Daily Tech Digest - December 16, 2017

Will augmented reality make lying obsolete?

eyedetect
The future of lie detection is A.I. A.I. can take various “signals,” such as eye movements, facial gestures, body movements, voice intonations and others, to estimate the truthfulness of a person’s statements. In fact, lie detection is just one of the many uses for emotion or mood detection generally. When A.I. can tell when a person is happy or sad or mad or stressed, it can generally detect changes during conversation and figure out that some of those changes are caused by lie-induced mental activity or stress. Because lie-detection A.I. is currently being developed by numerous companies, universities and governments, it’s inevitable that the capability will become available broadly and inexpensively to businesses and consumers over the next two years. In fact, lie-detection A.I. is already on the market. ... EyeDetect is already in use for hiring and bank fraud, as well as by police departments as an alternative to the polygraph.


Designing human-shaped artificial intelligence

artificial intelligence
Designing for conversational interfaces involves a whole host of new challenges, including personality design. Artificial intelligence with human-like personality makes for more natural interaction, so the approach to personality design must continually be developed to explore how brands translate into AI personalities. ... In addition to building tools, it is important to supplement this with informed conversations about the needs and opportunities which AI brings to practice. The best products, services, systems and spaces are those that are designed to help real people live easier, smarter, enjoyable and more meaningful lives. It is entirely possible to create a human-shaped world where everything is designed to meet real human needs. Getting there requires all contributing innovators to answer complex problems with simple, focused solutions. When designing human-shaped AI, as with any design process, it is easy to over-complicate.



Making Regulation Machine Readable

fintech
Much progress has been made to automate these processes, but offering international services remains a challenge as each country has its own complex regulatory requirements. To offer scalable solutions across multiple markets, regulatory advice as provided by legal and compliance experts today, must also be digitized. I believe an automated solution, a “digital compliance officer”, is the key to enabling digital services such as Robo Advisors. Therefore, by applying machine-learning techniques, we today cluster regulatory requirements country by country and transform them into digital rule-sets. These rule-sets are always up-to-date and verified, allow for a transparent audit trail on past and current rules, and provide our clients with a sophisticated regulatory risk management framework. To ensure consistency, applications such as eBanking, CRM and Robo Advisors communicate via APIs with our solution.


8 Steps for Building an IT Security Career Path Program

Conduct a Needs Assessment

Before a career path can be chartered for current or prospective employees, you first need to know where you currently stand with your cybersecurity workforce.

'Define the type of work you want done, so you can create a career path and path for learning,' says Andrew Smallwood, cyber human capital specialist with Booz Allen Hamilton.

Jason Hite, founder of Daoine Centric and industry co-chair for the National Initiative on Cybersecurity Education (NICE) and a member of the NICE workforce sub-group, agrees. 

He notes that the ISO/IEC 27001 is one resource organizations can use to develop their security posture. It's an international standard that government agencies and companies use to manage the security of their assets.

Image Source: Shahril KHMD via Shutterstock
Cybersecurity professionals are in steep demand, given the projected shortfall of 1.8 million workers by 2022. ...A majority of companies don't provide such a program for their cybersecurity team, according to IT security career experts. But it's a key tool to keep in-house security talent fulfilled and challenged in their jobs, and to help recruit additional talent. "The number one reason people leave their jobs today is their company doesn't take security seriously. What this means is that they don't have a plan, which includes a career path plan too," says Deidre Diamond, founder and CEO of Cyber Security Networks. Career path programs show existing employees the role they currently hold within the organization and potential positions they may later ascend into through promotions or other moves, depending upon their interests, say cybersecurity career experts. It also gives prospective employees a view of their security career opportunities at an organization.


Putting Industrial Cyber Security at the Top of the CEO Agenda

Study reveals low adoption of cyber security capabilities and technology among industrial companies despite the increasing number of global industrial attacks and changing threat landscape. The study was conducted by LNS Research with strategic decision makers from industrial companies on their approach to the Industrial Internet of Things (IIoT) and use of industrial cyber security technologies and practices. Among the findings were: The study suggests that cyber security must be part of a CEO’s agenda to ensure the fast and effective long-term deployment of strategies and technologies. It also recommends three immediate actions. Honeywell’s industrial cyber security technologies and expertise addresses many of the issues identified in the LNS Research study.


