Daily Tech Digest - March 30, 2017

Toward new possibilities in threat management

Many organizations are proactively adopting or updating key technologies that are essential to gathering and analyzing threat intelligence. Few capabilities are more fundamental to proactive threat intelligence than real-time monitoring and analytics. This year, more than half of respondents say they actively monitor and analyze threat intelligence to help detect risks and incidents. These technologies provide contextual awareness of threats and an understanding of the tactics, techniques and procedures of adversaries. When analytics and threat intelligence are synthesized in the cloud, it becomes possible to create a single source of enterprise-wide data. Another trend lies in adaptive authentication. As IT systems capture increasingly more information, businesses are starting to leverage additional data points to identify suspicious behaviors and patterns.

Data breaches through wearables put target squarely on IoT in 2017

Mike Kelly, CTO of Blue Medora, agrees, stating that, “the inability to quickly update something, such as your home thermostat, is where we will see the risk. It’s not about malware getting on the devices, the focus will need to be on the ability to remediate the issue. Like we saw with Windows, there will be a slew of vulnerabilities, but unlike with a computer, patching won’t be as easy with IoT devices,” he says. More connected devices will create more data, which has to be securely shared, stored, managed and analyzed. As a result, databases will become more complex and the management burden will increase. Those organizations that can most effectively monitor their database layer to optimize peak performance and resolve bottlenecks will be in a better position to exploit the opportunities the IoT will bring, he says.

Building Stakeholder Confidence in Cyber Risk Management

Regulatory scrutiny of cyber risk management, meanwhile, shows no signs of abating and could grow with time. Although the Trump administration is still taking shape, the president’s nominee to lead the Securities and Exchange Commission, Jay Clayton, notably co-authored a 2015 article underscoring the need to proactively manage cyber risks. Further, the new cybersecurity regulation for New York’s financial industry, which went into effect this month, requires identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance. Corporate leaders might wonder how they can begin to assess their conformance with voluntary standards, further strengthen risk management and demonstrate progress in cybersecurity.

Why the endgame for fintech isn't all rosy collaboration

First, circumventing established parts of the financial system’s “plumbing” such as Visa and MasterCard is hard. Indeed, several fintech businesses use MasterCard (like Monzo, Revolut, Tide, DiPocket, Loot and Starling). But for the newest startups, this is a ladder to kick away at the earliest convenience. Cryptocurrencies (and other innovations) will start making a dent in the payments infrastructure – but it will take years. ... Second, the major players in the established financial ecosystem try to take care of many of their clients’ needs. Fintech companies could try to replicate this by becoming technologically more integrated with each other, thus enabling users to frictionlessly purchase additional products from alternative fintech providers.

FinTech and the Digital Strategy

In the finance sector, too many processes remain tedious and time consuming without needing to. Take electronic invoicing as an example of the automation of a task that removes huge amounts of friction. The exchange and handling of almost any data, and particularly things like invoices, purchase enquiries, and requests of financing, are not only more efficiently done digitally, they also greatly reduce errors and delays. Every day, businesses waste time and energy by manually checking invoice documents received from a growing global supply chain. Technology exists that would ensure incorrect invoices are rejected before they even arrive. Additional time is wasted calling and emailing to check on invoices statuses, instead of accessing the information online.

Executive Guide to Artificial Intelligence

Broadly two classes of AI systems exist. First category called Artificial General Intelligence systems also called as strong AI are supposed to mimic human beings on most aspects. Few systems that fall, attempting to rather, in this class are IBM Watson, Google Assistant and Apple Siri. These systems are not just complex to develop, their usage within an enterprise as well to general public are questionable and limited at best. Obviously these systems are still in research stage and the progress has been comparatively slow. Other class of AI systems called Artificial Narrow Intelligence are supposed to solve a specific problem or useful in a specific kind of scenario. These systems are also called weak AI although an unfair nomenclature and doesn’t justify the complexity, practicality and usefulness involved.

Government must avoid post-Brexit ‘tech talent cliff edge’, says techUK

“UK tech must continue to be underpinned by talent that is attracted to, and able to work in, the UK,” she said. “The government has repeatedly voiced support for tech in its recent industrial strategy and digital strategy. Now that Article 50 has been triggered, it is time to back up that approach with concrete details on how the sector will be able to access the talent it needs.” The report also called on the government to undertake a review of how “new technologies can be deployed to ensure frictionless migration systems, including visa applications and movement of people across borders”. It said a smart migration working group should be established to create and evolve a “data-driven, real-time smart migration system”.

Report reveals new all-time high in mobile device infections 

While Android-based smartphones and tablets continued to be the primary targets, reflecting the prevalence of the operating system worldwide, iOS-based devices also suffered attacks in the second half of the year, primarily by Spyphone surveillance software that tracks users' calls, text messages, social media applications, web searches, GPS locations and other activities. The Threat Intelligence Report also exposed major vulnerabilities in the rapidly expanding universe of IoT devices, underscoring the need for the industry to re-evaluate its IoT deployment strategies to ensure these devices are securely configured, managed and monitored. ... “The Mirai botnet attacks last year demonstrated how thousands of unsecured IoT devices could easily be hijacked to launch crippling DDoS attacks. As the number and types of IoT devices continue to proliferate, the risks will only increase."

New Mirai IoT variant launched 54-hour DDoS attack against a U.S. college

During the 54-hour DDoS attack on the college, researchers observed a pool of attacking devices normally associated with Mirai such as CCTV cameras, DVRs and routers. Attack traffic originated from 9,793 IPs worldwide, but 70% of the botnet traffic came from 10 countries. The U.S. topped the list by having 18.4 percent of the botnet IPs. Israel was next with 11.3 percent, followed by Taiwan with 10.8 percent. The remaining seven countries of the top 10 were India with 8.7 percent, Turkey with 6 percent, Russia with 3.8 percent, Italy and Mexico both with 3.2 percent, Colombia with 3 percent and Bulgaria with 2.2 percent of the botnet traffic. ... Incapsula said, “This–and the size of the attack itself–led us to believe that we might be dealing with a new variant, which was modified to launch more elaborate application layer attacks.”

3 Ways Technology Influences Generational Divides at Work

What do an iOS developer, a social media intern, a UX designer and a big-data architect have in common? As recently as 10 years ago, their job titles were rare (or didn't exist at all). Today, these titles are a dime a dozen for young professionals. In 2008, there were zero big-data architects on LinkedIn. In 2013, there were 3,440. (It might not come as a surprise that nearly 70 percent of parents admit they don't have a clear understanding of their children's jobs). Technology's rapid evolution has led to a surge of digital tools in the workplace. In some cases, it's created entirely new industries. But it's also created a gap between generations. If companies hope to address the challenges of a multigenerational workforce, it's critical for leaders to embrace these differences as opportunities.

