// archives

Cool Technology

This category contains 19 posts

On Passion and Robots

My overall ambition is to help people and organizations to reach their full potential. I believe that technology is an important aspect for that and I am passionate about security and privacy and how they play a crucial role in determining if and how we can take advantage of the seemingly endless potential of technology. But I also ask myself what the consequences of this technology is. It is visible already today that in the close future we will face a massive change in society. Entire job categories will disappear and robots (mostly software based) will take over many of today’s jobs. Take the transportation industry for example. While Tesla’s “autopilot” clearly still has it’s challenges in a couple of years cars, trucks and buses will be able to drive autonomous. What happens then to all the cab and truck drivers that are on our streets on a daily basis? And that is only the beginning. More and more sophisticated tasks will be done by Artificial Intelligence AI.

What does that mean for people that are studying or thinking about what kind of job should be in their future or where they should develop professionally? Is it physics, chemistry, sport or rather social studies or… How does one choose today a field so that chances are good that robots aren’t replacing you shortly out of university? It is an important subject as not everything that technology will bring will be good for everybody. The answer to this question is not easy as our understanding today is very limited what impact AI robots will have on our lives. But some aspects are in my view clearer than others and might be a start.

The first point where we can differentiate us from bots are morals, values and ethics. Our personalities can make a difference and I see that as a clear advantage over machines or for that matter towards other people as we will not just be competing against bots but against a relatively larger workforce for fewer jobs. While we can program behavior rules I don’t believe (or maybe hope) that we will achieve developing a moral artificial intelligence.

Second, what differentiates us are emotions. To be able and willing to show and feel passion and feeling for other people. Think about it as mentally or physically giving somebody a hug. Not everything happens at an intellectual level and looking ahead I believe that compassion will become again more important. Especially as in many places it seemed to have gotten lost.

The third element is creativity. Bots already today write short stories but creativity is something that I believe (or again maybe hope) is beyond programming. Be able to tell a story will be something that stays human still for a long time.

The fourth aspect is to solve new and hard challenges. I don’t believe that robots will be able to solve the really hard questions in the foreseeable future. To systematically and more important intuitively draw conclusions, to listen to a feeling/intuition and follow it up to find the solution to a hard problem. To have a dream and suddenly things fall into place in a way that one has not foreseen. To run through a massive amount of permutations is what computers do best but to see connections that are not clearly visible and be courageous to try out and find new paths is where humans shine.

And the final thought but maybe the most important is passion in what you do and to challenge, enable and inspire others. If you truly want to make a difference then finding out what you do with a passion is the best way to show that you are making a difference. There are the people that are lucky to already know from very early on where their passion is and what they want to do and then there are the majority where it takes longer to find out. Too many though give up in that process and focus on doing what gets them through the day. But will that be enough in the future? I fear not. And with inspiring and enabling others brings the possibility to act as a multiplier for all aspects above and with that truly solve the important problems together.

So if you make a choice in what to do and in what direction to evolve wherever you are in your career stage – take into account the rapidly changing technology and that robots are advancing. Focus on the things that are hard and that not everybody can do, be passionate about it and don’t forget about empathy and caring about people. Then I am convinced that you are successful also in a world where robots are everywhere.

Fighting Dolphin talk – Cybersecurity and Privacy Hub

Broader Perspectives on SecurityI was invited to participate in a cybersecurity roundtable at the US Embassy in Bern to discuss best practices and experiences in cybersecurity policy. Participants were from private as well as public sector and the special guests were the US Ambassador to NATO, Douglas Lute and his wife Dr. Jane Holl Lute, CEO of the Center for Internet Security. At some point Dr. Jane Lute made a comment that too many IT leaders and executives still use dolphin talk. Not familiar with that language? You actually probably are because it is used quite widely by IT professionals. When “we” speak about a technology topic then the non-technology person understands about as much as when a dolphin is communicating with us.

