If a developer cannot easily see how to get their code into production, or the path that needs to be taken is convoluted, then, for Hill, chances are features are not being released as quickly as they could be. The situation at JLR, which is unique to certain industries such as automotive, is that there is heavy use of embedded devices. “When we are putting software into vehicles, we do not have the luxury of a web developer,” said Hill. Clearly, it is not feasible to spin up a fleet of vehicles to run automated test suites. Instead, he says the team has to rely on virtualisation and software-based infrastructure to enable it to build code that is representative of the operating environment of a production vehicle. People often argue that the cultural change is harder than the technological change, but like JLR’s heavy reliance on embedded systems, some technologies can prove immutable.
On the value side of the equation, there is not a well-defined measure for data value. The value of data is really a measure of business value as a result of using or analyzing that data in some way. In addition, there is a correlation between the amount of data kept, how accessible that data is, and its value. For example, having more data makes all of the data more valuable if the use of the data depends on a historical trend. For example, use of machine learning is already changing the value of larger data sets because most machine learning algorithms work better when trained with large amounts of data. The area under the curve represents the amount of data that is created but not stored because its value is perceived to be lower than the cost to keep it.
The increasing depth and volume of personal and corporate data make it a more rewarding target for cyber crooks and state-sponsored espionage or sabotage. At the same time, greater connectivity provides more potential attack vectors. This makes industry, governments and individuals uneasy and unsure how to prepare. Predicting the exact nature of future threats and how to combat them is difficult, but a new study from The Internet Society (ISOC) offers credible insight. ISOC was founded by internet pioneers Vint Cerf and Bob Kahn in 1992 “to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world.” On September 18, ISOC released its Paths to our Digital Future report, which sheds light on how the development of the internet might continue to service everyone.
"It was this willingness to fail and trying to get things right eventually finally that led us to this very beneficial way of doing business," Misener said. The key to innovation is experimentation, Misener told the crowd. And to experiment, you have to fail. "The whole idea is this: if you really want to be innovative, you have to experiment. If you know the outcome of what you're going to do, it's not an experiment. It's more like a demonstration." Misener said too many people confuse real experiments with the type of you do in a school science class. "Undoubtedly your teacher knew what the outcome was supposed to be and you probably knew what the outcome was supposed to be," he said. "The reason? You weren't doing an experiment, you were just rehashing an experiment that was done decades, maybe centuries ago.
Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software. “There is nothing a user could have noticed,” Williams said, noting that the optimisation software had a proper digital certificate, which means that other computers automatically trust the program. In a blog post, Piriform confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner while only 5,000 users had installed the compromised version of CCleaner Cloud.
Duric says the information security community should work on raising awareness about the need for privacy among regular people/Internet users. At the moment these efforts are being obstructed by Internet conglomerates, he notes, just as the tobacco industry hindered awareness raising about the dangers of smoking and passive smoking all those years ago. But those who were fighting the good fight persevered, and today everybody knowns about those dangers, and can choose for themselves whether the option is worth the risk. People need to be aware that the great power Internet giants have over us could lead to great abuses, and ask themselves what can go wrong if they choose not to protect their communications. But also, companies that sell security need to find good ways to do it – adapt methods that have worked in the past for other vendors, both for physical and digital security.
"Ultimately, when a company is faced with losing $10 million a day, or paying a $10 thousand ransom, executives may see a strong business reason to pay.” It’s an IT security issue but needs to be understood company-wide. “But there are also potential legal implications of paying a ransom, including US sanctions laws and anti-money laundering controls that companies should explore with counsel,” Rosen said. “Cyber security hygiene is a growing and an important component to any major business, and I think it’s only going to continue to grow. “Hackers will find new ways to infiltrate networks, and whether it’s the broadcasting and media industries or some other sector, as long as there is a desire for what you have or to manipulate what you’re doing, the threat of cyber-attacks will continue,” Rosen stated.
If your real-time apps are a big part of everyday life for users in your company, don’t believe the hype and dump your MPLS network without thorough testing. Ask yourself questions like “Will having unreliable call quality hurt our customers’/prospective customers’ impression when they call our company, as they review a bid from our competitor?” Or “Will it slow our employees down if their app is unreliable or slow?” Those little things make for big losses. Put it this way… if your company has sales of only $25 million/year, a mere 1 percent loss in sales (due to lost customers, etc.), equates to a $250,000 loss. Add this to money lost from lost employee payroll efficiency and you can see how the execs will not be happy with dropped calls, glitchy apps, etc. And a $25 million company doesn’t have a big enough WAN to save $250,000+ from ditching their MPLS.
Nick Viney, vice-president consumer at McAfee, said this insight into the widespread uninspiring view of careers in cyber security makes it clear that fixing the cyber skills gap will require more than an updated curriculum. “However, teachers are not to blame,” he said. “Our sector needs to attract new talent, but that won’t happen if the industry cannot convey the wide variety of available job opportunities or the fast-paced and challenging nature of careers. “The view of cyber security needs to change at a national level. While updates to the curriculum could help plug the skills gap and inspire a new generation of cyber experts, it won’t come into effect straight away. Instead, we need to foster new education models and accelerate the availability of training opportunities for all.”
Quote for the day:
"In any leadership position, the most important aspect of your job will be getting your team to work together." -- Dale Brown