Daily Tech Digest - October 16, 2017

Blockchain can fix the sorry state of the real estate industry
A number of blockchain startups are working on tokenizing real estate ownership to overcome these challenges and open real estate investment to more people. An example is BitProperty, a platform that enables property owners to register their property on the blockchain and issue tokens, digital currencies that represent a share of their property. When a person wants to invest in the property, they can purchase any number of its corresponding tokens on BitProperty. Contractors and construction companies can use the BitProperty to raise funds for their projects by launching initial coin offerings (ICO). Anyone who wants to invest in the project can purchase the project’s tokens. In return, they’ll have proportional share of the value and revenue of the finished project in the future.

For a time, Linux OS computers were expected to become the dominant third player in the PC market, Huang said. For example, many thought Linux would be the ideal OS for netbooks, which peaked in popularity in the late 2000s/early 2010s. But Microsoft captured that market by “bottom-ending” Windows to run on the low-powered portables. There’s still talk that Linux could emerge as the dominant OS for thin clients. But IDC’s data doesn’t support that belief. Linux comprised a 3% share of global PC shipments in 2013, but it’s held steady at a mere 1% since 2015 and is expected to stay at 1% through 2021. By comparison, Chrome OS has risen from 1% of the market in 2013 to its current position of 5.5% in 2017, and IDC expects it to reach 8% by 2021.

Cybersecurity: into the data breach
The vulnerabilities stakeholders face include cyber security, data privacy, data breaches, and payments fraud. The utmost vigilance is required to protect organisations against cyber attacks and all stakeholders, including regulators, must be more proactive regarding cybersecurity, with ownership of the issue taken to prevent attacks. In the new payments ecosystem, third-party developers can directly interact with a partner banks’ customers, raising questions about data privacy and security. In an increasingly networked ecosystem, identifying the source of attack will be a challenge. Verizon’s 2017 Data Breach Investigations Report found that security incidents and data breaches affect both large and small financial organisations almost equally. However, the security of larger banks is difficult to compromise as they invest more in cyber security solutions. Smaller banks, which do not have the same access to resources, are more prone to cyberattacks.

A soon-to-be published study shows how the traditional corporate human resources operation actually hampers cybersecurity hiring against a backdrop of the industry's well-documented talent gap. The Jane Bond Project report, commissioned by security talent recruiting firm CyberSN, found that in addition to the lack of available talent for those positions, respondents say their HR generalists are not equipped to recruit and hire cybersecurity talent, and that flawed salary data complicates their ability to issue the best job offers. More than 80% of the 83 cybersecurity positions studied in the report ended up with compensation offers higher than the salary caps stated in the original job descriptions. Half of the 52 organizations participating in the study say they had to up the compensation offers to seal the deal. The positions in the study include security engineers, product sales engineers, incident response analysts, SOC analysts, and product security experts.

Obviously, no company is going to replace all of their hardware overnight, as it would require considerable expense, implementation and architecture challenges that, until resolved, could impact company operations. In addition, there would be plenty of non- technical issues, like employees knowing device X and networkOSY like the palm of their hands and not looking forward to the time it might take to learn new technology and processes. When a company decides to transform to a software defined networking infrastructure, they may not get support from their existing Network hardware vendor, which might beenjoying hefty margins in network hardware sales, not thrilled to push a technology that will make their expensive boxes replaceable for cheap vendor agnostic white boxes.

According to Badman, Extreme's Automated Campus initiative shows great promise due, in part, to 802.1aq shortest path bridging, which supplants routing protocols such as Border Gateway Protocol (BGP), MPLS and Open Shortest Path First (OSPF), thereby reducing complexity. The new network fabric also includes hypersegmentation to contain security breaches, APIs to increase interoperability, and user and device policies that drive automated network changes in conjunction with analytics and changes on the edge. Badman said he views Avaya as one of the leaders of software-defined networking fabrics, adding that Extreme has succeeded in integrating Avaya fabrics since it acquired the vendor. "I'm of the opinion that some vendors are trying to figure out how to proceed with network-wide fabric methods, while painting beta-grade efforts up with glitz and catchy slogans. This just isn't the case for Extreme," he wrote.