Quote for the day:

"The best minute I spend is the one I invest in people." -- Ken Blanchard

Daily Tech Digest - March 29, 2017

5 reasons your company can't hire a cybersecurity professional

The shortage in skilled cybersecurity professionals is only growing worse, with the projected talent gap reaching 1.8 million jobs by 2022. "It's definitely a seller's market," said Forrester analyst Jeff Pollard. "If you have security skills, there are plenty of opportunities available for you. If you have an interest in security and perhaps have a nontraditional background but are willing to learn, opportunities are certainly open from that perspective as well." However, the shortage has left many companies stuck: A recent report from ISACA found that 55% of organizations reported that open cyber positions take at least three months to fill, while 32% said they take six months or more. And, 27% of US companies said they are unable to fill cybersecurity positions at all.

6 Soft Skills Employers Should Be Looking For In Tech Talent

Forget experience and hard skills -- tomorrow's best talent will need soft skills, and it's fact that sourcing and recruiting pros need to be prepared to address. "From our own LinkedIn research last May, we know that, of 291 hiring managers we surveyed, their employers struggle to find candidates with the right soft skills for 59 percent of their open jobs, and 58 percent said the lack of soft skills among candidates was 'limiting their company's productivity,'" says Jennifer Shappley, senior director of talent acquisition at LinkedIn at a presentation at SourceCon, held earlier this month in Anaheim, Calif. ... The differentiator will be soft skills like adaptability, leadership, communication and others, she says. Here, Shappley shares six of the top soft skills she's looking for at LinkedIn and how to go about finding those.

Android VPN apps: How to address privacy and security issues

Armed with knowledge regarding these Android VPN apps, what can IT security professionals do about the situation? Whether this falls under your company's BYOD strategy, acceptable usage policies or some other aspect of its security program, such as security information and event management or malware protection, it needs to be addressed starting today. Obviously, you want to steer clear of any of the apps researched for the paper that might create risks in your particular environment. You might need to do your own vetting of these mobile apps, and may need to standardize on a handful of them. Tools by vendors such as NowSecure and Checkmarx, combined with network analyzers and other tools, can provide good insight to complement and even validate these new mobile VPN app research findings.

Why the internet of things isn't as vulnerable as it looks

Use of connected devices has exploded across critical infrastructure industries, resident in everything from industrial controls to financial systems, where the devices generate loads of data. That data, said Robert Griffin, lures attackers but also serves to boost security for infrastructure protectors. "For homeland security operators, IoT is now a component of critical infrastructure, where security is viewed as a common good for protecting each of our different 16 critical infrastructure sectors," said Griffin in a March 20 blog post, one of his first as acting undersecretary at S&T. He assumed that position in January, after Reginald Brothers moved to the private sector. Griffin said connected sensors provide data analytics that can be shared among security operators, helping improve performance, reduce costs and enhance security measures.

Automate DevOps so you can focus on a security-first culture

Organisations commonly feel like they have to trade off between security and productivity. That’s absolutely not the case but it needs the people shipping code and the security specialists to do some collaborative work up front. Sadly research by Gartner last year found that only 20% of enterprise security architects had properly engaged with DevOps initiatives and the majority of IT professionals felt information security was slowing down the ability of the IT department to respond to the needs of business. While working at HM Revenue & Customs I saw first hand how a great security team, willing to help redesign processes up front could help us to ship services which conformed to a common pattern quickly without putting users at risk. By putting a platform and tooling in place, we saw HM Revenue & Customs take projects which would have taken 18 – 24 months and deliver them in under six weeks.

Kaspersky: Criminals Make 95% Profit on DDoS

Kaspersky did a review of the Dark Web to find out the going rate for DDoS as-a-service, and found the average to be slightly higher than the example above—attacks typically cost $25 per hour, with the cyber-criminals making a profit of about $18 for every hour of an attack. The security specialist also found that organizers of DDoS services generally offer customers a tariff plan in which the buyer pays a per-second rental price for botnet capacity. For example, a DDoS attack of 300 seconds using a botnet with a total bandwidth of 125Gbps will cost about between $5 and $6. As for profitability, it should be noted that DDoS attacks and, in particular, ransomware DDoS have already turned into a high-margin business. “The profitability of one attack can exceed 95%,” the firm noted.

Intel digs in to keep Moore's Law alive

"Moore's Law is not dead, at least not for us," said Stacy Smith, Intel's executive vice president leading manufacturing, operations and sales, during an event to talk about manufacturing in San Francisco on Tuesday. At its heart, Moore's Law states that the cost of making chips goes down while the capabilities go up. Intel's interpretation of Moore's Law has changed multiple times. Initially, Intel was doubling transistors every 18 months, which then expanded to two years. On its most recent 14-nanometer process, that time line expanded to three years. With the new measurements, Intel will be able to boast that its manufacturing improvements are surpassing Moore's Law. The company also said it would cut the manufacturing cost per transistor by half with each new manufacturing process, which is in line with Moore's Law.

Why Siemens put $10 billion into digital transformation

Making use of the data collected by devices is key for industries wanting to move forward in the digital age. Half of all the data that exists in the world was created in 2016. And less than 0.5% of all the data collected last year was analyzed and used, according to Judy Marks, CEO of Siemens, explaining that she believes MindSphere will help industrial companies in particular make better use of their data and take them to the next level of competitiveness in manufacturing. Next47 is Siemens innovation startup unit, and as part of Siemens focus on startups, it will invest $1 billion over the next five years in startups, Busch said. ... Artificial intelligence was a key to one customer, where an AI brain was inserted into a turbine resulting in a 15-20% reduction in nitrogen oxide emissions. "This is how powerful artificial intelligence can be," Busch said.

Insecure Security Cameras Sound Like A Joke But Aren't

To be fair, these attacks do require the burglar (or, for that matter, murderer or rapist) to engage in a bit of physical gymnastics. The attacker first needs to get close enough to the camera to access Bluetooth — distances vary based on device and environment and it can even vary from initially making the handshake to maintaining the connection. But these are security cameras, so the attacker must achieve this potentially very short distance while also staying out of the camera’s view. After all, if the attacker is filmed before initiating the connection, the point of this exercise may be lost.
 This problem is hardly insurmountable. But it involves studying the camera beforehand to learn the proper angle and positioning needed to access Bluetooth without being seen.

How do identity governance and access management systems differ?

Identity governance relies on policies to determine if updated access is too risky for a particular user based on his previous access and behavior. These governance policies can be put into an automated workflow when a change is deemed a risk, and allows the owners of the application or the data to sign off on the update. This fixes the issue of having to recertify users annually, and takes more of an incremental approach to auditing access. If someone accesses a system they don't have permissions for, the identity governance system can flag the access as suspicious. They can even be notified if a user is attempting to access a resource they don't have access to, or that no one in their role is attempting to access.

