Daily Tech Digest - October 31, 2017

Over half (54%) of German IT and Security Staff confess to Snooping on Sensitive Information about their Company’s Performance
“Despite having a reputation for taking privacy far more seriously than many other nations, including many in Europe, the German people appear to have an unhealthy interest in poking their noses into their employer’s business. “The fact that over half of German employees had attempted to uncover sensitive business information, and 80% had gone looking for other business data outside of their job requirements, suggest a potential insider threat issue for businesses in the country. “Even though the perennially conservative Brits were less nosey, the suggestion that 42% had gone looking for sensitive company information is about 42% higher than most internal security departments would be happy with.


Will Stronger Borders Weaken Innovation?

“Restrictions on visas, restrictions on talent movement, how easy it is to share technology and knowledge — none of these were issues we were talking about before our 2016 strategy review, and now they’re on our radar screen,” says Robert Pagano, chief executive officer of Watts Water Technologies, a U.S.-based global provider of products and solutions for the plumbing, heating, and water quality industry. Watts Water Technologies conducts R&D in North America, Europe, and Asia. As companies plan for their future R&D activities, says Pagano, “they will need to look at various scenarios based on the current and potential environment. The key is that you have to be flexible now, and careful not to commit [over the] long term to potential political hot spots. Uncertainty breeds uncertainty.”


Transparency: The key to risk management


Senior management needs to understand that ESG violations can cause not only reputational damage, but also serious financial risk, including loss of access to capital, regulatory fines and even criminal proceedings. The now defunct British Home Stores (BHS) was a pillar of society in the UK, but its public image of respectability obscured fraudulent behaviour by its former owners, Sir Philip Green and Dominic Chappell, who are being investigated by liquidators to determine whether they breached their duties. In April 2016, BHS went into administration, causing 11,000 job losses and leaving a £571million pension deficit. A parliamentary committee inquiry into its failure concluded that BHS had been systematically misappropriated by its directors. Following a public outcry, Mr Green agreed to pay £363million into the company’s pension scheme.


University of Manchester launches city fitness application


App users will be able to set a personal daily steps goal. Then, by plugging into other active CityVerve projects, BeeActive will offer users missions to accept. For example, if the app detects its user is on a bus, traffic is slow and the weather is fine, it might suggest getting off and walking the rest of the way. It will also include an educational component, pushing notifications about sites of historical interest, for example. “This is a really exciting opportunity to become part of Manchester’s technology demonstrator project, which could help shape the future of the way we engage with technology,” said Charlotte Stockton-Powdrell, BeeActive project manager. “It is also a chance to explore the city of Manchester, to learn more about its history and, of course, to increase your activity in a fun way.”


AI in the Boardroom: The Next Realm of Corporate Governance

Part of what’s driving the use of AI in health care is the fact that the cost of bad decisions is high. That’s the same in business, too: Consider that 50% of the Fortune 500 companies are forecasted to fall off the list within a decade, and that failure rates are high for new product launches, mergers and acquisitions, and even attempts at digital transformation. Responsibility for these failures falls on the shoulders of executives and board members, who concede that they’re struggling: A 2015 McKinsey study found that only 16% of board directors said they fully understood how the dynamics of their industries were changing and how technological advancement would alter the trajectories of their company and industry. The truth is that business has become too complex and is moving too rapidly for boards and CEOs to make good decisions without intelligent systems.


Exquisite Skills Your Development Team Must Have


It is important for them to keep in mind that customer obsession wins over the business competition. They should look to inculcate all possible pattern defining and data mining techniques to make the solution predictive and adaptive for the user. There are many very successful companies like Amazon who have exemplified the use of advanced technologies for first fuelling and then boosting their businesses. Another killer technology that felicitates business growth is machine learning. ... It is crucial for the chief architect in the development team to be aware of the new technologies know multiple frameworks in and out for a wise choice of the architecture and the platform of the business solution. Also, they must be smart enough to take decisions on the basis of their advantages and deployment of the same if needed.


How do banks charter their way to better data privacy?

thinkstockphotos vault safe bank door
The recent and coming regulations are pushing to reduce the risks related to data management on both side: integrity of the data and confidentiality of those data. Numerous regulations are already published and applicable in the U.S. Dedicated regulation will focus on the data life cycle. Other will protect the client confidentiality with cyber protection effort such as the NYS-DFS 500-23 regulation in New York. The industry leverages various frameworks either based on regulatory sources or best practices to ensure the proper identification of what needs to be protected. Unfortunately, in an intertwined ecosystem pulling a string brings all the ecosystem. This issue is faced by both front office side with the definition of the scope of data to be protected, the back office with a similar effort on the application or the IT with all the underlying infrastructure.


How is the big switch to the public cloud working out?

Microsoft has led their on-premises franchise right into their cloud and now they’re trying to expand. But I think they’re missing something important: [the] critical mass of enterprise applications. ... Strategically, I find this interesting, as most everything important in an enterprise IT landscape revolves around those beefy, mission-critical apps. All data captured leads there: web data, IoT. All business decisions are made there: analytics, big data, ML, etc. All actions within a business are driven by enterprise apps. ... The mainstream press points at Amazon as the “market leader”. True, by revenue, mostly IaaS. But there’s a whole lot of enterprise workloads left to go to the cloud. And if you’d like to get an IT manager riled up over dinner, ask them how their AWS experience is going.