I liked this comparison as much too often that is the reality and I am working on talking about technology and security in a more easily accessible way. One of the things I discovered in last week’s PwC EMEA Cybersecurity leadership meeting also works on improving that type of conversation. It is the PwC / WSJ Cybersecurity and Privacy Hub that you can find at www.pwc-broaderperspectives.com  This hub is sponsored by PwC and is created together with the Wall Street Journal custom studios. I like it especially as the articles aim at looking at cybersecurity and privacy in a broader fashion and use a vocabulary that does not require multiple classes in cryptography or equivalent. Why not check it out and let me know what you think?

Joining PwC – some thoughts at the start of the journey

It has been an interesting week to say the least and this morning I have time to catch my breath and reflect on the last few days – my first week at PwC as Partner, Cybersecurity. First and foremost, I want to thank everybody who reached out and sent me their congrats and wished me a good start. I will get back to you and answer personally but it still might take a few days. With the congratulations came also quite often the question why change to PwC? It is a good question – one that I will try to answer in this post.

The “why change” has really two factors. First, why leave Microsoft and second why join PwC and I will address them in that order. Leaving Microsoft has been a difficult decision. I am looking back at the last 5 years and it has been an extremely interesting time where I had the possibility to grow and show what impact security can have. Being able to help clients take advantage of modern technologies and being part of a company that is developing leading edge technology has been very inspiring and in the process I have made great friends and met many inspiring people. At the 5-year mark came the time where I had a hard look at where Microsoft is going and where I believe the needs of our clients are. In the end my view was that I cannot really help solve many of the big challenges in Cybersecurity when I look at it from a predominantly Microsoft perspective. To make myself clear – I actually believe Microsoft has a huge impact, will stay relevant and become probably even more relevant under the lead of Satya in the coming years but with the strategy being very clearly “cloud first” it leaves a big gap at today’s clients that is not really addressed from a cybersecurity perspective as there Microsoft is “just one” component. So I took a step back and looked at the big picture. In the end security is my passion (I know – it sounds weird…) and I want to be part in solving the really hard problems. And that is where PwC comes into the picture.

Joining PwC and not another of the big four or one of the leading global security providers comes in the end down to culture, capabilities, ambition and if it feels right. With PwC I ended up with the fantastic situation that all of these factors are in good shape. While not many people yet think first of PwC when they think about Cybersecurity the firms’ and my ambition is that this will change. PwC is doing a strategic investment push into technology – namely “digital, analytics and cyber”. The people that have had (sometimes long) discussions with me know that I see Cybersecurity as one of the biggest challenges today but more important as an enabling factor and not mainly a topic by itself. Cybersecurity and Privacy are the cornerstones for our society to function and grow. The present technologies that we all depend on, and even more the ones to come to play in the next years, will only be used when we trust them. And we typically only trust something that we know is secure and sufficiently private or would you sit in a car that is not safe and broadcasts to everybody at what locations you have stopped during the last half year? So being part of a big technology push together with digital and analytics is exactly where I want to be. And PwC itself has a fantastic brand, incredible capabilities and a corporate culture that I feel at home in. And the last part was for me something especially important. There are plenty of enterprises where the words say that it’s about the people and in the end it is predominantly about the numbers in spreadsheets and people don’t matter really and are looked at purely as an interchangeable resource. On a short term that might even be successful but I am not into this for the short term. I want to have a long-term impact and do something that I believe is worthwhile doing and that has a positive impact on clients, my firm, people and society in general. And that is where I felt that PwC really shines. A respectful culture, a group of very smart people that want to make a difference and a company that has the ability and the willingness to solve the hard problems.

This shows some aspects of my thoughts and why I changed to PwC. Obviously not everything will go as expected and not everything will work out perfectly and there are many challenges to solve. But I am in it for making a difference and we have very ambitious plans. So if you feel that my thoughts resonate – join me and ideally bring your team with you . We want to grow and have only just started this journey. If you are a security professional and/or cloud assurance specialist contact me through LinkedIn or Xing and let’s discuss it. I am looking forward hearing from you.

