individuals and organizations to respect privacy, safeguard data and enable trust. According to Gregg Ostrowski, Executive CTO at Cisco AppDynamics, the need for everyone to think and act carefully has never been greater when it comes to sharing and protecting our personal data.

“The AppDynamics App Attention Index 2021 showed that for consumers, security is the number one component of a high performing ‘total application experience’. And 73% of Canadians say that their expectation of brands to keep their data secure has increased since 2020. It goes to show that brands must go above and beyond to meet their users’ expectations towards security,” said Gregg Ostrowski.

“In this post-pandemic era, a strong security posture means organizations have the necessary processes in place to protect their applications and their business from vulnerabilities and threats. In a world where sensitive data is constantly at risk of being compromised by malicious actors, they must be prepared and strengthen their security posture, enabling them to predict, prevent and respond to threats.”

Gregg also says it’s important for organizations to ensure security is at the core of their applications development process. “The DevSecOps methodology, a modern approach to software development, takes things a step further and incorporates security enhancements at the beginning of the application development lifecycle for a more proactive approach to reduce risks of threats to sensitive customer data.”

However, according to Gregg, there’s another piece to the puzzle for a DevSecOps approach to be fully effective. “Teams need to implement a full-stack observability solution. This approach will give them in-depth visibility into the entire IT stack, including traditional legacy systems through to new, native cloud environments as well as hybrid deployments. It is a vital step in the right direction.”

About Gregg Ostrowski

Gregg Ostrowski is an Executive CTO at Cisco AppDynamics. He engages with customer senior leadership to help prioritize their strategy for digital transformation. Prior to AppDynamics, Gregg held senior leadership positions at Samsung and Research in Motion, and he has more than 20 years of experience in the industry.

A recent high profile digital service outage saw Facebook – including its other services/brands Instagram, WhatsApp and Oculus – offline for over 6 hours, causing widespread disruption for consumers that use these applications and digital services on a daily basis, as well as businesses that rely them as part of their operations. 

But Facebook is not alone in facing this type of crisis.

In a world of sky-high expectations for digital experiences, and record levels of intolerance for poor-performing applications, this level of disruption can cause businesses significant financial cost and damage to reputation.   

In the immediate aftermath of the outage AppDynamics surveyed 1,011 global IT decision makers in 11 countries to gauge their concern surrounding the impact of major outages, understand the pressure they are facing and their confidence in the technology, tools and processes they are currently using. The results are as follows:

• 87% of enterprise technologists say they are concerned about the potential for a major outage and the resulting disruption to their applications and digital services. 
• 84% say that they feel pressure from their organization’s leadership to prevent a major performance issue or outage of their customer and employee facing applications and digital services.
• 87% admit that increasing complexity of their IT stack is already causing delays in identifying the root cause of issues.
• 97% of IT teams have some form of monitoring tools in place, many of which provide highly sophisticated and advanced methods of identifying and fixing anomalies. But they question the effectiveness of these tools in this new world. Only 27% are entirely confident that they meet their needs.
• 72% think it is critical or important that their organization deploys a full-stack observability solution within the next 12 months to solve complexity across their IT stack and identify and fix the root cause of an issue.

There is more information in this AppDynamics blog post here: https://www.appdynamics.com/blog/news/businesses-fear-outages-full-stack-observability/.

Research conducted between 7th – 11th October 2021

 Cisco AppDynamics has today announced a significant addition to its executive leadership team with the appointment of Eric Schou as Chief Marketing Officer (CMO). The appointment comes at a key moment for AppDynamics as it continues to assert its leadership in Full-Stack Observability – a fast-growing, multi-billion dollar technology market. 

Eric joins AppDynamics from Splunk where he was Head of Security Marketing, and is an accomplished marketing professional with over 20 years experience at some of the biggest enterprise technology companies in the world, including Palo Alto Networks, Hewlett-Packard Enterprise (HPE), Good Technology (now BlackBerry Ltd.), McAfee and Symantec. In his new role, Eric will assume responsibility for driving awareness and demand for AppDynamics’ industry-leading Business Observability platform amongst enterprise IT decision makers and channel partners. In addition, he will also help to accelerate the delivery of Cisco’s Full-Stack Observability vision – of which AppDynamics is a critical component.  

You can stay up-to-date on the latest AppDynamics news on their blog and newsroom.

Cisco AppDynamics today released the latest report in its App Attention Index research series, revealing consumer reliance on applications and digital services has soared since the start of the COVID-19 pandemic. The global study, which examined the digital behaviors of more than 13,000 global consumers, also identified consumers now have a zero tolerance policy for poor application experience and automatically place blame on the application and brand, no matter where a performance issue stems from.

Consumers blame the brand when the application experience fails

Since the start of 2020, consumers have experienced a sudden and total reliance on digital services, altering how they engage with brands, consume goods and services, and make purchasing decisions. In fact, the research shows that people are using 30 percent more applications today than they did before the pandemic.

The research highlights that because of their increasing reliance and use of digital services, 76 percent of consumers say their expectations of digital services have increased since the start of 2020. Alarmingly for brands, when their expectations aren’t met 60 percent of consumers will now automatically blame the application and the brand no matter where the issue actually lives. Whether it’s within the application itself – such as pages loading slowly, downtime, or security failures; or external factors like internet connectivity, slow payment gateways or technical issues with third party services – to the consumer there is no distinction and they will now place responsibility firmly on the brand.

