Tech Bytes - Daily Digest: October 19, 2016
Knowledge workers demand intelligent search, Digital today Cognitive tomorrow, Running an open source & upstream-oriented team in agile mode, Can the data center be defended from a data breach, Hack proofing ID & access management and more.
In most businesses, knowledge workers are frustrated by the information search and retrieval experience, whether it is on their company intranet or in critical business applications such as a CRM system. This frustration is made worse when they have to repeat the same searches with mixed results across multiple disconnected data repositories. ... Fortunately there have been incredible advances in machine learning, natural language processing, artificial intelligence and cognitive computing. Modern day search platforms are a lot more powerful, automated, and easy to implement. Cloud big data solutions such as Hewlett Packard Enterprise Haven OnDemand don’t require any investment in servers or platform administrative staff— solutions can simply be built and implemented in hours or days, rather than weeks or months.
Cognitive systems are already transforming everything from the world-changing to the everyday. For example, cognitive oncology is a reality thanks to technology developed in partnership with Memorial Sloan Kettering Cancer Center in New York City that helps oncologists identify personalized, evidence-based treatment options based on massive volumes of data. This breakthrough technology is now helping scale access to knowledge at Bumrungrad International Hospital in Thailand, Manipal Hospitals in India, and more than 20 hospitals in China. Cognitive assistants are at work helping build more intimate, personalized relationships at the Brazilian bank Banco Bradesco, the insurance company GEICO, and the retailer The North Face. Dublin-based Medtronic plc, a global health care solutions company, is creating a cognitive app for people with diabetes to predict a hypoglycemic event hours in advance.
With Forrester projecting that "100% of all large enterprises will adopt [Hadoop and related technologies such as Spark] for big data analytics within the next two years," the chances are pretty high that your enterprise is in the midst of a decision, or has already made it: Which Hadoop vendor do I pick? Though this will change over time, "currently there is no absolute winner in the market," Forrester pointed out, and it's easy to get confused trying to parse differences between the different stacks. The Hadoop vendors themselves, however, give us clues as to who they think is winning, as Ovum analyst Tony Baer highlighted. All you have to do is look at who they position themselves against in their marketing literature.
There's a significant shift underway in terms of where CIOs are opting to invest, according to the report, which was presented at the 2017 Gartner Symposium/IT Expo 2016, Oct. 16-20 in Orlando, Fla. But there's much more to it than simply following the money. Let's start with the digital ecosystem. What's that all about? According to the report, "Gartner defines digital ecosystem as an interdependent group of actors (enterprises, people, things) sharing standardized digital platforms to achieve a mutually beneficial purpose." What does that mean for the bottom line? "A digital ecosystem amplifies the reach of a company. It enables scalable connections between known partners and customers, but also provides a platform for unknown parties to connect with one another," said Andy Rowsell-Jones
The atmosphere you set up with your team will also forge the outcome of your team work. Run your team with trust, peace, and humor (remember, I'm on the team!) and awesome things will happen. Run your team with fear, pressure, and finger-pointing, and nothing good will happen. There's little chance that when a team is built, everyone will be on the same level. We were no exception. We had more and less experienced engineers. But the most experienced engineers took the time needed to invest and mentor the less experienced. That also helped to build trust and communication links between members of the team. In the long run, everyone is getting more efficient; the less experienced engineers are getting better and the more experienced can delegate a lot of stuff to their fellows.
Banks, in other words, will start to look less like isolated fortresses and more like open-border platforms hosting numerous apps and services, like Google’s Android system. While digitization may be the future, it poses a major security migraine. “Every time there is a new app or a new channel opened, that provides criminal opportunities,” says Jamie Saunders, the director of the U.K. National Cyber Crime Unit. “Banks are taking enormous care to design security into their apps, but as the technology evolves, the criminal will evolve, too, and vulnerabilities will open up.” By then, Oerting plans to be drawing strength from his networking push and the next generation of cyberdefenses. He helps select and mentor promising startups in the accelerators that Barclays runs in Tel Aviv, London, and other cities.
Why are the odds of being able to protect a data centre so poor? There are a number of important factors. First of all, the reality is that a motivated attacker will be able to get into any given network. There are far too many ways for an attacker to get in, particularly by way of compromising a user’s computer or account. Getting in is a certainty, and this is a hard notion for security professionals to accept. Gartner and most crime-fighting organisations around the world agree on this point: attackers will get in. Most of the attempts of breaking into a network can be successfully defended—perhaps upwards of 95 or even 99 percent—but that leaves open the possibility that a dedicated attacker will find a way in through the balance. Attackers can have a nearly unlimited number of attempts of breaking in.
With a gap in communication between HR and the IT department, many of these user accounts remain open. While it may not seem like a major problem, these single accounts can begin to add up with hundreds or thousands of dormant accounts within an organization — creating a serious vulnerability. The biggest problem is these past users can still gain entry into the system or a criminal can use these dormant, unsecured accounts to gain the same amount of access as the previous account holder. According to a recent Clearwater Compliance analysis on risk ratings, user control review and user permission review controls are only partially in place or missing about 71 percent of the time — despite urging from the U.S. Department of Health and Human Service Office of Civil rights for organizations to make it a priority.
Digital channels are now ground zero for cyber, brand, and even physical attacks. Cybercriminals use a variety of tactics to weaponize social media, impersonate or embed malware into mobile apps, deface websites, collude in dark channels, and cause financial, reputational, or physical harm. Digital risk monitoring tools combat these methods by deploying a variety of data-gathering and advanced risk analysis techniques. They aggregate data via open-source intelligence (OSINT), technical intelligence (TECHINT), human intelligence (HUMINT), and even covert human intelligence (CHIS). Then they analyze the collected data with data classifiers, machine learning, and risk scoring algorithms to determine the most likely and most threatening risk events in a quick and efficient manner.
Hackers have been taking advantage of the Mirai malware's source code, following its role in launching a massive DDOS (distributed denial-of-service) attack that took down the website of cybersecurity reporter Brian Krebs. Unlike other botnets that rely on PCs, however, Mirai works by infecting internet-connected devices such as cameras and DVRs that come with weak default usernames and passwords. Since Mirai's source code was released, hackers have been developing new variants of the malware, according to Level 3. It has identified four additional command-and-control servers associated with Mirai activity coming online this month. About half of the infected bots Level 3 has observed resided in either the U.S. or Brazil. More than 80 percent of them were DVR devices.
Quote for the day:
"Be honest - Without objectivity and honesty, the project team is set up for failure, even if developing iteratively." -- @JamesSaliba