October 23, 2016

Tech Bytes - Daily Digest: October 23, 2016

How analytics will underpin artificial intelligence, How knowing your staff will protect your business from attack, Cyber security threats getting less easy to ignore, Are you ready for remote project management, Information governance: Yes it can create RoI and more.

Virtuous Machines -- How Analytics Will Underpin Artificial Intelligence

Ultimately, just like humans, AI will need to draw on a constantly-growing database of information. An intelligent program should read historical data, analyze it for patterns, and be able to classify what it sees. Without a database to learn from and then call upon this information to match with new data, a program cannot really “learn”. For most enterprises, practical use of AI is not yet feasible. The actual solutions on the market are not very accessible, by and large. A good example of AI for the masses is Google introducing machine learning to the G Suite, formerly known as Google for Work. By shaving seconds off delays at every level, Google is trailblazing user-friendly AI. Not everything need be as complex as IBM Watson!


An Introduction to Modern Agile

Seth Godin famously said, “People aren’t afraid of failure, they’re afraid of blame.” Blaming increases negativity and helps no one. This is why Etsy has a “blameless culture.” They understand that, rather than being the fault of a single individual or group, mistakes are usually the result of unseen problems in the environment that may have been around for some time but happened to be triggered one day by someone. Their concern is to learn blamelessly from failures and quickly improve. The same is true at Google. Once, an engineer at Google confessed, “I screwed up a line of code and it cost us a million dollars in revenue.” The code in question was part of Google’s highly profitable AdWords software. In many organizations, a mistake like that could lead to further losses, like the loss of one’s job, a loss of confidence or respect. Not at Google.


How knowing your staff will protect your business from attack

“Over the years, we’ve invested resources and money to ensure it’s hard for people to break into our systems - but the problem is that you could be hacked by someone from the inside, with valid access to some part of your system that gives you access to your digital infrastructure.” In light of the cyberattacks on actors such as Jennifer Lawrence, Creese explained how the cloud now poses a larger threat for corporations. “I now no longer have to hack 50 organisations, I hack one cloud and I get every single employee using that cloud.” Creese spoke about the struggle of not only stopping threats, but also how we identify and define an insider threat. “One of the reasons we’re not as equipped as we should be is because we’re not dealing with the people and technology in tandem,“ she continued.


Cyber security threats getting less easy to ignore

October is National Cyber Security Awareness Month — a campaign that's headed by the federal Department of Homeland Security to raise awareness on how to protect our personal information and combat fraud. But this October, the public cannot help but be hyper-aware of hackers after all the news about stolen e-mails out of the Hillary Clinton presidential campaign. We've even heard reports that hackers have targeted the voter registration systems of more than 20 states in recent months. We're likely to face phishing scams both at work and at home that try to trick us into disclosing personal information. "The e-mail can look just like it comes from a financial institution, e-commerce site, government agency or any other service or business," warned the American Bankers Association.


Defending Against Data Breaches: What Exactly they are and What to Do

Most cyber security analysts agree that the first phase of a data breach, from a criminal element, starts with research. Hackers or cybercriminals will investigate a company or institutions’ system weaknesses. This will be done by skimming social profiles online, exploiting employees or investigating company infrastructure. Once, the weakness has been a found an attack plan is put into place. The attack will usually be a network-based attack through infrastructure or a social attack where the criminal is let in through the backdoor with a malicious email or attachment. Following the attack, the data is extracted and can be used for a variety of purposes, including: blackmail, black market information sales r propaganda against the company. Not all data breaches are created equal and vary in severity, however.


'Smart' home devices used as weapons in website attack

Many of the devices involved come from Chinese manufacturers, with easy-to-guess usernames and passwords that cannot be changed by the user - a vulnerability which the malware exploits. "Mirai scours the Web for IoT (Internet of Things) devices protected by little more than factory-default usernames and passwords," explained cybersecurity expert Brian Krebs, "and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users." The owner of the device would generally have no way of knowing that it had been compromised to use in an attack, he wrote. Mr Krebs is intimately familiar with this type of incident, after his website was targeted by a similar assault in September, in one of the biggest web attacks ever seen.


Are you ready for remote project management?

If your organization is considering a transition to remote PM, having employees with the right aptitude, capabilities, focus, and dedication for working in this independent fashion is critical. If individuals lack the motivation or are individuals who require a significant amount of supervision and guidance, this may not be the best move. That said, if the remote project management drivers fit with higher-level strategic objectives, it may be necessary to still proceed in that direction, and hire individuals with the capabilities to execute projects remotely. It may also be a better option to invest in training for existing high potential employees. With either of these options, or a combination of both, make sure to carefully and properly identify the strengths and career interests of existing employees.


Yahacking: The Last Straw

“The year 2016 saw a record number of stolen account credentials up for sale on the Dark Web” is something you might have read in of our previous articles. That being said, MySpace no longer holds this record (with 360 million hacked accounts in 2008). The turn for the title is now passed on to another multinational thanks to what is better known in the media as the “Yahacking” incident. In a continuous freefall since Google first surfaced, what used to be the most popular internet portal of the year 2000 is now in a very tight spot. The company in question had announced in July that it would be bought by Verizon Wireless. However, in light of recent events, the acquisition is now at risk. Care to venture a guess of who we might be talking about?


How to Successfully Install Agile/DevOps in Asia

Value-stream mapping is a lean-management method for analyzing the current state and designing a future state for the series of events that are needed to deliver a product or service. It helps to identify the problems in the process and reduce the lead time. It also it works well for addressing the people element.  ... Each process step has a lead time and a process time. By drawing this map, you can easily identify the waste in the process and find opportunities for improvements and automation. I always call all stakeholders to attend a value-stream-mapping session: developers, operations, program manager, UCD, etc. You need to ask everyone who has permission to change the process to participate in this event. Japanese culture is hierarchical. Unfortunately, devs and ops don't have power, so you need to include upper management.


Information governance: Yes, it can create ROI

"Information is an asset, just like building, equipment, staff and full-time employees,” Reeves explained the worth of an IG program stems for protecing and leveraging it as such. By ensuring trusted and reliable information, healthcare organizations can enable more timely and accurate data, with faster access to it for more nimble decision-making, she said. Reeves offered advice on how to highlight IG's value – tangible and intangible – to the C-suite. Spiraling e-discovery costs, for instance, where evidence gatherers in malpractice suits must sift through electronic data, paper records, different legacy systems from acquired practices are a common problem. An enterprise-wide IG policy, alongside process improvement initiatives, could reduce both risk and cost, she said.



Quote for the day:


"Practice isn't the thing you do once you're good. It's the thing you do that makes you good." -- Malcolm Gladwell