Daily Tech Digest - February 28, 2017

FinTech unleashed: Why banks and FinTech have a love-hate relationship

Banks, asset managers, wealth advisors and insurance companies once competed only in their silos. While they still do today, they also face competition from non-traditional market players with new skills, funding sources, and approaches. In the prolonged low-interest rate environment, many have been driven to use cost containment as the key to success in a more complex regulatory environment. Others are scrambling for top line growth (both organically and through acquisition) in a search for new revenue opportunities. Getting back to technology, the nature of the FinTech narrative over the past few years has been evolving. As well, the pace of technology change continues to accelerate. Rapidly evolving advances in artificial intelligence across chatbots, robo-advisors, claims, underwriting, IoT and soon blockchain, add another layer of potential to further shake-up the traditional business model.


Ransomware Getting More Targeted, Expensive

“Actors engaging in this targeting strategy are also charging ransoms based on the number of host (or servers) infected,” the FBI warned. “Additionally, recent victims who have been infected with these types of ransomware variants have not been provided the decryption keys for all their files after paying the ransom, and some have been extorted for even more money after payment.” According to the FBI, this recent technique of targeting host servers and systems “could translate into victims paying more to get their decryption keys, a prolonged recovery time, and the possibility that victims will not obtain full decryption of their files.” ... “People behind these scams seem to be setting different rates for different countries,” Abrams said. “Victims in the U.S. generally pay more than people in, say, Spain.


Digitization inches towards the mainstream

Most CIOs joke that their transformations are never truly complete as they embrace emerging technologies, including internet of things, artificial intelligence and blockchain, but some sectors are further along than others. Media and entertainment (62 percent), along with retail (55 percent) and high-tech (54 percent) tend to be ahead in their digitization efforts compared to sectors such as consumer packaged goods (31 percent), automotive (32 percent) and financial services (39 percent). Industries hovering in the digital media include healthcare (51 percent), telecom (44 percent) and professional services (42 percent). McKinsey also found that digitization levels vary by business operations. For example, 49 percent of survey respondents say customer-focused areas such as marketing and distribution are primary focuses of their digital strategies.


Stanford experts urge healthcare professionals to harness power of people’s mindsets

“It should be about designing a formal curriculum for medical school that weaves all of this throughout the training,” Leibowitz said. “So it’s not just mentioned in one or two classes or taught for one semester and then forgotten about.” The experts also called for a reform of standard randomized trials in the healthcare system. When examining the effects of a new drug, researchers should include natural conditions, which don’t use placebos, alongside conditions that include altered social context and mindset. This, Crum said, will help researchers understand how beliefs, labels and context can help magnify or reduce the effects of the drug and treatment. These reforms, however, would require additional rigorous research that builds more scientific evidence for the importance of the effects of social context and mindsets, they said.


IT orgs enlist startups to address container security concerns

Startups have begun to make a name for themselves with IT organizations, as their products address container security concerns. Network-based attacks and exploits on IT infrastructure aren't new, but container technology, popularized by Docker, demands a new way to address time-honored problems. For example, containers spin up and disappear far faster and more often than VMs, so container security policies must follow an ever-changing infrastructure. Containers also tend to rely on overlay networks, which can be difficult to visualize with traditional network monitoring tools. ... It's not uncommon for startups to pop up around new technologies, according to analysts, but there are pros and cons to trusting a startup's product as part of an IT infrastructure. A big pro for many large IT organizations is that they can play a part in shaping the roadmap of an early-stage vendor, and possibly an entire market space.


Artificial Intelligence: Removing The Human From Fintech

If and when AI becomes more prevalent in the fintech industry, the same will happen. This is the thing with technology, as sometimes it can seem as if the new system has taken again, years or decades in fact, to create, but for customers to adopt and more importantly, trust, the technology, it could take even longer. Alongside this, with films like Ex Machina coming out and showing society what could potentially happen, as Pesenti alluded to, the negativity surrounding AI could result in the service taking even longer to be adopted. On the other hand, the millennial generation seem to welcome and encourage new technology - cellphone apps are a perfect example of how quickly new systems can enter the marketplace, so it could be said that this is the area in which AI could potentially blossom.


Google Shifts On Email Encryption Tool Leaving Its Fate Unclear

The tool is designed to work as an extension to Google's Chrome browser that uses the OpenPGP standard to encrypt emails, ensuring that only the recipient can read them -- and not the email provider or a government. The main goal of Google's project was to make OpenPGP easier to use. It was announced amid growing scrutiny over U.S. surveillance efforts following disclosures from noted leaker Edward Snowden. However, the search giant hasn't made the extension officially available on its Chrome Web Store. Instead, the project's source code has only been made available on GitHub, a software collaboration site, making the extension harder to install, especially for non-technical users.


20 Cybersecurity Startups To Watch In 2017

In spite of a slowdown in the overall funding activity from venture capital firms in 2016, the cybersecurity market continued to raise money at full steam. Last year saw the market break records in terms of funding deals, with Q3 tallying up to be the most active quarter for deals in cybersecurity in the last five years, according to CBInsights. That influx of money is driving innovation in a number of areas. Particularly notable market segments targeted by these firms include security for data centers and public cloud infrastructure, security orchestration and incident response tools, and third-party risk assessment tools. The following 20 firms are primarily early- to middle-stage startups, with a few more mature start-ups that have courted growth equity to change course or expand into a particularly hot new market segment. We believe these firms are worth watching due to several factors.


Are You Over-Confident on Cyber Security Risks?

"Consumers vastly underestimate cybersecurity threats and don't know how to identify, respond or protect themselves from future attacks," said David Blumberg, founder and managing partner of Blumberg Capital. "Naiveté and arrogance are a really dangerous combination. The cybersecurity landscape is complex and ever-evolving. Bad actors are constantly finding new ways to bypass security measures to infiltrate confidential systems and steal information or sabotage infrastructure. Even experts can miscalculate how to mitigate risks and existing security solutions are no longer enough, especially in areas such as IoT or cloud security. At Blumberg Capital, we support companies at the forefront of innovation in cybersecurity. We partner with innovative startups creating new ways to minimize cybersecurity threats and protect personal, business and government information."


A Tale Of Two User Experiences

Although the products and software are of undoubted quality, what’s remarkable is the fit and finish of the process the user goes through. The selection cycle and the actual purchase steps are streamlined, taking into account how busy I am.  Then there’s the initial product experience, which is the box. Apple’s process dictates that I feel it and appreciate it before I open it. Really. But the fact that they want me to go through this tactile experience is an indication of how seriously they take the first impressions of their product, and the implied quality of every part of the product experience. In subsequent steps, they want me to touch the product and use the UI in low-risk interactions that provide the most non-threatening training experience. Even though migrating the old phone’s data and configuration had built-in complexity and potential for blind alleys, it didn’t feel like it.



