IT STRATEGY - Sometimes chaos is just complexity that you haven't yet

To many observers, cyberspace is a land of chaos. Somewhere out there are opportunities, but there are also myriad threats. Sure, you want to get your company on the Web, to start taking orders and getting information to your customers. Yes, there are prospects for driving cost out of your processes, and those shortened supply chains are bound to impact the top line in ways that couldn’t be imagined a few years ago. But what about the hackers? What about the faceless nature of the Web? Giving credit to someone who turns up at the shop or warehouse every month is one thing, but credit for an almost anonymous entity out there on the Internet? That has to be risky. The hackers have never gone away. Network security is still a major issue, as Microsoft found out last month. It set up a Web site on a server running its prototype Windows 2000 operating system, and in an effort to prove how robust the new product is, it invited hackers to have a go at cracking the site. Amusingly enough, the company attempted to establish a set of rules for this Aunt Sally exercise: miscreant geeks were told they could hack into the server and make minor changes (just to prove their point), but “denial of access” attacks – nerd-speak for damaging the site badly enough to stop anyone else seeing it – were forbidden. Remember, this is Microsoft, the company everybody (and especially computer whizzes) loves to hate. Sure enough, the site was unavailable for long periods of the trial, probably due to hacker intrusion. At least Microsoft learned something from the exercise, but it probably had more to do with its standing in the IT community than security flaws in Windows 2000. (Note also that at the time of writing, an identical challenge made by a site running on the upstart, free, operating system, Linux, had yet to be met – and the site was still available. Again, this may tell us more about geek fondness for free operating systems than about Linux security …) Ironically, the most famous hacker of them all, one Kevin Mitnick (could you make up a more appropriate name for a spotty-faced digital intruder?) has just been sentenced in Los Angeles for his numerous crimes against corporate America. Sadly, the prosecution bungled the case pretty badly, and Mitnick will probably go free in early 2000 after spending four years on remand. His fine? $4,000. The courts even ruled out one of his more serious crimes – accessing information from the Department of Motor Vehicles, America’s answer to the DVLA – because he hadn’t actually hacked their computer. In that instance, he just phoned up pretending to be a state official and a DMV employee told him the confidential information over the phone. The lesson of all this is that for some people – hackers – the Internet isn’t a place of chaos and lawlessness. They understand it intimately, and its byways and niches are familiar territory to be used for profit, both monetary and spiritual. Companies using the undoubted power of the Internet, whether it’s to reach new customers or slash supply chain costs, must acquaint themselves with the territory in the same way the hackers do. If you mistake complexity for chaos, you risk missing out on opportunity. If we characterise the hackers as bandits in the wild west of the Internet, then we should also look at the groups that operate just the other side of the fine line between lawlessness and opportunism. In the wild west, the bandits profited, but so did the casinos and burlesques. Porn on the Internet is a well-understood phenomenon, and one which rakes in at least $1bn-a-year from cyber-citizens. And “day trading” – a peculiarly wild west-ish version of equity investment – even inspires the kind of gun play more normally associated with 19th century Tombstone, rather that 1990s Atlanta. But now the genuine bookmakers are heading on-line, and they’re making a pretty safe bet: taxing the Internet is pretty damned difficult when there’s no sheriff in town. Coral has already decided to base its telephone betting call centre off-shore to reduce the tax payable by punters. But a rash of on-line casinos and bookies based in business-friendly (ie, tax-hostile) Caribbean islands now means that you can wager on almost anything (the semi-final of the Finnish baseball championship was one event mentioned in the press) with low tax and without leaving your desk. FDs should be really interested in this stampede to avoid tax. While the EU and national governments all over the world struggle to work out a way to tax e-commerce, smart companies are shifting all their transactions to the lawless Web, and locating their servers outside national jurisdictions. Coral, and others, might find that the sluggish agents of tax authorities all over the world eventually wake up and work out how to get their take, despite the Internet’s complexities. But in the meantime, just think of all that tax they’re not collecting.