March 31, 2016

Full Stack Testing: Balancing Unit and End-to-End Tests

At their core, tests make sure your application is doing what you intend it to do. They are an automated script to execute your code and check that it did what you expected. The better they are, the more you can rely on them to gate your deployments. Where your tests are weak, you either need a QA team or you ship buggy software (both mean your users get value at a much slower pace than is ideal). Where your tests are strong, you can ship confidently and quickly, without approvals or slow, manual processes like QA. You must also balance the future maintainability of the tests you write. Your application will change and thus so will your tests. Ideally, your tests only have to change proportionally to the change you are making in your software. If you are making a change in an error message, you don’t want to have to rewrite a lot of your test suite. 

From Role-Based Access Control to Access Governance

Because the organization is fluid (e.g. reorganizations, mergers, etc.), the composition of the attributes (the payroll system) is in a constant state of change. The network landscape is also subject to change. And this means that the model that was set up has to be reviewed regularly. Validating the RBAC model is also known as re-certification. Re-certification checks whether the authorizations a person receives on the basis of his attributes are still appropriate within the organization. Alongside validating the RBAC model that has been set up, part of access governance is also to test the reality. This is called attestation. In attestation the organization itself is asked whether the assignment of certain authorizations to employees is in fact correct.

Coursera Announces First MOOC-Based Master’s Degree in Data Science

Data science has quickly become one of the most sought-after and highest-paid professionsin the United States, yet few highly ranked master’s programs exist today that are developed specifically for training data scientists, and none offer the scale of an open online course platform. The MCS-DS degree taps a whole new demographic of potential data scientists who are unable to take a traditional education path by reimagining graduate-level education as a “stackable” degree. Unlike other master’s degrees, students can test the waters of the MCS-DS degree with a shorter Specialization certificate program in data mining or cloud computing, earning a meaningful credential that can then fully transfer to the MCS-DS if they later decide that they want the full degree.

10 Ways Virtual Reality is Disrupting Industries

The concept of remodeling isn’t just limited to education or world history. It is creating ripples in the medical world as well. For quite some time now, Virtual Reality is being used to treat Posttraumatic Stress Disorder (PTSD) in war veterans. Using VR therapists recreate situations which the patient fears while they are still in a safe environment. Commonly known as exposure therapy, this helps soldiers in dealing with the stress endured on the during real-world war situations. USC’s Institute for Creative Technologies has been remodeling sites of Iraq and Afghanistan in virtual reality to help warriors combat PTSD. Another healing application of VR in medical is helping amputees deal with phantom pain by recreating their limbs.

Why Hospitals Are the Perfect Targets for Ransomware

The payoff for hackers can be huge. The FBI estimated in 2014 that the extortionists behind the CryptoLocker strain of ransomware swindled some $27 million in just six months out of people whose data they took hostage. And ransomware attackers have upped the ante in recent months with attacks that encrypt not just files on an individual computer but on core servers, to prevent an entire organization from accessing shared files and databases. ... “You don’t have to lock an entire network,” Sjouwerman says. “You just need to find where are the critical files in a network—what servers are serving up the millions of files that most workers use…. And you only need to lock maybe two or three file servers to essentially block the whole network.”

IBM Data Chief on Strategy: Training Engineers for Cognitive Systems

Data is playing an ever-growing role in the business world, with machine learning software and artificial intelligence systems like IBM’s Watson leading the way. IBM’s Bhandari says that IBM is focused on training more data scientists and engineers in analytics systems, such as open-source computing framework Apache Spark, because it believes the amount of human talent has not kept pace with advances in analytics. Simply put, there are not enough people who can take action on insight that is provided by today’s data-analytics software, like the video footage of the Magic-Heat games did for the in-game stats, he says. IBM’s corporate strategy in the current market is on cognitive systems, such as Watson, Bhandari says.

Senator Wyden Lays Out New 'Compact For Privacy & Security In The Digital Age'

Here’s the problem. A few decades ago, courts began ruling that if you provide information to a third party, like your bank or your phone company, you are no longer keeping it private, and it is no longer protected under the Fourth Amendment to the Constitution.  There is a huge, glaring problem with that logic. When you share your information with a single private company, that is not the same thing as making it public. Your phone company may have records of who you call, and your bank may have records of how you spend your money, but your contract with them will have rules for when and how they are allowed to share that information. They are not allowed to just disclose it freely.  This is true in the digital world as well. When I post a handsome new profile picture on Facebook, or send out a tweet to tell people that I’m holding a town hall in Oregon,

Enterprise Mobility is Going Beyond “Mobile First” Approach. Are You Ready?

The future is likely to become even more connected, thanks to internet of things and M2M (machine-to-machine) communications. This means, businesses now need to go beyond ‘mobile first’ planning. By this we mean you need to develop a strategy that puts your business at the forefront of mobility. You need to go beyond just creating mobile applications and services when it comes to deploying mobile technologies. While these efforts were tactical enough to address the need for people to remain connected 24*7 across various devices, they won’t suffice to make your business ready for the mobile journey of the future. Today, we see more and more businesses are investing resources to create a mobile strategy that can successfully transform the enterprise, changing the way they run their business.

5 Dev Tools For Better Code Security

Information security is of paramount importance these days, and there is no better place to start securing systems and data than in the software development process itself. Lapses in coding can leave systems vulnerable to attackers. But examining thousands and thousands of lines of code for a wide array of potential weaknesses is no easy task. Thankfully, a variety of tools are emerging to help ensure the security of your code. With the help of capabilities such as static analysis, these tools not only flag possible issues but enforce security a priority in the development process. Following are five tools aimed at analyzing your code for security flaws, ranging from open source to commercial offerings, available as on-premises solutions or services in the cloud.

Why CISOs Need to Build Better Business Cases For Data Security

The overall budget for security-related costs is often within decentralized healthcare organizations and resides with a number of different clinical, business and technology areas. Typically, the easy business case to make for security investments comes from improving the organization’s overall security posture. However, CISOs will have to redesign this undemanding path toward an approach for making business cases in terms executives can appreciate and directly connect to the organization’s top strategy goals and objectives. Making more effective business cases can help to gain investment dollars and increased control for a budget not always under a CISO’s direct management.

Quote for the day:

"There are many elements to a campaign. Leadership is number one. Everything else is number two." -- Bertolt Brecht

March 30, 2016

Cyber criminals use Microsoft PowerShell in ransomware attacks

Traditional ransomware variants typically install malicious files on the system which, in some instances, can be easier to detect. Although the code is simple, PowerWare is a novel approach to ransomware, the researchers said, reflecting a growing trend of malware authors thinking outside the box in delivering ransomware. Carbon Black researchers found that PowerWare is delivered through a macro-enabled Microsoft Word document that launches two instances of PowerShell. One instance downloads the ransomware script and the other takes the script as input to run the malicious code to encrypt files on the target system and demand payment for releasing them.