Vietnam's Central Bank Announces Ban on Bitcoin Payments


The moves comes as part of a new legal framework for cryptocurrencies instigated by Vietnam's Prime Minister Nguyen Xuan Phuc. That process has now been completed and the framework submitted to the government, the State Bank indicates. Local reports suggest that the ban may already be having an impact on local institutions. News source VietnamPlus said that FTP University in Hanoi, which recently announced it would allow students to pay for tuition in bitcoin, could now be forced to reverse that decision. Representatives of the State Bank reportedly stated that, if the university continued to treat bitcoin as a "legal means of payment," it would be "committing an act of violation under the current law provisions, and may subject the university to the appropriate sanction."


How penetration testing can prevent web application attacks

Regular web application penetration tests can find security problems in websites and web applications. Testers review server systems, static content and server-side programs that implement the application logic to identify insecure development practices in the design, coding and publishing of software. Penetration testers will also provide recommendations for improving your security posture. Depending on the vulnerability, they might advise adjusting the organisation’s processes to keep untrusted data separate from commands and queries, developing strong authentication and session management controls, or separating untrusted data from active browser content. IT Governance offers fixed-price and bespoke CREST-accredited penetration tests, and all our tests are followed by reports that rank and rate vulnerabilities in your systems.



Quote for the day:


"Maturity isn't when you start speaking big things, its actually when we start understanding small things." -- Unknown


Daily Tech Digest - October 30, 2017

tlc ssds
We’re starting to see more SSDs that use triple-level cell (TLC) NAND technology. TLC can store three bits per cell. By comparison, one bit single-layer cell (SLC) SSDs offer the best performance at the cost of higher prices and lower capacities, and multi-level cell (MLC) SSDs store two bits per cell. ... TLC drives offer greater data density, in other words, which in turn can be used to increase the capacity of SSDs, or offer standard SSD capacities at lower prices. But TLC’s sustained write performance is comparatively poor—in some cases exceedingly. If you move large amounts of data, transfer speeds for these drives can fall off a cliff once you’ve exceeded the SSD’s cache. The problem isn’t universal, and it won’t matter if you don’t move big batches of files, but storage makers don’t advertise this potentially crippling SSD problem.


At the point where a robot or AI is responsive to your personal needs and highly personalized, there likely will be some emotional connection between robot/AI and you. Yonck says someone could actually become grief stricken at losing such an intelligent agent which was knowledgeable about them personally. “If that was to go away, it could be traumatic,” he says, perhaps akin to losing a pet. As we age, then, robots may be in our future. At elder-care facilities, robots could assist human staff, perhaps deliver meals and medication, maybe even provide companionship by reading stories or playing games. In the home, personal robots might offer reminders to take prescriptions, monitor your health, make phone or video calls for you and summon help in an emergency. These are good uses for this burgeoning technology.


AI in Marketing: 10 Early Use Cases


Two big AI advances have changed online searches -- and search engine optimization: voice search, and Google's RankBrain. Innovations like the Amazon Echo, Google Home, Apple's Siri, and Microsoft's Cortana make it easier for people to conduct searches with just the press of a button and voice command. That means the terms they're searching for are changing, too -- now, instead of typing in "restaurants in Boston," users can ask a device, "where should I go to dinner tonight?" RankBrain is Google's machine-learning algorithm that was created to deliver more relevant search results. It interprets queries and, using the power of AI, serves up the best possible results according to what it interprets from the language. For example, if you searched for "president" on Google in the United States, RankBrain might interpret that you wanted information about the current president and would serve you information about the individual -- and not just the office of government.


How Retailers Can Use Right Time Marketing

How Retailers Can Use Right Time Marketing
Mobile seems to be the holy grail of marketing this year, social is more imperative than ever, and multi-channel and omni-channel strategies are expected of every retailer who wants to keep up with today’s consumers. Just as notable, where real-time and instantaneous messaging were once considered to be the answer to every marketing situation, retailers must now strive to take personalization a step further and implement strategies to market to a consumer at the RIGHT time with the right message and through the right channels – which is the concept behind Right Time Marketing. So while you may not have a crystal ball to always determine the best strategy for each customer and prospect that interacts with your brand, the right blend of marketing data, technology and analytical solutions can get you close to just the right answers.


The 10 best antivirus tools for Android

android malware
By 2019, mobile malware will comprise about 33 percent of all malware reported in standard tests, up from 7.5 percent today, according to Gartner’s August 2017 “Market Guide for Mobile Threat Defense Solutions.” Though iOS devices aren’t immune from malware, “The mobile malware threat is primarily coming from Android,” said Dionisio Zumerle, research director at Gartner. The threat should be a concern for all companies with Android users, he said—especially those with large fleets of Android devices or that are in high-security verticals such as finance, healthcare, and government. Android malware is getting more sophisticated, too. Consider DoubleLocker—Android ransomware that IT security firm ESET recently detected. DoubleLocker is capable of changing a device’s PIN, preventing users from accessing their devices. It can encrypt the data on the device.


