Daily Tech Digest - May 04, 2017

Cloud v. Data Center: Key trends for IT decision-makers

What's driving the move to the cloud? A rich source of data is RightScale's annual State of the Cloud survey, which has tracked the cloud-related activities of enterprises and SMBs for the past five years. When it comes to the perceived benefits of cloud-based computing, the main attractions have consistently been 'faster access to infrastructure', 'greater scalability', 'higher availability' and 'faster time-to-market'. Note also that there's a rising trend for citations of these four key cloud benefits ... There's also a gaggle of secondary benefits, cited by significantly fewer survey respondents (<40%): 'business continuity'; 'geographic reach'; 'higher performance'; 'moving CapEx to OpEx'; 'cost savings'; and 'IT staff efficiency'.


Using AI-enhanced malware, researchers disrupt algorithms used in antimalware

"Many machine learning algorithms are very vulnerable to intentional attacks," add the researchers. "Machine-learning based malware detection algorithms cannot be used in real-world applications if they are easily to be bypassed by some adversarial techniques." Hu and Tan came to this conclusion based on research by Szegedy et al, who were able to bypass malware-detection algorithms using altered information (adversarial examples) that maximized malware classification errors, making it impossible for the detection algorithm to spot malware. The two researchers then proceeded to build on the research of Szegedy et al by proposing the use of generative neural networks and the alteration of original samples to make input and output adversarial examples.


How to Integrate Threat Intel & DevOps

Integrating cyberthreat intelligence (CTI) into a DevOps platform is critical to prevent, detect, respond, and predict cybersecurity threats in a more timely and cost-effective manner. This is true because integration allows automation of everyday tasks such as patch management and vulnerability scanning, allowing employees to turn their attention away from these automated tasks to focus on more complex problems and analyses. At the same time, in our modern, complicated, fast-paced cyber environment, it's difficult to hunt for and find vulnerabilities. Ideally, you will subscribe to threat feeds that have information specific to your systems, networks, or industry, because a power plant operator will want different kinds of threat information than a bank IT team. If your threat feed is specific to your environment, it could help automate the discovery of vulnerabilities and help you prioritize fixes.


Agile development an 'IT fad' that risks iterative failure

One of the key tenets of an agile methodology is that it is an iterative process, where errors can be quickly resolved through continuous improvement. However, according to 6Point6, while fail fast is an intoxicating prospect, in practice, it can blur the distinction between continuous improvement and genuine failure. Specifically, Porter believes in agile projects it is hard to know when an agile project is on the road to ruin. He warned the iterative process may lead to iteratively improving, one failure at a time, towards the wrong outcome. “At no point will this become obvious in the same way it would if you were constrained and measured by a combination of time, budget and scope,” he said.


Blockchain Inadvertently Fuels Cloud Adoption

The biggest and hottest of these catalysts is blockchain—arguably one of the best technologies for the digital age. Blockchain’s inherent strengths have been designed to increase trust and virtually eliminate fraud. Based on algorithms, blockchain technology’s advanced encryption and validation form many independent parts, providing golden distributed ledgers, recorded provenance, and data lineage, as well as numerous benefits for the financial supply chain. Coupled together, blockchain and cloud become a powerful, secure trusted platform. Cybercrime —a constant threat for banks and once seen as a cloud inhibitor—has now also morphed into another catalyst for cloud adoption as banks seek greater security. That’s because core banking technology was originally based on paper and customers without mobile phones—a model that’s no longer applicable or tenable.


Smart Cities Are Going to Be a Security Nightmare

Simply put, smart cities rely on interconnected devices to streamline and improve city services based on rich, real-time data. These systems combine hardware, software, and geospatial analytics to enhance municipal services and improve an area’s livability. Inexpensive sensors, for example, can reduce the energy wasted in street lights or regulate the flow of water to better preserve resources. Smart cities rely on accurate data in order to properly function. Information that has been tampered with can disrupt operations — and constituents’ lives — for days. Several cities have adopted smart technologies, applying artificial intelligence to accelerate their transition into the future. In Barcelona, smart water meter technology helped the city save $58 million annually. In South Korea, one city cut building operating costs by 30% after implementing smart sensors to regulate water and electricity usage.


Artificial Intelligence: 10 influencers driving AI in business

As we move ever further into the age of machine learning and artificial intelligence (AI), we see more and more companies and AI influencers turning towards this technology in an effort to streamline their customer experiences, reduce their costs, or just wishing to push the boundaries. New research from Axelos and PRINCE2, found that 60% of IT professionals believe that machine learning and AI will have a huge impact on project managers, and that 59% believe automation will replace many routine PM tasks, and this is just one job. But what about the people driving this industry? Who are the most influential people currently making a splash in the field of AI? Take a look at CBR’s list of the top 10 AI influencers that you should be looking out for.


Credit unions look to blockchain to solve digital identity crisis

The concept of self-sovereign identity promises to give individuals their own digital existences apart from any company or government. Perhaps Descartes could be sure of himself simply as a result of his own cognition, but people's identities online are fragmented, out of their control, spread across countless proprietary platforms. Mark Zuckerberg could erase anyone's Facebook identity tomorrow if he chose. ... If people could be in control of their own digital identities, and the public keys to those identities could be stored securely and cheaply on a blockchain, "all of a sudden now the bank doesn't have to build an identity system, yet they get identities that are more trustworthy than they got when they were building their own," said Phillip Windley


Industrial robots that build cars can be easily hacked

"If these robots are welding a car chassis together or a wing on an airplane, two milimeters can be catastrophic,” said Mark Nunnikhoven, the vice president of cloud research at Trend Micro.
 Robot controllers, which are typically handheld screens with buttons that are used for operating or programming the machines, are also often remotely accessible through the internet, and those internet connections are not always secure. It was through unsecured network connections that the researchers were able to alter the configuration file in the ABB robot that caused it to draw the line wrong in their tests. The researchers said robots from other manufacturers had similar security holes, but ABB was the only company that lent the team a robot to test for vulnerabilities. Many of the industrial robots probed also had security issues with how users were authenticated to access them.


How the insurance industry could change the game for security

The cyber insurance industry doesn't have anywhere near the kind of deep expertise as, say, property and causality, life insurance, or automotive. "You'd think they'd take their actuarial knowledge, analytical knowledge and amass a ton of information about the claims they paid out, what the underlying causes were, so they can improve their policies," he said. "And the reality is, they haven't." Instead, the industry is struggling with a dramatic shortage of personnel and a problem with getting good actuarial data. "Most people writing cyber insurance don't have technical backgrounds," he said. "They come from writing some other type of property and casualty insurance. They need to hire better people -- and collect more data."


Is Your Small Business Ready For a Data Breach?

Your online presence is the face you present to the world. The information needs to be accurate. The branding needs to be consistent. It needs to be in line with your business strategies. And it needs to protect the customers who place their trust in you. That’s especially true when it comes to data breaches. Having digital integrity in the context of data breach means that you are protecting your prospect and customer data from a number of bad actors trying to steal it. In 2015 alone, almost 160 million records containing sensitive information were compromised. And if you think you’re too small to be a target, you’re wrong. Small businesses are the target of 43% of all cyber attacks. Most criminals understand that small businesses don’t have the resources to enact security on the same level as a large enterprise. Unprepared businesses are the proverbial low-hanging fruit.



Quote for the day:

"Many people mistakenly think a new technology cancels out an old one." -- Judith Martin