Quote for the day:


"Encourage the small steps in order to see the big steps achieved." -- Gordon Tredgold


Daily Tech Digest - February 27, 2017

Android Struggling In Tablets As Windows 10 2-in-1's Come On Strong

Where Android has faltered, Windows is now taking over. Many people are replacing tablets with multipurpose Windows 2-in-1 PCs. Phablets are also taking over for tablets, especially in Asian countries. Many device makers are cutting Android tablet offerings. Dell has dropped Android tablets, while other PC makers like HP, Acer and Asus have fewer Android offerings than previous years. The PC makers are instead pushing out higher-priced Windows 10 2-in-1s. Over the last five years, analyst firms made bold predictions that tablets would overtake PC shipments, but that hasn't happened. In 2014, Gartner predicted that tablet shipments would overtake PC shipments in 2015.


What Exactly The Heck Are Prescriptive Analytics?

Prescriptive analytics is about using data and analytics to improve decisions and therefore the effectiveness of actions. Isn’t that what all analytics should be about? A hearty “yes” to that because, if analytics does not lead to more informed decisions and more effective actions, then why do it at all? Many wrongly and incompletely define prescriptive analytics as the what comes after predictive analytics. Our research indicates that prescriptive analytics is not a specific type of analytics, but rather an umbrella term for many types of analytics that can improve decisions. Think of the term “prescriptive” as the goal of all these analytics — to make more effective decisions — rather than a specific analytical technique.


BIS Report: DLT 'Promising' But 'A Long Way Off'

Though the report seeks to cast a wide net in its exploration of the tech, its most notable aspects relate to the as-yet unanswered questions around blockchain's use for market infrastructure. Those behind the report appear to be in two minds on if current distributed ledger designs may ultimately help any transparency boosts the tech could bring. The BIS talks about the trade-offs inherent in limiting the number of participants in a ledger, while also suggesting that a more open and resilient financial system may provide benefits. "One possible benefit of DLT in an interconnected system is that data shared across key entities may lead to greater market transparency and more effective risk management across systems," the report reads.


How IoT is Changing the World: Cases from Visa, Airbus, Bosch & SNCF

The Internet of Things (IoT) is changing our world. This may seem like a bold statement, but consider the impact this revolutionary technology has already had on communications, education, manufacturing, science, business, and many other fields of life. Clearly, the IoT is moving really fast from concept to reality and transforming how industries operate and create value.  As the IoT creeps towards mass adoption, IT giants experiment and innovate with the technology to explore new opportunities and create new revenue streams. I was invited to Genius of Things Summit as a Futurist by Watson IoT and WIRED Insider and attended the long-awaited grand opening of IBM’s headquarters for Watson Internet of Things in Munich. The two-day event provided me an insight into what IBM’s doing to constantly push the boundaries of what’s possible with the IoT.


IT project success rates finally improving

"Digital convergence is collapsing the gap between business and IT. For so many years, we talked about how to better align IT with strategic business goals, and now it's just a fact of life. That forces IT -- and companies' PMO [project management office] -- to emphasize planning and prioritization, which helps them succeed with the projects that are truly important," Tickle says. "It's a bit anecdotal, but the buzz around planning and prioritization has increased just in the last couple years, and I see that when I talk to clients and customers -- both those who are using our products and those that are using other suites; another thing I'm seeing is that organizations are slashing the number of projects they're taking on, to focus more intently on those that will have the greatest impact and ROI," Tickle says.


Watch List 2017, Special Report N°3 | 24 February 2017

Whether unprecedented or not, the challenges currently facing our global security are immense and cause for considerable alarm. It is difficult to think of a time in recent history when there has been such a confluence of destabilising factors – local, regional and global – hindering collective capacity to better manage violence. These overlapping risks, unchecked, could coalesce into a major crisis – indeed we are currently experiencing a spike in global conflict violence – without the safety net of solid structures to deal with it. When Crisis Group was founded, its premise was that bringing field-based expert analysis to the attention of (principally) Western policymakers could effect positive change in both preventing and ending situations of deadly conflict. Much of that premise still holds, but for us, as for others, it is no longer sufficient: the West can no longer be viewed either as homogenous or an oasis of tranquility.


Microsoft Adds Network Performance Monitor to Management Suite

As a standalone solution, it supports several use cases, including monitoring the health of the network connections between on-premises networks and public clouds like Amazon Web Services (AWS), and of course, Microsoft's own Azure cloud computing platform. It can also be used by businesses to monitor the links between multiple data centers and offices, whether they're connected via public or private networks. Prior to its official launch this week, early testers have been putting Network Performance Monitor through its paces since July 2016 as part of a public preview release. According to Microsoft, their feedback has helped the company ship Network Performance Monitor with several new features and enhancements that help IT professionals find and fix issues faster.


Don't let continuous software delivery automate the publishing of bugs

Changing the pace of iteration does not mean that you can suddenly code faster. A better word might be sooner. Let's do a new version sooner, see what works, see what doesn't and then iterate from there. ... DevOps is on a good path. The original DevOps and Agile people should be proud. It reminds me of the 1990s with open source. These were idealists who did not understand the concept of corporate production. With Linux, and even Microsoft today, it is a victory for open source. The same thing is taking place with development methodologies. We used to have long release cycle -- often years. The Agile guys in early 2000s didn't understand what critical software meant to operating critical apps in production. Today, if you're not doing Agile and DevOps, you're late. Every company has been good at producing business value from software.


Pass on the JSON, and choose binary encoding formats instead

Text-based encodings are typically 10x slower than the less efficient binary codecs such as GBP. There are binary encodings that are 10x to 100x more efficient such as FlatBuffers, Cap'n Proto and SBE (Simple Binary Encoding). ... This increase in efficiency results in direct reductions in latency, increases in throughput, and efficiency gains. We can also see bandwidth reduction due to more compact encodings. One of the biggest wins can be on mobile devices where the battery usage is significantly reduced. If you profile the typical business application you will likely be shocked how much CPU time and memory is dedicated to protocols and codecs relative to the business logic. It seems our applications are mostly doing protocol handling and encoding and as a side effect do a little business logic.


Processing Streaming Human Trajectories with WSO2 CEP

Extracting useful information from an uncertain data stream is a significant issue in data stream processing with a wide variety of applications. In this article we will demonstrate one such application which involves the synthesis of useful information from an uncertain data stream in the domain of transportation and logistics. It is essential to filter the sensor data collected from sensor networks since most of such data are inaccurate due to multiple issues such as sensor malfunctions, environmental noise, etc. Specifically we describe the use of Kalman filters on WSO2 CEP (complex event processing) for smoothing human trajectory information gathered from an iBeacon sensor network. We demonstrate the effectiveness of our solution by comparing an example raw human trajectory against the Kalman filtered results.