Will the Internet of Things rewrite the rules on cyber security?
Despite having capable teams of programmers and rigorous testing procedures, many companies – be they retailers, manufacturers, or service providers – still have a hard time seeing the potential vulnerabilities in their own systems. “There are a lot of companies who think ‘this will never happen’ and then they come back to us six months later saying ‘it happened’,” says Kupev. The challenge, he explains, is being able to look at things from a different point of view. “Often a client’s view of things can be quite narrow because they’re used to looking at things from the same perspective,” he adds. “Our job is to help them look at matters from a different angle and uncover vulnerabilities they would have otherwise missed.” To illustrate his point, Kupev tells the story of an engine maker that invested heavily in ensuring a device’s “regular” communications systems are secure.

The ability to decrypt packets can be used to decrypt TCP SYN packets. This allows an adversary to obtain the TCP sequence numbers of a connection, and hijack TCP connections. As a result, even though WPA2 is used, the adversary can now perform one of the most common attacks against open Wi-Fi networks: injecting malicious data into unencrypted HTTP connections. For example, an attacker can abuse this to inject ransomware or malware into websites that the victim is visiting. If the victim uses either the WPA-TKIP or GCMP encryption protocol, instead of AES-CCMP, the impact is especially catastrophic.Against these encryption protocols, nonce reuse enables an adversary to not only decrypt, but also to forge and inject packets. Moreover, because GCMP uses the same authentication key in both communication directions, and this key can be recovered if nonces are reused, it is especially affected.

clicks pageviews traffic denial of service ddos attack 100613842 orig
Metered DDoS pricing used to be more common, said Theresa Abbamondi, director of product management for Arbor Cloud and Services at Arbor Networks, Inc. That created a risk for customers, she said. Arbor has been pricing based on clean traffic when it launched its service four years ago, one of the first vendors to do so. "Most of the purpose-build anti-DDoS vendors quickly moved to this type of clean traffic pricing model, and it became the standard in the high end of the market," she said. "Among vendors like Cloudflare, who sell DDoS as an add-on service to a customer base more interested in the vendor’s core offerings, it’s still common today to see vendors limiting the total bandwidth of traffic they will scrub, blackholing traffic that exceeds that threshold, or hitting the customer with exorbitant, hidden fees," said Abbamondi.

New derived credential technology eliminates the need for a physical card by placing verified identity credentials directly and securely onto the mobile device, much as mobile-pay systems do away with the need to make payments using a plastic credit card. This technology offers the added benefits of making identity verification more convenient, and preventing unauthorized logins. But derived credentials and authentication tools such as biometrics offer only a one-time, “snapshot” form of user verification. Once the user has passed the initial test and gained access, the device and everything on it become fully available for viewing and use. Behavioral analytics promises to change this paradigm.  ... tools designed to capture how a device is used can provide the equivalent of a continuously-authenticating security “video,” to detect interlopers, transaction by transaction.

Quote for the day:

"Anger is the feeling that makes your mouth work faster than your mind." -- Evan Esar

Daily Tech Digest - October 15, 2017

Data governance stumble

Data governance involves data quality, ownership and security, metadata, and analytics processes. In most organizations, the word “governance” tends to throw off staff, who can become confused with what data governance entails in the organization and what their specific role is. In order to clear up the role of data governance in the business, it should be defined more in terms of data quality and how higher quality data can advance the efficiency of the business. High data quality should be the fundamental aim for any data governance campaign, and it should be the key area of focus. In fact, research by Gartner showed that poor data quality cost organizations an average of $8 million a year.
Challenges to the proper implementation of data governance Many businesses fall prey to spending too much time on defining a data governance model, such that they end up hindering their organization from becoming data driven.

How to shape your customer experience with big data

It’s clear that the volume of data is increasing, and shows no signs of slowing down. As such, brands will have to move beyond using data just to create internal reports to satisfy internal stakeholders; they need to start leveraging cross-departmental data to deliver insights and shape the customer experience better. This comes at the back of companies undergoing digital transformation in Asia Pacific, where the first wave of change was migration towards the cloud and expanding their digital capabilities. With the right tools, the next wave will see marketers using both public and owned data to drive measurable outcomes, and enhance customer experience through personalisation. It all sounds great, but where can companies start? Here are some big brands that have successfully managed to embrace data analytics to fuel efficiency and growth

EA - Why You Should Think About The Enterprise Continuum!

