Daily Tech Digest - March 19, 2019

Time-series monitoring helps ops teams predict long-term trends based on patterns found in historical data. This type of monitoring digs into past metrics to forecast what's likely to occur next in a system. Organizations can use time-series monitoring to predict trends around autoscaling, required capacity and more. The time-series method can also support more accurate troubleshooting due to the expansive range of data collected over time. ... APM tools track the performance of enterprise software. They monitor an application over time, offering data around memory demands, code execution, network bandwidth and disk read/write speeds. Admins can use this data to evaluate how an app's dependencies might affect its performance and to pinpoint the cause of any performance issues ... This category of monitoring measures IT performance, based specifically on the perspective of end users. It might track, for example, the response time of a virtual desktop or other user-facing applications. 

How a small company can make use of data image
Clearly, the effective use of AI and data science can be game-changing, but it is not only small businesses that are struggling to deploy data science. The same report reveals that 51% of UK leaders admit their organisation does not currently have an AI strategy in place. Incorporating data science into an operating model is as big a challenge as it is an opportunity, but what are the issues specific to smaller businesses and are they so very different to larger companies? Data can be tricky to make sense of and, though start-ups or small organisations may not be sitting on the same volume of data as their larger counterparts, the variety and velocity will often be comparable. Precisely because small companies are often competing with larger, better-resourced competitors, it’s often absolutely critical that they can quickly make use of their data. The good news is that smaller organisations are in some ways better able to do this than larger, better-established ones. 

With Pulumi, you can create, deploy, and manage any cloud resource using your favorite language. This includes application- and infrastructure- related resources, often in the same program. One area this gets really fun is serverless. Because we're using general purpose languages, we can create resources, and then wire up event handlers, just like normal event-driven programming. This is the way serverless should be! In this article, we'll see how. There's a broad range of options depending on what you want to do, and how your team likes to operate. We'll be using AWS and TypeScript, but other clouds and languages are available. ... Serverless app models today make you think of the event sources -- the S3 buckets -- and event handlers -- the Lambdas and associated code -- as very different things -- "infrastructure" versus "app code" -- managed with distinct tools and workflows. Pulumi, in contrast, gives you a single CLI, pulumi, to manage everything consistently.

Autism, Cybercrime, and Security's Skill Struggle

Rebecca Ledingham, vice president of cybersecurity at Mastercard, spotted the trend earlier in her career as a cyber agent for the UK's National Crime Agency. "They weren't the kinds of offenders I was used to dealing with in drugs and sex crimes," she said in an interview with Dark Reading. Their social behavior, she said, was different from what she'd seen in other areas of crime. Often, she continued, cybercriminals are first diagnosed as being on the autism spectrum during the criminal justice process. Later in her career, as a cyber agent for INTERPOL's Global Complex for Innovation (IGCI), she realized the issue was broader. Ledingham's work with global agencies revealed outside of cybercrime, no other offense came with a foundational condition. "There's no other organic set of offenders that may be predisposed to cybercrime due to the nuances of their disorder," she said. Autism presents itself at the age of two or three, and more than 17 million people worldwide are diagnosed, said Ledingham in an RSA Conference talk. 

Middle East tech: Nine things the region must do to safeguard its financial future

The outlook for growth in the Middle East, North Africa region is expected to improve slightly in 2019 and 2020, the World Bank reported last June, noting a range of factors including "a favorable global environment, post-conflict reconstruction efforts, and from oil importers' reforms to boost domestic demand and increase foreign investment". Although welcome, these conclusions do not mask the longer-term economic realities that the region needs to address. The fourth industrial revolution driven primarily by AI and automation is going to radically change how we work, rest and play, bringing about major shifts to societies and economies. States such as Saudi Arabia, Qatar, UAE, and Oman have acknowledged this upheaval, with bold policy documents identifying a new vision for their counties. But the transition to these new digital realities will inevitably be haphazard and uncertain.