Quote for the day:

"Failure is friend of success, its not trying that is its enemy." -- Gordon Tredgold

Daily Tech Digest - March 28, 2017

SDN Solves A Lot Of Network Problems But Security Isn't One Of Them

Generally, the main security risks come from poor or incorrect configuration of the devices. While this is not only true in SDN, De Gaspari said it is potentially even more important given how flexible, and therefore how easy it is to misconfigure the architecture.  Despite the gaps in security, though, SDN continues to be an emerging alternative solution to the problems of modern day networks. Gregory Pickett, cybersecurity operations at Hellfire Security, said that there is a lot of good that comes with SDN.  "It allows for operations that providers have wanted for decades, operations such as maintenance dry-out, customer egress selection, enhanced BGP security through reputation-based route selection, faster convergence of routes, and granular peering at the IXP. SDN renders these all these problems moot," Pickett wrote.

Security awareness relies on balance of technical, human-behavior skill sets

"Security awareness was initially started about 10 years ago with the advent of regulation and compliance requirements," Sedova said. "Unfortunately, they were designed with the wrong question in mind. They ask 'show me how many people have taken your training.' Instead they should have asked 'show me metrics that your program yields improvement in X behavior.' The companies leading the charge in the awareness space today are creating their programs around this question." This leads back to the discussion around the right balance of talent for creating these programs. According to the SANS 2016 report on security awareness, more than 80 percent of security awareness personnel have a technical background, but also need soft skills such as communications, change management, learning theory, and behavior modeling, in order to be most effective.

MIT researchers set out to create self-assembling chips

The research revolves around the self-assembly of wires on chips. The wires would handle the biggest challenge in chip making. Instead of etching fine features onto silicon using existing methods, materials called block copolymers would expand and self-assemble into predefined designs and structures. The implementation of such self-assembly technology will involve adding one step into existing chip manufacturing technologies, said Karen Gleason, a professor at the department of chemical engineering at MIT. Today's manufacturing technology involves burning circuit patterns on to silicon wafers via masks using long wavelengths of light. Chips are currently being manufactured at the 10nm process, and it's becoming difficult to cram in smaller transistors using the same wavelength.

Ohio Air Force Base Trains Cyber Army

President Trump has called for “crippling” cyber warfare offensive capabilities and asked for a cyber plan within 90 days since he assumed the presidency. The New York Times has reported a joint U.S.-Israeli effort under prior administrations to launch the Stuxnet worm virus into a nuclear processing plant in Iran out of concerns that country was developing an atomic weapon. Domestically, one of the biggest concerns is a cyber attack would target the nation’s electrical grid. “That may be wrong,” Lewis said. “It turns out the biggest target the Russians were interested in was the electoral system. But I think people worry about the electrical grid as being vulnerable and we really don’t know how vulnerable it is. Some (utility) companies do a good job, others don’t. You can’t predict.

5 Ways CISOs Could Work Better with Their Cyber Insurers

Engaging with the information security organization can lead to better premiums by allowing the company to display the security culture that exists in the organization. A top-three broker reported that two airlines with similar cybersecurity postures achieved a 30% differential in the cyber insurance pricing, attributed to the confidence projected by an engaged cybersecurity team in the purchase process and the "culture of security" presented by the CISO. CISOs are an important party in the insurer selection process. For example, a Fortune 2000 technology company was using a leading managed security services provider to oversee its cybersecurity. However, the vendor was not on the insurer's incident response panel. This meant that in the event of a breach, the company would not be reimbursed for the additional breach response costs incurred with the managed security provider.

IT Salary Survey 2017: Tech Pay Holds Tight (For Now)

Executives and analysts have wildly different forecasts for IT hiring and salaries going forward. Based on interviews with dozens of CIOs conducted before and after the 2016 presidential election, management consulting firm Janco Associates in December sharply raised its tech hiring forecast from 90,000 to 136,500 new domestic IT jobs to be created in 2017. “After the election, CIOs were much more optimistic,” says Janco CEO Victor Janulaitis, pointing to the Trump administration’s promises to increase infrastructure spending, revise the tax system, bring jobs back to the U.S. and revamp the H-1B visa program. If those changes are implemented, “there will be greater need for U.S.-based IT resources,” he says

Revealing Secrets with R and Factor Analysis

Factor analysis is a classical statistics technique that examines data that has several variables in order to see if some of the variables are closely connected in some way. One of the standard "Hello World" examples of factor analysis is an examination of user ratings of different films. The idea here is that behind the scenes there are latent, hidden variables, such as movie genre, that explain the observed ratings. ... Another way you could use factor analysis information is to combine the raw variables that correspond to a latent variable, in order to reduce the dimensionality of the source data. The best way to see where this article is headed is to take a look at the screenshot of a demo R script. The script is named FactorDemo.R and starts by setting up and displaying a small 20-item data set of film ratings as just described.

No Quick Fixes For Small Business Cybersecurity

“The average small business owner is what we call trapped in a whirlwind,” Charles Rowe, president of America’s Small Business Development Centers, a trade association, testified before the House Small Business Committee. “They’ve got 5,000 things to worry about, and sometimes this is not the wolf closest to the sled.” Rowe advocated during Wednesday’s hearing for an interagency committee designed to help companies adopt cybersecurity best practices, similar to the Trade Promotion Coordinating Committee, which was created to aid exporters. Jim Mooney, cybersecurity chair of the National Association of Federally-Insured Credit Unions, urged the government to develop national cybersecurity standards for companies similar to those currently required for banks and other financial firms under the Gramm Leach Bliley legislations.

Smart Forensics for the Internet of Things (IoT)

Digital forensics is slowly developing as a solution to this problem. At its core, this brand of forensics is the process of identifying, preserving, analyzing and presenting digital evidence to the court of law. It does so using well-defined principles and accredited tools. IoT forensics has more areas of interest than traditional forensics. In addition to the traditional type of networks — wired, Wi-Fi, wireless and mobile — IoT also has the RFID sensor network. Different IoTware such as appliances, tags and medical devices should be considered as sources of evidence during investigation as well. The main challenge in investigating an IoT crime is introduced by the dynamic nature of IoT solutions. IoT is a combination of many major technology areas, which includes cloud computing, mobile devices, computers and tablets, sensors and RFID technologies. As a result, forensics for IoT will encompass all of these aforementioned areas.

Get ready for 2018’s changes to data protection laws

The GDPR will apply to companies that fall into two broad definitions: ‘controllers’ and ‘processors’. The definitions are similar to those defined in the Data Protection Act 1998 (DPA) in that controllers say how and why personal data is processed, and processors act on the controller’s behalf. If you are a processor, the GDPR will place specific legal obligations and liabilities on you; for example, you will be required to maintain records of personal data and processing activities. If you are a controller, you are not relieved of your obligations where a processor is involved. The GDPR places further obligations on you to ensure your contracts with processors comply with the GDPR. While the principles are similar to those in the DPA 1988, there are some additional requirements that UK companies need to be aware of. The most significant is accountability.