Train your IT team for endurance

Work is the ultimate endurance event. While a triathlete might compete in a 5- to 12-hour event, the average career is measured in decades. Consider your IT organization for a moment. If it's like the majority, it's been conditioned around sprinting. A firefight or development sprint results in a fury of activity, the organizational equivalent of an athlete spiking her heartbeat to the max and tenaciously hanging there until it's physically impossible to sustain that level of effort. Like the athlete, after the sprint the team usually hits a wall and performance crashes down— employees even become physically affected by the workload. Contrast this to the team that has trained and measured around the productivity they can produce at sustainable activity levels. There's a quiet energy and diligence, and this team can make a strategic sprint or two when the time comes, without depleting themselves and falling apart.

Q&A: Database infrastructure must match modern apps

As a standard SQL solution, the way you build an application is not significantly different from how you build a system against other relational database management systems. The difference is that it scales. If you're running Oracle on a single machine, and you reach the capacity of a SQL machine, you switch to Oracle RAC, and that gets you some more performance. But when that gets exhausted, you're done. With NuoDB, you can take an intuitive database application design, and rather than changing the application to handle more scalability, you just plug in more computers.

Is outsourcing IT worth the compliance risk?

“Regulators have taken a deeper interest in outsourcing services that have an impact on either the regulatory posture of the organization or on cyber security and cyber-crime,” explains Bala Pandalangat, president and CEO of Centre for Outsourcing Research & Education (CORE), an organization that provides outsourcing advice and training based in Toronto. CORE’s membership includes Deloitte, IBM, Xerox, large banks, universities and law firms such as Torys LLP. “We see several common mistakes when it comes to outsourcing arrangements,” says Pandalangat. “The number one mistake is viewing risk management is an after-thought. Many deals emphasize the financial benefit of outsourcing at the expense of risk management. If risk management is not built into the contract, costly adjustments may be required to address that concern.”

NASA Software Audit Reveals Budgetary Black Hole

The audit warns that delays with such software designed for the Space Launch System (SLS) rocket could affect the ability to react to unexpected issues during launch operations, and could impact the launch schedule for the unmanned Orion system, which is due to lift off in 2018. The first exploration mission would allow the space agency to use the lunar vicinity as a proving ground to test technologies farther from Earth, and demonstrate it can get to a stable orbit in the area of space near the moon in order to support sending humans to deep space. The root of the budgetary issues appears to result from NASA's June 2006 decision to integrate multiple products or parts of products rather than develop software in-house or buy an off-the-shelf product.

Apple’s New Challenge: Learning How the U.S. Cracked Its iPhone

The challenges start with the lack of information about the method that the law enforcement authorities, with the aid of a third party, used to break into the iPhone of Syed Rizwan Farook, an attacker in the San Bernardino rampage last year. Federal officials have refused to identify the person, or organization, who helped crack the device, and have declined to specify the procedure used to open the iPhone. ... Making matters trickier, Apple’s security operation has been in flux. The operation was reorganized late last year. A manager who had been responsible for handling most of the government’s data extraction requests left the team to work in a different part of the company, according to four current and former Apple employees, who spoke on the condition of anonymity because they were not authorized to speak publicly about the changes.

Prep your smartphone for emergency situations

Another obvious recommendation, but one that can save you a lot of grief: keep your device in tip-top shape. Remove all unnecessary apps which might drain the battery. Keep a couple of spare batteries (if your device allows you the option of swapping these out). Make sure the hardware performs well; replace damaged screens, buttons and other elements which may be malfunctioning. And by all means keep it as fully charged as possible. I use car chargers, desk chargers and of course a bedside charger so at least two-thirds of the time during a normal day (and sometimes 100% depending on my schedule) I have access to power.

The triumphant, magnificent, and unexpected return of PC gaming

What makes the PC even more compelling right now is that the VR revolution has finally started. Just this week, the Oculus Rift debuted for PC with a host of new games that you can’t play on any of the consoles. (I will have a full report on that device soon.) That system requires at least an Intel Core i5 processor, 8GB of RAM, and at least a NVIDIA GTX 970 or AMD 290 GPU. The consoles just don’t have enough horsepower to make VR look realistic or compelling, despite what you may have heard. My theory is that PC gamers are smart enough to know this. They’ve seen the writing on the wall, and it says Virtual Reality

IT Security Threat to Intensify in Next Two Years

The report, Threat Horizons 2018, says the ability of organizations to protect IT is progressively being weakened. Businesses and society, for that matter, are becoming more reliant on complex new technologies to function, which intensifies the threat landscape, the report contends. "We are having to be a little bit more, perhaps, critical of the way in which we look at our use of technology, and that's what you're beginning to see with some of the predictions we're coming out with now," Steve Durbin, managing director of the Information Security Forum, says in an interview with Information Security Media Group. "Let's bear in mind: These predictions are really trying to put some extra weaponry into the armory for the security professionals so we can anticipate some of the challenges that we're going to be seeing."

Quote for the day:

"Strategy is a commodity, execution is an art." -- Peter Drucker

March 29, 2016

How mobile browser is making a comeback and challenging apps

India has 1 billion mobile phone users. Almost 90 per cent users have a phone that costs below Rs 8,000. These have low memory and slow processors. But most apps are heavy—more than 5 MB and often exceeding 8 MB. Some of the furniture apps are 30 MB in size. Computing resources to download and run apps is limited on low end phones. Top end phones that can accommodate these apps cost a bomb. Browsers have no such problems. They offer content and functionalities across categories. ... "The cost of developing a browser site is one-third of an app. Besides, chance of an app malfunctioning or crashing is higher than that of a mobile site."

Invokedynamic - Java’s Secret Weapon

The features main goal was to create a bytecode to handle a new type of method dispatch - that essentially allows application-level code to determine which method a call will execute, and to do so only when the call is about to execute. This allows language and framework writers to support much more dynamic programming styles than the Java platform previously provided. The intent is that user code determines dispatch at runtime using the method handles API whilst not suffering the performance penalties and security problems associated with reflection. In fact, the stated aim of invokedynamic is to be as fast as regular method dispatch (invokevirtual) once the feature has matured sufficiently.

How to Review and Test Backup Procedures to Ensure Data Restoration

It’s important to test often enough as well as to test in a quality sort of fashion. But how often is often enough? What is and is not quality testing? “The factors that should affect how often you test backup and restore capabilities fall under Governance, Risk, and Compliance (GRC) and include regulatory constraints, data retention periods / data criticality, risk assessment, policy, audit preparation, and strategic planning,” says Adam Gordon, CSO, New Horizons Computer Learning Centers Of South Florida. Testing frequency realities are another matter as some companies only find out whether backups work when they need them, and the success or failure of the backups and the restore operation in the middle of a crisis is the only test of their adequacy. This is certainly not often enough.

Banks and fintech firms can and must collaborate

"We recognise API as an unstoppable force," Mr Mohanty, a former Citibank banker, said. “There's no other way to do innovation. If (banks) don't do it, I don't know how they will survive.” He added that countries such as the United Kingdom and Japan have mapped out policies in relation to API, and the MAS is keen to “partner with industry players to make it work” in Singapore. However, Mr Mohanty noted that there’s a gap in terms of how much regulation can drive change, and businesses will ultimately have to take the lead. Ong Whee Teck, partner of Technology Consulting at PricewaterhouseCoopers, agreed: "The days are here to collaborate, otherwise fintech is here to eat your lunch. Change will require a grassroots-style uprising."