How Taking the Time to Verify Your Network Could Save You Millions


More advanced technologies have given rise to modern artificial intelligence and automation tools. One emerging in the business world is related to network verification. It utilizes a series of statistics and data, performance information and predictive analytics to help business goals match reality, or more specifically to guarantee your network can handle incoming loads. It’s not just about handling a known or predicted performance requirement, however. It’s also about the fluctuation of said patterns. Frequent change happens in the world of technology, your network and the resources it needs to operate. ... Verification is often confused with testing. However, they are not synonymous. When you verify, you follow through a series of checks and balances to ensure things are as they seem and you’re prepared for the future. This is not quite the same as testing, is it? Testing checks the performance and capabilities of a system. You already know the capabilities of your network, you understand what resources it needs, and you know how it’s going to be used.


We need to talk about mathematical backdoors in encryption algorithms


Security researchers regularly set out to find implementation problems in cryptographic algorithms, but not enough effort is going towards the search for mathematical backdoors, two cryptography professors have argued. Governments and intelligence agencies strive to control and bypass or circumvent cryptographic protection of data and communications. Backdooring encryption algorithms is considered as the best way to enforce cryptographic control. In defence of cryptography, researchers have set out to validate technology that underpins the secure exchange of information and e-commerce. Eric Filiol, head of research at ESIEA, the operational cryptology and virology lab, argued that only implementation backdoors (at the protocol/implementation/management level) are generally considered. Not enough effort is being put into looking for mathematical backdoors or by-design backdoors, he maintains.


Denmark considers blockchain a new weapon in the fight for human rights

"The use of blockchain and cryptocurrency is merely some of the technologies which can give us new tools in the development cooperation toolbox," Danish Minister for Development Cooperation Ulla Tørnæs said. "It is clear that if we are to succeed in relation to the sustainable development goals we need digital and technological solutions and some of these we do not know of, but we will help find them." A report published by the ministry, alongside think tank Sustainia and blockchain currency platform Coinify, investigates how blockchain technology might solve problems in providing development aid, noting that by using cryptocurrency, money can be transferred faster and safer, and without a middleman or fees. In addition, contracts and other legal papers can be digitalised to combat corruption and ensure a more effective development aid and better protection of the rights of marginalised groups, the report, Hack the Future of Development Aid, explains.


The AI mindset: designing the workforce of the future

7 artificial intelligence
The AI mindset prioritizes imagination and creativity over tasks and execution. If we are going to reinvent half of the jobs that are out there, what we are looking at in the next decade is a talent revolution. Because AI for business is all about reinforcing decision-making and capabilities, supported by data and models, it is still ultimately about humans at the end of the day– human innovation. Organizing teams around a goal begins by looking at how you hire your individual players. It is much easier to teach skills than to teach a mindset. Nurturing talent to dig deep into our human capabilities to become better facilitators, collaborators, presenters, and persuaders–this is where innovation happens. Those who embody the AI mindset will help accelerate how AI serves businesses.


The next wave? Modular component malware against industrial control safety systems

malware cybersecurity skull crossbone
The modules used with the associated malware are specifically designed to disrupt Triconex safety controllers, which are used widely in critical infrastructure. The malware requires the key switch to be in the “PROGRAM” mode in order to deliver its payload. Among others, the reported malware has the capability to scan and map the industrial control system environment to provide reconnaissance and issue commands directly to Tricon safety controllers. A DHS statement mentioned, “This marks the first report of a safety system breach at an industrial plant by hackers, who have in recent years placed increasing attention on hacking into utilities, factories and other types of critical infrastructure. Such attacks could allow hackers to shut down safety systems in advance of attacking an industrial plant, which could prevent plants from identifying and halting destructive attacks on those facilities.”



Quote for the day:


"A good leader leads the people from above them. A great leader leads the people from within them." -- M.D. Arnold