Quote for the day:


“Whatever you do in life, surround yourself with smart people who’ll argue with you.” -- John Wooden


Daily Tech Digest - February 26, 2017

Post-Quantum Crypto: Don't Do Anything

So far, however, the sky is not falling. "I wouldn't lose too much sleep over quantum computers," said Boneh's co-panelist, Israeli cryptographer Adi Shamir - the "S" in the RSA asymmetric cryptographic algorithm. "Quantum computers are not at the top of my list of worries," added Shamir, who's also the Borman Professor of Computer Science at Israel's Weizmann Institute. "I think there is a higher chance that RSA could be broken by a mathematical attack." Shamir also expects there to be plenty of warning if powerful quantum computers become a reality. "The big question everyone should be trying to answer is when we should start worrying," he said. "Is it something that's likely to happen in only one location, deep in a basement in Maryland?" he asked, in reference to the National Security Agency, which is known to be conducting related research.


Data Integrity in the Era of Fake News

An analysis of integrity - a core foundation of cybersecurity - in the era of fake news leads the latest edition of the ISMG Security Report. In this Security Report, you'll hear: DataBreachToday Editor Mathew Schwartz analyze comments by leading IT security experts on the threats posed to information integrity; Excerpts from HealthcareInfoSecurity Editor Marianne Kolbasuk McGee's interview, from the HIMSS17 health IT conference in Orlando with Medical Device Innovation, Safety and Security Consortium's Dale Nordenberg on a new initiative to help ensure the security of medical devices; and ISMG Security and Technology Editor Jeremy Kirk report on new cybersecurity regulations in New York state governing financial institutions.


RPA Proving Its Transformational Value At Deutsche Bank

“By teaching a machine that set of tasks—having that knowledge encoded through robotics and cognitive computing—that knowledge is available to humans to augment their skills and accelerate the onboarding process,” Mazboudi says. The automated system can guide employees through their day-to-day work. “We really look at it as augmenting our workforce by making this encoded intelligence available to them,” says Mazboudi. “I don’t think robots will ever replace humans. But robots will make humans more efficient and smarter.” They could make employees happier as well. Automating more of the monotonous tasks can increase employee satisfaction, Mazboudi says. But RPA is not a quick fix. It oftentimes requires rethinking existing business processes. “Very seldom can we take a process as it exists today and just automate it,” Mazboudi says.


Cyber Espionage Seen Expanding to Grasp Trump Policy Changes

Nations regularly spy on one another but with President Donald Trump espousing unconventional approaches to foreign policy, there is an heightened urgency to know what shifts may occur, according to John Hultquist, FireEye’s manager of cyber espionage analysis. “We can anticipate worldwide a surge in cyber espionage because of the changing administration, because of America’s rapidly changing foreign policy, military policy, diplomatic policy," Hultquist said in an interview in San Francisco. “We have created a lot of uncertainty that foreign countries or foreign adversaries are going to try to unravel with these tools.” Organizations under threat include the State Department, political parties and research institutes that provide insights on how the U.S. posture is developing, Hultquist said.


Connecting the Big Data Dots to Optimize Health and Manage Disease

As we enter 2017, we will begin to move from a "Quantified Self" era, where the data has generally remained siloed on the devices and apps of the individual and not integrated into clinical care, to the emergence of "Quantified Health,” where the data from common consumers' wearables, scales, BP cuffs, glucometers and even home lab data, will flow through consumer's smartphones (via Apple's HealthKit and more recently via Google Fit and Samsung's S-Health) and integrate into electronic medical records (EMRs) of the clinician. This will bring feedback loops which can communicate back to individual patients, engaging and empowering patients along the way.As of early 2016, with a single iPhone authorization, my HealthKit data could flow into my Stanford Hospital electronic medical record and MyStanford app to be tracked and visualized.


Storage-class memory supporters may heed lessons learned from the 1970s

Unfortunately, the available memory options at that time were not as advanced as today. The System/38 wound up using IBM's then-standard semiconductor memory, and it's best known in historical circles as one of the early systems to rely on object storage rather than straightforward files and blocks. This is a lesson for the modern IBM and other industry titans, such as Hewlett-Packard, Intel, and Microsoft, as they and others all try to figure out storage-class memory. "Essentially the applications were brand new and people rewrote them for that," Soltis said. It will happen again in the 2020s, he predicted. This was not insurmountable in the 1980s because of the limited number of applications and because many of the System/38's customers were new users in general, without much of a legacy systems burden.


Four ways banks are turning the tables on cybercriminals

They “can’t afford any more hacks to occur or for adversaries to spend months undetected in corporate networks, databases and applications … only to find out after a breach occurred and after data has been exposed or transactions have been meddled with or Social Security numbers have been stolen,” Schulze said. Still, banks cannot go on the attack — their own lawyers, regulators and law enforcement won’t allow it. In the U.S. and most other countries, it would be illegal to hack back at a cyberattacker. Witty compares this situation to being a Samurai warrior who may not fight. “You have beautiful armor and a beautiful helmet but you don’t have a sword, and if you do have a sword you can never use it,” he said. “You can only block, parry, duck, jump or run.” That said, banks are finding ways to block and parry more assertively. Here are four of them:


SHA-1 Has Fallen

The writing has been on the wall for SHA-1 for some time. In 2005, cryptographer Bruce Schneier, responding to the first-ever theoretical collision attack that was demonstrated against SHA-1 by three Chinese researchers, showing how SHA-1 might one day be cracked, said that "we need to get to work replacing SHA." There are two risks. "One-way hash functions are supposed to have two properties," Schneier wrote at the time. "One, they're one-way. This means that it is easy to take a message and compute the hash value, but it's impossible to take a hash value and recreate the original message. (By 'impossible' I mean 'can't be done in any reasonable amount of time.') Two, they're collision-free. This means that it is impossible to find two messages that hash to the same hash value."


Manage Today's IT Complexities with an Enterprise Architecture Practice

One solution is an enterprise architecture (EA). It's a relatively new practice in higher education IT, but one that continues to gain importance.3 An EA provides an overarching strategic and design perspective on IT activities, clarifying how systems, services, and data flows work together in support of business processes and institutional mission. It helps to integrate new technologies and services, and their data streams seamlessly into an institution's IT environment. But EA also serves as an important institutional planning tool, as a means for getting the right people involved in solving the right problem. "Quite often we start off by saying we need to buy a CRM for the campus rather than thinking about the problem we are trying to solve and who should be involved in the conversation," explained Jim Phelps


Eight essential enterprise architecture artifacts

Even though both TRMs and guidelines describe some implementation-level technical rules relevant to IT projects, they are complementary to each other because TRMs provide lists of technologies to be used, while guidelines define more narrow prescriptions regarding their usage. .... Business capability models (BCMs) (sometimes also called business capability maps) provide structured views (‘maps’) of all organisational business capabilities on a single page, sometimes together with other supporting information like business strategy, objectives, main customers, partners, etc. BCMs are typically developed collaboratively by architects and senior business leaders and then ‘heatmapped’ to identify best investment opportunities, prioritise future IT spending and ensure the alignment between IT investments and desirable business outcomes. BCMs are often considered as ‘entry points’ into IT for business executives.