For IT, climate change means preparing for disaster

Interest in disaster recovery planning increased after the 9/11 terrorist attacks, but "many pulled back because of the cost of maintaining two centers," and paying for idle equipment, said Phil Goodwin, a research director at IDC. Cloud-based services are changing that. The fastest growing segment of disaster recovery is "disaster recovery as a service," said Goodwin. There may be 150 or more firms providing disaster recovery as a service (DRaaS). Taco, Inc., an HVAC manufacturing company in Rhode Island, maintains servers in a back-up facility run by a disaster services provider. But by the end of this year, the company hopes to complete a move to a disaster recovery as a service provider.

Benefits and Risks of Knowledge Process Outsourcing

If you are a business owner, you already know that there is no endeavour without risk. Risk is omnipresent. It needs to be identified, assessed and mitigated with a proper plan always. The risks of KPO entail key talent retention. Internal information could get lost if KPO staff is working remotely. The service providing individual might not match the company culture or there are communication difficulties. KPO is usually very time-consuming and there is often no immediate result. Depending on the nature of your business there might be more or less risks involved in working with a KPO company, but these risks are very transparent, they can be accounted for and there can be an operational design, which allows for an efficient cooperation for the benefit of all involved parties and individuals.

Linux at 25: Why It Flourished While Others Fizzled

It’s all the more remarkable, then, that Linux, which celebrates its 25th birthday later this year, has so profoundly challenged the norms of software development. It showed programmers everywhere that a different world was possible—a world where they could share code openly, collaborate informally, and make a decent living, even if they gave away the chief product of their labor for free. The advantages of working this way have since become obvious to even the most hard-headed of business leaders, with most large software-development companies now sharing at least some of the fruits of their programmers’ efforts openly. How did Linux end up producing such radical change? And why did other free-software activists’ attempts to build bigger and seemingly better systems than Linux fail to achieve as much momentum?

Autonomic platforms

Over time, IT departments became saddled with manual processes, cumbersome one-size-fits-all software development lifecycle (SDLC) methodologies. Or they developed “over-the-wall engineering” mind-sets in which individuals fulfill their own obligations with little understanding or concern about the needs of downstream teams. This operational baggage has fueled tension between IT’s development group, which pushes for speed and experimentation with new features and tools, and its operations organization, which prizes stability, performance, and predictable maintenance. To combat organizational inefficiency as well as any discord that has arisen among various parts of the IT value chain, many organizations are implementing DevOps a new way of organizing and focusing various teams.

Petya Ransomware Overwrites MBRs, Locking Users Out of Their Computers

It's hard enough for non-technical users to deal with ransomware infections: understanding public-key cryptography, connecting to the Tor anonymity network and paying with Bitcoin cryptocurrency. A new malicious program now makes it even more difficult by completely locking victims out of their computers. The new Petya ransomware overwrites the master boot record (MBR) of the affected PCs, leaving their operating systems in an unbootable state, researchers from antivirus firm Trend Micro said in a blog post. The MBR is the code stored in the first sectors of a hard disk drive. It contains information about the disk's partitions and launches the operating system's boot loader. Without a proper MBR, the computer doesn't know which partitions contain an OS and how to start it.

High Load Trading Transaction Processing with Reveno CQRS/Event Sourcing Framework

Reveno is a new JVM based lock-free transaction processing framework based on CQRS and event-sourcing patterns. Although it’s a simple and powerful tool it does not compromise on performance. All transactions are persisted to read-only journals, and the latest state of the domain model can be restored by simply replaying these events in sequence. All runtime operations are performed in-memory so throughput can reach an order of millions of transactions per second, and mean latency in the order of microseconds. But with all of this power Reveno is still a general purpose framework, as it covers a variety of use cases with rich sets of engine configurations. For example, you can vary the durability configuration, from very relaxed

Quote for the day:

"A single day is enough to make us a little larger or, another time, a little smaller." -- Paul Klee

March 28, 2016

8 Reasons To Consider Insights-As-A-Service

Insights-as-a-Service providers are quick to mention their ability to improve business outcomes because that's the entire point of insights. For example,Capgemini provides Data-as-a-Service, Analytics-as-a-Service, and Insights-as-a-Service options. Data-as-a-Service provides raw data upon which analytical applications are built, Analytics-as-a-Service provides outputs of analyses, and Insights-as-a-Service is linked to tangible outcomes such as revenue increase or cost savings. "I consider them a progression in terms of sophistication and value, and fundamentally what the '-as-a-Service' unit of measure is," said Goutham Beliappa, a leader in the Business Information Management Data Integration and Reporting Practice for Capgemini North America, in an interview.

How Advanced Analytics Is Changing B2B Buyer Expectations

As information continues to fuel and be fueled by new online channels, we most often hear about the impact this has on the B2C sales world. But as anyone in the B2B space will tell you, this evolution is far reaching and certainly relevant. Similar to B2C buyers, B2B buyers feel empowered by their access to data. As a result of the rise of e-commerce in B2B and the general availability of data on the Internet, B2B pricing and product information is significantly easier to find and compare than before. This is enabling buyers to be armed with more information going into a price negotiation than was previously possible. This also means that buyers now expect companies to have relevant and convenient product and pricing information on their websites.

Data lake governance: A big data do or die

Data lakes or data hubs -- storage repositories and processing systems that can ingest data without compromising the data structure -- have become synonymous with modern data architecture and big data management. The upside to the data lake is that it doesn't require a rigid schema or manipulation of the data to ingest it, making it easy for businesses to collect data of all shapes and sizes. The harder part for CIOs and senior IT leaders is maintaining order once the data arrives. Without an upfront schema imposed on the data, data lake governance, including metadata management, play vital roles in keeping the data lake pristine, according to experts.

Trump's Incomprehensible 'Cyber' Policy: 'Make Cyber Great Again'

First off, we’re so obsolete in cyber. We’re the ones that sort of were very much involved with the creation, but we’re so obsolete, we just seem to be toyed with by so many different countries, already. And we don’t know who’s doing what. We don’t know who’s got the power, who’s got that capability, some people say it’s China, some people say it’s Russia. But certainly cyber has to be a, you know, certainly cyber has to be in our thought process, very strongly in our thought process. Inconceivable that, inconceivable the power of cyber. But as you say, you can take out, you can take out, you can make countries nonfunctioning with a strong use of cyber. I don’t think we’re there. I don’t think we’re as advanced as other countries are, and I think you probably would agree with that. I don’t think we’re advanced, I think we’re going backwards in so many different ways.

Aetna CISO talks about threat intelligence and enterprise risk management

Third party governance programs must evolve to offer more continuous methods for risk assessment and management vs. one and done annual on-site assessments. More and more services are offered through cloud providers that host sensitive information and determining online vulnerabilities on a 24 x 7 basis will become more of the norm for any enterprise interested in managing third-party risk. The other fundamental change in third-party risk is a migration from compliance driven assessments (compliance to a standard) to a risk-driven assessment where risks are identified and managed. Adherence to a standard or framework based on standard practices is better than nothing but not sufficient to manage risk effectively given the evolution of cloud computing.