In the spirit of happy holidays

It isn’t quite the holidays yet but browsing through my LinkedIn feed I liked the video from HP Enterprise and while it is an obvious marketing video it is cute and it brings a little bit more of the anticipation for the holidays into my morning. It also has a nice tagline of thanking people that make things happen and gives a glance on how modern cloud and hybrid services can increase the efficiency of processes. While I don’t have an independent verification that Santa’s operations adopted cloud for scale, big data analytics for improving the insight into kids behavior and IoT to track shipments it is not so far off what technology can do. As my passion lays in security I especially appreciate the cyber threat map of course and overall the “bah humbug meter” should be adopted much more widely also in the non-holiday world.

So in the spirit of enabling people and organizations to reach their full potential enjoy this little video!

Future Visions – Free download

I like Science Fiction and enjoy reading well thought out future scenarios. If you have similar tastes check out the new website “Future Visions” where you find a link to dowload original science fiction stories inspired by Microsoft. The stories explore prediction science,  quantum computing, real-time translation, machine learning, and more. The contributing authors were inspired by inside access to leading-edge work, including in-person visits to Microsoft’s research labs, to craft new works that predict the near-future of technology and examine its complex relationship to our core humanity.

Best of all – the stories are free to download on Amazon, iBooks and Kobo. Check out the details at



New choices on cloud data location and welcome Secure Islands!

This week is pretty packed with security relevant Microsoft announcements and here a quick summary.

Satya Nadella was in the UK yesterday and in Germany today where he announced that Microsoft is expanding the cloud strategy in Europe with two new interesting offerings.

Firstly he disclosed yesterday November 10 the plans to offer commercial cloud services from the UK where Azure and Office 365 will be generally available from local UK-based data centers in late 2016 and Dynamics CRM following shortly thereafter. These services will offer customers data residency in the UK. You can read the blog post with more information here.

Secondly, and maybe more interesting from a Swiss perspective, he announced today November 11 plans to offer cloud services from German datacenters. The main difference between the UK announcement and the German one is that the second is using a trustee model. The services offered will comply with the Microsoft trusted cloud principles on security, privacy, control, compliance and transparency but is combined with a German data trustee model. That means concretely that access to customer data stored in the two new datacenters will be under the control of T-Systems which acts as a data trustee and Microsoft will have no access to this data independently. Cloud services will be made available to customers in the EU and the EFTA and roll-out is planned to begin in 2016. With this Microsoft has a new and unique solution for cuttomers in Germany and the wider Europe that want local control of their data. In my view an important next step in the discussion on data location. You can read more on today’s announcement here.

Independently from the two cloud announcements came the confirmation on Monday November 9 that Microsoft is acquiring Secure Islands. There were lately a few security acquisitions but I am especially excited about this one. I was working often with Secure Islands as their technology to protect customer data using Rights Management technology is second to none and widely adopted especially in the Swiss Financial Services Sector but also with other large customers. Microsoft will now integrate Secure Islands’ technology into Azure Rights Management Service to provide a flexible architecture to meet protetion and compliance requirements. Many of you know that I am a great supporter of Rights Management and this will give new possibilities on-premises, hybrid and cloud. Congratulations to Akie and Yuval Eldar who are the founders of Secure Islands and welcome to the Microsoft Family! You can read the announcement with more information here.


Mozambique free of Landmines – looking back

After 22 years of work, Mozambique was declared as free of land mine peril. During this long timespan over 200’000 land mines from a legacy of wars were one by one removed and destroyed in tedious and dangerous work. I am especially happy about this landmark in the global fight against landmines as I have a personal connection to this and want to use this occasion to look back.

IMSMA website screenshot

IMSMA website screenshot from the webarchive

Some of you might know that in an earlier role I was the program manager for the development and integration of the Information Management System for Mine Action IMSMA. Back in 1998, the Swiss Government wanted to support the United Nations Mine Action Service (UNMAS) in the fight against landmines and sponsored the development and integration of what in essence turned out to be a decision support system combined with an enterprise resource planning system that had a uniquely powerful integrated GIS component and was especially developed for supporting humanitarian demining. I had the opportunity to lead that program that found a home at the Center for Security Studies and Conflict Research at the Swiss Federal Institute of Technology where we worked on behalf of the United Nations.

