Daily Tech Digest - November 21, 2017

Consumers Want IoT Toys Regardless of Security, Survey Finds

IoT Toy Security Risk
Keeper Security's finding that consumers don't care as much as they should about IoT security is consistent with other recent studies. On Nov. 14, McAfee released its annual Most Hackable Holiday Gifts list, which reported that 20 percent of consumers would buy an IoT device with known security risks. Consumers often expect the things they buy in stores to be safe, which is not necessarily an incorrect assumption, according to Guccione. He noted, however, that consumers still need education when it comes to IoT security.  "I think [consumers] are just assuming these products are safe," Guccione said. "IoT manufacturers won't begin to take security vulnerabilities and concerns to heart until consumers demand it from them or the government enacts regulations that force them to make them safe."


Disrupt, transform or die. It’s time to enjoy the digital ride

Disrupt, transform or die. It’s time to enjoy the digital ride
Even among those businesses who have modernised their IT infrastructure, there are a whole new set of challenges to overcome, notably a lack of available skills in key areas such as DevOps delivery and agile development. Demand for IT skills is currently outpacing the worldwide growth in this talent pool. That imbalance will change over time as the greater focus on STEM subjects in schools begins to pay off, and younger, more digitally minded employees enter the workforce. In the meantime, a majority of organisations are looking to specialist services providers. According to our report, just over half (51%) of all large organisations will look for help to implement robotic process automation, while even more still will rely upon third parties for the added complexities of intelligent (63%) and cognitive (64%) automation.


CXOs: Get ready for augmented and virtual reality technology

evgeniyshkolenkoistock-846083114.jpg
Kai Goerlich, SAP's chief futurist at SAP's Innovation Center Network, believes that the first benefits of AR/VR for companies may well be in the areas of remote inspection and plant and equipment maintenance and in product design and simulation. "A building inspector can walk through a house with a set of AR glasses, see the blueprint of the structure overlays at the top of his AR glasses, and physically inspect the premises for smoke alarms," Goerllch said. "On the spot, he can verify if all smoke alarms are properly placed and installed, and he can note any exceptions." A second use for AR/VR inspection and maintenance involves sites that are inherently dangerous for humans to visit, such as certain areas with nuclear reactor plants or remote geographic areas that mining companies are considering for exploration.


Tips to Protect the DNS from Data Exfiltration

The most insidious path for criminals to mine data is via the Domain Name System (DNS). The DNS protocol is manipulated to act as a "file transfer" protocol and by default is seen as legitimate. Most businesses don't even know that data is being exfiltrated until it is too late. A recent DNS threat report from EfficientIP revealed that 25% of organizations in the US experienced data exfiltration via DNS, and of those, 25% had customer information or intellectual property stolen. The average time to discover a breach was more than 140 days. Considering that hackers can silently drain about 18,000 credit card numbers per minute via DNS, that's a customer database many times over. In addition, businesses aren't installing the required patches on their DNS servers, either (86% applied only half of what is necessary, according to our report), which makes sense in the case of Equifax, where apparently only one employee was responsible for patches.


Mastering change management to drive digital transformation


When faced with the task of altering the entire digital infrastructure of an organization, CIOs should adopt a mission-oriented mindset. Enacting transformational change across an entire organization requires a leader capable of engaging all departments. The ability to see the entire forest without getting hung up on each individual tree is essential to getting the job done. This perspective lends itself to an operational, rather than technological approach. My previous experience made me an unlikely candidate to lead a mid-sized city’s digital transformation efforts, if you still believe that a CIO’s day-to-day responsibilities are tech-saturated. But if “change management officer” is the new “chief information officer,” I may be a better fit. From February 2016 to February 2017, I was deployed with the US Navy; my third deployment overseas.


IoT needs to be secured by the network

IoT needs to be secured by the network
The network, Utter said, is the key battleground for future IoT security, largely because of economics – some endpoints simply aren’t able to be secured sufficiently without an unreasonable investment of money. If shipping crates with highly secure IoT endpoints attached to them cost too much, for example, that throws off a company’s entire business model.  “We need to start framing IoT in a slightly different way,” he said. “Everyone focuses on the endpoint … but I believe the network can actually be an enforcement point for IoT, because some devices will never be appropriate to have high-level security, it’s just not right in the economic model.” Major mobile data carriers, Utter argued, have a substantive part to play in keeping IoT secure. Given that an increasing number of IoT devices use LTE, LoRaWAN and even 3G to connect, the carriers can make a contribution by scrubbing data, blocking malicious devices and other active security measures.


Exploring the future of retail technology

Exploring the future of retail technology
Digital advertising can already target certain people depending on their interests and demographics via social media, but imagine if consumers could be served ads on the go based on their location. Geolocation would allow retailers to send promotions to customers’ smartphones as they pass their brick and mortar locations to offer individual promotions based on products the user had previously viewed online. Abundant internet connections will also allow store owners to quantify the in-store experience more easily. For example, it could allow customers use their smartphone to navigate the store and find items they want, or prompt them offer immediate feedback on their shopping experience. Retailers could then use this data to implement changes to store layout, staff numbers, and the availability of specific products.


Dropbox CIO Sylvie Veilleux on taking IT from 'good to great'

In many technology companies, before they hire a CIO, there's a very solid corporate infrastructure team. That team existed here and served the organization. And there were pockets of teams building applications and providing services; we had people on different teams who did that. So, it's not like there was no IT happening, but they were in different lines of business, so they weren't working as a whole. But now it's about how you take good to great. There were groups -- our product engineering team, the finance team, the HR team -- and we brought them together to see what we had for capabilities then identified the gaps. So, as part of my first few weeks, I did some assessment, looking at capabilities and infrastructure and our weaknesses and thought about how we'd build our team and address the gaps.


Challenges in HoloLens Application Development


In a nutshell, HoloLens can create hologram objects which are made of light and sound. It projects 3D holograms which are intangible and can be placed in the real world. The holographic shellrepresents a 'Mixed-Reality World' which is a combination of real-world objects and the holograms created by the system. HoloLens can create 3D holograms which can be placed alongside with real world objects, and the user can interact with them. Holograms can be attached to horizontal or vertical planes, such as room walls or floors. For example, movies can be played on the wall, internet browsers mounted on the walls, or Skype calls follow you as you walk around the space. Interactive object models can be created using Holograms to demonstrate proofs of concept. HoloLens recognizes the room model with its geo-coordinates which helps us to create location-aware applications.


The dangerous data hack that you won’t even notice

More broadly, data manipulation breeds uncertainty. When a hacker’s goal is to leak stolen information or hold data for ransom, their success depends on their ability to prove the information they hold is real. But with data manipulation, the goal is to call the underlying information into question. And uncertainty is its own weapon. Ten years ago, an announcement by the banking group BNP set the 2007 financial crisis in motion because they said they didn’t know what securities linked to subprime mortgages were worth. In today’s data-driven markets, the consequences of uncertainty for the financial industry might be far greater. Admittedly, data-manipulation hacks are not as easily monetizable as ransomware, nor do they produce as much buzz as the public release of sensitive data. But that doesn’t mean they can’t have serious financial repercussions.



Quote for the day:


"Hardships often prepare ordinary people for an extraordinary destiny." -- C.S. Lewis