Daily Tech Digest - November 23, 2017

Five Big Data Trends To Influence AI In 2018

big data
The age of Big Data has reached an all new high as disruptive and innovative digital technologies push businesses to adapt quickly in a rapidly changing consumer market. The capabilities and agility of big data combined with the scale of artificial intelligence is helping businesses across industries to understand evolving consumer behaviour and preferences, gain business intelligence and apply valuable insights when creating strategies. The convergence of big data and AI is the most significant development for businesses across the globe, enabling them to capitalise on hitherto unexplored opportunities. A major factor accentuating the importance of big data is also the massive volume of, and speed at which data is created through digital technologies and devices, providing businesses with real-time access to information from far more number of sources than ever before.

What CIOs can learn from investors when assessing fintech startups

Whether they understand the inner workings of a fintech, those in charge of the money want a return on their investments – and margins for investors in fintech can be low compared to other segments such as e-commerce, media and software. This means fintechs need a large volume of business to become profitable. However, it is possible to see these investments under a different light. To start with, investors need to consider that the dynamics of customer relationships are often different in financial services, says Degnam. “What’s attractive about financial services is that the scale of the markets is often significantly larger – sometimes in the trillions of dollars – and the customer relationships are generally longer lived. “Where it’s pretty easy for someone to shop at a different retailer, it’s much more difficult for a person to switch providers of their financial products, both in consumer and business markets,” he says.

How to better manage mixed data center environments

hybrid clouds
The paradox is that many businesses recognize the gains associated with moving to public or hybrid cloud models, but often do not fully appreciate the strategy necessary to optimize their performance. Fortunately, there are methods to help IT teams better understand how their cloud infrastructure is performing. Cloud infrastructure tools provide IT staff with greater visibility and real-time insight into power usage, thermal consumption, server health and utilization. The key benefits are better operational control, infrastructure optimization and reduced costs, no matter the shape of an organization’s cloud. So as the clouds part, let’s look at some of the ways cloud infrastructure tools can help IT teams in their transition from private to public or hybrid clouds.

The future of artificial intelligence in data centers

AI and ML have the capability to transform how data centers are run. Increasingly, the move toward virtualized and cloud-based platforms means that administrators are struggling to deal with issues. For example, the root cause could be down to any of several items, and the curing of one issue can just shift a problem to a different area on the platform. AI and ML can work from the creation of a known baseline operating condition for a platform and can then monitor any significant change to this -- and can see exactly what has caused that change. Based on empirical knowledge of the multiple different workloads concerned, the system can then automatically decide whether the change requires intervention or whether it should just wait to see if the event calms down and the platform reverts to normal conditions.

How GDPR will impact data management practices

To put the provisions of the GDPR in context, I should note the United States and Europe have very different views of data privacy. In the US, we tend to put greater value on free speech—and the right to evidence in litigation—than we do for data privacy. In fact, contrary to what many Americans think, there is no specific right to privacy in the US Constitution. American courts have interpreted certain privacy rights from amendments to the Constitution, including the first 10 amendments, known commonly as the Bill of Rights. However, the original document is silent on the issue of privacy, and it wasn't until 1965 that the US Supreme Court articulated an individual right to privacy when it overturned a state law on contraceptives in Griswold v. Connecticut.

Government urged to improve redress for mass data breaches

Despite a commitment that the government would use the Data Protection Bill to make it easier for those affected by data breaches to have a clearer right of redress, the letter claims that the bill currently fails to deliver the provisions that are needed.  The letter suggests that implementing Article 80(2) of the GDPR would create a collective redress regime for breaches of data protection law. “This would complement the existing collective redress regime introduced under the Consumer Rights Act 2015 (CRA) which applies to infringements of competition law,” the letter says, arguing that the courts have procedures and practices in place for the CRA, including ensuring only cases that have merit proceed, which could be adapted to apply to an Article 80(2) regime.

Will the end of net neutrality crush the Internet of Things?

net neutrality computer internet broadband regulation goverment
Attempts to leverage the new rules might not have be so blatant, though. A carrier might simply tell a company like GE that if it wants guaranteed prompt delivery of the data from its industrial IoT devices, it will have to upgrade to a higher — read, more expensive — tier of service to ensure the required service levels. Given the high stakes, a company the size of GE might be willing go along. But smaller businesses — especially those upstart IoT startups with the cool new ideas might — not be able to afford to pay the freight for premium net access. So, the data from its IoT devices might not be delivered for analysis in a timely fashion … or at all. For enterprise IoT users, the initial effect is likely to be higher costs to ensure access and greater uncertainty about the best ways to connect IoT devices.

3 ways to consolidate data security and disaster recovery strategies

For years, many IT leaders have outlined and executed security and disaster recovery plans as two separate programs. Now as IT evolves in a cloud era, this approach is beginning to cause serious issues for organizations. The original rationale for separating plans is founded on the idea that security prevents man-made disasters from occurring, with zero focus on recovery. This approach was in no way coordinated with the recovery plans. While the protocols for each might be unique unto themselves, it’s risky to keep security and disaster recovery as separate entities. Even with the best preventative security technology, man-made disasters can and will happen. We see examples of this time and again as major brands are headlined across the globe from widespread outages or ransomware, leaving CIOs scrambling to regain true IT resilience by combining cybersecurity with disaster recovery.

Enterprises must address Internet of Identities challenges

Enterprises must address Internet of Identities challenges
Active Directory came in through Windows servers, VPNs and VLANs came via Cisco, authentication technologies like RSA SecureID were procured and managed by security teams, etc. As a result, everyone has a piece of IAM, but no one owns it across the enterprise.  ESG research indicates that IT infrastructure operations (49 percent) bear the majority of IAM responsibility, but security (31 percent), app management (10 percent), app development (5 percent), and mobile app management (4 percent) teams are leaning in on IAM activities. Yup, when it comes to IAM, many organizations could be considered a jack-of-all-trades and a master of none. IAM is a prisoner of the cybersecurity skills shortage. Security teams will be responsible for Internet of Identities policy enforcement, controls and end-to-end monitoring, but this oversight may be impacted by the global cybersecurity skills shortage.