At that time there existed a few databases that supported demining in different countries but nobody had yet attempted to standardize the datasets and create a system that could be used across different theaters of operation. Starting out from a green field, I was lucky to hire Thomas Schürpf and Beat Schoch and the three of us started working on a system that later became the standard application for Mine Action (another broader term for humanitarian demining). With the success in the field my team grew and in addition to software development we added training and integration specialists that helped the local mine action centers setting the system up, consulted them in how to best use and adapt it, and trained other organizations in performing IMSMA trainings. At some point the Swiss Government established the Geneva International Centre for Humanitarian Demining and from there on we developed the system on behalf of that Centre. In the end we had an install base in 41 countries worldwide, the system became the standard system for the United Nations, the European Union, the Organization of American States and we won the ESRI special achievement in GIS award in 2001. And to come back to the introduction – Mozambique was one of the countries that used the IMSMA system and where my team supported the center and Halo trust on-site.


IMSMA at the KFOR HQ working side-by-side with UK Army Engineer officers

Mozambique is now the second country that has been declared landmine free where IMSMA was used. The first one was Kosovo which was also the testbed for IMSMA and where we spent a lot of time on the ground and learned what it means to clear landmines and where the dangers lay. I will never forget the flight into Prishtina in a British Airforce CH-47 Chinook helicopter escorted by AH-64 Apache attack helicopters and looking out the semi-lowered loading ramp where the helicopter crew was spotting for surface to air missiles as the Kosovo conflict was only just spinning down. As the security situation was still critical, the initial work took place in the Kosovo Force (KFOR) Headquarters overlooking Prishtina without showers, sleeping in tents and working side-by-side with UK Army engineer officers to start the humantiarian demining work. The pictures on the left show a view into our initial set-up and how the landmine situation in Kosovo changed from 1999 Kosovo Landmine Clearanceto 2001. After the initial period the United Nations took over the mine action work and John Flanagan, the program manager of the United Nations Mission in Kosovo Mine Action Coordination Center, described the use of information and IMSMA the following way: “Information is a vital component of mine action. During the successful clearance operation in Kosovo, IMSMA enabled us to rapidly collate and analyze an enormous amount of data. This in turn helped us to plan and priooritize clearance efforts, and assisted with the integration of other activities such as mine awareness education. Throughout the entire mine action program in Kosovo, IMSMA was constantly used to manage the ongoing operational activities, and without it, our task would have been much more difficult.”

Obviously the main work has been done by the women and men on the ground who were doing the actual mine clearance. I have an enormous amount of respect for these people as I know out of experience that even with protective equipment to walk in mine infected areas is dangerous. Many that were doing that work got hurt, maimed and killed and even after this time I think of their sacrifices and of the impact they had on many lives saved. Thank you everybody that is involved in this line of work.

Thinking back also makes me proud. With my team we were – and after all this time still are as some of our original systems are still being used – part of eradicating landmines and contributed to reducing the amount of landmine victims by giving the tools and training for better awareness and improved priorization of clearance activities. This is probably one of the most meaningful things that I have so far done in my professional life and I am especially proud and grateful of the team that I was being able to build and lead. At this time I would like to thank them all for all their work, late nights and weekends. For their long hours abroad, in planes and in some “not so” comfortable and plain dangerous locations they went. Thank you especially Thomas Schürpf who started this with me and was leading the development, Beat Schoch who joined only a bit later and led the implementation and consulting team and Ralf Hug who led a development team. Also thank you to the the whole team that consisted of Armin Fessler, Christian Schluep, Emanuel Mahler, Maria Schabel, Mark Yarmoshuk, Martin Hochstrasser, Maurizio Bianchi, Nicolas Jene, Nicole Allet, Oliver Muff, Patrick Lombardi, Ralf Hug and Reto Schöning. And thanks to the many people that supported and helped us. We could have never done it without you. You all have my deep respect and gratitude.


