April 27, 2015

Government scientist warns of rail signal hacking danger
Prof. David Stupples of City University London specialises in research and development of networked electronic and radio systems, and advises the government on cyber terrorism and organised crime. He told the BBC that the new European Rail Traffic Management System (ERTMS) – a computer-controlled signalling system that will supersede the British rail network’s ageing signal lights – could be exposed to cyber attacks. The professor explained that malware introduced by insiders could affect trains’ responses to electronic signals, and said he was speaking now to raise awareness of the threat. “The weakness is getting malware into the system by employees. Either because they are dissatisfied or being bribed or coerced,” he explained.


The 4-stage evolution of cloud computing
We’re still early in the process, but ultimately, it will bring organizations to the point in which decision-making is pushed down through the ranks, and traditional business models are cast aside in favor of more entrepreneurial ventures — even within large corporations. That’s the word from Don Rippert, IBM general manager of cloud strategy, who discussed where the world is at in the progression in a recently released video. Speaking at the company’s InterConnect event, Rippert started off by reminding attendees that the purpose of cloud wasn’t to make things simpler, but rather, “magnify and amplify” the talents of employees. “Clouds are not designed to make things so simple that a trained dog could do it,” he pointed out. “They’re designed to make things so good that you can build the best possible apps in the shortest time.”


Five Forces of Complexity and Change
In digital markets there is often little to zero market share left for laggards, and so these markets are more and more coming to be understood as “winner take all” markets, where there is only first place and there is no second. This dynamic is becoming more prevalent, and thus the number of winner-takes-all markets is increasing, because technology advantages often create massive barriers to competition. Whereas in the past, for example, a wide variety of local stores usually competed within a given geographic region, today due to better transportation, logistics, telecommunications and information technology systems the leading firms are extending their lead and effectively locking out the local players.


Boards are on high alert over security threats
Cybersecurity oversight is the second most important topic for boards in 2015--just behind strategic planning--according to law firm Akin Gump Strauss Hauer & Feld. "It's not just financial services firms or regulated companies--everyone is interested now," says Kimberly Peretti, partner and co-chair of the security incident management and response team at law firm Alston & Bird. ... Yet board members complain that they're not getting the right information. More than one-third of them are dissatisfied with the quality of information they get regarding cybersecurity risk, and more than half are unhappy with the quantity of information provided, according to a NACD survey of 1,013 public companies.


State of Cybersecurity: Implications for 2015 An ISACA and RSA Conference Survey
While attacks are becoming more sophisticated and the motivations behind them seem to evolve on a daily basis, the perpetrators can be fairly clearly categorized. The data demonstrate that the threat actors that are most frequently penetrating enterprise security include cybercriminals, hackers and nonmalicious insiders ... The data support the horror stories that haunt organizations relative to cybersecurity. Enterprises continue to struggle with traditional security threats such as lost devices, insider threats, malware, hacks and social engineering, while simultaneously trying to keep sophisticated attacks by nontraditional threat actors at bay. In such an environment, it is important to understand how enterprises are staffing and managing security.


They monitor hearts, count calories … but are health apps any good for you?
The British Medical Journal questioned whether the apps now on the market do anything other than cause anxiety.In the article, Dr Iltifat Husain, editor in chief of iMedicalApps.com, a review site for medical professionals, argued that some apps “help people to correlate personal decisions with health outcomes” and “can help doctors to hold patients accountable for their behaviour”. Dr Des Spence, a GP in Glasgow, argued that the apps were “untested and unscientific” and opened the door of uncertainty. “Make no mistake: Diagnostic uncertainty ignites extreme anxiety in people,” he wrote. Health apps are in their infancy and at the moment are fairly blunt instruments.


Total Talent Management: A Systems Approach to Agility
A company, like a system, has an established way of working (often referred to as culture) that it must consider in selecting independent contractors and even outsourced partners. In the example above, agile should have been a key consideration in selecting external IT contractors or outsourcers because that’s what the IT department had become familiar with. Personnel selected for the finance department and project-management office should also have been working in an agile manner. An external injection into the existing system of a completely different way of working and functioning creates misunderstandings and slows work. People will expend effort to correct missteps that could instead have gone toward progress.


With ransomware on the rise, cryptographers take it personally
Shamir believes that ransomware is an area where the security community failed "in a miserable way," because there are no good products to protect against it. And this is just the beginning, he thinks. Today ransomware can affect your PC or your mobile phone, but it's only a matter of time until your smart TV and other Internet of Things devices will also be held to ransom, he said. That time is probably not too far in the future. F-Secure noted in its report the emergence last year of a ransomware program called SynoLocker that infected network-attached storage (NAS) devices made by a company called Synology.


Dell takes on Cisco and Juniper with 100G data center switch
All of these switches support the Open Network Install Environment (ONIE) to allow for install of pre-qualified third party operating systems. With ONIE loading, these networking switches can be booted without using proprietary means, Dell says. The switches are tested and validated with third party operating systems and network virtualization software from Dell partners Cumulus Networks, Big Switch Networks, VMware and Midokura. Dell also added to that partner roster this week with the inclusion of IP Infusion, a developer of network operating system software for enterprises and service providers. IP Infusion’s OcNOS includes support for MPLS and VPLS for WAN, VPN and data center interconnect applications.


Are wearable tech startups just looking for problems?
Nick Hunn, founder and CEO of Wifore and one of the competition judges for the event, agreed, saying that while there was no shortage of innovative startups at the Wearable Show, the enthusiasm wasn’t matched by evidential business planning. “With few exceptions it’s keen young gym users designing tech for keen young gym users, pushing more shiny products into what is already a crowded market,” he commented. “Elvie – a pelvic floor exerciser, which won the startup Dragon’s Den was a welcome exception, showing that there are much bigger opportunities to be targeted if you don’t blindly follow the mainstream. It’s another of the better wearable startups I’ve seen recently which have been started by women. I think there may be a lesson there for the industry.”



Quote for the day:

"Knowing when to take your losses is an essential part of eventual success." -- Tom Peters