Is digital experience management the new social business?

Probably the key question to ask at this point is do these two overarching digital frameworks play well side-by-side or do they need to be integrated for companies to get the fullest benefits of both? Digital/customer experience is a relatively new phenomenon in terms of realized products and services to support it, so until recently it's been hard to say. But with the maturity of both approaches, I'm now beginning to see digital engagement practitioners have to routinely deal with both frameworks. The result? They find in general that CEM platforms tend to underserve social business needs, while social business frameworks and products often neglect many key aspects of digital experience. This lack of integration leads to more work, lower impact, and a fragmented approach to digital, which is what we were trying to resolve in the first place.

9 Cost-Effective and Critical Security Tips for Startups

When big names fall victim to data breaches, its big news, making smaller companies believe they aren’t likely to be a target. However, according to Greg Sullivan, CEO of Global Velocity, smaller companies should be on the offensive. “The issue is that SMBs wrongly assume that their size or small influence does not merit attention from hackers or do not educate themselves about potential exploits in their infrastructure,” he says. “While SMBs are not as big as companies like Target and Home Depot, they are the majority of victims at the hands of cyber thieves seeking easy targets. The Verizon 2013 Data Breach Investigations Report found that 62 percent of breaches impacted smaller organizations, likely a conservative figure since not all small organizations are reporting breaches.”

IPSec Policies

IPSec encrypts data information contained in IP datagrams through encapsulation to provide data integrity, data confidentiality, data origin authentication, and replay protection. The two main IPSec components that are installed when you install IPSec are the IPSec Policy Agent and the IPSec driver. The IPSec Policy Agent is a service running on a Windows Server 2003 computer that accesses IPSec policy information. The IPSec Policy Agent accesses the IPSec policy information in the local Windows registry or in Active Directory. The IPSec Policy Agent then passes this information to the IPSec driver. The IPSec driver performs a number of operations to enable secure network communications such as initiating IKE communication, creating IPSec packets, encrypts data, and calculates hashes.

The Role of a Data Scientist in 2016

Whilst the role of a data scientist crosses over with more conventional data analysis positions, there are some stark differences. A data analyst or architect can extract information from large sets of data. Yet they are bound by the SQL queries and analytics packages used to slice these datasets. Through an advanced knowledge of machine learning and programming/engineering, data scientists can manipulate data at their own will uncovering deeper insight. They are not bound by these programmes. Whilst your typical data analyst looks to the past and what’s happened, a data scientist must go beyond this and look to the future. Through application of advanced statistics and complex data modelling they must uncover patterns and make future predictions.

Insight: The disruptive side of disruptive innovation

Nothing can stop innovation and as long as this technology brings value then it is here to stay. Traditional ojek may eventually have to become app-based or at least adapt to using their cellphones to get customers rather than wait passively at their posts for passengers. Long-time drivers of established meter taxi companies are not that easy to adapt, with their livelihoods having been tied to a regulated system for so long. The democratized application of Uber is actually unfair competition for them, so it is easy to understand their — and especially the companies’ owners’ — resistance to this innovation. In the end, it would be a new government regulation that decides the fate of Uber and that of public transportation as a whole.

Quote for the day:

"Man is a reasoning rather than a reasonable animal" -- Alexander Hamilton

March 27, 2016

Australian Government Seeks End to Double Taxation of Bitcoin

The government wants to ease rules for investors and startups in the FinTech space, the latter of whom would be afforded flexibility within a "regulatory sandbox" approach. An advisory group dedicated to FinTech issues has also been formed, chaired by Westpac Bank director Craig Dunn. “Removing the ‘double taxation’ treatment for GST on digital currencies and applying adequate anti‑money laundering and counter‑terrorism financing rules may facilitate further developments or use in the future,” the government said. The country’s anti-money laundering regulator, the Australian Transaction Reports and Analysis Centre, voiced its support for blockchain technology in a statement included in the policy release, stating that it believes the tech could "significantly reduce the costs of compliance and regulation imposed on reporting entities".

Fintech Lessons From a Troubled Bridge Over New York’s Waters

Fintech is becoming too hyped in certain areas. Even though venture funding cooled in Q4, 2015, deal activity remains high, as do valuations, especially on the consumer side of fintech. Accelerators, incubators and now start-up factories have cropped-up to participate in the global fintech boom. Many of these initiatives are crucial, since they compensate for the lack of financial services innovation in the years leading up to the financial crisis. Unfortunately, half-baked business models, me-too companies and fintech “tourist” investors looking for a quick trade seem to be on the rise as well. Some large incumbents are riding the fintech wave without a plan. Just as politicians, commissioners and contractors jumped on the Manhattan Bridge project over a century ago, it now seems that every major incumbent is getting fintechier. Although some large banks, payments companies, insurers and asset managers are making solid progress, others seem to be grasping.

Uflex becomes first company in India to deploy Bluetooth Low Energy Beacon

The Low Energy Bluetooth beacon is a battery powered mini appliance transmitting and receiving two- way information. The BLE Beacon has a shelf life of 3 years on a single cell. The beacon transmits its presence and with its inbuilt sensors captures other parameters like temperature, pressure etc. Since it facilitates two way information gathering, the embedded LED can also light up when it gets a request. "The strength of the Beacon varies with distance and this helps us triangulate the coordinates and track the movement as well as the current location across the warehouse and production lines," he states. The BLE Beacon can add on sensors to get more data captured such as collision impact detection , automate batch creation in ERP using the object to feed data as it approaches the processing plant or exits a plant .

DevOps and IT Projects in the Real World

The sponsor spent a lot of money and will never see a return on the investment ever. The developers are upset because nobody is going to use their solution. The project manager is depressed because it didn’t really matter how well the project was managed. The user base is absolutely irritated, don’t know what to use the new solution for and after a week they stop trying. ... If you can leverage DevOps culture and practices you don’t buy into a success guarantee. Everyone still needs to do their work diligently and it’s not less work if you apply DevOps. However with these practices in mind, you shift the threshold of “what”, “how”, and “ok” significantly to establish a better collaboration baseline between the separated realms of development teams and operational staff.

The Dawn of the IoT Architect

There are two modes of operation for an IoT Architect. The first mode is to help the organization solve various business problems by building discrete IoT solutions. This requires a certain skill set including: collaborating with business leaders to determine their top business problems, architecting an IoT solution that will solve the problem, building a business case to justify the ROI, building an IoT solution prototype and selecting vendors, and finally, deploying the solution — at scale — across the enterprise. The second mode is much more broad. The IoT architect must take responsibility for setting and communicating the overall IoT vision, message, — and most importantly — architecture. Why? Well, it’s likely that organizations will have multiple IoT projects. Without an IoT architect — who can build, communicate and drive a cohesive, centralized IoT architecture

Big Data, IoT and Blockchain: Ready to Follow the Yellow Brick Road?