Business Transformations caused by Business Intelligence

For us to understand the influence of business intelligence in today’s world, we need to understand the meaning of the term itself. When we separate the words, ‘business’ is defined as trading activities that involve buying and selling goods or services. ‘Intelligence’ is seen as a ‘collection of information which is perceived to be of certain value,’ in this case, economic and financial value. Combining both words gives us a clear definition of what business intelligence is about, but with a slight catch -the collection PLUS analysis of information, strategies, and software that is perceived to be of great economic and financial value for those who are at their receiving end. This collection of valuable information is subject to modifications with time as software get more efficient and better ways are discovered to enhance smooth trading transactions.

Quote for the day:

"Open Leadership: the act of engaging others to influence and execute a coordinated and harmonious conclusion." -- Dan Pontefract

Daily Tech Digest - November 22, 2017

The code of ethics for AI and chatbots that every brand should follow

The topic of chatbot ethics is complex and spans a wide area including privacy, data ownership, abuse and transparency. Rob High, CTO of IBM Watson was recently featured in an article on Forbes.com titled “Ethics And Artificial Intelligence With IBM Watson’s Rob High.” In the article, Rob talks about how in order to keep AI ethical, it needs to be transparent. Rob advises that when customers interact with a brand’s chatbot, for example, they need to know they are communicating with a machine and not an actual human. Ethics form the foundation of how a bot is built, and more importantly, they dictate how a bot interacts with users. How a bot behaves has the potential to influence how an organization can be perceived and unethical behavior can lead to consumer mistrust and litigation issues. Ethical bots can promote brand loyalty and help boost profit margins.

Machine learning can cure your terrible data hygiene

Data hygiene isn't easy. You can't hire enough interns to even come close to rectifying past mistakes. The reality is enterprises haven't been creating data dictionaries, meta data and clean information for years. Sure, this data hygiene effort may have improved a bit, but let's get real: Humans aren't up for the job and never have been. ZDNet's Andrew Brust put it succinctly: Humans aren't meticulous enough. And without clean data, a data scientist can't create algorithms or a model for analytics. Luckily, technology vendors have a magic elixir to sell you...again. The latest concept is to create an abstraction layer that can manage your data, bring analytics to the masses and use machine learning to make predictions and create business value. And the grand setup for this analytics nirvana is to use machine learning to do all the work that enterprises have neglected.

What’s Keeping Deep Learning In Academia From Reaching Its Full Potential?

Getting the most out of machine learning or deep learning frameworks requires optimization of the configuration parameters that govern these systems. These are the tunable parameters that need to be set before any learning actually takes place. Finding the right configurations can provide many orders of magnitude improvements in accuracy, performance or efficiency. Yet, the majority of professors and students who use deep learning outside of computer science, where these techniques are developed, are often using one of three traditional, suboptimal methods to tune, or optimize, the configuration parameters of these systems. They may use manual search–trying to optimize high-dimensional problems by hand or intuition via trial-and-error; grid search–building an exhaustive set of possible parameters and testing each one individually at great cost

How Will Blockchain Disrupt Insurance?

When you consider the characteristics of the blockchain in the area of claims, the far reaching effect of this innovation start to become clear. An important element of blockchain technology that is worth mentioning here is smart contracts. These are lines of code that contain rules and regulations for actions that need to be taken in the event of certain things occurring, as well as the mechanism for executing these actions. In essence, they are digital contracts that are unambiguous in their design and don’t need any human administrator to action. Therefore, instead of waiting days or weeks to settle a claim, the introduction of smart contracts could mean that claims are settled instantaneously and without the need for transmitting paper documents. Our own work with a major global insurer showed what improvements can be made. The personal injury insurance app we collaborated on allowed someone to buy an insurance policy and have it issued on the blockchain.

Technology dominates Autumn Budget as key to UK’s growth

To meet the challenge of tomorrow head on, “we need the skills,” said Hammond. In a range of initiatives, he announced three million apprenticeships to start by 2020, the introduction of the much-anticipated T-levels and a further £20 million for FE colleges to help them to prepare for this. “Knowledge of maths is key in hi-tech, cutting edge jobs,” continued Hammond. To help entice more students into maths, the Budget will help extend maths initiatives to 3,000 school and commit 40 million to train math teachers across country. Computer science is also at heart of the impending revolution, and Hammond announced that every secondary school pupil can now take this, with his plan was to triple the number of trained computer science teachers to 12,000.

The current state of Apache Kafka

Laser light show
The upside is that it lets you move fast. It adds a certain amount of agility to an engineering organization. But it comes with its own set of challenges. And these were not very obvious back then. How are all these microservices deployed? How are they monitored? And, most importantly, how do they communicate with each other? The communication bit is where Kafka comes in. When you break a monolith, you break state. And you distribute that state across different machines that run all those different applications. So now the problem is, ‘well, how do these microservices share that state? How do they talk to each other?’ Frequently, the expectation is that things happens in real time. The context of microservices where streams or Kafka comes in is in the communication model for those microservices. I should just say that there isn't a one size fits all when it comes to communication patterns for microservices.

How Artificial Intelligence is changing the world

If we go through the definition of Artificial intelligence, it will be a type of intelligence that is displayed by Machines and Devices in contrast with the Natural Intelligence i.e. displayed by Humans or other Animals. In this process, Machines and Devices are programmed in such a way that makes them capable to learn and change reaction to environment depending upon the outer Environment and Situations. In early fifty’s People believed that Artificial Intelligence, AI is nothing other than imaginary Creation of the Hollywood. But with the extent of time, progress in the science and technology leads AI to come out of the virtual world. The term is Artificial Intelligence, also known as Machine Intelligence is first coined by John McCarthy for the Dartmouth Conference. From the First Discussion, this term looks catchy and occupied the mind of teach geeks and the Imagination of People ever since.

State Bank of India's blockchain smart contracts, ID verification could boost banking security

"Smart contracts can be used for simple things like non-disclosure agreement... rather than signing forms. A lot of internal processes can be contracted," Baraokar told the Times. "We do a lot of IT procurement, a lot of it can be implemented using blockchain." The blockchain-enabled Know Your Customer (KYC) will help banks verify a customer's identity, with document requests from the bank when opening a new account. This can reduce the human and financial costs of such verification. State Bank of India is also currently designing an innovation center in Navi Mumbai, which will research emerging technologies such as artificial intelligence (AI), machine learning, robotic process automation, and predictive analytics, and their potential use for making banking easier.