EU law enforcement agencies prepare for major cyber attacks

The newly adopted EU Law Enforcement Emergency Response Protocol determines the procedures, roles and responsibilities of key players both within the EU and beyond, including secure communication channels and contact points for the exchange of critical information as well as a coordination and de-confliction mechanism. The protocol is designed to complement the existing EU crisis management mechanisms, said Europol, by streamlining transnational activities and facilitating collaboration with the relevant EU and international players, making full use of Europol’s resources. It further facilitates the collaboration with the network and information security community and relevant private sector partners. Only cyber security events of a malicious and suspected criminal nature fall within the scope of this protocol. It will not cover incidents or crises caused by a natural disaster, man-made error or system failure.

3 ways AI is already changing medicine

Take ophthalmology. The top cause of loss of vision in adults worldwide is diabetic retinopathy, a condition that affects about a third of people with diabetes in the US. Patients should be screened for the condition, but that doesn’t always happen, which can delay sometimes diagnosis and treatment — and lead to more vision loss. Researchers at Google developed a deep learning algorithm that can automatically detect the condition with a great deal of accuracy, Topol found. According to one paper, the software had a sensitivity score of 87 to 90 percent and 98 percent specificity for detecting diabetic retinopathy, which they defined as “moderate or worse diabetic retinopathy or referable macular edema by the majority decision of a panel of at least seven US board-certified ophthalmologists.” Doctors at Moorfields Eye Hospital in London took that work a step further. They trained an algorithm that could recommend the correct treatment approach for more than 50 eye diseases with 94 percent accuracy.

Is it time we raised expectations of politicians on cyber security? image
Fortunately, not all MPs today are as dismissive of the cyber security threat as they may have been in the past. Sir David Amess provided an example from his constituency in Southend West, where he described “cybercrime having a devastating impact on individuals and businesses.” Amess spoke of a not-for-profit organisation being bankrupted as the result of a data breach – an all-too-familiar occurrence in recent years. MPs themselves are not immune to suffering data breaches. Onwurah explained how her office was a victim of a cyber-attack, but fortunate that it did no real damage. “As an MP’s office we had a big department supporting us and there was no compromise of constituents’ data,” Onwurah remarked. “If we had been a small business, we wouldn’t have had access to that kind of support, and it could have put us out of action for a lot longer.” This is undeniably true, as data breaches have become extinction events for many businesses.

password spray IMAP attack
Legacy protocols (such as POP and IMAP) make it more difficult for service administrators to implement authentication protections like multi-factor authentication, according to Proofpoint. In turn, the lack of multi-factor authentication means that threat actors launching attacks through IMAP can avoid account lock-out and compromise accounts unnoticed. “Attacks against Office 365 and G Suite cloud accounts using IMAP are difficult to protect against with multi-factor authentication, where service accounts and shared mailboxes are notably vulnerable,” researchers said. IMAP-based password-spraying campaigns appeared in high volumes between September 2018 and February 2019, according to the report, especially those targeting high-value users such as executives and their administrative assistants. “Targeted, intelligent brute-force attacks brought a new approach to traditional password-spraying, employing common variations of the usernames and passwords exposed in large credential dumps to compromise accounts,” researchers said in a posting.

Cybersecurity: Why bosses are confident, and tech workers are scared

At the top of business, there seems to be a lot of self-congratulatory box ticking, while elsewhere in the organisation there is a nagging sense that something very bad is about to happen. Two recent pieces of research reflect the ongoing disconnect. The UK government's annual survey of cyber security at big businesses shows that awareness of cyber risk is growing at the top of business. Nearly three quarters of firms said their board sees the risk of cyber threats to be high or very high, in comparison to all risks that they face. And nearly all FTSE 350 companies now have a cybersecurity strategy, even if only half of them will actually back up those fine words with cold, hard cash. Similarly, nearly all have a cybersecurity incident-response plan, even if only 57 percent actually test them on a regular basis. And yet, a separate survey by security company LogRhythm of 1,500 IT professionals in big businesses, shows that while the board may feel it is in control, the tech workers themselves are deeply worried.