LG IoT Security Bug Highlights Risks Of Home Automation

The risk of poor IoT security isn’t limited to renegade vacuums, however: even as home video cameras and other appliances are relentlessly probed for vulnerabilities, the risk of vulnerabilities in medical devices or industrial-control sensors – which could potentially cause injury or death – have let to prioritisation of the need for urgent improvements as IoT reshapes the future of device security. LG Electronics responded quickly to the Check Point alert, remotely updating what LG manager of smart development team Koonseok Lee said in a statement was “an advanced rooting process designed to detect security issues”. The patched and updated SmartThinQ kernel has been running “smoothly and issue-free” since then, Lee said. This seemingly smooth patch process belies the experience of most IoT device makers, which have been notoriously lax on security in their devices.


Scaling Agile - Slice and Understand Together


While the various scaled frameworks provide a useful framework for the quarterly big room planning, where all teams and stakeholders get together for a couple of days, and while most organizations know how to do sprint planning, many struggle with getting 100% ready for the big room planning. This is where scaled planning with 1. slicing and 2. master planning comes in. ... Perhaps you might think you have it in place, and then you start planning and developing, and find out that actually you did not have a deep enough common understanding. What I’ve learned over the years is that the only way to find out if you’re actually ready for planning and developing is by starting planning and developing. And chances are the first time(s), you’re not ready. That’s okay, or at least it is very normal. Then you know that for next time. You have learned something.



How to make confusing privacy policies usable

First and foremost, not everyone has a law degree—a requirement to understand the legalese rampant in privacy policies. Another reason is the cost. My TechRepublic article Reading online privacy policies costs us $781 billion per year was written in 2012; one can imagine what the amount would be today. ... Unfortunately, things have gotten worse. "People are confronted with terms of service agreements and privacy policies all the time," writes Florian Schaub, assistant professor of electrical engineering and computer science at the University of Michigan, in The Conversation column Nobody reads privacy policies - here's how to fix that. "Regulations requiring these notices aim to ensure that consumers can make informed decisions, but current privacy policies miss the mark."
It's unclear what information is collected and who sees it


Cybersecurity and the CFO: Risk, Responsibility and Resilience

Cyber threats aren’t going anywhere and you can’t have a complete picture of risk if you don’t understand your organization’s security stance. If the CFO doesn’t work closely with security colleagues, cybersecurity investments will not be aligned to business objectives, and may fail to protect the company’s most vital assets and mitigate the risks that carry the highest damage potential. A McKinsey-World Economic Forum study of cybersecurity risk management practices found that “Senior-management time and attention was identified as the single biggest driver of maturity in managing cybersecurity risks—more important than company size, sector and resources provided.” Cybersecurity performance and ROI can’t be measured the same way that revenue and operating costs can.


Anatomy Of An IT Strategic Plan In The Era Of Digital Disruption

Experts and CIOs agree that effective IT strategy begins with an IT-informed business strategy. CIOs must be intimately involved in the creation of those documents and other artifacts that provide direction about what the enterprise needs to do, why it needs to do it, and how it will accomplish that. Only then can IT leaders build their own functional plans to support business strategy. “The plan is about understanding where to make investments and what capabilities the company will need — the people, partners, processes, and systems required — to do that,” says Fenwick.  When done well, IT strategic planning can be a powerful tool, setting the company up to realize key business goals and outcomes. But CIOs must be willing to embrace new approaches to planning that are more business-driven, flexible, and frequently revisited.




Quote for the day:

"Never measure the height of a mountain until you have reached the top. Then you will see how low it was." -- Dag Hammarskjold


Daily Tech Digest - October 29, 2017

Data Scraping With PHP and Python

It’s much more than any human can digest in a lifetime. To harness that data, you need not merely get access to that information but also need a scalable way to collect data so that you can organize and analyze it. That’s why you need web data scraping. Web scraping, also known as data mining, web harvesting, web data extraction, or screen scraping is a technique in which a computer program extracts large amounts of data from a website, and then, that data is saved to a local file on a computer, database, or spreadsheet in a format that you can work with for doing your analysis. Web scraping saves tons of time because it automates the process of copying and pasting selected information on a page or even entire website. Mastering data scraping can open up a new world of great possibilities for content analysis.


Building Cloud-Ready Applications into the Architecture


The classic enterprise application has multiple components like web servers, application servers, and database servers. Many of these applications were originally written during the client-server era, with the intent of running them on bare metal hardware. Despite their age, these types of applications can be made cloud-ready. Fundamentally, the components talk to each other over TCP connections using IP addresses and port numbers that are often aided by DNS. Nothing about that structure prevents these applications from running on virtual machines or even containers instead, and if they can be run on either, they can be deployed to any public or private cloud. While applications like this cannot take full advantage of the services that public clouds offer like their cloud-native brethren, there are times when a classic enterprise application can be made cloud-ready and get benefits without a complete rewrite.