C-suite execs investing heavily in blockchain technology to remain competitive

Blockchain Investment
The boardrooms of the private mid-market firms that took part in the survey not only understand blockchain technology, but also see the real value in implementing it within their day to day operations. The survey found that 34% of respondents plan to use blockchain for storing and securing digital records, 24% said they will use it for executing smart contracts, and 19% said they will use it to exchange digital assets. ‘The shared-ledger technology known as blockchain is making business more efficient and transparent for companies of all sizes,’ writes the report. ‘If credit scores have long determined the terms of certain financial transactions, blockchain-based solutions will raise the stakes even more for reputation and digital identities by adding a higher level of trustworthiness to digital interactions.’

Only half of business leaders viewed as digitally literate

The global findings were released today and paint a concerning portrait for the progress to date, and future of digital transformation across the globe. The Digital Transformation Barometer data delves into digital transformation and digital literacy within leadership, as well as emerging and disruptive technologies across the globe within several industries. “With this research, ISACA’s global membership provides a digital transformation reality check that assesses actual technology adoption plans, levels of sentiment of support and concern, and monetary commitments to deploy emerging technology by geography and industry,” said ISACA CEO Matt Loeb, CGEIT, CAE. “The resounding message from our research is clear: senior leadership needs to invest in increasing its digital fluency. Organisations with digitally fluent leadership are more clearly recognising the benefits and risks of emerging technologies.”

Quote for the day:

"Leadership cannot just go along to get along. Leadership must meet the moral challenge of the day." -- Jesse Jackson

Daily Tech Digest - November 21, 2017

Consumers Want IoT Toys Regardless of Security, Survey Finds

IoT Toy Security Risk
Keeper Security's finding that consumers don't care as much as they should about IoT security is consistent with other recent studies. On Nov. 14, McAfee released its annual Most Hackable Holiday Gifts list, which reported that 20 percent of consumers would buy an IoT device with known security risks. Consumers often expect the things they buy in stores to be safe, which is not necessarily an incorrect assumption, according to Guccione. He noted, however, that consumers still need education when it comes to IoT security.  "I think [consumers] are just assuming these products are safe," Guccione said. "IoT manufacturers won't begin to take security vulnerabilities and concerns to heart until consumers demand it from them or the government enacts regulations that force them to make them safe."

Disrupt, transform or die. It’s time to enjoy the digital ride

Disrupt, transform or die. It’s time to enjoy the digital ride
Even among those businesses who have modernised their IT infrastructure, there are a whole new set of challenges to overcome, notably a lack of available skills in key areas such as DevOps delivery and agile development. Demand for IT skills is currently outpacing the worldwide growth in this talent pool. That imbalance will change over time as the greater focus on STEM subjects in schools begins to pay off, and younger, more digitally minded employees enter the workforce. In the meantime, a majority of organisations are looking to specialist services providers. According to our report, just over half (51%) of all large organisations will look for help to implement robotic process automation, while even more still will rely upon third parties for the added complexities of intelligent (63%) and cognitive (64%) automation.

CXOs: Get ready for augmented and virtual reality technology

Kai Goerlich, SAP's chief futurist at SAP's Innovation Center Network, believes that the first benefits of AR/VR for companies may well be in the areas of remote inspection and plant and equipment maintenance and in product design and simulation. "A building inspector can walk through a house with a set of AR glasses, see the blueprint of the structure overlays at the top of his AR glasses, and physically inspect the premises for smoke alarms," Goerllch said. "On the spot, he can verify if all smoke alarms are properly placed and installed, and he can note any exceptions." A second use for AR/VR inspection and maintenance involves sites that are inherently dangerous for humans to visit, such as certain areas with nuclear reactor plants or remote geographic areas that mining companies are considering for exploration.

Tips to Protect the DNS from Data Exfiltration

The most insidious path for criminals to mine data is via the Domain Name System (DNS). The DNS protocol is manipulated to act as a "file transfer" protocol and by default is seen as legitimate. Most businesses don't even know that data is being exfiltrated until it is too late. A recent DNS threat report from EfficientIP revealed that 25% of organizations in the US experienced data exfiltration via DNS, and of those, 25% had customer information or intellectual property stolen. The average time to discover a breach was more than 140 days. Considering that hackers can silently drain about 18,000 credit card numbers per minute via DNS, that's a customer database many times over. In addition, businesses aren't installing the required patches on their DNS servers, either (86% applied only half of what is necessary, according to our report), which makes sense in the case of Equifax, where apparently only one employee was responsible for patches.

Mastering change management to drive digital transformation

When faced with the task of altering the entire digital infrastructure of an organization, CIOs should adopt a mission-oriented mindset. Enacting transformational change across an entire organization requires a leader capable of engaging all departments. The ability to see the entire forest without getting hung up on each individual tree is essential to getting the job done. This perspective lends itself to an operational, rather than technological approach. My previous experience made me an unlikely candidate to lead a mid-sized city’s digital transformation efforts, if you still believe that a CIO’s day-to-day responsibilities are tech-saturated. But if “change management officer” is the new “chief information officer,” I may be a better fit. From February 2016 to February 2017, I was deployed with the US Navy; my third deployment overseas.

IoT needs to be secured by the network

IoT needs to be secured by the network
The network, Utter said, is the key battleground for future IoT security, largely because of economics – some endpoints simply aren’t able to be secured sufficiently without an unreasonable investment of money. If shipping crates with highly secure IoT endpoints attached to them cost too much, for example, that throws off a company’s entire business model.  “We need to start framing IoT in a slightly different way,” he said. “Everyone focuses on the endpoint … but I believe the network can actually be an enforcement point for IoT, because some devices will never be appropriate to have high-level security, it’s just not right in the economic model.” Major mobile data carriers, Utter argued, have a substantive part to play in keeping IoT secure. Given that an increasing number of IoT devices use LTE, LoRaWAN and even 3G to connect, the carriers can make a contribution by scrubbing data, blocking malicious devices and other active security measures.

