May 19, 2015

IS Audit Basics: The Soft Skills Challenge
A really good listener must also learn how to take into account nonverbal communications, also known as body language. This includes body movements, gestures, eye contact, facial expression, physiological changes and more. Warning: Body language is, like national languages, not universal and is strongly embedded in the culture. For example, some cultures allow body language to be explicit and show emotions openly through gestures, physical proximity and strong—even challenging—eye contact; whereas, other cultures are more focused on controlling emotions and body language and reveal little, unless you are truly familiar with the particular culture. Control and understanding of body language can be learned and mastered, as evidenced by the best poker players and diplomats.

Industry's First Schema-free SQL Engine - Apache Drill 1.0 is Now Generally Available
Drill expands the spectrum of BI use cases by providing the ability to get value from all of the raw datasets available in organizations, wherever it is. The ability to explore and ask ad hoc questions on full fidelity data—in its native format as it comes in—is what sets Drill apart from traditional SQL technologies, which only solve part of the puzzle by working with only centrally-structured data. The BI/Analytics use cases that Drill enables include self-service raw data exploration and complex IoT/JSON data analytics, as well as ad hoc queries on Hadoop-powered enterprise data hubs. ... With the solid foundation paved with the GA release, the Drill community is planning to add new, exciting features in a variety of areas such as JSON, complex data functions, new file formats and SQL.

Ownership: to risk or not to risk
Risk-taking is one of those things that sounds easier than it is to practice. The plethora of success stories that have embedded itself into the mythos of big-name companies have certainly contributed to this concept: the genius who pursues an idea that has never been undertaken before and is able to reap the considerable benefits after, the startup company that began in a friend’s basement and within three years, has taken over most of the market share in its industry, or the project that took 100 failures to find success, making the entire process worth it. And while businesses will always strive for success, dreaming of becoming the next Apple, the prospect of failing at a new venture can often give pause, if not discourage risk-taking entirely. That’s why it’s up to the champion to take ownership by calculating the associated risks with the projected benefits, and decisively directing his or her team to move forward with a course of action.

DDoS reflection attacks are back – and this time, it's personal
“There's a fertile ground of home systems,” he said. “A property configured home firewall can block this, but there are many improperly configured home systems connected to the Internet – and there are also industrial systems that can be used to reflect attacks as well.” This attack source is also harder to shut down, he said. “It's easier to go into the data center and have the service providers do the clean-up,” he said. Last quarter, SYN flood attacks – where “synchronize” messages are sent to servers – was the leading attack vector, accounting for 17 percent of all attacks, down slightly from 18 percent of all attacks at the start of 2014. There has also been a change in the size of the median attack, and the typical size range of attacks, Kobrin said, as defensive measures have improved.

10 tips to get the most out of your project management system
“Many companies stumble with adopting project management solutions because the software is intrinsically hard to use,” says Scott Bales, director of Solutions Engineering at Replicon, a provider of timesheet management software. “Businesses should find a solution where workflow and configurability feel intuitive, and it has built-in intelligence that anticipates what you need to get your work done,” he says. “The best software gives you a comprehensive set of functions that can be easily added to over time.” If you have a small or no budget, “define your goals and objectives and see if there are any free PM solutions which satisfy them,” says Victoria Kartunova, marketing manager, Bitrix24, a social collaboration and communications platform.

Making the first 100 days count: How a new CIO sets the right priorities
The second area of immediate attention for Bramwell and his team is to think about how the IT team can be agile and support new initiatives at Said. For example, that support might cover how the organisation interacts with its students or how it delivers content, including across distance learning platforms and collaborative systems. Finally, Bramwell's third initial focus is to consider the type of IT organisation that will help deliver business change for the School. He says the technical skills of the team he is inheriting at Said are not as mature as the one he left behind at Wellcome Trust, so talent and succession management will be crucial. "It's an educational journey for everyone, not just for those working in the IT team," he says. "We must make sure our technical capabilities are aligned with the aspirations of the business. We need a clear, well-communicated change

How to Pivot Your Data
Capturing and storing this increasing volume of data is extraordinarily taxing on IT departments. Whether businesses know it or not, the cost of storing and keeping data is one of the heaviest burdens on a company’s infrastructure resources. These costs extend beyond the monetary price of a data storage system. Physically, the data explosion sucks power in data centers more than ever before. Data growth also slows system processes and forms outage windows, creating situations ranging from inconvenienced users to total system shutdowns. As expensive as it is, however, companies cannot afford not to capture these huge volumes of data, for while Big Data promises huge business advantage to those who harness it, the dark side is that those who do not will face an increasing competitive disadvantage.

Bitcoin Startup 21 Unveils Product Plan: Embeddable Chips for Smartphones
21’s concept of “embedded mining” marks a very different approach. It foresees mainstream consumer devices quietly mining in the background to receive very small, ongoing distributions from a managed pool of bitcoin earnings. Embedded mining was long assumed to be part of the company’s mission. However, the business philosophy outlined in Mr. Srinivasan’s blog post paints a different vision than many bitcoin enthusiasts had assumed to be the case ever since a regulatory filing revealed an initial $5 million fundraise in November 2013. Rather than seeking to dominate the highly competitive business of bitcoin mining for profit, 21 is focused on a future “Internet of Things” era in which interconnected appliances will, in Mr. Srinivasan’s words, draw from an “infinite stream of digital currency” to engage in micro-transactions.

Global risk management survey, ninth edition
Risk management must respond to “the new normal”—an environment of continual regulatory change and ever more demanding expectations. In the United States, the Federal Reserve has introduced the Enhanced Prudential Standards and the Comprehensive Capital Adequacy Review. ... Two emerging risks in particular are receiving increased attention from financial institutions and their regulators. Cyber attacks on corporations, including financial institutions, have increased dramatically in the last few years, requiring institutions to strengthen the safeguards for information systems and customer data. Regulators are more closely scrutinizing how institutions manage conduct risk and the steps they are taking to create a risk culture and incentive compensation programs that encourage ethical behavior.

Microsoft offers IT guidance to prepare for Windows as a Service
Currently, Microsoft's wording in its guidance around some hotfixes is to only apply them if trying to fix a very specific set of problems. But when there's data corruption, a bug check or a system hang, it's actually more detrimental than not to wait, Paquay argued. He said if more users would apply optional hotfixes and update rollups proactively, Microsoft would be able to gather more telemetry data and fix path and hotfix problems more rapidly, allowing the company to promote tested fixes as "recommended" or "important" updates/rollups for a broader group of customers. Once an update appears in Windows Update as "recommended," it has already been installed on and deployed to millions of Windows devices already, meaning it has been vetted to a fairly substantial degree (and not just inside Microsoft or by Windows testers only), he said.

Quote for the day:

"If two men on the same job agree all the time, then one is useless. If they disagree all the time, then both are useless." -- Daryyl F. Zanuck