How disruptive technologies can be used to advance business and provide a competitive edge. Take Big Data and the Internet of Things (IoT). Both rank highly on the list of disruptive technologies. As with most technologies, there are areas of great synergy that ultimately provide a yellow brick road to real business value. ... Perhaps the most interesting thing about blockchain is that there's no central authority or single source of the database. Which means it exists on every system that's associated with it. Yes, every system has its own complete copy of the blockchain. As new blocks are added, they're also received by every system - for the ultimate distributed database. If you lose your copy, no problem. By rejoining the blockchain network you get a fresh new copy of the entire blockchain.

Japan looks to kickstart 'fintech' revolution

Japan's financial industry regulator hopes relaxed rules on investing in financial ventures, and a new system for regulating virtual currency exchanges will pass through parliament by May - a first step in kickstarting the fintech revolution in the world's third-biggest economy. "The law changes aren't a goal, but a first step," Norio Sato, a senior official at the Financial Services Authority (FSA), told Reuters. "Fintech will have a big impact on financial services." The changes, which will allow banks to buy stakes of up to 100 percent in non-finance-related firms, will free up Japan's three megabanks to enter into tie-ups with fintech ventures developing services including robotic investment advisory and blockchain, the decentralized ledger technology behind the bitcoin digital currency.

Viewpoints and Integrated Enterprise Architecture

Enterprise Architecture may depict the whole of the enterprise or a part of it at any given point in time. Architecture for enterprises consists of multifaceted data driven maps. From the different perspectives of the many parts involved in any enterprise, from planning, design and management to executive and stakeholder’s levels, there are always many concerns that need to be addressed, and hence the need for many different types of blueprints. The viewpoint is a blueprint of how the stakeholders view the whole system or enterprise. ... Enterprise Evolver (“Evolver”) supports multiple viewpoints templates to jumpstart the architecture creation. Provided below are descriptions of each viewpoint template supported in Enterprise Evolver . By describing and mapping these viewpoints in the Evolver, you will be able to create an integrated enterprise architecture to support any transformation initiative.

Barry University CIO: Managing The Mobile Security Load

Londono doesn't want to do anything unnecessary to stifle the creativity and innovation of the faculty. "On the faculty side, we mostly let them do what they want to. There's a recognition that any progress comes from a place where you're not so structured," he said. "If you leave people with a little bit of freedom, they tend to be very creative." On the other hand, students can be very heavy consumers of the campus bandwidth. "In terms of bandwidth, the shift isn't so much from faculty -- they're careful about moving instruction to streaming -- but the younger generation of kids moving to streaming content," Londono said. And the reality of the new classroom means that the university can't use basic tools to deal with the bandwidth issue.

Understanding Quality and Reliability

Generally, having fewer errors and a higher MTTD is associated with better overall quality. While having the highest quality possible may not always be a primary concern for stakeholders, the reliability of the project must meet some minimum standards before it can be shipped to the customer. For example, experience has shown that, at delivery, most projects are about 95 percent defect free after running for about a day without crashing. Another good rule of thumb is that the software typically will be of minimum acceptable reliability when testers are finding fewer than 20 errors per month. This applies to both large and small applications. In other words, the product will run about an eight-hour workday. Of course this rule of thumb is mostly applicable for commercial IT applications. Industrial and military embedded applications require a higher degree of reliability.

Quote for the day:

"We don’t have time for blame and shame. We need dignity, understanding and solutions." -- @smaxbrown

March 26, 2016

App economy research shows how poorer countries are losing again

The transition to the era of the smartphone and mobile internet has allowed two companies — Apple and Google — to establish market dominance with their own proprietary ecosystems, including their respective app stores. As the new distribution model for software and digital content, the app stores have centralised the vast majority of mobile revenue streams within Apple’s and Google’s platforms.  This change from the open web to privately managed walled gardens is amplifying global power imbalances, resulting in lower rates of participation and value capture by producers from marginalised geographies and socio economic backgrounds. The result: polarised opportunity between high- and low-income countries, with lower-income countries only earning an estimated 1% of global app economy revenues.

The Working Programmer - How To Be MEAN: Robust Validation with MongooseJS

Mongoose uses some interesting terminology for what’s essentially a two-step process to defining a JavaScript object model on top of the MongoDB database API. First, we define a “schema,” which looks like a traditional class from a more traditional class-based language (C#, C++, Java or Visual Basic). This schema will have fields, define types for these fields and optionally include some validation rules around the fields for when assigning values to the fields. You can also add some methods, instance or static, which I’ll get to later. Then, once the schema object is defined, you “compile” it into a Model, which is what will be used to construct instances of these objects.

Here's how the FBI plans to crack terrorist's iPhone

"They're not going to talk to the jailbreak crowd," Zdziarski said, referring to hackers who look for iOS vulnerabilities that can be exploited to let users add unsanctioned apps to an iPhone. He said that he and other reputable researchers had been turned away by the FBI when they volunteered to help. If they met a blank wall, jailbreak artists would have gotten nowhere, he reasoned. Other avenues, such as "de-capping," a term used to describe a tear-down of the iPhone's processor using acid and lasers, were also out, Zdziarski said, because they risked destroying the very thing the FBI claimed it needed, the data on Farook's phone.

The promise of big data: bringing technology and the economy together

The payoff comes from insights gleaned from collecting large amounts of various kinds of data and analysing them to uncover hidden patterns, correlations and other insights. Machine learning software can drill down into the data to discover and analyse factors determining the profit and loss for a product, supplier, and their customers. We can also see into the future, making better predictions and decisions. The result is that “quantitative change becomes qualitative”, as described by Steve Lohr in his best selling book Data-Is m”. Big data brings technology and the economy together. The benefits of a data-driven economy are obvious enough that we should all embrace the concept. For both technology companies and business firms, the market is just around the corner.

Roboadvisors stand at the vanguard of human-machine collaboration

Vanguard's financial simulation software, essentially a predictive analytics tool that runs 10,000 simulations in under than a second, forecasts future returns and generates a set of outcomes over many time horizons. The client monitors the performance of their assets as well as progress toward their goals; the human advisor reviews and rebalances their portfolio to keep them aligned with those goals. While some software robots learn by inference, their improvisational capabilities remain limited. That's where the humans come in. Marcante says the advisor also helps clients avoid making trading errors during emotional times and volatile markets, often "talking them off the ledge when the markets are down and they're supposed to be holding long-term."

Tracking the Data Science Talent Gap

How big is the data science skills gap? There are several ways to attack that problem, and a number of smart people at renowned organizations have attempted to put numbers to the problem. Back in 2012, the research firm Gartner said there would be a shortage of 100,000 data scientists in the United States by 2020. A year earlier, McKinsey put the national gap in data scents and others with deep analytical expertise at 140,000 to 190,000 people by 2017, resulting in demand that’s 60 percent greater than supply. In 2014, the consulting firm Accenture found that more than 90 percent of its clients planned to hire people with data science expertise, but more than 40 percent cited a lack of talent as the number one problem.

How developers can take advantage of machine learning on Google Cloud Platform

TensorFlow is on the academic or research side of machine learning at Google. Machine learning APIs are on the opposite side of that spectrum and require much less understanding of machine learning to implement within an application. Cloud Machine Learning, announced Wednesday, is in the middle and can extend to either side. Ferraioli said developers can use Cloud Machine learning "When you have a customized problem that you want to solve." Cloud Machine Learning is a fully managed service, and developers can train it using a custom TensorFlow graph. It offers batch and online prediction at scale and an integrated Datalab experience, but regression and classification are its two primary tasks.