Exploring the future of retail technology

Exploring the future of retail technology
Digital advertising can already target certain people depending on their interests and demographics via social media, but imagine if consumers could be served ads on the go based on their location. Geolocation would allow retailers to send promotions to customers’ smartphones as they pass their brick and mortar locations to offer individual promotions based on products the user had previously viewed online. Abundant internet connections will also allow store owners to quantify the in-store experience more easily. For example, it could allow customers use their smartphone to navigate the store and find items they want, or prompt them offer immediate feedback on their shopping experience. Retailers could then use this data to implement changes to store layout, staff numbers, and the availability of specific products.

Dropbox CIO Sylvie Veilleux on taking IT from 'good to great'

In many technology companies, before they hire a CIO, there's a very solid corporate infrastructure team. That team existed here and served the organization. And there were pockets of teams building applications and providing services; we had people on different teams who did that. So, it's not like there was no IT happening, but they were in different lines of business, so they weren't working as a whole. But now it's about how you take good to great. There were groups -- our product engineering team, the finance team, the HR team -- and we brought them together to see what we had for capabilities then identified the gaps. So, as part of my first few weeks, I did some assessment, looking at capabilities and infrastructure and our weaknesses and thought about how we'd build our team and address the gaps.

Challenges in HoloLens Application Development

In a nutshell, HoloLens can create hologram objects which are made of light and sound. It projects 3D holograms which are intangible and can be placed in the real world. The holographic shellrepresents a 'Mixed-Reality World' which is a combination of real-world objects and the holograms created by the system. HoloLens can create 3D holograms which can be placed alongside with real world objects, and the user can interact with them. Holograms can be attached to horizontal or vertical planes, such as room walls or floors. For example, movies can be played on the wall, internet browsers mounted on the walls, or Skype calls follow you as you walk around the space. Interactive object models can be created using Holograms to demonstrate proofs of concept. HoloLens recognizes the room model with its geo-coordinates which helps us to create location-aware applications.

The dangerous data hack that you won’t even notice

More broadly, data manipulation breeds uncertainty. When a hacker’s goal is to leak stolen information or hold data for ransom, their success depends on their ability to prove the information they hold is real. But with data manipulation, the goal is to call the underlying information into question. And uncertainty is its own weapon. Ten years ago, an announcement by the banking group BNP set the 2007 financial crisis in motion because they said they didn’t know what securities linked to subprime mortgages were worth. In today’s data-driven markets, the consequences of uncertainty for the financial industry might be far greater. Admittedly, data-manipulation hacks are not as easily monetizable as ransomware, nor do they produce as much buzz as the public release of sensitive data. But that doesn’t mean they can’t have serious financial repercussions.

Quote for the day:

"Hardships often prepare ordinary people for an extraordinary destiny." -- C.S. Lewis

Daily Tech Digest - November 20, 2017

Why cloud adoption isn’t slowing datacenter growth

Why cloud adoption isn’t slowing datacenter growth
There are a few factors driving this delay in dumping the corporate datacenter: First, enterprises have no plans to give up their datacenters. Although some companies have very publicly reduced their own datacenters, most of the companies that have datacenters now will have them five years from now. They simply don’t seem to believe their increased use of the cloud means they will eventually decrease their private datacenter usage.  Second, enterprises have tax and business reasons to hang on to their datacenters. I’ve worked with many enterprises that have datacenter leases that continue for another ten years. Moreover, the CFOs often find that owning the hardware and software provides a tax advantages that they are not willing to give up.

Writing for HBR, Andrew Ng concurs: ‘To the majority of companies that have data but lack deep AI knowledge,’ he says, ‘I recommend hiring a chief AI officer or a VP of AI,’ adding that ‘some chief data officers and forward-thinking CIOs are effectively taking on this role.’ This change isn’t by any means certain, and in March this year HBR also ran a piece by Kristian J Hammond, AI research scientist at the MocCormick School of Engineering at Northwestern, entitled, ‘Please don’t hire a Chief Artificial Intelligence Officer.’ ‘In much the same way that the rise of Big Data led to the Data Scientist craze,’ argues Hammond, ‘the argument is that every organization now needs to hire a C-Level officer who will drive the company’s AI strategy.’ But simply having an AI strategy isn’t enough, Hammond argues: instead AI needs to be integrated into the business in the service of business goals, not given its own department.

Women have stronger digital skills, yet men dominate the tech industry

In terms of gender, men continue to dominate the highest-level digital jobs, including those in computer, engineering, and management fields, as well as lower-digital occupations such as transportation, construction, natural resources, and building and grounds occupations. But interestingly, women had slightly higher digital scores than men did (48 to 45), and represent about three-quarters of the workforce in many of the largest mid-level digital positions. This group includes jobs in healthcare, office administration, and education. In terms of race, white employees remain overrepresented in high-level digital occupation groups (such as engineering and management), as well as mid-level ones (including business and finance, the arts, and legal and education professions).

Predictions 2018: AI is tough stuff and many organizations will fail at it

Forrester predicts that 2018 will be the year when a majority of enterprises start dealing with the hard facts: AI and all other new technologies like big data and cloud computing still require hard work. Our 2017 predictions for data and analytics pointed to AI as the spark to the insights revolution. This came true: Survey respondents who told us their firm was investing in AI rose from 40% in 2016 to 51% in 2017. But success isn’t easy — 55% of firms have not yet achieved any tangible business outcomes from AI, and 43% say it’s too soon to tell. The wrinkle? AI is not a plug-and-play proposition. Unless firms plan, deploy, and govern it correctly, new AI tech will provide meager benefits at best or, at worst, result in unexpected and undesired outcomes. If CIOs and chief data officers (CDOs) are serious about becoming insights driven, 2018 is the year they must realize that simplistic lift-and-shift approaches will only scratch the surface of possibilities that new tech offers.

Tips to Protect the DNS from Data Exfiltration

A recent DNS threat report from EfficientIP revealed that 25% of organizations in the US experienced data exfiltration via DNS, and of those, 25% had customer information or intellectual property stolen. The average time to discover a breach was more than 140 days. Considering that hackers can silently drain about 18,000 credit card numbers per minute via DNS, that's a customer database many times over. In addition, businesses aren't installing the required patches on their DNS servers, either (86% applied only half of what is necessary, according to our report), which makes sense in the case of Equifax, where apparently only one employee was responsible for patches. Sinister DNS data exfiltration will continue to occur unless businesses play a stronger offense. It's a challenge for organizations to win the cybersecurity battle without a proactive strategy that addresses DNS.