Quote for the day:

"What lies behind us and what lies in front of us pales in comparison to what lies within us." -- Ralph Waldo

Daily Tech Digest - March 26, 2017

Building a Data Governance Program with Data Modeling

A good Data Governance Program, Sandwell said, creates trust in the data, so that end-users see it as a valuable, accessible resource for decision making. The goal is to provide a program that is consistent, high quality, and understandable, making it easy for end users to derive value from the data. This, in turn, fosters transparency and accountability for data assets and their management, which is essential for “creating trust in your enterprise data,” he said. ... Data Modeling allows an organization to work out a plan before offering it up to users. It’s accepted that the right way to design relational databases is to take time for modeling, do the analysis, understand the challenges and risks, and work out the “what-if’s” before ever showing that database or offering it up for use.

There Is No AI Without IA

AI and cognitive computing are managed in the same way as many other information and technology governance programs. They require executive sponsorship, charters, roles and responsibilities, decisionmaking protocols, escalation processes, defined agendas, and linkage to specific business objectives and processes. These initiatives are a subset of digital transformation and are linked to customer life cycles and internal value chains. Because the objective is always to affect a process outcome, all AI and cognitive computing programs are closely aligned with ongoing metrics at multiple levels of detail-from content and data quality to process effectiveness and satisfaction of business imperatives-and ultimately are linked to the organizational competitive and market strategy.

4 challenges Artificial Intelligence must address

In order to prevent things from running out of control, the tech industry has a responsibility to help the society to adapt to the major shift that is overcoming the socio-economic landscape and smoothly transition toward a future where robots will be occupying more and more jobs. Teaching new tech skills to people who are losing or might lose their jobs to AI in the future can complement the efforts. In tandem, tech companies can employ rising trends such as cognitive computing and natural language generation and processing to help break down the complexity of tasks and lower the bar for entry into tech jobs, making them available to more people. In the long run governments and corporations must consider initiatives such as Universal Basic Income (UBI), unconditional monthly or yearly payments to all citizens, as we slowly inch toward the day where all work will be carried out by robots.

Blockchain development in Australia overseen by eight regulatory bodies

ASIC said it expects the application of DLT to grow exponentially over time, but noted its existing regulatory framework is able to accommodate the DLT use cases it has come across to date. However, as DLT matures, the government body anticipates that additional regulatory considerations will arise. "Our approach to developments in the fintech sector is to work to harness opportunities and economic benefits, not stand in the way of innovation and development," ASIC's guidelines state. "At the same time, we need to mitigate any potential risks of new business models through the use of new technologies." In reinforcing its regulatory remit, ASIC has established an Innovation Hub to help fintech startups developing "innovative" financial products or services to navigate its regulatory system.

'Blockchain Revolution' Authors Launch Enterprise Research Effort

Founded as a non-profit organization and based in Toronto, Canada, the group of founding members include Accenture, IBM, SAP, Digital Asset, NASDAQ, Pepsico, the Province of Ontario and Nuco Inc. The group is expected to spend its first year studying the impact of blockchain on eight industries, or "vertical opportunities", including energy, media, technology, healthcare and government. Associate members, including Hyperledger, Enterprise Ethereum Alliance and the Chamber of Digital Commerce, are then aiming to help minimize the amount of redundant work. "We don’t want to duplicate anything that’s already being done," Tapscott said. Including access to monthly webinars and a private website to view published material, the membership – which Tapscott expects will reach 30 by the time the program launches next month – will receive a custom executive report based on the institute's findings and aimed specifically at the members' demands.

4 Data Governance Best Practices To Kickstart Your Data Governance Program

As the saying goes, everything is bigger in Texas, and for data governance, it was the massive landscape of different industries and geographies coming together to create something significant and sustainable for effectively managing data. For many, the focus was to prepare challenges around data and analytics, including: Establishing effective information governance for better quality, privacy, and security; Maximizing the impact of business intelligence and MDM programs; Preparing for trends such as AI, Hadoop, Internet of Things (IoT) and blockchain; and Building and executing an effective, holistic data and analytics strategy. Organizations of all sizes and types were present at the conference to learn and shared about their data governance programs. It’s amazing to see how these organizations have transformed the process of enterprise data governance.

How data governance is now a strategic boardroom consideration in a data-driven world

Microsoft’s view is that the mindset of governance around data needs to change from being that of “data management” to “data as a strategic advantage”. Once the organization understands that the use of data can strategically change the way it does business, the requirement of the governing body (typically the board of directors) to become involved is obvious. After all, it is the board that is responsible for the overall strategy of the organization. And if the organization is to transform itself to become more of a “data business” then it is the board that is accountable for the success of that transformation. The digital transformation journey for Ryman Healthcare, a leading retirement village operator in New Zealand, started two years ago precisely that way. The management team initially set out to mitigate risks of documentation errors as they felt that it was risky to depend on manual and paper-based documentation, especially when it comes to patient care.

3 Data Governance Challenges Today's Companies Face

Some organizations have mastered data governance, but they are in the minority. As data volumes continue to grow, most businesses are finding it hard to keep up.  "You're going to do this one way or another," said Shannon Fuller, director of data governance at Carolinas Healthcare System. "You can do it in a controlled, methodical manner or you can do it when your hair's on fire." Poor data governance can result in lawsuits, regulatory fines, security breaches and other data-related risks that can be expensive and damaging to a company's reputation. "We don't have regulation about data lineage and reporting and all that, but it's going to come," said Fuller. "Do you want to prepare for that now or do you want to be like Bank of America and spend billions of dollars complying with the law? Most healthcare organizations don't have that kind of cash lying around."

Infographic: Hybrid IT is Becoming a Standard Enterprise Model

The research of 1,500 IT decision makers from multiple vertical industries across the US, Europe, Asia-Pacific and South Africa, reveals that hybrid IT is becoming a standard enterprise model, but there’s no single playbook to get there. Looking at the top motivators to move to hybrid IT by country, Hong Kong, UK and US companies highlighted end-user demand most often, while respondents in France, Singapore and South Africa most often noted cost. Malaysian firms listed hiring challenges, and German firms mentioned limited data centre capacity as the most common motivating factors. The Success Factors for Managing Hybrid IT report points to the fact that management of the hybrid IT environment (41% of respondents) is one of the top three challenges in deployment.”

Driving Improvements with Lean Pilots

The relationship between lean and agile is complex. Some agilists do not even see a direct relationship. Even those who recognize that agile mindset is based on lean principles of value delivery, reduction of waste, and system thinking, frequently have a perception that while lean is a manufacturing approach that focuses on minimizing costs by eliminating waste and improving process efficiencies, agile is just the application of lean mindset to software delivery with a set of processes around it. This is only partially accurate because agile, and specifically Scrum, bring two important concepts into lean: incremental delivery and cross-functional team-based execution. Our Lean Pilot framework implements lean six sigma DMAIC cycle at cadence using Scrum framework. DMAIC is a data-driven quality strategy used to improve processes. It is an integral part of a Six Sigma initiative, but in general can be implemented as a standalone quality improvement procedure.

