Daily Tech Digest - July 24, 2017

The Skills And Traits Of A Next Generation CIO

"Back then, when you searched for 'customer experience officer' on LinkedIn, mine was the only name that showed up," says Lindberg, who was recently appointed president of Kobie Marketing, a provider of loyalty program solutions. "Now there's something like 37,000 of us." Over the past ten years the number of digital customer touchpoints -- and the data associated with them -- has exploded. CIOs who see their primary function as managing internal IT systems are not in a position to deliver the information businesses need to improve the customer experience, she says. "If you're a CIO who hasn't made the realization that we are multiple years into the age of the customer, then it's time to shop for a new job," says Lindberg. "You have to understand the customer's wants and needs. That's why one of the first things I do upon walking into an organization is figure out how to connect the CIO to the live voice of the customer on an ongoing basis."

Cisco Security Report: 34% of Service Providers Lost Revenue from Attacks

DeOS attacks’ “aim is not just to attack, but to destroy in a way that prevents defenders from restoring systems and data,” writes David Ulevitch, SVP and GM of Cisco’s security business, in a blog post. Security researchers watched the evolution of malware during the first half of 2017. Attackers increasingly require victims to activate threats by clicking on links or opening files, the report says. Additionally, they are developing fileless malware that lives in memory and is harder to detect or investigate as it is wiped out when a device restarts. Adversaries are also relying on anonymized and decentralized infrastructure, such as a Tor proxy service, to obscure command and control activities. The report notes an increase in spam volumes, in which attackers use email to distribute malware and generate revenue. This coincides with a decline in exploit kit activity since mid 2016.

Consumers Welcome AI, Despite Lingering Privacy Concerns

In a world where more than four billion records of personal information were stolen or lost during 2016 and data breaches at large corporations dominate news headlines, privacy has become a hot-button issue for any new technology, including AI. Although consumers remain concerned about protecting their privacy and the vulnerability of their personal information, most are more interested in the potential for positive societal impact. When asked about the importance of AI being used to solve today’s bigger issues for the benefit of our society, consumers told us that they would be willing to share their personal information if it meant doing so could further medical breakthroughs (57%), relieve city traffic and improve infrastructure (62%), solve cybersecurity and privacy issues (68%)

Quest for AI Leadership Pushes Microsoft Further Into Chip Development

Bringing chipmaking in-house is increasingly in vogue as companies conclude that off-the-shelf processors aren't capable of fully unleashing the potential of AI. Apple is testing iPhone prototypes that include a chip designed to process AI, a person familiar with the work said in May. Google is on the second version of its own AI chips. To persuade people to buy the next generation of gadgets—phones, VR headsets, even cars—the experience will have to be lightning fast and seamless. "The consumer is going to expect to have almost no lag and to do real-time processing," says Jim McGregor, an analyst at Tirias Research. "For an autonomous car, you can't afford the time to send it back to the cloud to make the decisions to avoid the crash, to avoid hitting a person. The amount of data coming out of autonomous vehicles is tremendous you can't send all of that to the cloud."

OAuth 2.0 Threat Landscapes

It’s neither a flaw of OAuth 2.0 nor how Google implemented it. Phishing is a prominent threat in cyber security. Does that mean there is no way to prevent such attacks, other than proper user education? There are basic things Google could do to prevent such attacks in the future. Looking at the consent screen, ‘Google Docs’ is the key phrase used there to win user’s trust. When creating an OAuth 2.0 app in Google, you can pick any name you want. This immensely helps an attacker to misguide users. Google could easily filter out the known names and prevent app developers from picking names to trick the users. Another key issue is, Google does not show the domain name of the application (but just the application name) on the consent page. Having domain name prominently displayed on the consent page will provide some hint to the user where he is heading to.

AI Cyber Wars: Coming Soon To A Bank Near You

We are beginning to see both offense and defense using automation, machine learning and artificial intelligence (AI) to counter each other’s moves. For example, as firms adopt voice biometrics to make customers’ access to their accounts and information more secure, cyber-criminals can use the same machine learning algorithms to mimic voices and gain unauthorized access. Lyrebird, a Montreal-based AI startup, has developed a voice generator that can imitate almost any person’s voice, and can even add emotional elements missing from computer generated personas such as Siri and Cortana. Staying one step ahead of the threat is difficult, but forward-thinking financial institutions realize it’s imperative. As financial institutions up their game to protect their assets, three AI priorities have emerged: focusing resources, visualizing the threat, and accelerating response time.

What is Node.js? The Javascript Runtime Explained

Node.js takes a different approach. It runs a single-threaded event loop registered with the system to handle connections, and each new connection causes a JavaScript callback function to fire. The callback function can handle requests with non-blocking I/O calls, and if necessary can spawn threads from a pool to execute blocking or CPU-intensive operations and to load-balance across CPU cores. Node’s approach to scaling with callback functions requires less memory to handle more connections than most competitive architectures that scale with threads, including Apache HTTP Server, the various Java application servers, IIS and ASP.NET, and Ruby on Rails. Node.js turns out to be quite useful for desktop applications in addition to servers. Also note that Node applications aren’t limited to pure JavaScript. You can use any language that transpiles to JavaScript, for example TypeScript and CoffeeScript.

Four Tips for Working with Angular Components

If you want to improve the quality of your applications, you need to improve the quality of your code. That may mean tackling a new concept, or it might simply mean approaching existing concepts in a better and more efficient way. Learning to use components in Angular in the most efficient way possible, for instance, can help you to create applications that are more upgradable, that run more smoothly and that will be more future proof. Components have been a part of Angular since version .5 of AngularJS and provide a convenient and handy way to organize and recycle code. Angular (the shorthand for Angular 2) is not so much an upgrade to Angular 1.x as much as a ‘sequel’, being entirely rewritten with mobile support and other features in mind. Here, the controllers used in 1.x are completely replaced with components.

The Database’s Role in Speeding Application Delivery

Among databases there is considerable feature variance, even between relational databases and this may impact time to value. Some databases have a significant overhead in respect of database administration, usually because of the need for performance tuning – partitioning, adding indexes and so on. Products that are largely self-tuning have a cost advantage here, and it can be argued, improve time to value by that alone, although the more significant cost involved is likely to be the cost of the DBA or, alternatively, the business cost of poor database performance. Some practically useful database features improve time to value simply because you do not have to spend time building the capability that is missing or designing around it. A particular case in point here is distributed capability.

In 2017, the pressure is on to be secure. Are you feeling the squeeze?

Executives will be leaning on CSOs to ensure and demonstrate that company data is adequately protected – and their jobs are well and truly on the line, with another recent Trustwave survey suggesting that a data breach that becomes public is a fireable offence at 38 percent of companies. Other concerning vectors for breaches included ransomware and intellectual property theft, with practitioners most concerned about their responsibilities to identify vulnerabilities and stop the spread of malware. Advanced security threats and a shortage of security skills were the areas applying the most operational pressure on respondents, with cloud, Internet of Things (IoT) and social media presenting the biggest technological security challenges.

Quote for the day:

"Don't be afraid of your fears. They're not there to scare you. They're there to let you know that something is worth it." -- C. JoyBell C