Experts say Internet of Things is edging into maturity

A smart home will have between 100 and 200 connected devices. How are you going to power them all? You can’t give each a battery. You’ll need energy harvesting for this. The markets are evolving so chipsets can use energy harvesting, but that’s not available to Bluetooth yet. ... Top-down creation of a smart city may be a bit too ambitious. But building a smart home, and extending the conversations of the intelligence washing machine and solar panels with the utilities, so they interact with the grid and the sewage systems with maximum efficiency, could be a way of building a smart city by increments, from the bottom up. ... The APIs that the manufacturers will have to offer in order to create interoperability will open the gate to all that information. 

The anatomy of an Android security flaw

One is that if fast and reliable ongoing updates are important to you -- and, let's be honest, they probably should be -- you should pick a phone that's known to provide that feature. Google's Nexus devices are the safest bet, as they receive software directly from Google without any third-party interference or delays. Whether we're talking about security or broader system-level improvements, that's an extremely valuable assurance to have. Second, as we've been discussing, remember that updates on Android really aren't the same as updates on other platforms. Google knows about the challenges created by its open source setup, and that's why it's taken steps to create all the other methods of reaching users directly -- both via the security-oriented paths we've been discussing and via the company's ongoing deconstruction of Android.

The Four Concerns That Must Be Addressed Before the IoT Can Really Take Off

It won’t just be fridges; we’ll see home energy systems, security devices, entertainment products, games, interactive wearables -- the list goes on and on. The question is, is it really going to happen? And shouldn’t we be seeing greater market penetration than we already do? While the IoT is a hot topic right now, we don’t have the sort of everyday uptake internet experts have predicted. In the grand scheme of things, there really aren’t very many connected watches, thermostats, or accessories. ... This article will look at the things the IoT needs to be on the forefront of the consumer experience, including the value to the consumer, the necessity of a centralized IoT platform, a set of international communication protocols, user education and greater security.

Quote for the day:

"Bad companies are destroyed by crisis, good companies survive them, great companies are improved by them." -- A Grove

March 25, 2016

Should You Worry That Your Car Will be Hacked?

Consumers, however, should stay informed about the capabilities of their cars, just as they would about most connected devices they own -- from PCs to smartphones to smart home appliances -- especially considering that vehicles are much a more complex and "dangerous tool," Menting said. "So it is perhaps even more important to understand the risks," she added. Egil Juliussen, director of research at IHS Automotive Technology, said other than gaining notoriety, there really isn't much of an incentive for hackers to break into your vehicle's electronic systems. In fact, the only business case for hackers to break into a vehicle is to extort money from owners or automakers. "They have to earn money on it; otherwise, it doesn't pay for them to do it," Juliussen said.

As Silicon Valley chills, Europe’s tech gets hotter

Silicon Valley is indeed undergoing a chill, while tech in Europe is growing, purposefully, confidently and across a broad front of geographical hubs and industries. Currently, France is leading Europe in investments so far this year. CB Insights shows that the absolute number of funding rounds for early-stage companies — what’s called Series A rounds — in the U.S. appear to have peaked in 2014 ... In Europe, Series A investments only really started to ramp from 2014, and the number of local companies hitting this funding milestone continues to rise. 2015 was a record year for Europe — up 12 percent from the year before. In January and February so far this year, A rounds are up 38 percent year-over-year.

SDNs come to the branch office, with risks

Despite the benefits of SD-WAN, Shaffer says that he still worries about the viability of startups such as Viptela in such an immature market: "I'm relying on something they have and what happens if they go away or get acquired and some company buries their product?" Shaffer says. "You may have time to get out, but you've invested the time and it's not what you wanted." While there is no crystal ball to help Shaffer see whether Cisco Systems or some other player decides to gobble Viptela, Shaffer says he believes the company is well-positioned for growth based on its funding and commercial track record. Viptela in 2014 raised $33.5 million from Sequoia Capital and counts Gap as one of its customers. Last month Verizon began selling a hosted SD-WAN service powered by Viptela.

The Evolution of today’s enterprise applications

In the old days, corporate IT departments built networks and data centers that supported computing monocultures of servers, desktops and routers, all of which was owned, specified, and maintained by the company. Those days are over, and now how you deploy your technologies is critical, whatone writer calls “the post-cloud future.” Now we have companies who deliver their IT infrastructure completely from the cloud and don’t own much of anything. IT has moved to being more of a renter than a real estate baron. ... At the same time, the typical endpoint computing device has gone from a desktop or laptop computer to a tablet or smartphone, often purchased by the end user, who expects his or her IT department to support this choice. The actual device itself has become almost irrelevant, whatever its operating system and form factor.

Are electronic medical records worth it?

The value of the technology has been heralded as improved diagnosis and treatment through better information access and sharing. Researches, however, have found that the vast majority of providers don’t share electronic patient data outside their own practice. According to a study by the Agency for Healthcare Research and Quality, just 14 percent of providers were sharing data with other providers in 2013 Psychology Today notes that many medical centers’ outpatient systems cannot “talk” to their inpatient hospital systems; and actually accused “One of the bigger “providers” of electronic health records” of creating data silos that prevent the sharing of their records with outside organizations unless a high fee is paid. This current state of affairs argues for strong action by the government and even stronger action by healthcare organizations.

Quantum Networkers, Watch Out: Twisting Light Slows IT Down

By putting a twist on beams of light and changing how they travel through space, engineers can create another variable for encoding information. Each kind of twist creates a different corkscrew pattern, and theoretically there's no limit to the number of patterns that can be created, said University of Ottawa Assistant Professor Ebrahim Karimi, who led the research team. With that extra form of encoding, networks could carry as much as four times as much data as they do now, just using fiber already in the ground, Karimi said. More advanced fiber could allow for many more times the data. Twisted light may also play a role in quantum computing, the fledgling field of number-crunching using more than just binary zeroes and ones.

Australia can't afford to miss the 'blockchain' revolution

Financial services is the largest and also the fastest-growing sector in the Australian economy, according to the recent UBS/FSC State of the Industry report. The broader services sector is the key contributor to employment growth, making up for weaker figures in other sectors, according to the RBA. Think about things like international tourism, wealth management and natural energy. It is in the services industry that blockchain technology can be most transformative. We do need to catch ourselves before we go running away with all the possibilities of the blockchain. On the one hand, the technology has the potential to reduce fraud because of the transparency among users. On the other hand, there are still open questions about how secure the system is, which has obvious implications for something described, ironically enough, by The Economist as "the trust machine".