Quote for the day:

"If you're not failing once in a while, it probably means you're not stretching yourself." -- Lewis Pugh

Daily Tech Digest - March 17, 2019

Data Science Is Now Bigger Than 'Big Data'

The most obvious is that search interest in cloud computing at its peak surpassed all of the other terms over the past decade and a half. The second is that search interest in the phrase “artificial intelligence” plunged from the data’s start in January 2004 through mid-2008 and began climbing again in 2014 as the current AI renaissance began. Searches for AI begin to really accelerate in 2017 just as searches for “deep learning” level off. This is worrisome in that it suggests that to the general public these neural advances are increasingly pulling away from their mathematical underpinnings of “deep learning” and back towards the science fiction catch-all of AI. As this transition strengthens it raises concerns that the public sees these creations as more than mere statistical equations codified in software and once again as silicon incarnations of a new form of artificial life. This raises the danger of another AI winter as the public’s soaring imagination begins to collide with the primitive reality of current advances.

How To Survive The Future of Banking

To be prepared for the future of banking requires an ability to embrace the change that is upon us, a willingness to take intelligent risks and the internal commitment to disrupt yourself. The marketplace is no longer moving in incremental steps, but this means that opportunities for growth are everywhere. Unfortunately, since most bankers have a bias against risk, we overestimate the threats related to change and underestimate the rewards that change can bring — we talk ourselves out of moving forward. Most people would look at ‘the next step’ as being permanent, irreversible and not a ‘perfect’ fit. The reality is that uncertainty does not always equate to being risky. Especially if you have made a plan and done the learning process in a manner that minimizes negative consequences. In the end, you will never have complete certainty about the next great opportunity. But that is part of the fun … really. You have an amazing opportunity to invest the time and effort to be prepared for the future … and disrupt yourself.

Four Strategic Frameworks for Digital Transformation

An Adaptable Framework for Digital Transformation by Dion Hinchcliffe
We almost universally know now we must adapt to the digital future, to change and grow. But how best to do it remains the top question. We’ve also learned along the way there are numerous submerged obstacles to digital transformation that won’t be denied and must be overcome before we can really even get started. Sometimes, as they say, we must first go slow to go fast later. Stubborn and long-standing issues related to technology like technical debt or poor master data posture, to name just two, threaten to derail efforts before they even start. Issues related to the nature of people take up the rest, and can sometimes seem intractable. ... Consequently, in my work advising and/or leading digital transformation efforts, I’ve developed and refined four key frameworks built out of years of repeated use and validation in organizations around the world. These reflect many of the central issues that I believe we’ve learned that we must address and then codified them into a plan that most organizations can execute against.

FinTech: Making Genuine Change in Finance

Legacy technology is one of the major setbacks for big financial institutions. In April 2018, TSB found out just how damaging outdated infrastructures can be when they tried to migrate to a new system. The reported cost to the bank was £105.4m and 80,000 customers. However, for Panzarino, legacy technology is only part of the issue. “People talk a lot about legacy tech, but we are still dealing with legacy culture. I worked for a time in the world’s third largest bank, so it was very much steeped in legacy culture. Things moved quite slowly, it was very political, people had their own agendas… It was very difficult to navigate.” An upshot of the legacy mentality is that banks often struggle to forge meaningful partnerships with startups. “There is an opportunity for banks to learn from genuine early stage startups, and for startups to be able to run a pilot or similar, but very rarely does anything come to market. They just don’t have the financial or human resources, and the growth experience to be able to sustain themselves through the process,” says Panzarino.

AI in cybersecurity: a new tool for hackers?

Face of Pepper the AI robot
Before the advent of AI in cyberattacks, the security landscape was already challenging. But the use of AI in targeted criminal attacks has made cybersecurity more treacherous. Not only are attacks more likely to be successful and personalised, but detecting the malicious piece of intelligent code and getting it out of your network is likely to be much more difficult, even with AI security in your corner. Adoption of AI by cybercriminals has led to a new era of threats that IT leaders must consider, such as hackers using AI to learn and adapt to cyberdefence tools, and the development of ways to bypass security algorithms. It won’t be long before a continuous stream of AI-powered malware is in the wild. In the short term, cybercriminals are likely to harness AI to avoid detection and maximise their success rates,” says Fraser Kyne, Europe, Middle East and Africa (EMEA) chief technology officer at Bromium. “For example, hackers are using AI to speed up polymorphic malware, causing it to constantly change its code so it can’t be identified.