Data Governance – Not Just For Big Business Anymore
Smaller businesses may be more nimble in attacking their data governance challenges, especially when getting buy-in from key stakeholders, adopting methodologies, and gaining consensus for metadata definitions. Yet data governance does require guidance, resources, and perhaps most importantly, discipline. And, as we have been hearing on our briefings with a number of technology vendors whose products are engineered to support data governance programs, some best practices are emerging that can guide organizations of all sizes in tackling their governance needs by organizing their data policies according to business priorities. Externally-imposed business policies embed data requirements. Data governance practitioners apply an iterative approach to iteratively decompose the inherent data dependencies associated with the business directives, and can employ technical methods to implement data standards and business rules.

Your biggest threat is inside your organisation and probably didn't mean it

"If you have a strong security culture, and not just information security culture, but an overall security culture, there are generally indications of the change of attitudes and things like that, if it's going to be a malicious insider, that you are going to have a chance [to pick it up]," Doyle said. "I guess the threat for the inadvertent one is a lot of cases there may not be any indicators until you find yourself in trouble." It's a view shared across the industry, with Sophos CTO Joe Levy saying an accidental insider is more likely to compromise a company than an outsider. "They are closer to the data, just in terms of the amount of difficulty and the proximity, it's much more likely the latter is going to happen," Levy said. For McAfee CTO Steve Grobman -- who spoke to ZDNet before the company had its own misadventures last week -- the definition of vulnerabilities needs to go beyond software.

Blockchain shows open source’s fatal flaw—and a way forward

Blockchain shows open source's fatal flaw—and a way out
Find a project you like and contribute code, only to discover that “your contribution [is] lost in a sea of hundreds of unanswered issues and pull requests that are piling [up].” From the project maintainer’s perspective, “It’s fun at first and then the notifications start piling up so [you] start responding faster and then that leads to even more notifications,” resulting in “an odd productivity paradox.” But this is a good problem, you insist. More contributions equals more good! Well, yes. But as Eghbal highlights, open source was a bit easier to manage when the total user population (measured imperfectly by SourceForge) was 200,000. Two decades later, it’s more like 20 million, resulting in a heck of a lot of notifications to filter.

How to easily share USB devices using USB Network Gate

External devices (such as USB storage drives) are invaluable tools for your home or small business. With them you can expand your storage capacity and backup files. Because of some of the work I do (such as working with numerous Virtual Machines), I occasionally need to share a USB connected device over my network. In my search to make this possible and easy, I came across a product called USB Network Gate. With this handy app, I can quickly share out a USB device to make it available on another network-attached machine. This makes it incredibly convenient to save files to that external drive, from any machine on my network ... The first thing you must do is download and install the app. USB Network Gate is available for Linux, macOS, Windows, and Android. For my test purposes, I installed the app on Elementary OS and Windows 10.

Customize Your Agile Approach: What Do You Need for Estimation?

If you’ve been using agile approaches for a while, I’m sure you’ve heard of relative estimation with planning poker. Teams get together to estimate the work they will do in this next iteration. Each person has a card with either numbers such as the Fibonacci series, or t-shirt sizes. As the PO explains the story, the team members hold up a card to explain how large they think this story is. Every team member doesn’t have to agree on the relative size. The conversation about the sizing is what’s important. The team members discuss the code, the design, the tests (or lack thereof), and other risks they see. The conversation is critical to the team’s understanding of this story. And, when the team decides that the story is larger than a “1,” the team knows there is uncertainty in the estimate.

Quote for the day:

"Data is a precious thing and will last longer than the systems themselves." -- Tim Berners-Lee

Daily Tech Digest - November 19, 2017

Agriculture has recently been witness to a wealth of novel technologies, but, Martin argues, the most exciting development is precision farming. Precision farming is a process by which data is gathered and managed by multiple technologies such as in-field, in-building, or in-animal sensors and remote (satellite and drone) sensing systems. GPS, meteorological data, and RFID, which can be used with geo-mapping, yield mapping, high precision positioning systems and variable rate application systems, allow the production system to address variations for input requirements on a very fine scale, down from the field and herd scale of the past to a square metre or individual animal. Key to this whole process is connectivity. Data gathering, previously one of the most difficult aspects of farming, according to Martin, can now be automated through connected devices. 

The value of open source software

The value of open source software
Open source is expected to play a large role in the next big wave of evolution in the tech world. The future includes AI, machine learning, and big data analytics, which will not only make our systems smarter, but more valuable than ever. New open specifications make it easy to build upon old material with new functionality as such technologies evolve. This enables the creation of new and innovative operability that meets specific business needs. Open thinking operates at multiple levels within the open source community. It’s a large and passionate society that enables open collaboration and sharing, which results in added value to existing products and creates new ones. Anyone can freely use, change, and share open source software in modified or unmodified form. While companies working in commercial open source add value by turning what may appear as raw material to other enterprises into whole products.

Data Science As A Service' Is Almost Here

Introducing data science requires an understanding beyond the tools and technologies – while insights may increasingly be commoditized and automated through advances in artificial intelligence, its important for people to have an understanding of where the data is coming from and its context. “by making data more accessible, you allow people who could have been great in science to have an opportunity to be great data scientists," said Shin. The challenge, then, is increasing executives' and employees' understanding and capabilities in data science. Hayes pointed to a recent study that estimates that only 17 percent of employees have the ability to use data in their jobs. "Think about that -- hese people don't have the ability to understand or use data intelligently to improve their work performance. That says a lot about the state we're in today."

Deconstructing Data Science: Breaking The Complex Craft Into It’s Simplest Parts

Everyone seems to have a different opinion, and the only common approach appears to be dumping a long list of courses to take and books to read, all the while providing little to no context into how these concepts fit into the bigger picture. This post is my attempt to convert all the buzzwords & fluffy terminology into explicitly-learnable skills. To do this, I’ll be walking through my application of the first two steps to Tim Ferriss’ accelerated learning framework: Deconstruction & Selection. Rather than jump right in to a roadmap of my own learning journey (that’ll be next post), I want to empower you to begin your own.