9 Myths Surrounding Blockchain Smart Contracts

Historically, the concept was first introduced by Nick Szabo in 1994. Smart contracts then had a long gestation period of inactivity and disinterest, because there was no platform that could enforce them, until the advent of blockchain technology in 2009. Now, smart contracts are entering their prime, especially since Ethereum has popularized them further by making their programming a basic tenet of their blockchain's power. Like any new buzzword, the more a term gets popular, the more it spreads around. The more it will get used, but also misused and abused. It will mean a lot of different things to different people. Here’s a list of 9 misconceptions about smart contracts, and my efforts to debunk and explain away those misconceptions:

Interactive Intelligence Doubles Down on Cloud Computing

Each microcomponent processes one transaction at a time. If processing completes successfully, it moves to the next, and so on. If a transaction fails, that transaction might be lost, but another version of the microcomponent is activated to go on processing other transactions of the same sort. Thus any failure is isolated and has limited impact. If the number of transactions is higher than expected, this can be handled in one of two ways; either the system calls on AWS to provide more processing resources, or more instances of the microcomponent can be activated. The architecture also impacts how bugs are fixed or new capabilities are added. In both cases a new microcomponent is developed, and once tested, it takes over from an existing one or is activated to provide new capabilities.

Security vs. privacy: Evaluating the government’s case

Clearly, the government couldn’t compel the terrorist to reveal the key, since he is dead. So instead, it had to reveal its own blundering by taking this to court. I can only assume that, by choosing this case to push its agenda, the government is either desperate, feigning desperation or just staggeringly inept. I don’t find comfort in any of those scenarios. If the government is truly desperate, it has to know that it is losing the “crypto wars” and this is a last-ditch attempt to try to extract victory from the jaws of defeat. If it is merely feigning desperation, it is trying to lull us back into thinking our systems are more secure than they really are — meanwhile, it has developed or is developing some post-Snowden means of obtaining our data. And if it’s just staggeringly inept — then God save us.

Quote for the day:

"If you're not prepared to be wrong, you'll never come up with anything original.” -- @SirKenRobinson

March 24, 2016

University IT departments struggle to stay always open, always secure

If IT "cannot be agile enough in its review and implementation of cloud services, the path of least resistance for users may be to go it alone, without institutional IT involvement," Juckiewicz said. In the process, users can unwittingly put institutional or individual data at risk. Often called "shadow IT," the tendency to look beyond the central IT department for software and other technology became more widespread in organizations once people started bringing smartphones and tablets to work and using them to accomplish work tasks. Cloud applications available over the Internet, software as a service, made it even easier for departments outside IT to get whatever they wanted. It has happened in every industry, and higher education is no exception.

IAM is the future for managing data security

IAM systems prevent hackers from escalating privileges and gaining access to sensitive applications and data once they have compromised an employee’s credentials. They can also mitigate the reach of malicious insiders. IAM also helps to achieve regulatory compliance. Auditors are getting smarter about enforcing regulatory compliance. IAM helps to satisfy compliance mandates around separation of duties, enforcing and auditing access policies to sensitive accounts and data, and making sure users do not have excessive privileges. It can also improve employee productivity and reduce helpdesk costs. Good IAM processes and tools alleviate employee and customer frustration by letting users log in faster, such as by using single sign-on (SSO).

The Power of Next-Generation Profitability Analytics

A well-built, multidimensional profitability solution becomes a solid finance foundation, especially when coupled with a single, integrated analytic data platform or similar cloud-based business intelligence platform. Technologies such as these not only help define and run your profitability model, but they also offer the ability to make changes quickly, run ad-hoc analyses, manage very large data sets and provide reporting and dashboarding beyond what’s available with ERP solutions. What’s more, this type of finance foundation can ultimately serve as the single source for all of the diverse types of analytics performed within the CFO department, because there is a direct link back to the General Ledger.

What Everyone Should Know About Cognitive Computing

The goal of cognitive computing is to simulate human thought processes in a computerized model. Using self-learning algorithms that use data mining, pattern recognition and natural language processing, the computer can mimic the way the human brain works. While computers have been faster at calculations and processing than humans for decades, they haven’t been able to accomplish tasks that humans take for granted as simple, like understanding natural language, or recognizing unique objects in an image. Some people say that cognitive computing represents the third era of computing: we went from computers that could tabulate sums (1900s) to programmable systems (1950s), and now to cognitive systems.

Are you ready for an SDN deployment?

The principal motivation behind SDN deployments and hyper-convergence is the need for a responsive and nimble IT organization. While it's definitely the future, not all are ready for it. The shift can be too drastic for enterprises still struggling with the basics of managing an efficient infrastructure. Are you saddled with technical debt? Could your policies, standards and procedures use work? Do you have staffing challenges? The first steps toward deploying an SDN or SDDC strategy should include a phased design, with an analysis of the current environment addressing any gaps that are barriers to the future road map.

FBI, Apple battle may leave lasting legacy

"Never before have I seen encryption being in the public eye so much," said Rod Schultz, vice president of product at Rubicon Labs. "Time magazine, John Oliver -- if you told me this would happen a year ago, I would think it was impossible." The case has become an opportunity to educate the public about encryption and privacy, he said. "I think customers and the public are becoming very very savvy," he added. "For me, that's the best outcome right now." When combined with the recent memory of the Snowden leaks, he added, it makes for a strong argument against giving governments backdoors around encryption and weakening security. And the battle over unlocking Rizwan Farook's phone was just the tip of the iceberg, said Harvey Anderson, chief legal officer at AVG Technologies

DDoS attack threat cannot be ignored

One of the reasons why DDoS is such a significant threat is the relative simplicity of arranging an attack. There have been reports of a DDoS attack being hired as a ‘service’, sometimes for as little as £10. The distributed nature of DDoS attacks, combined with the anonymous nature of the internet, means the instigators are rarely caught. To have an appropriate level of planned safeguards in place for a DDoS attack, companies need to assess how much of their revenue is generated through their website. This revenue can range from orders taken online or appointments being booked, through to sales of digital goods and ordering of online services. Naturally, the ratio of digital revenue to physical sales will determine the appropriate level of response and preparation. As a worst-case scenario, companies should also plan how they would continue to operate if their website went down.

The Challenge of Monitoring Containers at Scale

Application functionality is becoming more granular and more independently scalable and resilient, which is a challenge for traditional monitoring solutions. If a single component within a microservice architecture fails, there may be no business impact, and so the severity of alert should match this fact. The traditional monitoring tool approach of testing whether something is 'up' or 'down' falls short, and accordingly some organisations are building their own monitoring systems. The transient nature of containers also presents new challenges with monitoring, especially when combined with the emerging popularity of scheduling and orchestration systems, such as Kubernetes, Mesos and AWS ECS.

How FinTech is shaping Financial Services

New digital technologies are in the process of reshaping the value proposition of existing financial products and services. While we should not underestimate the capacity of incumbents to assimilate innovative ideas, the disruption of the financial sector is clearly underway. And consumer banking and payments, already on the disruption radar, will be the most exposed in the near future, followed by insurance and asset management. ... The investment industry is also being pulled into the vortex of vast technological developments. The emergence of data analytics in the investment space has enabled firms to hone in on investors and deliver tailored products and automated investing. Additionally, innovations in lending and equity crowdfunding are providing access to asset classes formerly unavailable to individual investors, such as commercial real estate. 