Quote for the day:


"The size of your success is measured by the strength of your desire; the size of your dream; and how you handle disappointment along the way" -- @InspowerBooks


Daily Tech Digest - February 25, 2017

EFF: Half of web traffic is now encrypted

Google played a significant role, having put pressure on websites to adopt HTTPS by beginning to use HTTPS as a signal in its search ranking algorithms. This year, it also ramped up the push towards HTTPS by marking websites that use HTTP connections for transmitting passwords and credit data as insecure. HTTPS, which encrypts data in transit and helps prevent a site from being modified by a malicious user on the network, has gained increased attention in recent years as users have woken up to how much of their web usage is tracked, and even spied on by their own government. Large-scale hacks have also generally made people more security-minded as well. A number of larger players on the web also switched on HTTPS in 2016, like WordPress.com which added support for HTTPS for all its custom domains, meaning the security and performance of the encryption technology became available every blog and website it hosted.


AI and Robotics Trends: Experts Predict

Many people fear losing their jobs to robots, but more than likely you will have a robot for a co-worker. Then again, if you've been in the workforce long enough, you've probably already had a robot for a co-worker, just in human form. "In 2017, we are seeing a growing emergence of robots designed to operate alongside people in everyday human environments. Autonomous service robots that assist workers in warehouses, deliver supplies in hospitals, and maintain inventory of items in grocery stores are emerging onto the market," said Sonia Chernova, assistant professor at Georgia Tech College of Computing. These systems need humans because one thing robotics researchers are still struggling with is robotic arms. There's no substitute for the human arm to pick things up and manipulate objects.


IT unbounded: The business potential of IT transformation

Creating an unbounded IT organization will require that CIOs think beyond their own experiences and domain expertise and begin viewing IT through a different operational and strategic lens. For example, they can take a look at the efficiency and effectiveness of current budgeting, portfolio planning, and vendor selection processes and try to identify procedural, administrative, and other constraints that can be eliminated. ... Likewise, they can help streamline their development processes by coming up with fresh approaches to testing, releasing, and monitoring newly deployed solutions. Important to development, IT organizations can work to replace bloated, inefficient skillset silos with nimble, multiskill teams that work in tandem with the business to drive rapid development of products from ideation all the way through to deployment.


Machine Learning-driven Firewall

A few days ago, I happened to come across a website called ZENEDGE which is offering AI driven web application firewall. I liked the concept and thought of making something similar and sharing it with the community. So, lets make one. The first thing to do was to find labelled data but the data I could find was quite old (2010). There is a website called SecRepo that has a lot of security related datasets. One of them was of http logs containing millions of queries. That was the dataset I wanted but it was not labelled. I used some heuristics and my previous knowledge of security to label the data set by writing a few scripts. After pruning the data, I wanted to collect some more malicious queries. Therefore, I went on for payloads and found some famous GitHub repositories containing Xss, SQL and other attack payloads and used all of them in my malicious queries dataset.


Bleeding clouds: Cloudflare server errors blamed for leaked customer data

According to Cloudflare, the problem could have started five months ago, on September 22, 2016. "The greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests)," a blog post by Cloudflare's CTO, John Graham-Cumming, explains. In an email exchange, Cloudflare pointed Ormandy to the company bug bounty, which offers a reward of a t-shirt instead of financial compensation, leading Ormandy to speculate the company doesn't take the program seriously. As the disclosure deadline quickly approached, Cloudflare engineers worked around the clock to resolve the problem. Google has started removing cached copies of the leaked data, but other search engines are still holding some copies.


Is Your Industry at High Risk of Insider Threat?

In the movies, data theft is usually the work of outsiders. You’ve witnessed the scene a million times: A cyber thief breaks into a business, avoiding security measures, dodging guards and employees, and making off with a USB stick of valuable data seconds before he or she would have been spotted. But in the real world, data theft is much more mundane. Most cyberattacks are carried out by someone within the company or someone posing as such. Sometimes they take data that’s essentially harmless, like personal files they feel entitled to keep. Other times, what they take is potentially much more harmful. According to a 2016 report from Deloitte, 59 percent of employees who leave an organization say they take sensitive data with them! With IP making up 80 percent of a company’s value, insider threat is something that every company should take seriously.


Smart cities must be people-centered, equitable cities

The development of smart cities builds upon this strong historical foundation with a digital foundation that allows cities to function more efficiently, be more responsive to community members and ultimately create better, more equitable urban environments where people thrive. Cities are beginning to, and will continue to, integrate technological dynamism into municipal operations, from transportation to infrastructure repair and more. The back ends of these systems are not always apparent to the end user — but, as the integration of smart-city technology becomes more visible in our everyday lives, we will continue to see positive changes in our cities.


Report: Why the big challenges in AI aren't close to being solved

For most companies, the initial investment in AI comes in the form of a digital assistant or chat bot. These tools are often being offered free of charge, or folded into other core products, in order to generate and collect the data needed to strengthen the AI behind them. Digital assistant are "a good first yardstick of each ecosystem's competence in AI," the report said. AI is built on data, as is another product many people use everyday: Search engines. As such, it makes sense that companies like Google, Baidu, and Russia's Yandex are growing leaders in the AI space due to their focus on data-powered search. Under these leader, companies like Microsoft, Apple, and Amazon are also investing heavily in their own AI efforts as well.


What Will Tomorrow's Engineers Look Like?

To be sure, a good engineer is someone who has received solid scientific and technical training that allows him or her to devise a pertinent response to a problem, sometimes in a very short amount of time. An engineer must study a situation seriously, go out into the field to understand the facts and listen carefully to analyze phenomena and make improvements. An engineer is also someone who is not afraid of hard work, for more than ever, nothing is granted to anyone without effort. Work provides the opportunity to play a role and make a meaningful contribution to the community. However, as the digital revolution shows, in today's very open and rapidly changing world, an engineer also needs to demonstrate persistence, boldness, team spirit and leadership.


Doing Scrum with Multiple Teams: Comparing Scaling Frameworks

According to Craig Larman and Bass Vodde (the creators of LeSS) the primary rule of scaling agile is: don’t do it! If you have problems with: Cross team dependencies; Risks that affect several teams; and Scheduling of (coordinated) deliveries, you might need a scaling framework. If you can deal with these problems by re-arranging your teams and product structure, you are better off without one. If you can’t, please continue reading. All three frameworks start with cross-functional, self-organizing Scrum teams. The teams vertically slice requirements into the smallest possible increments that can be deployed independently. Teams are also expected to focus on technical excellence such as doing continuous integration and automated regression testing.