Quote for the day:

"New capabilities emerge just by virtue of having smart people with access to state-of-the-art technology." -- Robert E. Kahn

Daily Tech Digest - March 25, 2017

The future of AI: 10 scenarios IBM is already working on

The approach of Karasick's team is ridiculously practical, since their mandate is to incubate technologies that could be useful to businesses. As you'd expect, a lot of things they're working on boil down to automation and big data. "The reason we use machine learning in these problems is because there's too much data," said Karasick, whose team at IBM Research contains a mashup of mathematicians and systems analysts. The team uses AI for three types of things: Develop industrial strength solutions; Make more efficient use of people; and Improve time-to-value. Karasick's IBM InterConnect session "Looking Ahead: The Future of Artificial Intelligence" offered a window into the AI projects IBM is already working on. Here's a quick summary of 10 of them.

What happens when every device is smart and you don't even know it?

"Could I attach my dog to the internet? Could I automate the process of ordering a taxi on my mobile phone? We're obsessed with could we problems. That's how we live our lives and careers, we invent things and we solve problems. We're good at 'Could we'," he said, also speaking at Cloud Expo Europe. No matter the reason why things are being connected to the internet, Thomson agrees with Hyppönen about what the end goal is: data collection. "The connectivity of those devices is impressive and important. But what's more important is how that's coming to bare across various markets. Every single sector on the planet is in a race to digitise, to connect things. And very importantly, to collect data from those things," he says.

An Emotionally Intelligent Computer May Already Have an ‘EQ’ Higher Than Yours

Researchers are learning to replicate human emotions in robots for a variety of applications. One example? Consider Wall Street stock traders, who have to make split-second decisions with millions of dollars of other peoples’ money. It’s a high pressure environment, and emotional health of employees isn’t typically optimal. This can lead to life-changing errors in judgment. Now, large businesses like Bank of America and JPMorgan Chase are partnering with tech companies to monitor the emotional health of traders in hopes of preventing serious mistakes, improving performance, and ensuring compliance. ...  Sony has announced plans to create customer service robots that will develop emotional bonds with customers. SoftBank’s Pepper— billed as an emotional polyglot robot and interactive humanoid— is another robot that has serious customer service potential.

Innovation under the hood will rev the engines of a fintech revolution

In recent years, financial services architecture has opened up in a way that we have never seen before. Data APIs like Yodlee, Plaid, and Quovo now make it easy for developers to pull user financial data. SDKs like Card.io make it easy to onboard payment cards into mobile apps, financial market APIs like Xignite pull live stock prices, and payments APIs like Braintree and Stripe make it simple for developers to accept payments. The combination of this development at the infrastructure layer, with what my partner Sarah Tavel notes as the growing distrust of traditional financial institutions, has created an opportunity for fintech startups similar those in internet and television: to create application layer companies with massive mindshare and value capture without having to innovate at the infrastructure layer themselves.

Infographic: A Beginner's Guide To Machine Learning Algorithms

Only recently have we been able to really take advantage of machine learning on a broad scale thanks to modern advancements in computing power. But how does machine learning actually work? The answer is simple: algorithms.  Machine learning is a type of artificial intelligence (AI) where computers can essentially learn concepts on their own without being programmed. These are computer programmes that alter their “thinking” (or output) once exposed to new data. In order for machine learning to take place, algorithms are needed. Algorithms are put into the computer and give it rules to follow when dissecting data. Machine learning algorithms are often used in predictive analysis. In business, predictive analysis can be used to tell the business what is most likely to happen in the future.

Pi-powered Linux computer:  Packs a keyboard and display into a phone-sized case

By turning the Pi into a ready to use computer, the Terminal gets around a fundamental limitation of the Pi, which generally needs to be hooked up to a monitor and keyboard for use on the move. The limitations of the Zero's specs mean the device is better suited to undemanding tasks such as coding, working in the command line, word processing or running old games in emulators, rather than using the web browser and other desktop programs. However, Node promises an alternate model of the Terminal will use the more powerful, but slightly larger, Raspberry Pi 3 Model B, which can run a desktop OS reasonably comfortably. Powered by a rechargeable 1,500mAh battery, the Zero Terminal can also be hooked up to a monitor and mouse, via its HDMI and full USB port, unlike the vanilla Pi Zero W, which requires additional adapters.

This Bitcoin Botnet is Vying to Be Future of Secure IoT

NeuroMesh's idea is to mimick the same tactics hackers use when trying to compromise machines in the first place – installing lightweight code that hijacks the kernel and then dials out to a command and control (C&C) server, adding the machine's resources to a botnet directed by the bot 'herder'. "We wanted to create a vaccine for IoT devices by first installing our own security software on the kernel," said Li. "It's like playing 'King of the Hill', so we become the only ones that can control the device." One of the main points of vulnerability for a botnet is an attack on the C&C server, something that's often observed when competing hackers try to knock their rivals' botnets offline and commandeer the devices. NeuroMesh's solution is to send commands to devices secured by their technology via OP_RETURN codes in the bitcoin blockchain – code that allows for the transmission of arbitrary data

12 Interesting Big Data Careers That Everyone Should Know

Ever wondered how people as young as 25-30 become CTOs and attain exponential growth in a short time? Sure, they have the talent, but they also take the right steps to grow in their career. They are very clear what they want to achieve and create milestones to make it. Like them, have you planned your career to succeed? If not, it is not too late to rework your career plan. If you are a graduate, then some data science opportunities await you. ... Beyond software industries, many industries like retail, manufacturing are turning to big data to ease the process of making efficient systems. In turn, they are leveraging the skills of data managers to improve operational efficiencies. Why wait? Follow these steps and take your career to new heights!

The 4 big ethical questions of the Fourth Industrial Revolution

Since these technologies will ultimately decide so much of our future, it is deeply irresponsible not to consider together whether and how to deploy them. Thankfully there is growing global recognition of the need for governance. Professor Klaus Schwab, Executive Chairman of the World Economic Forum, for example, has called for “agile governance,” achieved through public-private collaborations among business, government, science, academia and nongovernmental civic organizations. Wendell Wallach and Gary Marchant, both scholars in this area, have proposed “governance coordinating committees” or GCC’s that would be created for each major technology sector and serve as honest brokers. Whatever forms governance takes, and it will (and should) take many forms, we need to make sure that governing bodies and public discussion address four critical questions.

Future of the SIEM

Complex mission aside, one key shortcoming of today's SIEM products is their reliance on humans. "SIEM is, in that sense, more rule-based and expert-described," says Chuvakin. "That's a main weakness because at this point, we're trying to get developed tools to try and think for themselves." The dependence on human experts is a problem because there simply aren't enough of them, he continues. If a business needs five SIEM experts and its entire IT team consists of five people, they don't have the bandwidth to ensure the SIEM is effective. Amos Stern, co-founder and CEO of Siemplify, explains there is need for better SIEM automation and management of people and systems. Businesses often have several security tools in many silos. SIEM systems will need to connect these silos and automate processes and investigations across these tools, evolving to the point where they function as a "Salesforce for security."

