ACM Ubiquity

book excerpt from and by Bob Willard

In The Next Sustainability Wave: Building Boardroom Buy-in (New Society Publishers, 2005), I explore why the idea of sustainability has been embraced enthusiastically by some businesses and rejected by others. The first wave of corporate converts to sustainability was driven by a PR crisis, regulatory pressures, or the founder's personal passion. The next wave, however, requires different drivers if it is to build a critical mass for corporate responsibility in the business community. I focus on two emerging drivers that promise to spur corporate commitment to sustainability strategies:

a compelling quantification of potential business opportunities, and

a 'perfect storm' of threatening market force risks on the horizon that range from climate change to the rising demands of stakeholders.

An effective carrot-and-stick duo, these two drivers are both triggering the need for change and providing a vision of business success if the transition to sustainable operations, products, and services is smartly managed. Emphasizing the importance of how sustainability is presented to corporate leaders & using the right language, and avoiding threats to the status quo that provoke habitual corporate defense mechanisms — the book applies effective selling techniques to reposition sustainability strategies as a means to achieving existing corporate ends, rather than as a separate priority to worry about. It sells sustainability as a solution, a business strategy, and a catalyst for business transformation.

The following excerpts position the drivers against the stages that companies go through on their sustainability journeys.

Bob Willard, Author

---

Regulatory Pressure PR Crisis ———›

Regulatory Threat Business Case ———›

"Perfect Storm" Business Value ———›

Passionate CEO ———›

Stage 1: Pre-Compliance

Stage 2: Compliance

Stage 3: Beyond Compliance

Stage 4: Integrated Strategy

Stage 5: Purpose & Passion

---

(0) comments

CIRA.ca
Open letter to the Internet Corporation for Assigned Names and Numbers (ICANN) from the Canadian Internet Registration Authority (CIRA)

CIRA is a respected and influential player in global Internet governance. This has been especially true when it comes to ICANN, where CIRA's involvement has included: participating actively in events leading to the creation of ICANN; helping create the Country Code Names Supporting Organization (ccNSO); chairing the ccNSO working group on IANA; voluntarily contributing funds to ICANN; hosting the ICANN Montreal meeting; supporting the ICANN Vancouver meeting in many ways including being its main sponsor; and generally promoting the value and benefits of ICANN to the world community.

CIRA remains committed to global Internet governance. Notwithstanding this commitment, CIRA, including its Board of Directors, has grown increasingly concerned with ICANN's departure from a number of its core values. The process by which ICANN renewed its dot-com agreement with VeriSign is illustrative of this departure.

It is in this context that CIRA, wishing to see ICANN succeed, and expecting ICANN to follow accountable, transparent and fair processes, makes the following recommendations to the ICANN Board: [read further]

(0) comments

Computerworld

A sudden increase in a particularly dangerous type of distributed denial-of-service (DDoS) attack could portend big trouble for companies, according to VeriSign Inc.

The Mountain View, Calif.-based company said that about 1,500 organizations worldwide were attacked earlier this year by unknown hackers who employed botnets and Domain Name System (DNS) servers to swamp networks with unmanageable torrents of data.

The attacks, which started on Jan. 3 and ended in mid-February, were notable because they employed an especially devastating kind of DDoS attack, said Ken Silva, VeriSign's chief security officer.

Such an attack typically involves thousands of compromised zombie systems sending torrents of useless data or requests for data to targeted servers or networks -- rendering them inaccessible for legitimate use.

In this case, attackers sent spoofed domain-name requests from botnets to DNS servers, which processed the requests and then sent replies to the spoofed victims, according to Silva.

“When the number of requests is in the thousands, the attacker could potentially generate a multigigabit flood of DNS replies” directed at the spoofed server, according to a description of such attacks on US-CERT Web site (download PDF).

“This is known as an amplifier attack because this method takes advantage of misconfigured DNS servers to reflect the attack onto a target, while amplifying the volume of packets,” the CERT description said.

Unlike typical DDoS attacks, the volume of data generated by amplifer attacks is greater by several orders of magnitude, Silva said. Though this type of attack is not especially new, the latest wave demonstrates how good hackers are getting at launching them, he said.

“It really demonstrates how much horsepower these people have developed and how efficient they are at developing it,” he said.

(0) comments

PC Pro

Security firm McAfee has a great deal of egg on its face after it inadvertently released a new set of virus signature files that falsely identified dozens of ordinary programs as malware. The company now has to face complaints from angry users who may have deleted their files.

The problem started last Friday when the company released the 4715 DATs which contained an incorrect identification for the W95/CTX virus. As a result, a long list of ordinary files, including Microsoft's Excel, the Google Toolbar installer, Java and the Macromedia Flash Player, were marked as hostile and users were prompted to either quarantine or delete them.

[...]

[CLB: This is a great example of how friendly intervention software can go astray. There are arguments that we should release friendly counter-virii onto the net to protect, prevent, and repair. But even with good intention and design, mistakes can occur, as the above illustrates.]

(0) comments