The Digital Intelligence Of The World's Leading Asset Managers 2017

Where once the asset management sector was a digital desert, websites and social media channels abound. Whilst this represents genuine progress, the content and functionality within them leaves a lot to be desired in most cases. Quality search functionality is hard to find, websites resemble glorified CVs and blogs read like technical manuals. As for thought leadership, well there’s little thought and no leadership. Social media, especially Twitter and Linkedin, are swamped with relentless HR tweets and duplicate updates. It’s clear that asset managers are missing an opportunity to create content that resonates with FAIs and can build lasting two-way relationships. Over the following pages we present our findings in detail and take a closer look at the digital successes and failures within the world’s leading asset managers. We hope you find it helpful and if you have any questions please do get in touch.


Java: The Strategy Pattern

Image title
The conditional statement is a core structure in nearly all software and in many cases, it serves a very simple function: To decide the algorithm used in a specific context. For example, if we are creating a payment system, a conditional might exist to decide on the payment method, such as cash or credit card. In this case, we supply the same information to both algorithms (namely, the payment amount) and each performs their respective operations to process the payments. In essence, we are creating a series of algorithms, selecting one, and executing it. The purpose of the Strategy pattern is to encapsulate these algorithms into classes with the same interface. By using the same interface, we make the algorithms interchangeable with respect to the client using the algorithms and reduce the dependency on the algorithms from concrete algorithms to the interface that defines the algorithms.


The five D's of data preparation

Data preparation is the task of blending, shaping and cleansing data to get it ready for analytics or other business purposes. But what exactly does data preparation involve? How does it intersect with or differ from other data management functions and data governance activities? How does doing it well help business and IT users – and the organization overall? Data preparation is a formal component of many enterprise systems and applications maintained by IT, such as data warehousing and business intelligence. But it’s also an informal practice conducted by the business for ad hoc reporting and analytics, with IT and more tech-savvy business users (e.g., data scientists) routinely burdened by requests for customized data preparation. These days there’s growing interest in empowering business users with self-service tools for data preparation


What’s Behind the Hype About Artificial Intelligence?

pic
A lot of the hype originates from the extrapolation of current trends and ignoring the reality of taking something from a research paper to an engineered product. As a product manager responsible for building products using the latest AI technology, I am constantly trying to separate the hype from reality. The best way to do this is to combine the healthy skepticism of an engineer with an optimism of a researcher. So you need to understand the underlying technical principles driving the latest cool AI demo and be able to extrapolate only the parts of the technology that have firm technical grounding. For example, if you understand the underlying drivers of improvements in say speech recognition it becomes easy to extrapolate the upcoming improvements in speech recognition quality.


Walmart deploys shelf-scanning robots to free up employees to help customers

The use of robots to check on out-of-stock items could also help save customers time, guaranteeing that more products would be in stock when they visited a store. Walmart also noted in the post that it hopes the technology makes the shopping experience more convenient. Automation—robotics especially—have been a sensitive subject in conversations around the future of work. While Walmart claims to be using the technology to complement its human workers, and free them up to accomplish more complex tasks, the same isn't true for every implementation of the technology. In fast food, for example, a robot named Flippy has been used to make to burgers. Additionally, the growth of autonomous vehicles has also been predicted to eventually be a major disruptor of the trucking market, with manufacturers like Tesla pushing full-steam ahead on such efforts.


The perfect recipe for a top-notch cybersecurity professional


From a technical perspective, every cyber security professional must have a few core ingredients. The first ingredient is a tool such as Nessus, which is for network vulnerability scanning. A cybersecurity professional must be able to use this tool to gain an understanding of critical and high vulnerabilities within a network and provide remediation strategies to improve boundary security. The second would then be Nmap, which is a network mapping tool that allows cybersecurity professionals to map the boundary of a network to research vulnerable points of that same network. A new ingredient that has become more necessary and commonly used in the last few years is the knowledge of cloud security. Technical knowledge of cloud architecture enables cybersecurity professionals to focus on Identity management for cloud systems and accounts.


What might your IT organisation look like in 2030?

The IT organisation is also an innovation and enablement hub for both external and internal products and services, rather than a principally internal technology function like in 2017. The IT domain is largely concerned with an appropriate balance of inventing, experimenting and optimising/tuning. To innovate products, the CIO engages people from the arts through to the sciences. IT domains in 2030 need anthropologists to interpret behaviours and psychology. They need designers to imagine and create products and services to optimise customer experiences. Architects and digital urban planners model and shepherd the digital environment. Engineers build components of external and internal IT products and services connected in a mesh across the Internet of Everything. Data scientists craft ever-smarter machine algorithms and attend to the availability and quality of data that feeds the systems' learning.


A Checklist for Securing the Internet of Things

When it comes to connected devices, it isn't always clear when a device is compromised. Today, nearly all employees have their smartphones with them at work. These personal devices are often unsecured and could become vulnerable due to malicious applications. Using risk and behavior analytics, the enterprise can accurately and efficiently monitor how IoT devices are behaving in order to identify whether the device has deviated from its normal limits. Any deviation can promptly signal a compromised device. We can learn from how the credit card industry addresses fraudulent activity across accounts. When it comes to transactions, once an action is deemed unordinary from the customer's general spending habits, the credit card company restricts access to the card. This entire process is based on behavioral analytics that are used to determine the amount of risk associated with abnormal behaviors.



