In the Museum of the Future, you can see what it would be like to be going to a doctor to get a new body part to jump higher or move faster. You look at these types of ideas, and the business embraces the same sort of idea. How can I augment my business to actually run smarter and be better? What are things on which I can augment myself to use data better? You can no longer be an island as a company. You need to share ideas and innovation with others. You need to be connected, and when you're connected, you can transform your business, you can do new things, you can take on new capabilities, and you can augment your business.
CISOs will have to redesign this undemanding path toward an approach for making business cases in terms executives can appreciate and directly connect to the organization’s top strategy goals and objectives. Making more effective business cases can help to gain investment dollars and increased control for a budget not always under a CISO’s direct management. Security investment decisions are only as good as the business case process. The first step in this process is to define the security initiative well enough so that decision makers can make informed choices. ... In short, they drive results, and not just promise them, because they’re used to ensure the project and the benefits are delivered.
It’s an exciting time to be in the fintech landscape. People love to talk about fintech as the next big thing, and as time goes on we’ll have more and more examples of fintech companies hitting it big. With this excitement though, there has been some misinformation and fear shared in the community and among observers. It’s understandable; fintech as a sector is new, and in some ways untested, but people understand the possible gains to be made by innovating the financial services industry. Fintech is a force, and we’re only just beginning to feel its effects. What’s needed is a definitive way to separate the fintech fictions from the facts.
“The view has been that IoT is a mashup of complex technologies used only by early adopters,” said Mike Lanman, Verizon senior vice-president of IoT and enterprise products at Verizon. “In the past year, we’ve seen compelling examples of how the IoT is being deployed by a wide-range of enterprises, entrepreneurs, municipalities and developers to address relevant business, consumer and public needs. “Meanwhile, consumers are more willing to try new technologies and apps that introduce a better way of life. The end result will not only give rise to thousands of new use cases over the next two years, but will also create an accelerated pipeline for innovation and a new economy.”
The companies did not disclose which blockchain or ledger systems were used as part of the trial, though only a few firms currently offer support for smart contracts, with Symbiont and Ethereum being perhaps the most notable. According to the statement, the test showed that regulators could view in "real time" a wide range of financial events including trade details, counterparty risk metrics, and exposure to reference entities. “Our experiments with Axoni demonstrate that confidentiality and privacy can be preserved between bilateral parties on an immutable distributed ledger at scale," said Emmanuel Aidoo, who is in charge of the blockchain and distributed ledgers at Credit Suisse, in a statement. Over the course of the months-long project, the group said it built its network using Axoni-hosted software that was installed locally.
Modern cars contain tens of specialized computers that control everything from infotainment functions to steering and brakes. The pressing need to protect these computers from hackers will likely open up a new market for car-related software security products. Karamba Security, a start-up based in Ann Arbor, Michigan, is one of the companies that has stepped up to answer this demand. The company's anti-malware technology, unveiled Thursday, is designed to protect externally accessible electronic control units (ECUs) found in connected cars. These controllers, like those that handle handle telematics, infotainment and on-board diagnostics, can be accessed via Wi-Fi, Bluetooth or even the Internet, so they can serve as entry points for hackers into a car's network.
Veriflow believes its mathematical approach across a network-wide infrastructure, solves the above problems and also results in zero change-induced outage and breaches. Unlike techniques such as penetration testing and traffic analysis, Veriflow performs mathematical analysis of an entire network's state, and does so proactively – before vulnerabilities can be identified and exploited, and without waiting for users to experience outages. If there is a network policy violation, Veriflow will find it and provide a precise identification of the vulnerability and how to fix the flaw. Otherwise, Veriflow can provide mathematical proof that the network is correct, giving enterprises the confidence to change their infrastructure.
Even after providers assess whether they are buying enough coverage and can financially handle additional costs once sublimits are reached, providers must look closely at the definitions contained in the policies. “The real issue in cyber coverage is definitions of certain terms, which could exclude coverage,” Hite says. Coverage goes into effect on the day it was bought, but in instances where a hacker already has infiltrated information systems before a policy was purchased, there is no coverage because policies often don’t work retroactively. Hite advises buying a “retroactive date” policy that covers the organization back at least one year. Organizations with the financial and technical means should have a strong response team in place with everyone knowing what their duties are if an attack comes.
It's perhaps not surprising that the developer population keeps getting younger, at least as measured by experience. For example, while the early open source community largely focused on rewriting legacy, proprietary software as open source (Linux replacing Unix, OpenOffice replacing Microsoft Office, etc.), today's open source community is building the future. ... Developers, focused on their code, can't be bothered to write good documentation which, in turn, hampers adoption. Brian Rinaldi venturedto call the situation a "mess," one that keeps getting worse as more developers jump into code without recognizing that good documentation is an essential feature of the best open source projects (and always has been).
This discipline is security in pursuit of designing, architecting, developing and deploying secure products; this is not your father's "security engineer," the one responsible for setting up firewalls and ensuring the VPN was running. While the latter is still an incredibly important role, this new role is about building secure products, rather than working with security products. It requires deep knowledge of developer languages and practices, infrastructure architecture, usability design, legal liabilities and contractual language, regulatory standards, tooling, threat landscapes and hacker trends, supply chain management, and corporate governance. It begs for a passionate evangelist who can dig into dry and dusty regulatory documents, someone cynical enough to expect to be hacked at any time who can also be an enthusiastic and patient mentor ...
Quote for the day:
"Cyber is the one area where we have pure competitors who have the capabilities that we do." -- Adm. Michael Rogers