RSA 2015 – Microsoft Key Announcements in Security


The US RSA conference is probably the world’s leading security conference with about 30’000 participants and took place last week in San Francisco. Scott Charney, Microsoft’s CVP Trustworthy Computing, gave a noteworthy keynote on Enhancing Cloud Trust that can be watched here. It is well worth the time.

The announcements made by us and the presence that Microsoft had at the conference was impressive. The main theme was very clearly that we truly live in a mobile first, cloud first world and that with the explosion of devices and apps come new challenges. Security has been a top priority for Microsoft for a long time already and Microsoft is committed to providing customers with transparency and control over their data in the cloud. Here are the highlights that we announced:

  • New Security & Compliance signals and activity log APIs so that customers can access enhanced activity logs of user, admin and policy related actions through the new Office365 Management Activity API.
  • New customer Lockbox for O365 that brings the customer into the approval workflow if one of our service engineers would have to troubleshoot an issue that requires elevated access. With the customer lockbox the customer has the control to approve or reject that request.
  • Device guard is the evolution of our malware protection offering for Windows 10 and brings a new capability to completely lock down the Windows desktop such that it is incapable of running anything other than trusted apps on the machine.
  • Increasing levels of encryption where O365 will implement content level encryption for e-mail in addition to the BitLocker encryption we offer today (similar to OneDrive for Business’ per-file encryption). In addition we expect enabling the ability for customers to require Microsoft to use customer generated and controlled encryption keys to encrypt their content at rest.
  • Microsoft Passport is a new two factor authentication designed to help consumers and businesses securely log-in to applications, enterprise content and online experiences without a password.
  • Windows Hello which will provide that Microsoft Passport can be unlocked using biometric sensors on devices that support that (most notably iris and face unlock feature in addition to fingerprint).
  • Azure Key Vault which helps customers safeguard and control keys and secrets using FIPS 140-2 Level 2 certified Hardware Security Modules in the cloud with ease and at cloud scale and provides enhanced data protection and compliance and control.
  • New Virtual appliances in Azure where we work with industry leaders to enable a variety of appliances so that customers have greater flexibility in building applications and enabling among others network security appliances in Azure.
  • Enterprise Mobility where we have the Enterprise Mobility Suite (EMS) bringing customers enterprise grade cloud identity and access management, mobile device management and mobile app management and data protection (Reto’s comment: not new but worthy to call out having grown our install base by 6x just in the last year)

More information can be found on Scott Charney’s blog on “Enabling greater transparency and control” that also has further links to more in-detail information on the individual technologies mentioned above.

Productivity Future Vision


I believe strongly that today we only see a fraction of the possibilities how we will be working in the future. New technologies are becoming more personal, bring people together, enable us to live smarter and help us expressing our creativity better.

With the productivity future vision Microsoft looks 5-10 years into the future and puts together a fascinating picture on how we learn, work and collaborate all focused around productivity. It might look far fetched but if you see what Hololens and Surface Hub already enable (and they are just around the corner) then it might in fact not be the so distant future.

or a even nicer way to look at it is on the website with additional information. Enjoy the inspiration!

When thunderstorms and airtravel meet

It has been a few weeks since I have flown to Atlanta for work and I was lucky to have had smooth travels. If you know the Atlanta airport however that isn’t necessarely a given. On one hand it is the worlds busiest airport serving close to 30 million passengers every year and then it is in a location that has frequent tunderstorms. When I now stumbled over a video that shows what happens when thunderstorms occur over the area I was amazed by the resulting images. While not as nicely presented as the pictures in my earlier post on the beauty of airtravel it shows the beauty of technology being able to adapt and overcome obstacles.



About the Author

Reto is partner at PwC Switzerland. He is leading the Cybersecurity practice and is member of PwC Digital Services leadership Team. He has over 15 years work experience in an information security and risk focused IT environment. Prior to working at PwC he was Microsoft's Chief Security Officer for Western Europe and also has work experience as group CIO, Chief Risk Officer, Technical Director and Program Manager.

more about me and contact info

replica Rolex