Quote for the day:


"You have to have your heart in the business and the business in your heart." -- An Wang


Daily Tech Digest - October 27, 2017

The coming revolution is about an AI understanding the human brain — our preferences, our choices, or desires. That will require a Herculean effort. For one thing, my preferences change. Today I’m thinking about biking apparel, tomorrow I’m thinking about going to the beach. An AI will have to adapt, respond, adjust, and customize a thousand times per day. It will need to work like the human brain, constantly making micro-adjustments based on changing variables. A true AI is one that serves us and knows us; we no longer have to know or serve it. We speak and it hears us. We don’t need to learn its parameters, it will learn our parameters. We’re not there yet, of course. Most of us are still tethered to a smartphone all day. By 2030 or so, bots will become adaptive assistants that learn about our behaviors and fit smoothly into our daily routine. We’ll stop being enamored by tech. 


The push toward comprehensive endpoint security suites

The push toward comprehensive endpoint security suites
In a recent research project, ESG asked 385 security professionals the following question, “As new endpoint security requirements arise and your organization considers new endpoint security controls, which of the following choices do you think would be most attractive to your organization?”  The results were quite interesting, as 44 percent of respondents said they would choose a comprehensive endpoint security suite from a “next-generation” vendor, 43 percent said they would choose a comprehensive endpoint security suite from a single established vendor, 8 percent said they would choose an assortment of endpoint security technologies from different vendors, and 3 percent said they would choose an assortment of endpoint security technologies from vendors that establish technical partnerships for integration.


Science may have cured biased AI

machine learning
Scientists at Columbia and Lehigh Universities have effectively created a method for error-correcting deep learning networks. With the tool, they’ve been able to reverse-engineer complex AI, thus providing a work-around for the mysterious ‘black box’ problem. Deep learning AI systems often make decisions inside a black box – meaning humans can’t readily understand why a neural-network chose one solution over another. This exists because machines can perform millions of tests in short amounts of time, come up with a solution, and move on to performing millions more tests to come up with a better solution. The researchers created DeepXplore, software that exposes flaws in a neural-network by tricking it into making mistakes. Co-developer Suman Jana of Columbia University told EurekAlert:


FILE PHOTO: An attendant holds a bitcoin sign during the opening of Hong Kong's first bitcoin retail store February 28, 2014. REUTERS/Bobby Yip/File Photo
Opening a Bitcoin wallet is just one contingency plan firms can make to prepare for cyber breaches in which client data is stolen, according to John Sweeney, president of IT and cyber security advisors LogicForce. This can be a useful "last resort" when the data is not backed up and cannot be restored unless a ransom is paid. "The firms doing this are smarter," said Sweeney, and are looking to take "conscientious" proactive, rather than reactive, steps. Sweeney stressed he did not generally advocate paying ransoms, but said it "makes sense" for firms to have a Bitcoin wallet to hand. "I certainly don't see it as a bad move," he said. Data breaches at law firms are a growing concern: confidential information, often sent in unencrypted emails, risks being stolen and ransomed back to firms, used for fraud or sold to third parties to be used in crimes such as insider trading.


In actual fact, banks are now competing against every firm in the world that delivers a powerful, positive and engaged digital experience for their customers. If we take customer-centric innovators like Amazon, Netflix, Google and Facebook, and examine what sets them apart from the competition, we see it’s their ability to experiment, scale and deliver new features and functionality almost on a constant basis. And how do they manage this? They leverage the full capabilities and flexibilities that cloud technologies can offer.  It is this shift that is responsible for the banking world now embracing digital transformation. Once the realm of retail banking, digital transformation is now entering the unchartered territories of front, middle and back office operations of commercial, investment, business and private banks.


The #1 IOT Challenge: Use Case Identification, Validation and Prioritization

So while we have an amazing compilation of technologies, sensors, gateways, connected devices and such for capturing data, understanding ahead of time what you are doing to do with that data – and why – is important because it frames what technologies, architectures, data, analytics and applications the organization is going to need in order to “monetize” IOT. So before you jump into the IOT pond, let’s make sure that there are no logs, boulders or sea monsters waiting for you. Let’s start our IOT journey by first creating an “IOT Business Strategy.” ... There is a bounty of business use cases from which the business can choose in order to monetize their IOT efforts. However this bounty of use cases is both a gift and a curse because the best way to ensure that you don’t successfully complete any use case is to try to do them all.


Will Machine Learning Make You a Better Manager?


“If you are a credit card processor and you have everyone’s transactions, you could predict whether a particular customer is going to run themselves into debt and default in the future.” Machine learning is even being used to learn more about machines, says Teodorescu, who points out that manufacturers are increasingly using algorithms for preventive maintenance. “You can predict when things are going to break down based on prior performance,” Teodorescu says. “That could preempt costly assembly line shutdowns later.” In all of these ways, it’s clear that while machines may not be taking over the world any time soon, machine learning certainly is. “It will become less and less a mysterious thing and more of a regular topic taught in schools in 20 years,” says Teodorescu. “It will be something everyone learns.”