Quote for the day:


“Capital isn’t scarce; vision is.” -- Sam Walton


Daily Tech Digest - February 24, 2017

The Future of Serverless Compute

Serverless compute, or Functions-as-a-Service (FaaS), is a more recent part of this massive change in how we consider ‘IT’. It is the natural evolution of our continuing desire to remove all baggage and infrastructural inventory from how we deliver applications to our customers. A huge number of applications we develop consist of many small pieces of behavior. Each of those are given a small input set and informational context, will do some work for a few 10s or 100s of milliseconds, and finally may respond with a result and/or update the world around them. This is the sweet spot of Serverless compute. We predict that many teams will embrace FaaS due to how easy, fast and cheap it makes deploying, managing and scaling the infrastructure necessary for this type of logic.


Go-to People Considered Harmful

Dependency issues in social systems can take a variety of forms. One that comes easily to mind is what is referred to as the “bus factor” – how badly the team is affected if a person is lost (e.g. hit by a bus). Roy Osherove’s post from today, “A Critical Chain of Bus Factors”, expands on this. ... A particularly nasty effect of relying on go-to people is that it’s self-reinforcing if not recognized and actively worked against. People get used to relying on the specialist (which is, admittedly, very effective right up until the bus arrives) and neglect learning to do for themselves. Osherove suggests several methods to mitigate these problems: pairing, teaching, rotating positions, etc. The key idea being, spreading the knowledge around.


How to harden MySQL security with a single command

Chances are, your data center depends upon a MySQL database server or two. If that is the case, you'll want to make sure your databases are set up with an eye to security.Thankfully, MySQL offers a handy command that goes a very long way to improve the security of your MySQL installation. This single command will: update the password plugin; set a password for the root account (if one already exists, you can opt to keep it or change it); remove root accounts that are accessible from outside the local host; remove anonymous-user accounts; and remove the test database and privileges that permit anyone to access databases with names that start with test_. Although the above tasks aren't overly complicated, they are easily overlooked and, if you have a lot of databases, can be time-consuming.


The Rise in SSL-based Threats

The majority of Internet traffic is now encrypted. With the advent of free SSL providers like Let’s Encrypt, the move to encryption has become easy and free. On any given day in the Zscaler cloud, more than half of the traffic that is inspected uses SSL. It is no surprise, then, that malicious actors have also been using the SSL protocol in their activities over the last several years. The increasing use of SSL creates problems for organizations that are unable to monitor SSL traffic, as they must rely on less-effective techniques like IP and domain blocking in an attempt to identify and block threats. In this report, we will outline trends we have seen in the use of SSL in the malware lifecycle and in adware distribution, based on a review of traffic on the Zscaler cloud from August 2016 through January 2017.


How Far Are We From ‘True’ Artificial Intelligence – And Do We Really Want To Go There?

The question has ethical implications, particularly if we bring the controversial topic of consciousness into the equation. From a scientific viewpoint, consciousness is a state that arises when a biological brain interprets the flood of sensory input streaming in from the world around it, leading, somehow, to the conclusion that it exists as an entity. It’s not well understood at all – but most of us can conceive how this massive flood of images and sounds is interpreted through a biological neuro-network which leads to “thoughts” – and among those thoughts are concepts of individual existence such as “I am a human”, “I exist” and “I am experiencing thoughts”. So, it’s only a small step of logic to assume that machines will one day – perhaps soon, given how broad the stream of data they are capable of ingesting and processing is becoming – in some way experience this phenomena, too.


Let’s Sell and Buy Fair: How Not Asking for a Discount Can Save You Money

If we stop asking to get something cheaper, you’ll eventually at some point be presented with the proper fair pricing. If we stop asking for discounts, we’ll settle the deal a lot faster, without days and weeks of delay and that ultimately saves money as well. The time for email ping pong and conference calls is nowhere listed. It’s not on a single bill. If you talked about a deal for weeks or months, you probably lost a lot of your money on the way and didn’t save anything at all. Your time is a currency as well. What comes now is a theory, and I don’t recommend it to any kind of operations. Yet, you might find it disruptive or at least intriguing. The counter conception to fight discount business culture is to put a price increase to every bit of interaction that unnaturally extended the required work to get to closure.


Transforming companies must put cyber security front and center

When you hear the term ‘cyber security’, there’s a very good chance that, like many executives, you immediately think of one thing: an IT infrastructure challenge. Of course, a strong IT security infrastructure is a critical part of any cyber security program. However, it is not the only part. In a 2017 world, this traditional ‘defense-first’ mindset is too limited and can actually hinder your company’s long-term growth prospects. Indeed, there is another important element at play and that is the potential impact of cyber under-preparedness to your company’s future business growth. This is particularly true in a business environment in which so many companies are undertaking ambitious customer-focused transformation programs amid widespread technological disruption and competitive threats.


Embracing a Strategic Paradox

Creating solutions that meet conflicting needs can do more than resolve a political dilemma. Because they are built with Aeon’s unique blend of local and national capabilities in mind, the complexity of the solutions often deters imitation. The consensus solution, whether it involves designing stylish clothes for women living in a Japanese ski village or finding a way to turn a tiny available quantity of pears into a national product, tends to be one that can be executed well by Aeon but not easily copied by anyone else. Of course, resolving these conflicts requires ongoing work. Managing this built-in strategic paradox of pursuing both localization and nationwide standardization demands the continual attention of management.


Why government-driven digital transformation is a train wreck

This is basically the case with all of the major government-driven digital transformation initiatives around the world. Each is positioned as game changing and disruptive in terms of impact and immensely beneficial to the economy and citizens’ lives, but this has not been the case. What has happened to these once-noble initiatives is that all have been whipsawed by politics and politicians, and driven to failure by feckless bureaucrats and civil servants – with a number of contractors thrown in for good measure. This toxic mix of politics, fecklessness and incompetence has produced some major train wrecks in terms of cost-benefit analysis and positive societal impacts. The three most visible of these are in the UK, the US and Australia, and their fate is seen by many as a pre-cursor to others on the horizon.


Untangling an API-first Transformation at Scale.

Business capabilities represent the core, reusable building blocks that your business needs to support the business processes required to function. By defining your business capability taxonomy, you establish a shared language that can be used by all domains to describe the logical relationships in any given process. This serves as a stable, business-driven (not technology-driven) context in which to discuss solutions that, hopefully, remains relatively consistent over time. Is also provides a critical link between how the Business thinks about its investments and how Technology leverages them. In a small company, the set of capabilities is quite limited. Being highly resource constrained, you may build some core services that differentiate your business and leverage other service providers for generic things like messaging, identity, payments, etc.





Quote for the day:



"Be a yardstick of quality. Some people aren't used to an environment where excellence is expected." -- Steve Jobs


Daily Tech Digest - February 23, 2017

Here's why self-driving cars may never really be self-driving

The issue with self-driving vehicles extends well beyond safety; it's also a legal one. As autonomous vehicles gain in popularity, liability questions about who is to blame when an autonomous car crashes are also growing. If an autonomous car crashes, who is at fault? The driver -- even though the car was driving itself? The manufacturer? The developer who created the autonomous software? "Supposed I write a piece of software and it has an inherent flaw. It starts causing injuries and property damage. Am I protected? The answer is: Unlikely," said Michael Overly, a partner and intellectual property lawyer with Foley & Lardner LLP. "People whose property was damaged or they were injured would sue for negligence."