We were really thinking hard about whether TOGAF should stay in the Information Technology (IT) space versus the “enterprise” space. Most of us thinking we need to go beyond IT architecture. When we agreed to proceed in the enterprise direction many things emerged as important including thinking about services – not just IT services, but business oriented services. We thought a lot about building blocks. As a matter of fact, if you got a hold of an old version of TOGAF, you would see interesting treatment of building blocks and services, and how they would be used in the Architecture Development Method (ADM). Of course the subject of building blocks generated a need to distinguish between architecture building blocks and solutions building blocks, and their relationship. Additional discussion uncovered the observation that there were common problems across enterprises addressed by different architectures and solutions.

Innovation, Tradition, And Striking the Balance

My son turns eleven today. We are all set to celebrate as we always do – our kids love the traditions that come with birthdays, Christmas, Thanksgiving, college football, and too many other events to mention. The house is decorated exactly the same for every birthday. I’m told they love it that way. There will be a special dinner, as always. All this tradition and consistency got me thinking. My children certainly love new things and surprises: new adventures, trips to unknown places, crazy experiences. And still, for a handful of personal milestones, they seem to want- to need- something familiar and dependable. Certainly, that is to be expected. New experiences bring excitement, anticipation of something unknown, and the possibility of “total awesomeness” (which, I have to imagine, is what the kids are saying nowadays.) Those traditions, the patterns sought out by their own brains, bring them a sense of stability, safety, and comfort.

Why Marketing Needs AI

The largest costs in marketing are human-related, from people to make content at scale to running advertising programs. These costs scale upwards at a disproportionate rate to impact delivered; adding more marketers scales at best linearly, because humans only have 24 hours in a day and do any one task relatively slowly. Compare that with the capabilities of machine learning and artificial intelligence. If I have an analysis problem to solve and sufficient cloud computing infrastructure, instead of having one computer work on the problem, I simply “hire” thousands of temporary computers to instantly complete the job. Once done, those computers move onto other tasks. I could never hire thousands of people in a second and lay them off seconds later – but I can with machines. If all the tasks in marketing were ideally suited for the ways humans work, this solution wouldn’t be much of a solution at all.

Fintech: Too large to ignore, too complex to regulate

Technology-neutral regulation refers to a specific regulatory process under which rules and regulations prevent service providers from preferring one type of technology over another in offering their services, although some experts, such as Professor Matthias Lehmann of the University of Bonn, find the definition of technological neutrality to be ambiguous. While innovation used to be regarded more positively before the 2008 financial crisis, according to Arner, Patrick Armstrong, Senior Risk Analysis Officer on the Innovation and Products Team at the European Securities and Markets Authority (ESMA), pointed out that "regulations are there as a response to the market failure from 10 years ago".  He argued that, in dealing with fintech, regulators act differently, very much depending on the technology involved and the risk that it carries.

Fintech Malaysia Report 2017

Malaysia’s regulators in these few years has taken a open but cautious approach towards regulating fintech. Since the appointment of Tan Sri Muhammad Ibrahim as the new Governor of the Central Bank of Malaysia in 2016 we’ve seen several key reforms and regulations being introduced most notably was the announcement of the Malaysia’s fintech regulatory sandbox. The Fintech Sandbox is open to all fintech companies including those without a presence in Malaysia, however the prequisite is that said company must have a genuinely innovative solution that fills a gap in the market. They are not required to work with a bank but the Bank Negara Malaysia encourages it. Upon being approved to be in the sandbox the fintech companies has 12 months testing period.

Rational Agents for Artificial Intelligence

The path you take will depend upon what are the goals of your AI and how well you understand the complexity and feasibility of various approaches. In this article we will discuss the approach that is considered more feasible and general for scientific development, i.e. study of the design of rational/intelligent agents. ... There are 4 types of agents in general, varying in the level of intelligence or the complexity of the tasks they are able to perform. All the types can improve their performance and generate better actions over time. These can be generalized as learning agents. ... As the agents get complex, so does their internal structure. The way in which they store the internal state changes. By its nature, a simple reflex agent does not need to store a state, but other types do.

Can a blockchain tech revolutionize corporate deposits?

