Daily Tech Digest - October 31, 2017

Over half (54%) of German IT and Security Staff confess to Snooping on Sensitive Information about their Company’s Performance
“Despite having a reputation for taking privacy far more seriously than many other nations, including many in Europe, the German people appear to have an unhealthy interest in poking their noses into their employer’s business. “The fact that over half of German employees had attempted to uncover sensitive business information, and 80% had gone looking for other business data outside of their job requirements, suggest a potential insider threat issue for businesses in the country. “Even though the perennially conservative Brits were less nosey, the suggestion that 42% had gone looking for sensitive company information is about 42% higher than most internal security departments would be happy with.


Will Stronger Borders Weaken Innovation?

“Restrictions on visas, restrictions on talent movement, how easy it is to share technology and knowledge — none of these were issues we were talking about before our 2016 strategy review, and now they’re on our radar screen,” says Robert Pagano, chief executive officer of Watts Water Technologies, a U.S.-based global provider of products and solutions for the plumbing, heating, and water quality industry. Watts Water Technologies conducts R&D in North America, Europe, and Asia. As companies plan for their future R&D activities, says Pagano, “they will need to look at various scenarios based on the current and potential environment. The key is that you have to be flexible now, and careful not to commit [over the] long term to potential political hot spots. Uncertainty breeds uncertainty.”


Transparency: The key to risk management


Senior management needs to understand that ESG violations can cause not only reputational damage, but also serious financial risk, including loss of access to capital, regulatory fines and even criminal proceedings. The now defunct British Home Stores (BHS) was a pillar of society in the UK, but its public image of respectability obscured fraudulent behaviour by its former owners, Sir Philip Green and Dominic Chappell, who are being investigated by liquidators to determine whether they breached their duties. In April 2016, BHS went into administration, causing 11,000 job losses and leaving a £571million pension deficit. A parliamentary committee inquiry into its failure concluded that BHS had been systematically misappropriated by its directors. Following a public outcry, Mr Green agreed to pay £363million into the company’s pension scheme.


University of Manchester launches city fitness application


App users will be able to set a personal daily steps goal. Then, by plugging into other active CityVerve projects, BeeActive will offer users missions to accept. For example, if the app detects its user is on a bus, traffic is slow and the weather is fine, it might suggest getting off and walking the rest of the way. It will also include an educational component, pushing notifications about sites of historical interest, for example. “This is a really exciting opportunity to become part of Manchester’s technology demonstrator project, which could help shape the future of the way we engage with technology,” said Charlotte Stockton-Powdrell, BeeActive project manager. “It is also a chance to explore the city of Manchester, to learn more about its history and, of course, to increase your activity in a fun way.”


AI in the Boardroom: The Next Realm of Corporate Governance

Part of what’s driving the use of AI in health care is the fact that the cost of bad decisions is high. That’s the same in business, too: Consider that 50% of the Fortune 500 companies are forecasted to fall off the list within a decade, and that failure rates are high for new product launches, mergers and acquisitions, and even attempts at digital transformation. Responsibility for these failures falls on the shoulders of executives and board members, who concede that they’re struggling: A 2015 McKinsey study found that only 16% of board directors said they fully understood how the dynamics of their industries were changing and how technological advancement would alter the trajectories of their company and industry. The truth is that business has become too complex and is moving too rapidly for boards and CEOs to make good decisions without intelligent systems.


Exquisite Skills Your Development Team Must Have


It is important for them to keep in mind that customer obsession wins over the business competition. They should look to inculcate all possible pattern defining and data mining techniques to make the solution predictive and adaptive for the user. There are many very successful companies like Amazon who have exemplified the use of advanced technologies for first fuelling and then boosting their businesses. Another killer technology that felicitates business growth is machine learning. ... It is crucial for the chief architect in the development team to be aware of the new technologies know multiple frameworks in and out for a wise choice of the architecture and the platform of the business solution. Also, they must be smart enough to take decisions on the basis of their advantages and deployment of the same if needed.


How do banks charter their way to better data privacy?

thinkstockphotos vault safe bank door
The recent and coming regulations are pushing to reduce the risks related to data management on both side: integrity of the data and confidentiality of those data. Numerous regulations are already published and applicable in the U.S. Dedicated regulation will focus on the data life cycle. Other will protect the client confidentiality with cyber protection effort such as the NYS-DFS 500-23 regulation in New York. The industry leverages various frameworks either based on regulatory sources or best practices to ensure the proper identification of what needs to be protected. Unfortunately, in an intertwined ecosystem pulling a string brings all the ecosystem. This issue is faced by both front office side with the definition of the scope of data to be protected, the back office with a similar effort on the application or the IT with all the underlying infrastructure.


How is the big switch to the public cloud working out?

Microsoft has led their on-premises franchise right into their cloud and now they’re trying to expand. But I think they’re missing something important: [the] critical mass of enterprise applications. ... Strategically, I find this interesting, as most everything important in an enterprise IT landscape revolves around those beefy, mission-critical apps. All data captured leads there: web data, IoT. All business decisions are made there: analytics, big data, ML, etc. All actions within a business are driven by enterprise apps. ... The mainstream press points at Amazon as the “market leader”. True, by revenue, mostly IaaS. But there’s a whole lot of enterprise workloads left to go to the cloud. And if you’d like to get an IT manager riled up over dinner, ask them how their AWS experience is going.


Vietnam's Central Bank Announces Ban on Bitcoin Payments


The moves comes as part of a new legal framework for cryptocurrencies instigated by Vietnam's Prime Minister Nguyen Xuan Phuc. That process has now been completed and the framework submitted to the government, the State Bank indicates. Local reports suggest that the ban may already be having an impact on local institutions. News source VietnamPlus said that FTP University in Hanoi, which recently announced it would allow students to pay for tuition in bitcoin, could now be forced to reverse that decision. Representatives of the State Bank reportedly stated that, if the university continued to treat bitcoin as a "legal means of payment," it would be "committing an act of violation under the current law provisions, and may subject the university to the appropriate sanction."


How penetration testing can prevent web application attacks

Regular web application penetration tests can find security problems in websites and web applications. Testers review server systems, static content and server-side programs that implement the application logic to identify insecure development practices in the design, coding and publishing of software. Penetration testers will also provide recommendations for improving your security posture. Depending on the vulnerability, they might advise adjusting the organisation’s processes to keep untrusted data separate from commands and queries, developing strong authentication and session management controls, or separating untrusted data from active browser content. IT Governance offers fixed-price and bespoke CREST-accredited penetration tests, and all our tests are followed by reports that rank and rate vulnerabilities in your systems.



Quote for the day:


"Maturity isn't when you start speaking big things, its actually when we start understanding small things." -- Unknown