Building Reactive Systems Using Akka’s Actor Model & DDD


The actor model is designed to be message-driven and non-blocking, with throughput as part of the natural equation. It gives developers an easy way to program against multiple cores without the cognitive overload typical in concurrency. Let’s see how that works. Actors consist of senders and receivers; simple message-driven objects designed for asynchronicity. Let's revise the ticket counter scenario described above, replacing a thread based implementation with actors. An actor must of course run on a thread. However, actors only use threads when they have something to do. In our counter scenario, the requestors are represented as customer actors. The ticket count is now maintained with an actor, and it holds the current state of the counter. Both the customer and tickets actors do not hold threads when they are idle or have nothing to do, that is, have no messages to process.


Microsoft's open source sonar tool helps developers find security flaws in their websites

Beyond open sourcing the code, Microsoft donated the project to the JS Foundation over the summer to make it more accessible to all. Microsoft intended for sonar to "avoid reinventing the wheel," Molleda wrote, instead tapping and integrating existing tools and services that help developers build for the web. With that being the case, sonar integrates with aXe Core, AMP validator, snyk.io, SSL Labs, and Cloudinary. The tool could make a real difference for developers in terms of producing higher quality websites: A recent Northeastern University analysis of over 133,000 websites found that 37% had at least one JavaScript library with a known vulnerability. As ZDNet noted, Snyck also ran a scan of the top 5,000 URLs earlier this year, and found that more than 76% were running a JavaScript library with at least one vulnerability as well.


Sony’s big bet on 3D sensors that can see the world

The new 3-D detectors are in a category called time-of-flight sensors, which scatter infrared light pulses to measure the time it takes for them to bounce back. The basic technology has been around for a while and forms the basis for the Xbox’s motion-based Kinect, as well as laser-based rangefinders on autonomous vehicles and in military planes. Sony’s big innovation over existing TOF sensors is that they’re smaller and calculate depth at greater distances. Used with regular image sensors, they effectively give machines the ability to see like humans. “Instead of making images for the eyes of human beings, we’re creating them for the eyes of machines,” Yoshihara said. “Whether it’s AR in smartphones or sensors in self-driving cars, computers will have a way of understanding their environment.” The most immediate impact from TOF sensors, which will be fabricated at Sony’s factories in Kyushu, will probably be seen in augmented-reality gadgets.



Quote for the day:


"Education's purpose is to replace an empty mind with an open one." -- Malcolm Forbes


Daily Tech Digest - October 26, 2017

You might soon be able — if you're so inclined — to join a bonefide church worshiping an artificially intelligent god.  Former Google and Uber engineer Anthony Levandowski, according to a recent Backchannel profile, filed paperwork with the state of California in 2015 to establish Way of the Future, a nonprofit religious corporation dedicated to worshiping AI. The church's mission, according to paperwork obtained by Backchannel, is "to develop and promote the realization of a Godhead based on artificial intelligence and through understanding and worship of the Godhead contribute to the betterment of society." ... Levendowski's pitch for an AI church comes amid apocalyptic warnings from tech and science luminaries like Elon Musk and Stephen Hawking to the dangers of artificial intelligence.


India Warily Eyes AI

The IT industry may employ only a few million of India’s 1.3 billion people—but it has been a beacon for young men and women with aspirations. It motivated families to send their children to university, placed graduates in gleaming campuses, conferred independent urban lifestyles upon them, and provided stable incomes and access to the world outside India. Over the last 30 years, moreover, it has been the only industry in India to begin from seed and bloom to such success. India is otherwise struggling to create jobs: 12 million Indians enter the workforce every year, but only 135,000 jobs in the formal economy’s eight biggest sectors—including IT—were created in 2015. A dramatic contraction of the IT industry—a dimming of the beacon—would jolt the country’s economy and polity deeply.


Use of IoT in corporate networks is soaring

wireless network - internet of things edge [IoT] - edge computing
Even the omnipresent issue of IoT security seems to be less frightening to companies than before – just 7% of those with bigger (10,000+ devices) deployments said that security was their top concern, although most still acknowledged its importance. Earlier editions of the study cited security as a top concern among up to 29% of companies. Roughly two-thirds of all respondents said that their IoT deployments were “mission-critical” and admitted that a security breach would be catastrophic. Even though the study found growth largely across the board, some verticals saw particularly strong uptake – retail, transportation and energy all grew at better than 17% year-on-year, while other sectors – including those like healthcare and automotive, where IoT has been popular for somewhat longer – continued to grow at a respectable 9% and 12%, respectively.


Agility, comradery drive CA Technologies' strategy turnaround

"There is nothing stronger than pitching something that shows a customer you are in the same boat as they are. It demonstrates you have a deeper appreciation for what they are going through," said Ayman Sayed, ... Moreover, CA Technologies' strategy wraps its portfolio of agile, DevOps and security products around its software development cycle, with a blueprint in hopes to offer a better overall software development environment. CA will also offer technical support through the planning, building, testing and deployment stages to get customers more familiar with some of these newer technologies. One IT professional with a technology services company who worked with CA as part of a digital transformation project said CA's training and technical services helped speed his company's transition to improve its overall operations' performance and agility.