“What’s been happening over the last five years in the banking industry is banks have been reviewing customers and are looking more closely at the profitability of each client,” Aidoo said. “As a result, banks may turn away less profitable clients.” Yet Aidoo believes there is a solution: the Utility Settlement Coin, which relies on blockchain technology. ... The Utility Settlement Coin is a smart contract that is held at a central bank as collateralized cash. It lets banks accept deposits from corporations and turn some of them into settlement coins, which are really balances held at a central bank. Say there are five casinos in a small area and a gambler buy chips with U.S. dollars at a cashier window at one of them. If the casinos were all using Utility Settlement Coin, the gambler could go to any of the casinos with the same chips and they would honor them, letting the gambler exchange them for cash.

6 Industries That Could Be Forever Changed by Blockchain

The future is about to change with blockchain. A blockchain is essentially a continuously growing list of records, called blocks, which are linked and secured using cryptography. The first work on a cryptographically secured chain of blocks was described in 1991 by Stuart Haber and W. Scott Stornetta. While blockchain is still fairly new to most consumers, experts are beginning to understand that banking and payments aren't the only industries that could be affected by blockchain technology. Other industries could also be affected by this new phenomenon in the future. With every paradigm shift, there are winners and losers, and just as the internet disrupted the way we communicate, blockchain will disrupt a number of industries. The world's crypto-currency market is worth more than 100 billion dollars. Startups are already using blockchain to push transparency and trustworthiness within the digital information ecosystem.

Quote for the day:

"You grow up the day you have your first real laugh at yourself." -- Ethel Barrymore

Daily Tech Digest - October 14, 2017

Alibaba Aims to “Master the Laws” of AI and Put Virtual Helpers Everywhere

Jack Ma, Alibaba’s executive chairman, announced his decision to establish the Alibaba DAMO Academy (DAMO stands for Discovery, Adventure, Momentum, and Outlook) on the first day of the company’s 2017 Computing Conference, which opened on Wednesday. Ma said the academy will do research aimed at “solving problems” related to the Internet of things, fintech, quantum computing, and AI. It will open seven research labs in China, the U.S., Russia, Israel, and Singapore.  Chinese tech companies are increasingly looking to invest in cutting-edge research, especially artificial intelligence. Alibaba’s future has never been so closely intertwined with original research. The company already has more than 25,000 engineers working on applying AI advances to consumer products and cloud computing services.

Reframing growth strategy in a digital economy

Traditional strategic planning is important as a means of understanding the world of today. However, if you aspire to a strategy that will enable your company to achieve disproportionate growth and create competitive advantage, you need to push beyond pure analysis. What if the razor industry, dominated by giants Gillette and Schick, had looked beyond known competitors to anticipate the value in a direct-to-consumer subscription service? Would the e-commerce razor delivery company Dollar Shave Club have had such a meteoric rise? And would powerhouse Unilever, which acquired the startup in 2016, have expanded as meaningfully into the shaving business? Successful digital strategy requires a blend of deductive analysis and the type of inductive reasoning that powers the creative leaps that anticipate and open fundamentally new markets.

How Python rose to the top of the data science world

There are many interesting libraries being developed for Python. As a data scientist or machine learning practitioner, I’d be tempted to highlight the well-maintained tools from Python core scientific stack. For example, NumPy and SciPy are efficient libraries for working with data arrays and scientific computing. When it comes to serious data wrangling, I use the versatile Pandas package. Pandas is an open source library that provides fast and simplified data manipulation and data analysis tools for Python programming language. It focusses on providing realistic and high-end data analysis in Python. I’d also recommend Matplotlib for data visualization, and Seaborn for additional plotting capabilities and more specialized plots. And Scikit-learn is a great tool for general machine learning, which provides efficient tools for data mining and analysis.

The elastic edge of the new age network

The elastic edge of the new age network
Corporate boundaries now extend far beyond the four walls of the enterprise, and are becoming more fluid and elastic every day. They now incorporate mobile workers, vehicles, pop-up and temporary networks, kiosks, cameras and sensors, to name just a few. Organisations need a WAN with an Elastic Edge – one that effortlessly expands, contracts and stretches to connect any new endpoint, wherever that may be. The traditional branch-centric WAN was never designed to cope with these demands. Highly complex and inflexible, a traditional WAN often inhibits business agility. Increasingly, organisations are looking to a Network-as-a-Service (NaaS) model, where connections can be spun up and down, whenever and wherever they are needed. In this model, organisations can move away from a traditional build-your-own, fixed location network, to a model that can be designed to individual requirements and billed on a ‘pay for what you use’ basis.