2017 Predictions For AI, Big Data, IoT, Cybersecurity, And Jobs From Senior Tech Executives

The recent success of deep learning in tasks such as image recognition and machine translation has served as a catalyst for investments in and experimentation with AI and Bill Franks, Chief Analytics Officer, Teradata, predicts that “Deep learning will move out of the hype zone and into reality.” Says Franks, sounding a note of caution: “Deep learning is getting massive buzz recently. Unfortunately, many people are once again making the mistake of thinking that deep learning is a magic, cure-all bullet for all things analytics. ... While deep learning will be in place at a large number of companies in the coming year, the market will start to recognize where it really makes sense and where it does not. By better defining where deep learning plays, it will increase focus on the right areas and speed the delivery of value.”


Insecure Android apps put connected cars at risk

While compromising connected car apps might not directly enable theft, it could make it easier for would-be thieves. Most such apps, or the credentials they store, can be used to remotely unlock the vehicle and disable its alarm system. "Also, the risks should not be limited to mere car theft," the Kaspersky researchers said in a blog post. "Accessing the car and deliberate tampering with its elements may lead to road accidents, injuries, or death." While manufacturers are rushing to add smart features to cars that are meant to improve the experience for car owners, they tend to focus more on securing the back-end infrastructure and the communications channels. However, the Kaspersky researchers warn that client-side code, such as the accompanying mobile apps, should not be ignored as it's the easiest target for attackers and most likely the most vulnerable spot.


Fighting the hidden enemy: how can your organisation combat cybercrime?

Administrative frameworks, however, can achieve only so much. When it comes to improving cybersecurity, employees also have a vital role to play. Again, there are two sides to this coin. One concerns the human vulnerabilities associated with cybercrime. As efficient as a firm’s cyber strategy might be, one simple mistake from an employee can render these defences futile. ... At the same time, any internal threats must be treated with this same level of vigilance. As a significant number of cyberattacks reported by organisations are actually carried out from within the company, it is not unreasonable to claim that many of these breaches could have been avoided, had employees been able to recognise that their colleague was stealing valuable information. Again using education as a resource, firms can promote a culture of self-regulation which allows rogue workers to be identified and reported before their efforts are successful.


Reinforcement learning

Reinforcement learning copies a very simple principle from nature. The psychologist Edward Thorndike documented it more than 100 years ago. Thorndike placed cats inside boxes from which they could escape only by pressing a lever. ... Reinforcement learning works because researchers figured out how to get a computer to calculate the value that should be assigned to, say, each right or wrong turn that a rat might make on its way out of its maze. Each value is stored in a large table, and the computer updates all these values as it learns. For large and complicated tasks, this becomes computationally impractical. In recent years, however, deep learning has proved an extremely efficient way to recognize patterns in data, whether the data refers to the turns in a maze, the positions on a Go board, or the pixels shown on screen during a computer game.


Data-related jobs see huge growth in January hirings

Data processing/hosting/related services also had a healthy January, posting 1,200 new jobs. That segment had been adding an average of 233 per jobs per month on average in 2016. Commenting on this segment, Foote noted that employers need to scale to stay competitive. “When they dig their heels into a solution that works, be it in cloud, security, big data, mobile, or digital technology, they tend to add headcount because they know these people will be making contributions for a long time to come,” Foote said. ... “Ideally each new hire must have a measurable impact on the business: they can’t just be a cost item for them. What will drive new job creation in 2017 will be hiring in niche areas such as big data and analytics, information/cyber security, cloud computing, and certain areas of applications development and software engineering like DevOps and digital product development.”


A hard drive's LED light can be used to covertly leak data

The latest hack leverages the LED activity light for the hard disk drive, which can be found on many servers and desktop PCs and is used to indicate when memory is read or written. The researchers found that with malware, they could control the LED light to emit binary signals by flashing on and off. That flickering could send out a maximum of 4,000 bits per second, or enough to leak out passwords, encryption keys and files, according to their paper. It's likely no one would notice anything wrong. "The hard drive LED flickers frequently, and therefore the user won't be suspicious about changes in its activity,” said Mordechai Guri, who led the research, in a statement. To read the signals from the LED light, all that’s needed is a camera or an optical sensor to record the patterns.


A Sweeter Spot for the CDO?

First of all kudos for a correct use of the term Venn Diagram Second I agree that the role of CDO is one which touches on many different areas. In each of these, while as Bruno says, the CDO may not need to be an expert, a working knowledge would be advantageous. Third I wholeheartedly support the assertion that a CDO who focusses primarily on compliance will fail to get traction. It is only by blending compliance work with the leveraging of data for commercial advantage in which organizations will see value in what a CDO does. Finally, Bruno’s diagram put me in mind of the one I introduced in The Chief Data Officer “Sweet Spot”. In this article, the image I presented touched each of the principle points of a compass. My assertion was that the CDO needed to sit at the sweet spot between respectively Data Synthesis / Data Compliance and Business Expertise / Technical Expertise. At the end of this piece,


The March Of Financial Services Giants Into Bitcoin And Blockchain Startups In One Chart

It should be noted, though, that consortia are not included on the chart below. One such example is R3 CEV, which counts a bevy of banks and insurers including Credit Suisse, JPMorgan and Deutsche Bank collaborating to advance ledger solutions and standards that meet banking requirements. R3 has hit a few bumps of late, with Goldman Sachs and Santander – among others – leaving the consortium in favor of private blockchain investments. Among the financial services investors are insurance providers such as TransAmerica, New York Life, and Mitsui Sumitomo Insurance Group (MSIG); payments giants including Visa, MasterCard, and American Express; as well as banks like Mitsubishi UFJ Financial Group (MUFG), Citi, Santander, and Canadian Imperial Bank of Commerce (CIBC).


Amid cyberattacks, ISPs try to clean up the internet

Even when ISPs send warning messages to users, what then? Not every PC user knows how to resolve a malware infection, Clayton said. For ISPs, it can also be a matter of cost. “Of course we want to see ISPs helping, but they are in a competitive market,” he said. “They are trying to cut their costs wherever they can, and talking to customers and passing on a message is not a cheap thing to do.” In addition, ISPs can’t identify every malicious cyberattack. Most hacking attacks masquerade as normal traffic and even ISP detection methods can occasionally generate errors, Clayton said. “If you have a 99 percent detection rate, in an academic paper, that sounds fantastic,” he said. “But that basically means one out of 100 times, you’ll be plain wrong.”