21st-century CIO job description puts CIOs in vortex of emerging tech

The shift to a strategic rather than supporting role for IT isn't a new notion. Indeed, it has been a well-recognized trend for years and has been happening ever since the technology team's main job moved beyond keeping the mainframe and computers up and running. What's new is the pace at which this evolution is now happening and the criticality of being able to adapt the IT department and technology leadership to a higher level of strategic involvement. "You have to lead more with the technology than ever before," Le Clair said. Forrester outlined this vision in its recent report, "The Future of IT," stating: "A company's fate and fortune will be determined by its ability to exploit technology to its highest potential." Other research has reached similar conclusions. For example, in its 2018 report "Using Strategic IT for Competitive Advantage," CompTIA said: "The critical difference between today's IT and the IT of 10 or 20 years ago is the degree to which technology is being used to drive the strategic goals of a business."

Blockchain solutions – are they for you?

Building a blockchain solution is about finding the most efficient way to solve a real-world problem, while also building a profitable and legal business. Who cares what Satoshi Nakamoto would think? For most enterprise solutions, private permissioned blockchains are the way to go. They are faster, cheaper and allow for a certain degree of centralized control. Because public blockchains are slow, it only makes sense if transparency and anonymity are at the core of the solution. It’s all about the use-case. Financial service firms, for example, rarely ever work with public blockchains, as they don’t want to share any financial data on a public blockchain. That’s why Ripple is a private network. Another consideration is the consensus mechanism. Proof-of-Work and Proof-of-Stake are the most common, but there are a lot more. Each solution comes with its benefits and disadvantages; thus, choosing the right mechanism will be paramount on the way to success.

Why are fintechs getting a regulatory pass?

While this new and budding industry presents opportunities and innovations, ill-supervised and underregulated industries can present sizable risks for consumers and the financial marketplace as a whole. As new players begin offering alternative banking models, they may prioritize disruption over proper risk management protocols and regulatory know-how, as several high ranking officials at the Federal Reserve have warned. Even St. Louis Fed President James Bullard noted his concern that fintech will be the “source of the next crisis.” Today, some digital financial services serve around 80 million members, while consumer data aggregators can serve more than 21 million customers, according to a report from the Treasury Department. That is a significant number of consumers served and a hefty amount of financial and personal information at risk. These services, in many cases, have proven beneficial, but Washington policymakers must act to protect consumers from devious marketplace actors by ensuring fintechs are subject to the same data security standards

The Evolving Role of the Public Sector CIO Creates New Opportunity

One of the first actions toward evolving as a public sector CIO is stepping back and taking a critical, objective look at the current technology infrastructure and software underlying core business processes. More often than not, this means accepting that certain systems and processes that have served well for years — even decades — may yet run for decades more, just at a higher or lower volume of transactions. Most public sector CIOs don’t have the luxury of scrapping everything and starting fresh in the cloud. However there is likely significant and increasing cost and risk of maintenance on these legacy platforms. It doesn’t necessarily imply a total rip and replace of all operations, but this fresh look is likely to reveal several pieces and processes within the department that could be shored up and made more efficient for the long haul. Fortunately, if the CIO can get past their comfort zone in these systems and processes, as well as the overwhelming pressure to maintain the status quo, there is opportunity. The most immediate savings that are under the control of the public sector CIO can often be found within the existing mainframe environment.

Banking + Fintech Collaboration: More Important Than Ever

The success of Bank+Fintech collaboration rests with those organizations who can understand each other’s strength and weaknesses to improve the customer experience while also reducing operational costs. Potentially more important will be whether these collaborations can deliver the level of personalization, speed, contextuality, and seamless delivery to defend positions against the threat of the more pronounced competition that could come from the likes of Google, Amazon, Facebook and Apple (GAFA) or challenges from Alibaba and Tencent. The good news is that infrastructure-based technology, enabled through the potential of open Application Programming Interfaces (APIs), is transforming the financial services industry. Combined with the ability to process and analyze increasing amounts of consumer data with machine learning, and the automation benefits of robotic process automation (RPA), chatbots, and Distributed Ledger Technology (DLT), there is greater potential for agility, efficiency, and accuracy.