So You Want to Be a Data Scientist? – It’s Complicated

So You Want to Be a Data Scientist? – It’s Complicated
Anyone who is considering a career in data science needs to understand first, the myriad of things such a career involves, the type of education and training required, and exactly what the job market holds. And because the field is growing so fast, students and mid-career professionals both have an opportunity to move into data science careers, if they get the right education and training. There is no single definition of data science, as it varies with industry, specific business, and what the purpose of the data scientist’s role is. And different roles require different skill sets, therefore the educational and training path is not uniform. Data scientists can come from many fields – math, statistics, computer science, and even engineering. But the role the scientist is to play is now generally broken down into two large categories


Edge Analytics – What, Why, Who, When, Where, How

Descriptive analytics focuses on what happened, diagnostic analytics relays why it happened, predictive analytics previews what is likely to happen and prescriptive analytics conveys options on what you should do about it. But you’ll be missing out on an exciting area called Edge Analytics if you relied solely on this type of classification. Let’s look at the scenario of an offshore oil rig which has hundreds of sensors collecting data but miles away from any decent data center to process and analyze this data. What if the sensors had access to decentralized process systems that could perform data analytics and possibly shut off a faulty valve right then and there based on the diagnosis and prediction? Wouldn’t that be more efficient than sending all that sensor data back to central data centers miles away and relaying back the same information much later? Yes, that’s where edge analytics comes in.


How CIOs can Help Improve Enterprise Agility

We can cite the benefits of the ability to react more quickly to change, the delivery of business value on an incremental basis, and the improved satisfaction customers have with our products due to their day-to-day involvement. We have also seen greater morale and increased employee engagement among our development team members. But a company cannot become agile simply by expanding the use of sprints, stand-up meetings, and burndown charts into every department. ... The extent of your company’s agility is determined by the degree to which you can change course, and the speed at which you can achieve this change. Marc Benioff, CEO of Salesforce.com, declared at Davos that “speed is the new currency of business.” But if your momentum prevents you from quickly changing direction, you may find yourself moving swiftly to the wrong destination. The increasing unpredictability of our world demands more and more agility.


Bad Rabbit: Ten things you need to know about

Russian cybersecurity company Group-IB confirmed at least three media organisations in the country have been hit by file-encrypting malware, while at the same time Russian news agency Interfax said its systems have been affected by a "hacker attack" -- and were seemingly knocked offline by the incident. Other organisations in the region including Odessa International Airport and the Kiev Metro also made statements about falling victim to a cyber-attack, while CERT-UA, the Computer Emergency Response Team of Ukraine, also posted that the "possible start of a new wave of cyberattacks to Ukraine's information resources" had occurred, as reports of Bad Rabbit infections started to come in. At the time of writing, it's thought there are almost 200 infected targets and indicating that this isn't an attack like WannaCry or Petya was -- but it's still causing problems for infected organisations.


Doubling Up on AV Fails to Protect 40% of Users from Malware Attacks

Nearly 40% of users who had multiple, traditional antivirus solutions loaded on their endpoints faced a malware attack during the first half of the year, a Malwarebytes report revealed today. The Mapping AV Detection Failures report, which scanned nearly 10 million endpoints, found a number of malware attacks occurred despite having two or more traditional, or signature-based, antivirus solutions installed. "The takeaway for enterprises is [that] the most basic threats have not been caught by the AV they have deployed," says Marcin Kleczynski, Malwarebytes CEO. "Yet, they continue to use these and grow desensitized." He adds CISOs and other IT security leaders may be adopting a common assumption that no one ever gets fired for using antivirus software from the industry leaders, especially when analysts rate them high on the effectiveness scale in comparative reports.


The impact of threat hunting on your security operations

In general, threat hunting can be most efficiently implemented by organizations that already have a solid, mature information security operations center (SOC) and computing incident response team (CIRT). While the latter two are holding the fort (so to speak), threat hunters are free to cast a wider net.Threat hunting starts with the assumption that an incident has happened, but it’s not based on already received alerts. It can be based on findings from previous hunts, or information from outside the organization. Effective hunts depend more on the knowledge, skills and instincts of human analysts than on tools. It is generally acknowledged that, while senior SOC analysts and incident responders can have the right foundation for threat hunting, in order to be good threat hunters they also have to be able to think creatively and see the big picture. Still, there can be no doubt that good tools can help threat hunters channel their capabilities more efficiently.