Quote for the day:



"If you don't make it easy for people to do the right thing, you're wasting money on security awareness." -- Angela Sasse

Daily Tech Digest - February 22, 2017

Wilders' Security Officer Held for Suspected Data Leak

The revelations came three weeks before the Netherlands holds a parliamentary election. Wilders' party is riding high in the polls, although mainstream parties have said they will not form a coalition with him if he wins the popular vote because of his hard-line anti-Islam stance. His manifesto includes closing Dutch borders to all migrants from Muslim nations, banning the Quran and shutting all mosques in the Netherlands. In an indication the government is taking the alleged leaks seriously, the Dutch prime minister and the minister for security and justice on Wednesday visited the heavily-guarded wing of Parliament that houses Wilders' party offices. Rutte declined to say if he had met Wilders or to discuss the nature of his visit. Wilders later tweeted that the security breach "is a serious case that fortunately is also being taken seriously by the Cabinet."


How a College Kid Made His Honda Civic Self-Driving for $700

A Neo is built from a OnePlus 3 smartphone equipped with Comma’s now-free Openpilot software, a circuit board that connects the device to the car’s electronics, and a 3-D-printed case. Jorgenson got the case printed by an online service and soldered the board together himself. He first put his life in the device’s hands in late January after an evening college class. “It was dark on the interstate, and I tested it by myself because I figured if anything went wrong I didn’t want anybody else in the car,” says Jorgenson. “It worked phenomenally.” Subsequent tests revealed that the Neo would inexplicably pull to the right sometimes, but a software update released by Comma quickly fixed that. Now fully working, the system is similar in capabilities to the initial version of Tesla’s AutoPilot


Is user generated content fuelling data fatigue?

Perhaps the real value in user generated content comes from how brands themselves are harnessing it. It offers a mine of information to inform the business but, with ever-growing volumes, it also carries a huge risk – have brands simply become data rich, insight poor? If companies can’t grapple with high volumes, they could lose out on important trends or actually arrive at misleading or inaccurate assumptions. As brands engage across social, mobile, in-store and elsewhere, they are having to connect insights across channels in new and more innovative ways. Those that can break the customer journey down into granular segments can gain greater intelligence about customer behaviours as well the business.


Financial cyberthreats in 2016

For the first time in 2016, the detection of phishing pages which mimicked legitimate banking services took first place in the overall chart – as criminals sought to trick their victims into believing they were looking at genuine banking content or entering their details into real banking systems. ... It’s clear that financial cybercriminals are increasingly on the look-out for new ways to exploit users and extract money from them. Owners of Android-based devices should be extremely cautious when surfing the web – especially if they have financial applications installed. But caution is advised for everyone. As predators become more persistent and as their methods grow more convincing, corporate users and home users alike – whatever type of device they use – need to be aware of the dangers and understand how to protect themselves from this ever-evolving cyberthreat landscape.


Software development genetics, part 1: DevOps, lean, agile

Formal adoption of agile methodologies include new-age terms such as the Scrum methodology. Facilitated by the scrum master and involving software "ninjas," the practices are gaining increasing numbers of adherents. These terms infer an enlightened hybrid philosophy that is gathering followers and driving innovation and increased quality. These methodologies are also changing the environment in which software is developed. As more businesses are virtualizing and lifting applications to the cloud, so too the functions of software development are moving from a shop floor mentality of physically present resources to that of geographically distributed talent. As Ashley Speagle points out in CIO, “Collaboration-centric strategies are now at the heart of modern IT departments, breaking down formerly rigidly defined siloes and creating responsive, communicative teams.”


Could smartphones replace datacenters? These Finnish researchers think so

In other words, while your phone sits idle on your office desk, it could be helping to compute weather forecasts, earthquake warnings, or solve encryption challenges. But first the mobile cloud computing platform needs to be built. Currently the researchers are testing their approach using nine Samsung Galaxy S4 phones and a LG Smart TV for predefined tasks. The preliminary results show that this configuration is more than enough to equal the computing power of a single server. "We have nine smartphones computing in parallel and one server computing the same thing, and we can achieve the same speed," Lagerspetz says. "[But] if you want to beat a cluster of machines at Amazon, you might need 10 times the number of phones, so 90 phones. If you're working in a big organization and you have a lot of employees, you just put our app on their phones and you're ready."


How The DOT Discovered Its Network Was Compromised By Shadow IT

The shadow IT revelations and the associated security concerns led McKinney to launch a project to rearchitect the DOT's network, an effort that, while still ongoing, has been introducing more centralized controls and clearer segmentation to cordon off the systems of various administrations within the department. The experience also compelled his office to change the internal processes for introducing new equipment to the network, including a policy directive putting the various DoT administrations on notice that the days of ad hoc, unsecured and unmanaged network expansion were over. "We also at that point put out policy memos and told the entire department that there will be no adding equipment to the network without going through a formal change-management process," he says. "We had one, but people had been ignoring it."


Redfin CTO says machine learning needs human help

Any company that expects its employees to stand behind the product of an automated system needs to let them manually edit the results, Frey said. What’s not clear is which set of insights -- the machine's or the agent's -- actually led to better outcomes. In the case of Listings Matchmaker, Frey said users didn’t seem to click on one set of recommendations over another, but she didn’t know if the company had data about which recommendations resulted in a purchase. The more important difference is that agents used the feature more once they were able to recommend particular homes, she said. Frey’s comments were echoed by Alphabet Executive Chairman and former Google CEO Eric Schmidt during an on-stage interview at the RSA security conference in San Francisco last week. He said humans must remain in the loop of machine learning systems.


The Overlooked Corporate Data Breach

Executives haven’t ignored the issue. According to researchers, 30 percent of CEOs surveyed said cybersecurity is their top risk over the next three years, more so than risk from regulation or disruptive technology. CEOs have cybersecurity in their line of sight for sure. But the report describes attacks that lead to the compromise of corporate data as “beneath the covers” attacks that rarely land in the news or become the topic of public debate. Further, 72 percent of CEOs surveyed for the report admitted that they are not prepared for a cyberattack. According to analysts, part of the issue is that, when a corporate cybersecurity event occurs, the event under investigation often involves market-sensitive, proprietary information that cannot be released to the public. That fact also limits the ability for corporates to discuss the cyberevent with their peers.


The Future of Java in the Enterprise - InfoQ’s Opinion

We continue to see Java SE as in good health, and it remains one of the most widely adopted languages for enterprise computing. Java 9 is expected to ship this summer, and includes both Jigsaw and the JShell REPL. Work on Java 10 is already underway. Given this, we believe that Java remains a great choice for building large-scale enterprise applications, particularly where they are expected to remain in production for some time. In terms of alternative JVM languages we continue to see interest in both Scala and Clojure, but reader interest in Scala suggests the language may have reached an adoption peak; we can trace a small drop in Scala interest amongst readers around the time Java 8 shipped with support for lambda functions. Our instinct on this is that it hasn’t yet “crossed the chasm” in Moore’s parlance, and therefore still sits in the early adopter stage.