Quote for the day:

"Every great leader can take you back to a defining moment when they decided to lead" - John Paul Warren

Daily Tech Digest - March 16, 2019

Even if blockchains provide data immutability, the amount of transaction throughput that blockchains can support compared to those of transaction platforms currently in production is tiny. The best blockchain deployments that are known today maybe can handle 10,000 transactions per second, according to Parizo. “That is controversial because so few people understand the details and those systems are not truly blockchain,” he added. “You have to dissemble blockchain until it is no longer blockchain to get it to scale.” However, blockchain deployments do not need to compete with such implementations. The technology’s sweet spot is in environments where there are low volumes of highly valuable discrete transactions, according to Peter Lindstrom, vice president of securities strategies at IDC and who moderated the panel. Blockchain’s greatest weakness may be its reliance on public key encryption, which can be a single point of failure. “If the key is lost, so is the data and, potentially, the transaction,” said Parizo. “If the key is compromised, someone else can access the data or the related asset.”

“Software will account for 90 percent of future innovations in the car,” Herbert Diess told VW’s annual press conference. Volkswagen is retooling its strategy in the wake of the so-called dieselgate scandal, which has cost it more than 28 billion euros ($32 billion) in fines and penalties after the uncovering in 2015 of VW’s use of engine management software to mask excess pollution levels. Demand for software functions has risen exponentially as customers increasingly expect advanced driver assistance systems, smartphone connectivity and self-driving functions. “Today our 20,000 developers are 90 percent hardware-oriented. That will change radically by 2030. Software will account for half of our development costs,” Diess said. Compared to a smartphone, a car has ten times as many lines of software code, and a self-driving car will have a thousand times that amount, Diess explained.

“The stakes suddenly just got higher, which is why governments are really worrying about it, but on the positive side, what they really want to build in trust and security early.” To address this, Hannigan said there are three key things to do. First, understand the risks better such as the complex and deep interdependencies in modern supply chains. “Many companies do not really understand the vulnerabilities in their supply chains and the risks they are exposed to as a result.” Second, he said, security needs to be retro-fitted to infrastructure that was not designed with security in mind. “An obvious example is the trusted platform module, where industry worked together to show that it can be done. “And the third thing we need to do is to ensure that everything we build is secure by design and by default, and every government is worrying about this,” said Hannigan. “Building in security and trust when you design something is absolutely critical, and every government is looking at regulation on this.”

After the Cambridge Analytica scandal which found Facebook complicit in allowing the firm to harvest millions of user profiles for political purposes without their consent, politicians around the world are demanding Facebook be regulated. Consumer trust in Facebook was shattered following the scandal. A Ponemon Institute survey found a 66% decline in consumer trust in advance of Zuckerberg’s Senate testimony where it was clear that most senators did not understand what Facebook does. So, following a significant data breach, a titanic loss of consumer trust, calls by numerous politicians for regulation, and a massive service outage, Facebook wants to become a bank issuing its own cryptocurrency. A year is a long time in social media. Banking and financial services are built on consumer trust and Facebook is overdrawn in the trust account. Bankers’, politicians’, policy makers’, and regulators’ spider senses are tingling. Whilst the last decade has been a decennium horribilis for the banking sector, from the Lehman Brothers sub-prime mortgage driven bankruptcy to the Wells Fargo account fraud scandal, consumer trust and confidence in banks has also been eroded.

Tech-proofing the millennial workplace of the future

As worker expectations evolve, so must the abilities of employers, who need to recognise the impact that these demands will have on their workplace. Employers should prepare themselves to meet the needs of tech-savvy workers of the future, who will make up the workforce of tomorrow. Millennials are already dominating the workplace – 160 million currently make up the European workforce – and this figure is only set to increase, with millennials due to account for 75 per cent of the global workforce by 2025. The future generation of workers possess the digital skills that organisations need in order to achieve long-term success. They bring new perspectives and habits to the workplace, and their tech-savvy knowhow is invaluable. Consequently, companies must tailor their office set-ups to their needs and expectations, as the numbers of this age continue to swell the working ranks. Research has shown that 25-to-34-year-olds are the most enthusiastic age segment about tech-enabled working conditions. So, when it comes to recruitment, a tooled-up office could help with hiring these younger workers.