Artificial Insurance? How Machine Learning is Transforming Underwriting

The distribution chain in the insurance industry is winding and complex. A series of middlemen examine information between the insured and the carrier, leading to a lot of human error and manual work that slows the process, said Breen. However, AI is already starting to fix that problem. Algorithms can reduce the time and number of errors as information is passed from one source to the next. By logging into a portal and uploading a PDF, the amount of data entry and re-entry is reduced and accuracy is increased, Breen said. "People get tired and bored and make mistakes, but algorithms don't," he added. For Pogreb, bridging the gap between the insured and the insurer is as important as reducing error. With better data, both customers and insurers benefit, she said, because insurers can develop better products based on more accurate assessments

Are Businesses Too Confident About Cybersecurity?

Six out of ten of businesses surveyed believe that they’re more safe today than a year ago. Additionally, roughly the same amount of respondents expect their preparedness to only improve next year. While businesses are generally implementing better measures to protect their data, how does this growth keep pace with breaches and attacks taking place? Within the past year, businesses have encountered DDoS and fraud attacks (31%), malicious insider attacks (31%), and ransomware attacks (28%). Between all of these incidents, a total of 71% of businesses responded to the survey by acknowledging that their organization had dealt with some form of cybercrime. This number is a staggering increase from the survey’s prior figure of 29%. For some businesses, confidence in the face of being a target of cybercrime makes sense

How Big Data can Help Community Banks

Community banks cannot always afford to implement analytics tools and infrastructure, plus hire professionals required for a new database. In addition, data security related to private customer information is a sensitive issue for many community banks. Most thrive in local communities where there is a high level of trust between the bank and the customer. Through personal interactions and long-established relationships, community banks tend to have a deeper knowledge of the credit decisions of their customers than large banks do. With the implementation of Big Data, community banks can keep close supervision and detect any real time fraudulent acts. Through predictive analytics, the banks can identify and monitor any discrepancies in customers’ account and even forecast a loan default. The community banks would also be able to detect high-risk accounts which can help them in making more informed decisions.

Cyber and physical security are inseparable

According to the Digital Transformation Agency, GovPass should take no longer than 10 minutes to set up. It also stressed that it will only match the data provided to create GovPass accounts against existing databases, and will not keep the data. A different approach has been taken in the Australian state of New South Wales (NSW). Instead of having one identifying “key” to let someone through dozens of government services, Service NSW has been established to create a single digital “front door” to 970 state government services. Acting general manager Damon Rees said more than 1.5 million people have signed up for the service. For now, the NSW Government is observing the progress of GovPass and is not yet participating in the national GovPass scheme, according to Rees.

How Blockchain Addresses the 5 Principal Issues in E-commerce

The problem of fraud in trading arose the first time humans traded anything of value. In the present day, service providers lose up to 8% of their profits every year due to fraud. Blockchain allows for the use of smart contracts for processing transactions and settlements with buyers, which ensures a much higher level of security. Smart contracts are digital algorithms that contain certain conditions. If the given conditions are met, the contract is executed and the parties that concluded it exchange assets. Smart contracts are stored in a distributed ledger, and they cannot be altered or destroyed. Using this technology makes it possible to return funds if an attempt at fraud is discovered. The use of smart contracts gives access to a mathematically exact and completely transparent method for processing financial flows without human involvement.

Artificial Intelligence – Disillusion or Revolution?

Artificial Intelligence - Disillusion or Revolution?
In all the AI hype and success, it is important that we recognise the constraints of current AI solutions. Narrow AI operates within a constrained and brittle domain and its knowledge is often based on specific training sets. Among its attributes, it lacks the human-like qualities of general intelligence, culture, context, emotion and ethics. Consider this AI solution which was trained to understand the difference between dogs and wolves. Instead of learning the differences between the animals it instead learned that wolf pictures include snow and dogs’ pictures included grass. Also recall Microsoft’s ill-fated experiment with “Tay” the teen robot who learned to became a Hitler loving, feminist hating sex maniac in less than 24 hours. Our global infrastructure is increasingly complex and interconnected. As the adoption of narrow AI increases, its shortcomings present real risks.

Quote for the day:

“Successful and unsuccessful people do not vary greatly in their abilities. They vary in their desires to reach their potential." -- John C Maxwell

Daily Tech Digest - November 17, 2017

(Image: Andrea Danti via Shutterstock)
While accidental threats are more numerous, malicious insiders could cause more damage. "A malicious insider - a guy who gets a job and does industrial espionage or gets disgruntled - those breaches tend to be bigger because they have more access to a lot of data and know exactly where to look to find data to steal," says Heimerl. "That's the problem hackers usually have. They have to find what, and where, that cool data is." How to know if an insider threat is imminent? Many organizations are trying to figure it out. Insider threat detection is the top focus for 64% of companies, followed by deterrence methods (58%), and analysis and post-breach forensics (49%). "Organizations realize deterrence is important, but at the end of the day they have to assume - especially larger organizations - there are active insider threats and insider attacks occurring," Schulze notes.

Google search results poisoned by banking Trojan

The malicious link appears at the top of users’ own Google searches, so when the page launches a Word document, it’s easy to think it can be trusted. The only point at which users can protect themselves is if they suspect that the request to enable macros is illegitimate. Anyone who has been taught about phishing will know that malware is often hidden in macros. Technology does all it can to remind people of this threat, with Word creating a prominent warning whenever it detects a document with macros. Of course, users are led to believe that the macros are safe because the document supposedly came from a trusted source. The giveaway is that legitimate websites rarely automatically download Word documents to your computer and ask you to override security warnings. It sounds simple when you put it like that, but it’s easy to fall victim if you aren’t aware of the threat that macros present.

Top security software, 2017: How cutting-edge products fare against the latest threats

Movie preview test pattern
Threats are constantly evolving and, just like everything else, tend to follow certain trends. Whenever a new type of threat is especially successful or profitable, many others of the same type will inevitably follow. The best defenses need to mirror those trends so users get the most robust protection against the newest wave of threats. Along those lines, Gartner has identified the most important categories in cybersecurity technology for the immediate future. We wanted to dive into the newest cybersecurity products and services from those hot categories that Gartner identified, reviewing some of the most innovative and useful from each group. Our goal is to discover how cutting-edge cybersecurity software fares against the latest threats, hopefully helping you to make good technology purchasing decisions.