Quote for the day:

"You should learn from your competitor but never copy. Copy,and you die." -- Jack Ma

Daily Tech Digest - March 23, 2017

Data Science Vs. Data Analytics - Why Does It Matter?

Well, you would ideally want to know what you’re getting yourself into when you apply to that dream position or need to make that crucial hire. But besides that, data science plays a huge role in machine learning and artificial intelligence. Being able to sift through and connect huge quantities of data, followed by forming algorithms and functions that allows virtual entities to learn from that data is hugely in demand in today’s marketplace. Machine learning is one of the most exciting developments in the tech world as the innovation continually impress. Take IBM’s Watson and its victory on Jeopardy!, or Google’s DeepMind beating the best human players in the world at the board game, Go. Both examples of our future mechanical overlords bringing us to heel under their cold metal boots . . . I mean, of the advances in machine learning.

Nail an IT project proposal

A good IT project proposal isn't a technical inventory. Business executives don't care that the stack will use hyper-converged systems with NVMe memory connected to the public cloud via pixie dust. Couch all messages in terms that make sense for the company (see Figure 2): What will the project do to better manage costs and risks within the business's operations? Does the change enable greater overall business value without changing the functionality of the company's existing products or services? Is output or margin increased, or both? Does the change enable a new product or service at a suitable margin? ... Consider what's important to your company when developing the IT project proposal. The proposed change doesn't have to better manage risk and cost, improve existing business and also bring a new offering to customers. Some organizations take on more risky initiatives if they can lower costs appreciably.

IRS makes tax refund scams harder but W-2 phishing attacks continue unabated

IRS anti-fraud measures, such as the recent introduction of a new 16-digit alphanumeric authentication code on W-2 forms, have made it harder for scammers to file fraudulent tax returns using only stolen W-2 data, says Adam Meyer, chief security strategist at SurfWatch Labs. So information such as the Adjusted Gross Income (AGI) number from previous year tax returns, for instance, has become a valuable commodity to criminals, Meyer says. Many tax-related forms have begun asking for that information and other data such as birth dates and driver’s license numbers as secondary authentication measures. “I think you are going to see a shift in cybercriminal tactics,” as a result of these changes, Meyer predicts.

How Google is riding the multi-cloud wave to win over the enterprise

Underpinning the Waze platform is more than 100 microservices, and each one is hosted across multiple availability zones and datacentre regions for resiliency purposes. “The most mission-critical ones are spread across multiple providers, Amazon and Google, so we can provide the best redundancy possible for our users,” he said. Waze’s desire to source cloud services from more than one provider was hastened by an eight-hour outage AWS suffered in 2015. “Our engineers made sure Waze did not crash on that day, and I’m happy to say it didn’t, but it came very close,” he said. “It was one of the triggers for us to realise we actually needed a multi-cloud solution, and can’t just rely on one provider. “This was before our GCP migration. We wanted to spin up our GCP cluster sooner, but we couldn’t do it because weren’t ready.”

How Banks are Leveraging Fintech Disruption

One of the biggest challenges in banking is meeting the needs of compliance, best exemplified by the arduous task of filling out forms and applications when applying for anything from a new account to a loan. These tedious processes often result in customers frequently returning to the bank due to missing information. Certain fintech start-ups such as QumRam make it possible to meet the extensive regulatory needs of the banking industry, while helping reduce fraud and streamlining the entire process for customers. Bank branch networks could leverage similar types of technology by providing customers the option to complete their forms in the branch within the waiting area or allow them to start the process at home and then complete the final stages at the branch level.

Defining a Data Risk Strategy for an Organization

The goals of the function need to be prioritized once cascaded from the organization. It is better to include the board and executive leadership to endorse them and it is suggested to take them along the journey. The function provides risk governance services that can be considered horizontal in the organization. The same will be pushed to business units, they like it or not. But, early collaboration across the organizational units in strategy analysis provides future buy-in to risk management activities. This would enable the units to participate in eliciting risks and decisioning on solutions related to data, in a council discussion, once the services are pushed to a division. The next step would be to come up with capabilities that would achieve the objectives of the data risk management function.

How companies can stay ahead of the cybersecurity curve

Forward-thinking companies are beginning to apply concepts like active defense and corporate social responsibility to cyberspace. As cybersecurity regulations take shape, companies can choose to stay in the vanguard of progress – or simply react, following the rules as they develop. Managers must think in new ways about data, communications, business law and even the ethics of trading off potential corporate benefits against risks to consumers’ privacy. At stake is not only a firm’s reputation but also, potentially, legal liability for failing to follow emerging industry standards. For example, Consumer Reports recently announced that it will be rating companies’ cybersecurity and privacy practices. Businesses of all types, not just tech-centered ones, can help keep themselves in the clear by putting cybersecurity at the forefront of their risk management efforts.

Data Leakage And The IIoT

In the past, the complexity and size of an operation generally provided safeguards against data theft or leakage. But with commonly used data mining tools, it’s now possible to separate out meaningless shop floor data and hone in on the important events, which roughly adhere the 80/20 rule. Add in multiple companies and begin correlating bottlenecks and other noteworthy industrial events, and that data suddenly becomes much more valuable to a lot of people—makers of equipment, government or industry policies, marketing groups, as well as the highest bidders within a particular industry or those looking to invest in an industry. “It used to be that an employee would take out data they downloaded onto a USB,” said Ford.

Look Before You Leap: 4 Hard Truths About IoT

Harsh environments raise the odds that a sensor will generate bad information: Weather, vandalism and pests are among the many dangers. For better results, enterprise IoT users may need to calibrate their sensors, install redundant nodes or use one type of sensing device, like a camera, to monitor another. Artificial intelligence can help solve the problem by weighing inputs from multiple sensors to reach accurate conclusions. For example, doctors can monitor a patient with wearables that measure different vital signs and can be checked against each other. Also, filtering out readings that aren't needed -- like 1,000 consecutive reports that a pipeline hasn't cracked in the last five minutes -- is a big part of what edge computing is designed to do.

Hackers threaten to wipe millions of Apple devices, demand ransom

The group said via email that it has had a database of about 519 million iCloud credentials for some time, but did not attempt to sell it until now. The interest for such accounts on the black market has been low due to security measures Apple has put in place in recent years, it said. Since announcing its plan to wipe devices associated with iCloud accounts, the group claimed that other hackers have stepped forward and shared additional account credentials with them, putting the current number it holds at over 627 million. According to the hackers, over 220 million of these credentials have been verified to work and provide access to iCloud accounts that don't have security measures like two-factor authentication turned on.