TEMPO And The Art Of Disruption

Boyd’s analysis revealed that the ace pilots had faster OODA loops: they were able to observe, orient, decide, and act more quickly than their peers. By continually shortening their OODA loops, and thus increasing the tempo of the battle, they consistently caught their opponents off-guard. According to Boyd, when the loop is so fast and tight that a competitor’s response rate drops to zero, the opponent with the faster tempo has disrupted the competitor—and the end result is victory. The same concept applies to today’s uncertain business environment. Disruptors—the most agile, responsive, and aggressive companies—put the squeeze on competitors with a similar dynamic loop. But since a solo pilot’s reaction time is unique to the circumstances and is far faster than an organi­zation’s, we have adjusted the loop to better reflect that business reality. Our business version consists of four repeating aspects: scan, orient, decide, and act (SODA). Disruptors continually scan the landscape, orient themselves to new circumstances, decide how to respond, and act quickly.

At these factories, robots are making jobs better for workers

“In one case, the company found that people are actually better than any robot when it comes to installing the interior and engine of the car,” explains Adrian. But BMW also found that some of that work requires more strength than the typical worker might possess. So it devised a “co-roboting” system, where a worker’s ability is augmented by a machine. “The operator on the left side of the car guides the installation,” Adrian explains, “while also controlling a robot positioned on the right side, which can apply tremendous torque to complete the fit wherever needed. So strength is no longer a barrier to entry for this role,” Adrian explains. “It’s open to anyone with the right skills.” Diego Hernandez-Diaz, who’s also an engagement manager, visited five factories through the project. “I was really impressed by the lengths to which one electronics manufacturer went to help its people learn new skills,” he says. “It built out a fully-spec’d, virtual version of its factory.

10 Deadly Mistakes to Avoid When Learning Java

To code or not to code? It seems that you’ve made your choice in favor of the first option. Programming is a great field for professional growth. It gives you an opportunity to take part in interesting projects and work wherever you want. The only obstacle that restrains many beginners from starting a new career is the lack of understanding of how exactly they should learn to code. What’s more important is that even the best universities can’t fully provide a complete programming education that will guarantee a stark career as a software developer. This is because programming is too dynamic and flexible: once you start learning, you better do it for the rest of your life. Some programmers say that they had to try learning how to code a few times before finally reaching their goal. Yes, we all learn by mistakes, but you’ll be surprised how many common lapses there are in mastering this skill.

How digital payment solutions will shape the future of banking

While technological advancements have been revolutionising the banking space in terms of biometric security through unique identifiers like fingerprints, facial recognition, and voice recognition, the advent of ‘big data’ is one of the most crucial interventions for the banking industry. Through effective storage, analysis, and interpretation of vast and complex sets of data, previously untapped patterns and trends can be uncovered for new client insights. This may result in significant commercial benefits while assuring privacy. Further, data management has the potential to make payments, finance, assurance, engagement, and banking more effective and tailor-made for each client, helping industry partners to optimise their internal processes and add value through a data-based business understanding. By extending these augmented data management competencies directly to clients, banks can make use of insights such as consumer-spending habits as a means of promoting cost saving by identifying frauds or errors, proving to be a source of competitive advantage.

Shadow IT a Risk to Operational Resilience of Financial Institutions

While providing enormous business flexibility, Shadow IT applications can pose a significant operational, regulatory or reputational risk to the business. For example, an uncontrolled spreadsheet might provide calculations that feed into multiple models. ... Worse, there would likely be no visibility of this change, so identifying and remediating it would take time, extending the scale of business and market impact that the Operational Resilience initiative is designed to address. While as yet, the UK regulators haven’t defined or scheduled any regulation relating to Operational Resilience, there’s no doubt that it’s on the horizon. Informal discussions with the regulators allude to this. Financial institutions need to build a framework for Shadow IT risk management. This will enable them to understand their Shadow IT landscape and the critical business services and processes these applications support, define the risk they pose to the institution’s operations, determine the potential financial, operational, regulatory and reputational impact of errors and establish governance processes for change.

Quote for the day:

"Leadership Principle: As hunger increases, excuses decrease." - Orrin Woodward