Six Tech Trends Impacting Software Security

The challenge for software security— code review, penetration testing, and the like—is that good security analysis of the traditional sort takes time. Do you wait until build time to scan your code for known bugs? How long does such scanning take? What if a new build is released every hour? The bottom line is that if security lags, then security loses. We must “automate all the things!” as the meme goes. And that includes security analysis. CI/CD approaches to quality assurance and testing must include security testing, especially testing based on misuse and abuse cases that can be directly integrated into the constantly running regression test suit. Testing must be fast, observability must be high, and everything must work in the cloud. Are you counting on an API out there to nish your project? How do you test that? Throw in security, and the mountain of challenges gets a lot steeper.

Smart behaviors that can improve your cybersecurity

One smart thing a financial advisor can do is hire an outside firm to send employees test spam, to see what they are opening or clicking when they shouldn't, he said. It helps firms see how to focus their efforts educating employees. Be suspicious of any links or attachments in an email, Moseley said. If the email seems to be from a legit source, call the sender to make sure it's legit before clicking. ... Pick a password that's long. Hackers will have an easier time brute-force cracking an eight-character password than one that has 12 or 15 characters, he said. (That length may mean you think about your password as a phrase rather than a word.) Unique is key, too. Thieves often try login details captured in one breach at other sites, to see where they might gain access if you've reused that combo. Schwab has tracked nearly 1 billion of those so-called credential replay attempts, Moseley said.

Inside the Real-World Fight Against Ransomware

To guard against ransomware, companies are implementing best practices, such as installing the latest software patches, making backup copies of data and educating users on computer safety. “You have to have multiple layers of security,” says Stuart Browy, security engineer at a pharmaceutical benefits company in Morrisville, N.C. “You not only have to stop attacks at the front door, you have to catch them if they make it through.” To that end, many businesses have begun deploying advanced security tools, including endpoint security software that specifically protects against ransomware, along with file integrity monitoring tools that alert IT staff if ransomware begins encrypting files. KQED only recently has begun to layer on security. When Reilly arrived at the nonprofit two years ago, he joined a culture that was driven by end-user mandates rather than a focus on security.

Could Virtual Reality be the Next Big Tool for Retailers?

Walmart-Virtual Reality
The adoption of Virtual Reality within retail has a number of advantages for businesses. Firstly, it offers a way to reach customers who are not able to, or don’t like, visiting shops. By increasing accessibility, retailers also increase the likelihood of sales. Adding VR capabilities to product marketing could also reduce confusion about what the customer is buying. One of the setbacks of ecommerce is that customers can be dissatisfied with their order. The more information given about a product, the less likely buyers are to purchase the wrong thing. In turn, this means less returns. The retailer would also have more credence when handling complaints and demands for refunds. At the same time, businesses need to consider the impact that virtual applications will have on associated services and brands.

Terdot Banking Trojan Spies on Email, Social Media

Terdot uses a chain of droppers, injections, and downloaders to protect the payload. It can bypass restrictions imposed by TLS by generating its own Certificate Authority and creating certificates for every domain visited in a man-in-the-middle attack. By injecting itself into the browser process, it can monitor activity and inject spyware. Targeted regions include the US, Canada, the UK, Germany, and Australia. Frequently hit websites include Canada's PCFinancial, Desjardins, BMO, Royal Bank, Scotiabank, and CIBC. Affected email providers include Microsoft's live.com, Yahoo Mail, and Gmail; social media platforms Facebook, Twitter, Google Plus, and YouTube. Terdot is specifically instructed not to collect data from Russian social media platform VK, which suggests Eastern European actors may be behind it.

10 Cloud Mistakes That Can Sink You Business

10 cloud mistakes that can sink your business
It’s dead simple to provision infrastructure resources in the cloud, and just as easy to lose sight of the inadvertent policy, security and cost problems that can be incurred. Here, governance and planning are essential. "While governance and planning is the goal, it doesn’t need to be tackled in one sweep," says Chris Hansen, cloud infrastructure practice leader at SPR Consulting, a technology consulting firm. "Use small iterations supported with automation," Hansen advises. "That way, you can address the three critical areas of governance — monitoring/management, security and finance — to quickly surface issues and remediate them." A related mistake is not fully understanding who within the organization is responsible for specific cloud-related tasks, such as security, data backups and business continuity.

Why analytics will be the next competitive edge

There is always risk when decisions are made based on intuition, gut feel, flawed and misleading data or politics. In Babson College Professor Tom Davenport’s popular book from ten years ago that arguably put analytics on the map with executives and managers, Competing on Analytics: The New Science of Winning, he made the case that increasingly, the primary source of attaining a competitive advantage will be an organization’s competence in mastering all flavors of analytics. If your management team is analytics-impaired, then your organization is at risk. Substantial benefits are realized from applying a systematic exploration of quantitative relationships among performance management factors. When the primary factors that drive an organization’s success are measured, closely monitored and predicted, that organization is in a much better situation to adjust in advance and mitigate risks.

Quote for the day:

"Everything is funny as long as it is happening to somebody else." -- Will Rogers

Daily Tech Digest - November 16, 2017

Since blockchains are still (relatively) new pieces of technology, we are not exactly sure which decentralized applications will survive long term. The only certainty is that with advancement comes disruption, and we are likely to see fundamental shifts in the way many common markets work. One of the more exciting ways in which blockchain is affecting an industry is in the independent freelancers’ space. Freelancers and independent contractors make up a sizable chunk of the U.S. population: there are currently over 55 million domestic freelancers. Though this group has been growing significantly over the past several years, they are still plagued with annoying transaction costs and plenty of competition. Blockchains, in theory, will open up new doors for freelancers across the globe.