Quote for the day:

"In order to be irreplaceable one must always be different." -- Coco Chanel

Daily Tech Digest - March 22, 2017

Our future mobile device screens might be made of silver

The team says that the silver coating was able to guide light roughly 10 times as quickly as other metal waveguides, which could make the silver film useful for boosting computer power and reducing energy usage, as well as serve as a base for reflective displays, flexible screens, and touch screen panels. The silver film was also used in experiments to conduct visible and infrared light across its surface and created dense patterns a fraction of the size of today's usual methods to transport light through transparent screens for analysis on the other side. The light waves shrink and travel as what is called "plasmon polaritons," which allows information to travel in a way far more like optic cables than copper wiring. This, in turn, means that the silver film may one day have applications in increasing computer chip processing power.

Why AI will rule all UIs

"AI is the new UI" may be a cliché now, but back in 2011 when Apple first released Siri the capability to control a mobile device by talking to it through an intelligent assistant was revolutionary. Granted, Siri wasn't as smart as HAL in the movie 2001: A Space Odyssey or Eddy, the shipboard computer in The Hitchhiker's Guide to the Galaxy, but it made enough of an impact on consumer technology to spawn a stream of similar intelligent assistants. Siri was soon followed by Amazon's Alexa, Microsoft's Cortana, and Google's Assistant. And these will likely be joined soon by many others, including Samsung's Bixby, which is based on technology Samsung acquired when it bought Viv, a company founded by the people behind Siri.

FinTech - How New Technologies Are Transforming The Banking Sector

Big Data is becoming a cornerstone of the financial industry, both for startups and established financial service firms. This technology helps to curate, consolidate and analyze financial data from markets, social media, and other sources. Advances in machine learning provide greater insights and better customer experiences and enables predictions of future behaviour. Social networks help to create references and communities that reduce customer acquisition costs, enable lower account value marketplaces and facilitate the growth of the sharing economy. All these developments are leading to more innovations in the fintech industry. Blockchains, the underlying technology of cryptocurrencies like Bitcoin, may even disrupt the very way the financial services industry works.

Alleged CIA hacking documents reinforce need for SSL traffic inspection

WikiLeaks alleges that the CIA has a dedicated project, called HIVE, which is a multi-platform malware suite that provides command and control (C2) over “customisable implants for Windows, Solaris, MikroTik (used in Internet routers) and Linux platforms and a listening post (LP)/command and control (C2) infrastructure to communicate with these implants.” HIVE specifically uses SSL (HTTPS) to cover its tracks, according to WikiLeaks. While the use of SSL for Command and Control of malware is increasingly common, HIVE went a step further and introduced the use of client-certificate authentication, a technique that allows them to mitigate the risk of SSL interception, WikiLeaks alleges.

Phishing Your Employees for Schooling & Security

Most security awareness training I've seen ends with a basic multiple choice test. These tests are only a partial measurement of whether or not the pupil can put that knowledge to use in the real world. Take a driving test, for instance. Sure, there's a written test, but you wouldn't allow a teenager on the road until after he passed the practical one, too. ... By sending fake phishing emails, you can learn which ones your users fell for most often. Was there a certain type of email that contained a certain "lure" that tricked your employees? Perhaps that might be a missing piece you can add to your next phishing training, or a concept you haven't covered in enough detail. ... Your fake phishing emails should immediately inform the user when they clicked on a bad link. The goal isn't to shame the user — that's detrimental to education.

Embedded security a high priority for IoT designers

The idea of embedded operating systems is not a new one. For years, we have had devices that contain microprocessors to carry out specific functions. Because, for the most part, these devices were not connected to the internet, security wasn’t a major concern. The simple fact that devices were standalone – and the obscurity of the operating system itself — made them relatively secure. Introducing a connection to the internet, though, removes some of that inherent security. Embedded security, then, is the overall term for protecting the software, hardware, and hardware systems in these devices. Essentially, since every point of communication is a potential path for hackers, engineers must consider the entire device and identify all of the attack surfaces in order to keep it secure.

How CIOs can apply IT supplier management skills to digitisation

In The Digital Matrix, Venkatraman describes how the company that pioneered moisture-wicking sportswear fabrics acquired MapMyFitness, Endomondo and MyFitnessPal, giving the company 300 developers and 150 million active members. Customer data is now driving the company’s strategy. Beyond selling products, Venkatraman says Under Armour has branched out to create vibrant communities, such as those in LinkedIn and PatientsLikeMe. Under Armour has been collecting the data community members have been actively uploading about their lifestyles, such as the food they eat and the gear they use for fitness, Venkatraman says. “Under Armour is taking a [lifestyle] solutions view: I want to know what you eat, how you sleep, how many steps you’ve taken, then I will benchmark you against other people and give you incentives to improve your lifestyle,” he says.

ARM Unveils New Chip Design Targeted at Self-Driving Cars, AI

The new design can handle up to eight processor cores of varying size on a single chip in almost any configuration. That will give customers more flexibility than ARM’s existing designs, Nandan Nayampally, general manager of the company’s Compute Products Group, said. This is especially true in cases where a device has to switch rapidly between different tasks, for instance, using neural networks for facial recognition one moment and then handling a voice call. He said DynamIQ would be more efficient than existing architectures because the processors can share memory and switch rapidly between tasks with different power requirements. The technology will also work well in devices like industrial robots and self-driving cars that require high levels of safety and redundancy and have to process most computing tasks locally, Nayampally said.

How the internet of things is disrupting tech staffing: Part 2

Many businesses are eager to capitalize on the many benefits of the fast-growing internet of things (IoT). But as IoT continues to develop, tech labor and skills supply-and-demand constraints will interfere with businesses' efforts to make the most of the digitally driven business opportunities associated with IoT. To help companies prepare for the opportunities IoT will present, Part 1 of this series looked at key jobs and skills in two areas: the "things" side of IoT and the connective tissue between the "I" and the "T." In Part 2 we focus on three more hot labor segments which will put businesses in a position to make the most of IoT: big data, IoT cross-skilling (of hardware and software professionals), and an assortment of skill specialties with big IoT payoffs.

Automation generates high profile jobs – and they’re up for grabs

Since automation methods are ever evolving, we usually design the solution based on an agile approach for a quicker and more reliable implementation. In the current set up, it is estimated that there are around 40% to 80% manual activities that will be automated in the next year or two, which is a huge undertaking and will require a large number of automation engineers. But they won’t be working alone; agile project managers, analysts and automation development engineers will also play a big role. The following table shows a summary of other high profile jobs created by automation. ... Automation engineers and others who aspire to get involved with artificial intelligence based automation must understand artificial intelligence, predictive analytics and machine learning.