The Networked World

"Today when we virtualize some functions, whether it's load balancing or a policy engine or whatever we can do in an SDN construct, we can do it because we can virtualize those functions without giving up performance. We couldn't do that 10 years or even six years ago,” Mehra says. "We are in the middle of this software-defined revolution, but it was made possible by multiple pieces all falling in place: advancements on the semiconductor side, advancements with other hardware, and advancements related to how we can consume software in the networking world." This coalescence of new developments is, in fact, what is enabling the Internet of Things: advances in sensors, in wireless networking, in software control, in distributed intelligence, and in big data tools that make it possible to extract actionable intelligence from a plethora of data points.

Quote for the day:

"The aim of life is self-development. To realize one's nature perfectly - that is what each of us is here for." -- Oscar Wilde

March 20, 2016

Cyber-Insurance: Is It Right for Your Business?

As a result of actual and threatened events, the insurance market has responded with a new product to protect businesses from data breaches: cyber-insurance. Traditionally, businesses sought coverage for losses of data breaches under commercial property, commercial general liability, and business interruption policies for first-party losses, and under commercial liability and directors and officers liability policies for third-party losses. However, in the late 1990s, insurers began offering cyber-insurance in the form of standalone policies. Yet, despite recent data breaches, only 20 to 30 percent of American firms purchase cyber-insurance. The case law interpreting these policies is scarce, as courts struggle to define the parameters of cyber-liability. Courts are increasingly allowing plaintiffs to file creative claims against businesses in the wake of data breaches.

The future of computing

Moore’s law was never a physical law, but a self-fulfilling prophecy—a triumph of central planning by which the technology industry co-ordinated and synchronised its actions. Its demise will make the rate of technological progress less predictable; there are likely to be bumps in the road as new performance-enhancing technologies arrive in fits and starts. But given that most people judge their computing devices on the availability of capabilities and features, rather than processing speed, it may not feel like much of a slowdown to consumers. For companies, the end of Moore’s law will be disguised by the shift to cloud computing. Already, firms are upgrading PCs less often, and have stopped operating their own e-mail servers. 

Big Data for Governance - Implications for Policy, Practice and Research

This predicted growth is expected to have significant impact on all organizations, be it small, medium or large, which include exchanges, banks, brokers, insurers, data vendors and technology and services suppliers. This also extends beyond the organization with the increasing focus on rules and regulations designed to protect a firm’s employees, customers and shareholders as well as the economic wellbeing of the state in which the organization resides. This pervasive use and commercialization of big data analytical technologies is likey to have far reaching implications in meeting regulatory obligations and governance related activities.

XGIMI projects innovation in Android entertainment

The device is ideally suited for a number of use-cases including families or students that are space-constrained or cannot accommodate a permanently wall-mounted television. It incorporates a 700 ANSI Lumens OSRAM LED projector element which is fully capable of both 1080p and 4K output, and can render 3D video, with up to a 300" diagonal width projection area. The device can also act in a "Business" mode where data from a cloud storage service or from local USB can be presented using a built-in Microsoft Office-compatible viewer. Of course, with Office 365 for Android, it's also possible to run the real thing, provided you have the right packages installed. In its pre-production configuration the device was shipped to me with a modified version of Android 4.3 using AOSP-based sources. The device uses a 1.5Ghz quad-core ARMv7-based SoC, which is comparable to that which might be used in a high-end smartphone.

Beyond Bitcoin: The blockchain revolution in financial services

Interest in the technology exploded when it became clear that blockchain can be used to document the transfer of any digital asset, record the ownership of physical and intellectual property, and establish rights through smart contracts, among other applications. By reordering and automating complex, labor-intensive processes, the technology can enable organizations to operate both faster and more cheaply. Financial institutions are exploring a variety of opportunities to use blockchain, including applications to improve and enhance currency exchange, supply chain management, trade execution and settlement, remittance, peer-to-peer transfers, micropayments, asset registration, correspondent banking and regulatory reporting.

Who Are the Bad Guys and What Do They Want?

Recent breaches at the Internal Revenue Service are a stark reminder that cyber crime is alive and well. According to Center for Strategic and International Studies, cyber crime and cyber espionage cost the global economy between $375 billion and $575 billion annually, or roughly 1% of global income. So who are those guys and what do they want? Based on interviews with several cyber security experts, this O’Reilly report provides a concise and highly informative look into various actors who populate this murky world. You’ll explore some of their methods and motivations, as well as new approaches from the both US government and private sector to help organizations manage cyber security more aggressively. ... Get a copy of this report and find out what your organization can do to deal with this ongoing threat.

Defend against ransomware with 3 easy steps

The fight to secure your business is a never-ending battle. Ransomware is a particular strain of malware that quietly works in the background to encrypt user documents with a secret cryptographic key kept at a remote location and threatens to only release this key upon payment to the perpetrators. This type of malware has mostly changed in its increasing sophistication and prevalence, as well as the use of robust encryption schemes that offer little hope of undoing by the time its nefarious encrypting work is completed. According to Software Advice, businesses are taking note of the risks surrounding this malware. Sixty-seven percent of business decision-makers claim they'd never pay a ransom to regain access to infected files, yet only 23 percent say they're "very confident" their data is secure from ransomware attacks.

Spark in Action Book Review & Interview

Project Tungsten is one of these efforts under “get Spark as close to bare metal as possible” umbrella, where the goal is to remove any general-purpose software between Spark and the operating system (Tungsten allows Spark to bypass JVM and do memory management by itself). Tungsten makes a lot of sense, mainly because it makes a large class of JVM-related problems go away, garbage collection being the main one. Since end users are not managing memory manually, there’s no risk of getting segmentation fault errors, so the full potential is there to give Spark arbitrary large chunks of off-heap memory with significant performance improvements without any down sides that would be visible from the end user perspective.

Why Central Banks Should Start Issuing Electronic Money

The Bank of England currently issues central bank money reactively: it issues banknotes in whatever quantities are needed to meet demand from the public, and issues central bank reserves in order to meet demand from the banks. It could choose to issue digital cash in the same way, by providing the infrastructure for Digital Cash Accounts but letting the public determine how to split their holdings of money between bank deposits and digital cash. ... Alternatively, by taking a proactive approach to issuance, the Bank of England could use digital cash as a monetary policy tool to stimulate aggregate demand and influence the economy. If every citizen had a Digital Cash Account at the Bank of England (either directly or indirectly), then it would be a simple process for the Bank of England to make small and occasional ‘helicopter drops’ of newly created digital cash to every citizen.

What Should Data Scientists Know About Psychology?

How data is collected informs what we can conclude from that data. Many methodological confounds exist in relation to what can be extrapolated from data to maximize the ecological validity of what can be accurately concluded. Implementing quality assurance in collecting data, such that what is supposed to be measured is indeed being measured requires manipulation checks, quality testing and research. Then how the data is coded and quantified creates another lens of possible distortion. Poor measurement cannot be fixed post-hoc in already collected data. Furthermore, because statistics requires the calculated assumption of error (unlike formal mathematics) how one implements data mining/management decides on appropriate statistical analysis and interprets the results is of utmost importance in a field of scientific inquiry.

Quote for the day:

"Only those who attempt the absurd will achieve the impossible." -- M.C. Escher