You Let That In? IoT Security Concerns

To this day, malware attacks based on similar technology are a part of daily Internet life. Conservative estimates predict 25 billion Internetconnected sensors by 2020. It’s unlikely that this horde will be protected by strong security. Security experts are spooked about the dangers of IoT and have recommended that the US federal government regulate the field to ensure that standard cybersecurity measures are part of the new devices. However, the current administration looks askance at new regulations, and even if they were to act, it would take some years to stop the current onslaught of an insecure IoT. We will be left to our own devices for cybersecurity protection for the immediate future. Let’s step back and look at the risks and what the educated consumer can do about mitigation.

Why AI Is the ‘New Electricity’

Just as electricity transformed the way industries functioned in the past century, artificial intelligence — the science of programming cognitive abilities into machines — has the power to substantially change society in the next 100 years. AI is being harnessed to enable such things as home robots, robo-taxis and mental health chatbots to make you feel better. A startup is developing robots with AI that brings them closer to human level intelligence. Already, AI has been embedding itself in daily life — such as powering the brains of digital assistants Siri and Alexa. It lets consumers shop and search online more accurately and efficiently, among other tasks that people take for granted. “AI is the new electricity,” said Andrew Ng, co-founder of Coursera and an adjunct Stanford professor who founded the Google Brain Deep Learning Project, in a keynote speech at the AI Frontiers conference that was held this past weekend in Silicon Valley.

How patchable software can secure the IoT

A new generation of patchable gadgets and software, such as Kidgy, is then needed for the IoT to endure. Already, smaller programs have sprung up from the initiative of tech-enthusiast around the country, but a broader approach, ideally one led by government regulators and tech-behemoths working in tandem, is desperately needed. Until the biggest fish in the pond realize that our current pattern of releasing unpatchable programs and hardware is fixed, the IoT will continue to suffer massive data breaches that plague companies and consumers alike. Of course, it shouldn’t come as a surprise to the business-savvy that the current generation of IoT gadgets is defined by their inability to be patched; the producers of these gadgets and software stand to make much more money if they can churn our unsecure products, and would shoulder the brunt of the cost if more stringent regulations were imposed.

Data Visionaries Help Companies Thrive Through Digital Transformation

Data Thrivers are taking steps to increase revenue, improve business outcomes, and transform data into dollars. Many Fortune 100 companies are building out innovation labs, as well as creating new roles for innovation executives and data management officers. Of the organizations who participated in the study, almost half already have a Chief Data Officer.  Data Survivors are losing revenue opportunities, lagging in employing data to enhance customer satisfaction, and being overwhelmed by their data. They use disparate tools to manage data that is in different formats and different locations, which adds extra complexity to managing security, risk, privacy, and compliance. ... Organizations that exhibit Data Thriver behaviors are adopting a diverse set of technologies, including data services for the hybrid cloud.

Blockchain-as-a-service allows enterprises test distributed ledger technology

FinTech - financial technology - blockchain network - distributed ledger wireframe
While heavily hyped, blockchain technology – which gained its initial notoriety from bitcoin cryptocurrency – has the potential to offer a new paradigm for the way information is shared; tech vendors and companies are rushing to figure out how they can use the distributed ledger technology to save time and admin costs. BaaS offerings are particularly attractive because many enterprises can look to their current cloud providers to offer them use of the nascent technology. "As with any new technology, there is a learning curve as enterprise customers put it into production," Fearnley said. "One advantage of partnering with a BaaS provider is users can leverage the lessons learned by the provider to help make their systems more secure." BaaS providers are also acting as consultants on the technology, Fearnley said.

Most Banks Still Not Ready For AI, Robotics: Study

The study reveals digitizing products and services, customer journey and security as top focus areas for innovation and transformation. According to the report, retail banks continue their thrust on innovation in all functional areas, with customer experience and channels (both at 78%) being at the forefront. Other segments that have witnessed higher spends in innovation include products (67%), process improvement (64%) and marketing (57%). The research, in which over 300 bankers globally participated, found that retail banks consider large technology companies, challenger banks, and smaller fintech start-ups as threats to their growth. Similar to 2016, the greatest impact of transformation is expected to be in the areas of payments and mobile wallets. The study however points out that the top three innovation challenges include systems integration, legacy technology, and the time and cost required to move from concept to reality.

Banks are increasingly turning to open source projects. Here’s why.

“We want to get to open source as quickly as possible, to start to unlock tools you can use to test software you’re developing in open source — things that won't save us a dime from a human perspective but will make our software better,” said John Stecher, managing director, group head of open innovation and Rise at Barclays. (Rise is the fintech co-working space Barclays runs in seven cities.) “If we pick up developers on the outside world that start to contribute bug fixes, we then benefit from the economies of scale of doing open source development.” This can be a tough sell inside a firm due to legal and regulatory constraints, he acknowledged. “It's a long process, it takes time, but there is a big payout at the end because you slowly start to get higher-quality software at the end of the day,” Stecher said.

The US Pentagon ready to embrace open source software

US Pentagon Open Source Software
Commenting on the news is Javvad Malik, security advocate at AlienVault: “The arguments for and against the use of open-source software are long-standing. While licence costs are eliminated by using open source software, it doesn’t eliminate the associated costs of support, maintenance, and hardware requirements. In the big scheme of things, the license cost may be insignificant in some instances.” “The second widely-debated aspect is the security. The general consensus is that open source software may be more secure because there are more chances for researchers to discover flaws. However, as we saw with OpenSSH and similar, that is not always the case.” “Ultimately, it comes down to individual companies, its risk appetite, and financial requirements. ...”

The benefits of multi-cloud computing

business cloud services flowchart
Cloud-hosting providers come in all different and shapes and sizes, but rare is the provider that can fit all your requirements to a tee. Characteristics like upload speed, size requirements and more influence what makes the most sense for each of your business units can vary. Rather than bend your business processes to fit a specific provider’s setup and execution, play the field and explore different providers to find the best match for each part of your business to line up its functionality for a perfect fit.  ... When the Rebel Alliance figured out that the Empire’s Death Star had a weakness in that small thermal exhaust port, it was only a matter of time before the whole battles station went up in smoke. Some SPOF events occur through machine errors, others come by hacker attacks. Web architects use redundancy to avoid SPOF incidents but what happens when the system host goes down?

Quote for the day:

Failure is the opportunity to begin again more intelligently. -- Henry Ford