Daily Tech Digest - March 08, 2017

Machine learning is marketing’s future

On any given day, most marketers are up to their ears in data — data from the programs they run, the buyers they court and track. Marketing automation enables them to separate signals from noise, wheat from chaff, so that they can orchestrate specific actions based on the stories data tells them. In fact, some marketing automation platforms have evolved to the point of predicting the best times to engage specific buyers, using past behaviors and actions to identify an optimal time for sends and engagements (a window when opens and click-throughs are likely to be highest). The technology has also gotten smarter in the lead scoring and weighting department and can enable marketers to go beyond conditional scoring rules, prescribing scoring values for behaviors and actions across different segments, industries and buyers.


From disrupted to disruptor: Reinventing your business by transforming the core

Talent priorities should be based on a clear understanding of the skills needed at all levels of the business. This requires investing in building relevant digital capabilities that fit with the strategy and keep pace with customers as they change the way they consider and make purchases. At the same time, targeted hiring should be tied to those capabilities that actually drive financial performance. Enabling that talent to thrive requires a digital culture, i.e., one that is customer centric and project based, with a bias for speed and continuous learning. In fact, cultural and organizational issues can lead to the squandering of up to 85 percent of the value at stake.3Making sure the new culture sticks requires rebuilding programs that reward and encourage new behaviors, such as performance management, promotion criteria, and incentive systems.


Unpatched Western Digital Bugs Leave NAS Boxes Open To Attack

The vulnerabilities were discovered on Western Digital’s My Cloud PR4100 NAS device. However, the flaws are also present across WD’s portfolio of MyCloud NAS devices such as: DL4100, EX4, EX2 Ultra and PR2100. A full list of impacted products is available online. Researchers say a group of vulnerabilities that when used in tandem create conditions that could allow an attacker to fully compromise the hardware. “In the worst case, one could steal sensitive data stored on the device or use it as a jump host for further internal attacks,” according to SCVL in an advisory. The vulnerabilities include command injection vulnerabilities, a stack-based buffer overflow bug and a cross-site request forgery flaw.


Want to do your own analytics? Google's free Data Studio takes on Microsoft's Power BI

It is Google's answer to more established analytics platforms such as Tableau, QlikView, and of course Microsoft's Power BI, which got a relaunch in 2015 untethered from Office 365. However, Google's Data Studio visualization toolset for the moment focuses primarily on connecting up data from Google sources, such as Google Analytics, Google AdWords, Google Sheets, and BigQuery. But it will soon roll out connectors for SQL databases. For Google, one of its main selling points is collaboration and to this end it's using Google Docs technology to offer real-time group editing so data can be brought in from different teams. "One of the fundamental ideas behind Data Studio is that data should be easily accessible to anyone in an organization. We believe that, as more people have access to data, better decisions will be made," Google said in a blogpost.


Millennials Are Most Risk Prone To Cyber Security Threats

Fearlessness is what makes the Millennials unique and gives them an ability to innovate and invent and at the same time their need for instant gratification makes them vulnerable, more so during their sojourn in the cyber world. The millennials (those born after 1980) constitute one-third of the total workforce globally and by 2020, they will account for nearly half of that. The ever growing population also indicates that as an alarming rise in the number breaches come to light, it becomes important for the stakeholders to formulate policies which allows them to derisk their security concerns. ... What is more alarming, according to the survey, is the fact that more than half of them admit they would “very’’ or ‘’ moderately likely’’ evade restrictive workplace controls. This is compounded by their reluctance to receive security training.


What's The Value In Attack Attribution?

"If you are an enterprise, you want to fix vulnerabilities. If you know who is attacking you, it makes prioritizing a little bit easier," O'Leary said. In the grand scheme of things attribution doesn't really matter because if an enterprise has one vulnerability, then an attacker has an entry point. Attribution does, however, help in that, "If they know that someone is targeting them for a DDoS, they probably want to go harden their server. It helps them to prioritize what is on their plate," O'Leary said. Given that some cybercriminals are lazy, they are going to go after known vulnerabilities that are easy. Attribution provides a security team with the information they need to identify the vulnerabilities they have in order to fix them. "They can spend money on fixing them rather than doing analysis on trends and figuring out who is trying to attack them. It's about reducing the attack surface," O'Leary said.


The best response to some cyberattacks may be to ignore them

To figure out why pointing the finger in cyberattacks is not always the right move, political scientist Robert Axelrod of the University of Michigan in Ann Arbor and postdoctoral researcher Benjamin Edwards of IBM Research in Yorktown Heights, New York, turned to game theory—the mathematical modeling of competition and cooperation among people, organizations, or governments. They and other researchers have used game theory to study how to carry out and defend against cyberattacks, but the new research takes a broader approach by also factoring in the attacker’s and victim’s political strengths and weaknesses and how much they know about each other. “We’re trying to incorporate that uncertainty and that political climate into the game as well,” Edwards says.


How A.I. could affect the world of corporate training

No training program is going to be perfect immediately, but with most training programs having a digital element, it’s time-consuming and expensive to make changes on any kind of frequent basis. Depending on the nature of your industry and the size of your business, your training programs should be updated at least quarterly, if not monthly. An A.I. program could feasibly handle this for you -- at least in some ways. It could gather information about employee engagement or failure points within the program, and automatically test new variations to try and solve the problem on its own. ... An A.I. program could more effectively measure each employee’s engagement with the program, and intelligently compare their results to a control population to figure out whether the program is doing its job. It would then, of course, be able to make adjustments to the program to improve it.


The Future Is in Fog Computing

A fog computing network has two planes, the data plane, sometimes referred to as forwarding plane, and the control plane. The data plane determines what happens to the data packets. It allows computing resources to be placed anywhere in the network, as they don’t have to be centered on a server as they can be distributed on the edge of the network. The control plane provides an overview of the network, and it functions with the routing protocols that run in the architectural control element. Fog computing allows IoT data to be processed in a data hub or smart device closer to the sensor that’s generating it. With cloud computing, you always had to depend on the cloud repository and accessing data required bandwidth allocation and connectivity.


CDN Security is NOT Enough for Today

Attackers have learned that a significant blind spot in CDN services are the treatment of dynamic content requests. Since the dynamic content is not stored on CDN servers, all the requests for dynamic content are sent to the origin’s servers. Attackers are taking advantage of this behavior and they generate attack traffic that contains random parameters in the HTTP GET requests. CDN servers immediately redirect this attack traffic to the origin, expecting the origin’s server to handle the requests. But, in many cases, the origin’s servers do not have the capacity to handle all those attack requests and they fail to provide online services to legitimate users, creating a denial-of-service situation. Many CDNs have the ability to limit the number of dynamic requests to the server under attack. This means that they cannot distinguish attackers from legitimate users and the rate limit will result in legitimate users being blocked.



Quote for the day:


“What seems to us as bitter trials are often blessings in disguise” -- Oscar Wilde