• 72 percent of people believe it’s the responsibility of the brand to ensure that the digital service or application works perfectly.
• 92 percent say they expect digital services to have reliable, consistent performance.

Loyalty lies with brands that invest in application experience

Consumers have not only come to rely on applications and digital services to function in everyday life, but they also used them to facilitate social interactions in the absence of traditional ways of connecting in person. The research found that the majority of consumers (85%) say that digital services have become a critical part of daily life, with 84 percent stating they helped them get through the pandemic in a positive way. Additionally, consumers are now loyal to brands based on how significantly they invested in digital services during the pandemic.

• 72 percent say they feel grateful to the brands that invested in digital during the pandemic so they could get access to the services that they love and rely on.
• 67 percent say they feel more loyal to brands that went above and beyond with the quality of their digital service during the pandemic.

Brands have one shot to get the ‘total application experience’ right

61 percent of consumers now state their expectations for digital services have changed forever and they will no longer tolerate poor performance. The research goes on to find that 72 percent of consumers believe it’s the responsibility of the brand to ensure that digital services work perfectly, and more than half (57%) state that brands have one shot to impress them with their digital experiences before they switch to another provider. 

• 72 percent say they simply don’t care who is responsible for problems with digital services, they just want them fixed and to work.
• 68 percent consider it disrespectful to users for brands to offer a poor digital experience in this day and age.
• 57 percent believe most problems with digital services and applications are completely avoidable.

73 percent of consumers stated that even as life returns to normal, they know they will continue to rely on the digital services they utilized during the pandemic. This means the pressure technologists are under to tackle the complexities of modern architectures in order to deliver flawless digital experiencesisn’t going away.

Cisco AppDynamics is committed to helping technologists take on these challenges of leading technology health and performance to deliver the ‘total application experience’ to users. To learn more about Cisco’s full-stack observability solution and how the AppDynamics Business Observability platform can help technologists deliver the ‘total application experience’ to consumers, visit appdynamics.com.

Other Resources:

• App Attention Index 2021 Report

Research Methodology: 

The research included interviews with more than 13,000 consumers, including 2,000 interviews in both the United States and the United Kingdom, and 1,000 interviews within Australia, Canada, France, Germany, India, Japan, Russia, Singapore and the United Arab Emirates. The research was conducted by Insight Avenue in June 2021.

Cisco AppDynamics, the industry leading Business Observability platform, today announced the expansion of its Software-as-a-Service (SaaS) offering through five strategic new locations, enabling fast, secure and reliable access to the AppDynamics Business Observability platform. Built on Amazon Web Services (AWS), new locations in Cape Town (South Africa), Hong Kong (China), London (England), São Paulo (Brazil) and Singapore will provide regional customers and partners with access to full-stack observability solutions that are secure, scalable and adhere to their local data residency regulations, enabling companies to deliver a superior digital experience

Recent research from Gartner indicates that almost 70 percent of organizations using cloud services today plan to increase their cloud spend in the wake of the disruption caused by COVID-19.

As technologists lead their company’s response to the pandemic, many are facing increasingly high pressures to innovate and scale digital services and migrating to a SaaS approach comes with strong considerations. Challenges with implementing SaaS services due to evolving data residency laws and regulations, as well as latency via cloud services that can exist based on proximity to SaaS locations, are areas of concern when considering a SaaS approach. However, modern CIOs recognize the urgent need for a secure, reliable and scalable SaaS solution to support their rapid digital transformation efforts and meet the ever-increasing user demand for flawless digital experience.

The addition of five new locations offers a solution to enterprises concerned with potential data sovereignty and governance requirements, and provides access for customers all around the globe. With points of presence already in place in Portland (US), Frankfurt (Germany), Mumbai (India) and Sydney (Australia), AppDynamics now has more SaaS support than any other vendor in the market.Recently acknowledged as a notable strength by Gartner, AppDynamics’ robust global SaaS footprint will ensure enterprise companies can focus on creating flawless digital experiences through the Cisco AppDynamics Business Observability platform, while achieving greater control around:

• Data Residency, Privacy and Security – Enables local enterprise businesses to comply with anticipated data residency regulations, comprehensive compliance and security certifications such as SOC 2 Type II, EU-US Data Transfer and GDPR-Ready.
• Scale – AppDynamics is delivered with the scalability of AWS providing high-speed access to data with lower total costs, less on-premises resources, and added support and maintenance.
• Faster Access to Innovation – customers can leverage the latest innovation from AppDynamics including cloud native services, APM, and application security through automated and seamless upgrades.

The addition of the five new locations comes on the heels of AppDynamics’ SaaS offering in India, announced in October 2020, and builds on the company’s global SaaS footprint across Africa, Asia, Europe and South America. With each location strategically selected based on regional user demand, AppDynamics is seeing evidence that this strategy is quickly meeting the needs of enterprises around the world. For example, its Frankfurt SaaS location doubled the amount of users in only 18 months.

AppDynamics’ new SaaS locations will be available as follows:

• Singapore (April 2021)
• London (April 2021)
• Hong Kong (July 2021
• São Paulo (July 2021)
• Cape Town (July 2021)

Learn more about AppDynamics SaaS and the company’s security and privacy assurance here.