Quote for the day:

"Successful people make the most of the best and the best of the worst." -- Steve Keating

Daily Tech Digest - March 21, 2017

12 Challenges Facing IT Professionals (and some ways to deal with them)

Technology advances rapidly and shows up in media on all sides. This means users, managers at all levels and even competitors pressure IT staff to implement this new technology just because it is new. The real challenge is deciding which of these new technologies will work to the best interest of advancing the organization and which is better to avoid for now. Organizational priorities and long-term goals tend to remain relatively static. Technology has become much more fluid and changes more rapidly. IT management must evaluate the organizational value each technology offers to determine when and if it is a good fit. New technologies such as cloud, big data, virtualization and mobility all become tools for experienced IT managers who understand their organization's priorities.

Competing in the Age of Artificial Intelligence

In simpler times, a technology tool, such as Walmart’s logistics tracking system in the 1980s, could serve as a source of advantage. AI is different. The naked algorithms themselves are unlikely to provide an edge. Many of them are in the public domain, and businesses can access open-source software platforms, such as Google’s TensorFlow. OpenAI, a nonprofit organization started by Elon Musk and others, is making AI tools and research widely available. And many prominent AI researchers have insisted on retaining the right to publish their results when joining companies such as Baidu, Facebook, and Google. Rather than scrap traditional sources of competitive advantage, such as position and capability, AI reframes them. (See Exhibit 2.) Companies, then, need a fluid and dynamic view of their strengths.

New bug lets hackers temporarily kill your Google Nest Cam

The flaw, discovered by Jason Doyle and published on GitHub, can be exploited when the attacker is within Bluetooth range of the device. Doyle stated in his GitHub post that he initially reported the bug to Google on October 26, 2016, but that he has since made the information public. Google acknowledged the bug, but didn't let him know if it had been patched, he said in an interview with The Register. If an attacker was able to knock the cameras offline for the maximum amount of time, they would be able to slip past them undetected. The bug presents an even bigger issue for some small businesses, who may use the Nest Cam and Dropcam Pro as CCTV tools or security cameras. The issue, according to Doyle's post, is that Bluetooth connectivity is never disabled after the initial setup of the device. Using Bluetooth, the camera is supplied with a different SSID, which causes it to leave its current Wi-Fi network in an attempt to associate with it.

Self-Driving Cars’ Spinning-Laser Problem

One problem is apparent from a casual glance at a prototype car: lidar sensors are bulky. They are why vehicles being tested by Waymo, Alphabet’s self-driving-car unit, are topped by a giant black dome, and Toyota’s and Uber’s sport spinning gadgets the size of a coffee can. ... Better lidar is a core part of Waymo’s plan to make self-driving cars a mass market and a profitable proposition. The company has developed three different sensors that look for objects at different ranges. They would be an important and attractive part of the bundle of technology the company says it will license to established automakers. Waymo is not the only one spending millions to address lidar lag. Last year Ford and Baidu, the Chinese search company investing in self-driving cars, jointly invested $150 million in Velodyne, the world’s leading lidar supplier.

Blockchain and IoT: Automating machine transactions in the fourth industrial revolution

In the past, a common correlation technology (referred to as an Event Correlation Engine) handled event filtering, aggregation, and masking. The next approach, which has roots in statistical analysis and signal processing, compares different time series detecting when there is correlated activity using correlation, cross-correlation, and convolution. Recently, a new wave of machine learning algorithms based on clustering applies a kind of smart filtering that is able to identify event storms. While these techniques are useful and do make life easier by reducing the number of events entering investigation, they do not answer the key question at hand: “What is the root cause of a problem?” Understanding how two time series correlate does not imply which one caused the other to spike. Such analysis does not imply causation. To get beyond that, we need to understand the cause-effect relationship between data sources.

Robots won’t take your job—they’ll help make room for meaningful work instead

David Autor, professor of economics at MIT, adds that the remaining non-automated tasks “tend to become more valuable.” This is because automation is likely to take over mundane or repetitive tasks, leaving professionals more time to do the things that really require their skills. For instance, automation will help mortgage-loan officers spend less time scouring paperwork when processing loan applications and free them up to issue more mortgages. ... This trend is even true in the era of artificial intelligence (AI). In the legal sphere, a bot’s ability to sift through large volumes of legal documents using software during the “discovery” phase of a trial was thought to reduce the number of the legal clerks and paralegals who traditionally performed this role. Instead, by reducing the cost of discovery, automation increased demand for it. The number of paralegals has increased since the introduction of discovery software in 1990.

Storage fails the business as data balloons, survey finds

For a sizeable majority (71%), data volumes are increasing by 27% a year. This amounts to storage being seen as a brake on digital transformation projects. Those are some of the findings of a survey carried out for open source software supplier Suse, which questioned 1,202 senior IT decision makers in 11 countries. The survey found that while two-thirds of UK businesses (66%) say demands from the business for IT to be more agile have increased in the last two years, more than half of them (58%) struggle to make storage sufficiently responsive. Almost all UK respondents are concerned about data growth and storage slowing down digital transformation initiatives (91%). The main frustrations with existing storage solutions are overall cost (83%), performance concerns (77%) and an inability to support innovation (74%).

Bridging the gaps in data lineage: FIGI and the future

The lack of a standard framework to reconcile data sets across business functions or asset class allows the problem of poor data quality to persist by disrupting data lineage and hampering efforts to improve data management controls. To bridge the gap and address this problem, some financial and data professionals are considering how an instrument identification framework can support the data management process. Specific to this need, more than 76 percent of firms surveyed by Tabb called for an instrument identification framework that uses open and freely distributable identifiers. Almost a quarter of asset management firms surveyed said they were embracing the Financial Instrument Global Identifier (FIGI) expressly to address data quality and operational reconciliation issues.

IBM unveils Blockchain as a Service based on open source Hyperledger Fabric technology

Although the blockchain piece is based on the open source Hyperledger Fabric project of which IBM is a participating member, it has added a set of security services to make it more palatable for enterprise customers, while offering it as a cloud service helps simplify a complex set of technologies, making it more accessible than trying to do this alone in a private datacenter. “Some time ago, we and several other members of the industry came to view that there needs to be a group looking after, governing and shepherding technology around blockchain for serious business,” Cuomo told TechCrunch. The Hyperledger Fabric project was born around the end of 2015 to facilitate this, and includes other industry heavyweights such as State Street Bank, Accenture, Fujitsu, Intel and others as members.

How to stop your smart devices from spying on you

There aren’t many options, if the WikiLeaks dump is true (CIA officials have refused to confirm or deny the content of the documents, suggesting it’s probably true). This has been dubbed a “zero-day exploit” because there is zero warning, and no time to prepare for this hack. Because information is transferred through networks you could theoretically disconnect your devices from WiFi and cell service, but that would render them, in many cases, virtually useless for their purposes, particularly in a world of increasing hyper-connectivity. If you want to ensure privacy in a given moment, ensure that all devices around you are unplugged, with batteries removed when applicable. Other good steps to protect yourself include standard safe online practices: download updates immediately, don’t click suspicious links, run regular malware scans and turn your devices off when you don’t need them.

Quote for the day:

"If you torture the data long enough, it will confess." -- Ronald Coase