Daily Tech Digest - April 27, 2017

Folks are fantasizing about Amazon's Alexa

“A deeper emotional attachment is starting to develop,” Mindshare writes. It says this increasing attachment is caused by improvements in understanding of the user, by the virtual assistant. Affinity increases the more the voice assistant understands the user. Artificial Intelligence (AI) improvements are behind those recent gains, and the user understanding is likely to increase as AI continues to improve over time. People like thinking they’re conversing with a genuine person when they talk to the devices, Mindshare says. According to its research, 70 percent of those interviewed want that. In addition, the report says, “Over a third (37 percent) of regular voice technology users say that they love their voice assistant so much that they wish it were a real person.”


How one organisation’s incident can become everyone’s defence

The Quantum Dawn exercises are one component of Sifma’s comprehensive work with its members on a variety of cyber security initiatives. These exercises create a cross-departmental incident response focus that is tough to achieve in daily business operations.  For example, the cyber security team at a given bank may understand their realm extremely well, but may not fully understand how payment processing in their bank works and the impact if payment processing functions are attacked as part of a sophisticated criminal enterprise targeting the bank. But through such collaborative exercises, each department understands its roles and responsibilities. Rapid and accurate communication is key. Indicators of compromise discovered during the early parts of an attack may trigger specific parts of the incident response playbook.


The Long Slog To Getting Encryption Right

According to the Ponemon study, enterprises' focus on encryption and key management is being spurred on by increased cloud adoption as more data moves into third-party data centers. Approximately 67% of organizations report that they either perform encryption on premises prior to sending data to the cloud or encrypt data in the cloud using keys they generate and manage on premises. An additional 37% also report that they encrypt some cloud data using methods that turn complete control of keys and encryption processes to the cloud provider.  This most recent study doesn't offer a fine point on how much data is going to the cloud completely unencrypted--but data out in 2016 from HyTrust showed that number to be pretty alarming. According to that study, about 28% of all data within all cloud workloads remain unencrypted.


How to implement DevOps: 5 tips for doing it right

The benefits of DevOps are clear: High-performing organizations deploy 200 times more frequently, with 2,555 times faster lead times, according to a study of more than 25,000 tech professionals from Puppet and DevOps Research and Assessment. High-performers are also twice as likely to succeed with product deployments without service impairments or security breaches. And when something does go wrong, they can fix it 24 times faster. "Tons of evidence showed us that [with DevOps], you can go more quickly and be more reliable at the same time," said Gene Kim, co-author of the report, and co-author of The DevOps Handbook. Here are five tips to help make sure your DevOps implementation reaps the maximum benefits.


Profiling The Insider Threat - Breaking Down a Complex Security Term

Frustration turned to anger, and after trying time and time again to get the company’s attention, Dave took it upon himself to destroy the software just to prove a point. This kind of situation is more common that usually thought: broken promises, the undervaluing of an employee’s opinion, and not heeding sensible advice can often result in those on the frontline of development to lash out against the company. In order to detect situations like Dave’s, the first line of defense is often looking out for the human signs of an unhappy employee. If this fails, then companies need to turn to technology to look for behavior on the network that is out of the ordinary. ... It’s also important to note that your data needs to be monitored at all time: while at rest, while it’s moving, and data in use for policy violations.


Are you prepared for a corporate crisis?

Understandably, companies spend more time trying to prevent crises than preparing for them. However, crisis readiness has become at least as important as risk management, takeover readiness, and vigilance over safety. Underpreparedness has consequences and helps explain why companies engulfed by a large crisis initially underestimate the ultimate cost by five to ten times.2Senior executives are frequently shocked by how quickly a problem can turn from a minor nuisance into an event that consumes and defines the company for years to come. ... When a crisis hits (or is about to hit), one of the first actions should be to create a cross-functional team to construct a detailed scenario of the main primary and secondary threats, allowing the company to form early judgments about which path the crisis may travel.


Hyundai app exposed vehicles to high-tech thieves

"The issue did not have a direct impact on vehicle safety," said Jim Trainor, a spokesman for Hyundai Motor America. "Hyundai is not aware of any customers being impacted by this potential vulnerability." The bug surfaced as the auto industry bolsters efforts to secure vehicles from cyber attacks, following a high-profile recall of Fiat Chrysler vehicles in 2015 and government warnings about the potential for car hacks. Risks have multiplied in recent years as vehicles have grown more complex, adding features like mobile apps that can locate, unlock and start them. "What's changed is not just the presence of all that hackable software, but the volume and variety of remote attack surfaces added to more recent vehicles," said Josh Corman, director of the Atlantic Council's Cyber Statecraft Initiative.


Systemic cybersecurity crisis looms

Because it is highly probable that an organization will fall victim to a data breach at some point, it is wise to be as prepared as possible for that attack. Having a cybersecurity program in place can minimize the damage. Similar to insurance, companies without an effective plan in place will pay a premium, facing both financial and reputational repercussions. That said, cyber insurance providers have emerged with nearly 70 carriers on the market now. However, given the evolving nature of technology, an organization’s network, systems and methods for securing these assets change, which means their cyber risk changes. As a result, determining the appropriate policy is challenging. Additionally, the cyber insurance market is brand new, so the offerings are questionable at best. It is much more advisable to focus on implementing and maintaining a strong security program instead.


How to share your Power BI dashboards and reports

The key thing to remember about Power BI sharing is that it is domain based. In other words, if my Power BI dashboard is created under the markwkaelin.com domain, it can be shared only with other email addresses in that domain. It is important that the enterprise IT department and Office 365 administrators understand this limitation and plan accordingly. To share a dashboard, first open Power BI. In this example, I am using the Office 365 version. Next, navigate to the dashboard you want to share. Right-click the dashboard name in the navigation panel or click the Share button on the tab bar in the upper-right corner. Either method will take you to a screen where you can list the email addresses of the people you want to share this dashboard with in your enterprise.


After early hype, smartwatches slowly emerge with enterprise uses

Workers already wear smartwatches on the job for quick access to notifications and emails, as well as an array of personal fitness data. Also, some employers are giving workers smartwatches for specific tasks, Ubrani said. Among the workplace uses for smartwatches, enterprise software company SAP has made mobile apps available for Apple Watch and Samsung smartwatches for more than a year, but it isn't clear how widely they have been deployed. In 2015, one ambitious concept design detailed how a medical device service technician could check the status of repairs on an Apple Watch with the SAP Work Manager app. The success of that project isn't known. A more recent example is the Salesforce Wave Analytics app, which works with the iPhone and the Apple Watch to provide sales reps and managers with current data on their customer accounts.




Quote for the day:

"Our minds can be convinced, but our hearts must be won." -- Simon Sinek