5 Misconceptions about Shadow IT

While you might think traditional firewalls are inspecting traffic thoroughly, legacy security tools don't offer the kind of visibility and control organizations need when sending data back and forth to the cloud. For example, cloud resources are accessible by any user, anywhere. An on-premises firewall cannot register that exchange of information. What's needed are advanced security tools, like those available in a Next-Generation Security Platform. These have the ability to inspect every data packet coming into and out of your virtual environment, and to apply security and access policies consistently across physical and cloud resources. Products like App-ID from Palo Alto Networks identify all traffic and apps, so the IT team enjoys end-to-end visibility. In the Tech Pro Research survey, only 47% said they use next-generation firewalls for SaaS access

How Will AI in FinTech Benefit Consumers?

Areas in the financial industry are dependent on a set of complex rules. Humans have to manually review hoards of data. Human error in this process in inevitable. In some cases, the false positive rate of risk detection – the rate that humans accidentally detect a case of fraud – is as high as 60%. As financial services become more complex, and more people have access to these services, the amount of data banks are dealing with is increasing. The issue of human error will only become more critical. This is why smart systems can be so useful for consumers. They can increase the accuracy with which fraud is detected, and ensure that cases of fraud that are currently being missed are now captured. In the credit card space, for example, MasterCard traces card usage, and endpoint access.

API-Driven Development With OpenAPI And Swagger

Microservices and public APIs are grown from the roots of service-oriented architecture (SOA) and software-as-a-service (SaaS). Although SOA has been a trend for many years, widespread adoption has been hamstrung by SOA's complexity and overhead. The industry has settled on RESTful APIs as the de facto standard, providing just enough structure and convention with more real-world flexibility. With REST as the backdrop, we can create formal API definitions that retain human readability. Developers create tooling around those definitions. In general, REST is a convention for mapping resources to HTTP paths and their associated actions. You've likely seen these as HTTP GET and POST methods. What's key is to use HTTP itself as the standard, and layer conventional mappings on top of that for predictability.

At the intersection of technology and private equity

Private equity firms are attracted to cloud-based SaaS delivery models, which offer recurring revenue streams via continuing renewals of an existing customer base. Despite the lack of hard assets to lend against, the predictability of subscription-based revenue models offer private equity firms a reason to invest, to hold those investments for longer periods of time and provide a cushion from inflated valuations. All of which is not to say that there’s not the threat of fracture to this new private equity-tech partnership. Naysayers argue that funds are paying an egregiously unhealthy EBITDA multiple, and, in doing so, are creating a new bubble. In addition, for the private equity-tech relationship to work in the long-term, funds must be willing to assert unusual control over their investment targets, continue to invest in operationally sound playbooks and must help their portfolio companies nail the subscription model, which requires higher upfront costs.

Using Machine Learning To Multiply Your Digital Marketing ROI

Finding the right marketing messaging for all customer segments is a highly challenging and highly rewarding endeavor. Machine learning pilot programs are providing leading banks with a competitive edge while helping marketers better understand what types of marketing messages are preferred with various audiences. The latest digital advertising platforms and c0ntent management tools are making machine learning accessible and affordable to non-technical marketing teams in a variety of industries. With the adoption of these advanced marketing technologies, we are moving into a world in which the most visible marketing asset to digital marketers, the homepage marquee banner, will deliver more personalized messaging, better marketing results, and an overall better experience to all prospects and customers.

IIA research identifies barriers to business intelligence and analytics adoption

Want to achieve data-driven excellence? It's all about perspective.
While data preparation capabilities are critical to BI and advanced analytics adoption, the “softer” areas of culture, leadership and skills are also key. Even organizations that are strong in these areas say that they see significant challenges with things like innovation, creativity and leadership. As the report reveals, weak adopters of both BI and advanced analytics should see opportunities for executive support. Without a strong vision and buy-in at the executive level, resulting initiatives will naturally fail or underperform. To improve adoption, leaders need to openly demonstrate and quantify the value or metrics of success from these initiatives. As organizations pursue the path from BI to an advanced analytics continuum, the skills and competencies required from data scientists are broader than those of BI/reporting staff or business analysts.

Quote for the day:

"You don't have to know how you are going to accomplish your goals, you just have to know that you will." -- Mike Basevic