Quote for the day:


“A real entrepreneur is somebody who has no safety net underneath them.” -- Henry Kravis


Daily Tech Digest - February 21, 2017

Why Google And Apple Will Rule Mixed Reality

Computer-generated objects appear to attach or interact with real-world objects. This can range from simple applications, such as the Sphero BB8 toy robot smartphone app, to complex systems, including Hololens, Magic Leap and others. The most thrilling mixed reality experience involves real-time, 3D mapping of the environment, which enables virtual objects to interact with surfaces and objects in the real world. For example, a computer-generated creature that can stand on a table -- or hide behind it. Here's the challenge: 3D-mapping capability is compute-intensive, meaning it is expensive, power-hungry and heat-generating. So is the real-time rendering of 3D objects. With the richest mixed-reality experience, you need both 3D mapping and image rendering. As a result, products like Hololens and Magic Leap require heavy, bulky headsets and cost a lot of money.


People Don’t Buy IoT, They Buy a Solution to a Problem

Everywhere we turn there seems to be a new “connected this” or “smart that”. Many applications are novel, but not very useful. I can think of many silly examples, and I’m sure you can too. So here’s my point: The fact that we can connect any device to the Internet doesn’t mean we should. And if we’re not careful, we can fall into the trap of having technology looking for a problem, instead of starting with a problem and looking for the best way to solve it. This is Product Management 101. It’s a shame the useless products get most of the airtime, because there are many applications today that are solving important problems—in healthcare, manufacturing, transportation, energy, and more. So this is a call to action for all you IoT Product Managers: Leverage IoT only if it provides more value to your customer or your company.


Emotional Intelligence Has 12 Elements. Which Do You Need to Work On?

There are many models of emotional intelligence, each with its own set of abilities; they are often lumped together as “EQ” in the popular vernacular. We prefer “EI,” which we define as comprising four domains: self-awareness, self-management, social awareness, and relationship management. Nested within each domain are twelve EI competencies, learned and learnable capabilities that allow outstanding performance at work or as a leader (see the image below). These include areas in which Esther is clearly strong: empathy, positive outlook, and self-control. But they also include crucial abilities such as achievement, influence, conflict management, teamwork and inspirational leadership. These skills require just as much engagement with emotions as the first set, and should be just as much a part of any aspiring leader’s development priorities.


Big data privacy is a bigger issue than you think

Don't feel so compelled by transparency that you give away your strategic secrets. After all, you are in business—a very competitive business. If you give away too much information, your competitive value is eroded. You must find a way to be transparent, while keeping the secret sauce behind the firewall. Here's how. Your IT leadership team should launch proactive communication campaigns, which could include PR, speaking, social media, and outreach programs—the more the better. Explain more about what you can do than how you do it. At a minimum, it's your responsibility to let people know what you know about them and what you're capable of doing with your analytics. For instance, if location analytics allows to you know where they are and where they're likely to go next, then let users know you have this technology.



ESET looks to deepen enterprise penetration with new threat intelligence service

The ESET data feeds are typically integrated into existing SIEM [Security Information and Event Management] systems, which allow reports from multiple sources to be reviewed at once in real time. “Integrating this with a SIEM means the customer can quickly see it and address issues,” Reed stated. “Their security teams are provided with actionable information.” This use case does require that the customer is large enough to have a security team monitoring the data and making decisions. However, because ESET Threat Intelligence does not need to be deployed in a network infrastructure in order to run, ESET expects that another use case of the service will be prospects testing the efficiency of ESET if they are considering replacing their legacy endpoint security vendor.


Virtual Singapore Looks Just Like Singapore IRL—But With More Data

This technology is the latest and most sophisticated attempt to create an all-seeing “urban dashboard.” Rio’s operations center, complete with banks of screens that resemble NASA Mission Control, tracks transit, weather, utilities, and more. Los Angeles’s Bureau of Engineering has Navigate LA, which includes GIS maps overlaid with more than 20 layers of data, from property data to geotechnical information. Technology companies like IBM (which powers the Rio effort), Siemens, and Cisco—provide “Smart City” data-tracking software for several other metropolises. But none are as holistic, intuitive, or three dimensional as this. “It really opens up a window onto how all these systems impact each other,” Rocker says.


Blockchain and the "Internet of Value"

During a speech at the Stanford Graduate School of Business the co-founder and ex-CEO of Ripple Labs - Chris Larsen very well puts forward the idea of "Internet of Value" - a network of networks for moving value. Larsen says, “Just as you can’t have fire without fuel, oxygen, and heat, you can’t have effective globalization without interoperability in goods, data, and money. They all have to work together.” As we have the internet to move data, or the global logistics network to move goods, IoV will be a dedicated global network to move value (money and other digital assets) in a safe, efficient and inexpensive manner. To understand this more closely let us take the example of payments. The existing process of international wire transfer requires co-ordination and series of resource-intensive steps between participating banks, clearing houses, and the central banks.


Advanced analytics, Big Data to Blockchain driving disruption in banking sector; here’s how

Blockchain, or the distributed ledger in general, has been touted as one of the biggest disruptive technologies of recent times. While 20% of bankers feel that the event is one to two years away, another 40% think it could take twice as long. In any case, banks have got busy developing a range of use cases, especially in the areas of payments and remittances, trade and supply chain finance, digital identity management, smart contracts, document security, loan syndication and treasury management. Although it has slid from its top spot in the list of disruptive technologies, mobility, along with wearables, is still a force to reckon with. ... The smartphone’s native capabilities—camera, mobile apps, and touch screen—make it extremely suitable for biometric authentication, and customers are more than happy to adopt.


The many faces of grep

The grep command – likely one of the first ten commands that every Unix user comes to know and love – is not just a nice tool for finding a word or phrase in a file or command output. It can take on some vastly different personalities that allow you to more cleverly find the data that you are looking for and has more flexibility than many of its users have discovered. Historically provided as separate binaries, the different “flavors” of grep are now provided through a number of key command options that change how grep interprets the pattern that you provide for your search. To easily switch from one mode of searching to another, the different grep commands could be set up as aliases such as these:


Mitigating the Increasing Risks of an Insecure Internet of Things

Improving the resilience of the Internet and cyberphysical infrastructure in the face of insecure IoT devices will require a combination of technical and regulatory mechanisms. Engineers and regulators will need to work together to improve security and privacy of the Internet of Things. Engineers must continue to advance the state of the art in technologies ranging from lightweight encryption to statistical network anomaly detection to help reduce risk; similarly, engineers must design the network to improve resilience in the face of the increased risk of attack. On the other hand, realizing these advances in deployment will require the appropriate alignment of incentives, so that the parties that introduce risks are more aligned with those who bear the costs of the resulting attacks.



Quote for the day:


"The best strategy can do is shorten ur odds of success. If u are certain about ur strategy, u are dangerously delusional.” -- @RogerLMartin