Quote for the day:


"More people would learn from their mistakes if they weren't so busy denying them." -- Harold J. Smith


Daily Tech Digest - October 24, 2017

mastercard-blockchain.jpg
The Mastercard blockchain is a permissioned blockchain, which will allow participants to maintain the distributed ledger without sacrificing scalability or performance, Sota explains in the video. ... "Our blockchain technology can be used for clearing in near real-time card payment transactions eliminating consolidation and improving settlement," he said. According to Mastercard, its technology boasts four key differentiators to others in the space, spanning privacy, flexibility, scalability, and the reach of the company's settlement network. Mastercard said its blockchain provides privacy by ensuring that transaction details are shared only amongst the participants of a transaction while maintaining a fully auditable and valid ledger of transactions, but still allowing partners to use the blockchain APIs alongside other Mastercard APIs


IT, OT, IoT: Does Hitachi Have a Dictionary for This Alphabet Soup?

Image: Pixabay
At one end of the spectrum, and most notably in this “industrial reinvested as software” class, is GE. GE, better known for building gas plants, jet engines and wind turbines, is reinventing itself as a software company. Under former CEO Jeff Immelt, and current head of all things digital, Bill Ruh, the company is investing hundreds of millions of dollars to build capability in the software space. GE is applying its Predix software offering both to its own business units but, more importantly, is attempting to become the software provider of choice for a host of third-party industrial organizations. At the other end of the spectrum lie the traditional technology vendors who, despite not having significant industrial experience themselves, have long histories of delivering technologies to industrial operations.


Architecture Patterns to Consider When Designing an Enterprise Data Lake

architecture_patterns_enterprise_data_lake-10
Virtually every enterprise-level organization requires encryption for stored data, if not universally, at least for most classifications of data other than that which is publicly available. All leading cloud providers support encryption on their primary objects store technologies (such as AWS S3) either by default or as an option. Likewise, the technologies used for other storage layers such as derivative data stores for consumption typically offer encryption as well. Encryption key management is also an important consideration, with requirements typically dictated by the enterprise’s overall security controls. Options include keys created and managed by the cloud provider, customer-generated keys managed by the cloud-provider, and keys fully created and managed by the customer on-premises.


Why Tech Giants See Singapore As The Next AI Hub


Singapore-based Marvelstone on Monday dovetailed the announcement by the Chinese conglomerate – owner of the South China Morning Post – by revealing it was setting up an AI hub of its own in the city state, which would incubate 100 start ups every year. It said its hub would be “the world’s biggest” when it opens next year. ... The government also showed it is serious about the country’s AI prospects when it announced the development of a dedicated data science consortium, and pledged Sg$150 million to industry research. In the Lattice80 complex, located in Singapore’s central business district, Ko said he was confident the government would follow through with its pledge to foster the industry. “Firstly, it’s about diversity … other Asian cities like Tokyo are also trying to be AI hubs, but they are more homogenous. Singapore’s advantage is that it is welcoming to all, and there is strong government support,” he said.


The prevalence of AI-powered IoT devices inspires mixed emotions

The easy path forward would be to continue developing connected devices without taking people’s fears into consideration. However, this is both unethical and unadvisable from a practical standpoint. Unsecured devices put multiple parties at risk, from the person using the product to the company pulling data from it. A better approach to the situation lies in analyzing the strengths, weaknesses, opportunities, and threats AI- and IoT-enabled devices offer. This will require addressing such pain points as IoT standards, privacy measures, and security. It could also involve education, job training, and general change management. But whether we’re looking at something as mundane as faster streaming or as grand as smart cities, the internet of things — when bolstered by artificial intelligence — has potential to impact every aspect of our lives.


Three Things Data Scientists Can Do To Help Themselves And Their Organizations

In the brave new world of business analytics fueled by big data, there has been significant discussion about the evolving roles of C-suite executives, including the CEO, CTO, and CIO. That discussion is now expanding to include the CMO plus the new roles of CDO and CDS. I do not have an MBA and I usually don’t undertake risky behavior, such as telling a CEO how to run her or his business. However, it is entirely appropriate for the CMO, CDO, and CDS to step up to the challenges of leading and directing the analytics, big data, and data science efforts of their organization, respectively. It is also appropriate for these execs to stand firm against corporate cultures and naysayers that resist big data analytics projects with these types of remarks: a) “Let’s wait and see how it develops elsewhere”; b) “We have always done big data”; or c) “What’s the ROI? Show me the numbers.”


The cryptoeconomics of scaling blockchains


A key shortcoming of the current generation of blockchain technologies is their limits when it comes to performance and scalability. For instance, the entire Bitcoin network can only handle seven transactions per second, compared with over 2,000 transactions per second on the VISA network and millions of transactions per second handled by any top tier consumer application. That has made it impossible for the current generation of blockchain networks to handle big data applications. Is the poor performance of blockchains an engineering problem? It is not, at least not entirely. The problem is actually inherent to the incentive-driven design of blockchains, known as cryptoeconomics. Incentives in Bitcoin consensus Blockchain is useful because it allows untrusted and non-corporative parties to work together and maintain a system. Let’s look at the example of the Bitcoin network.


Stuck between Design Thinking and Lean Startup? Take a hybrid approach


There are now so many different kinds of innovation: design innovation, business model innovation, digital innovation. And so many ways to organizefor innovation: innovation labs, innovation centers, corporate accelerator programs. More significantly, there has been a growth of two schools of thought in corporate innovation: Design Thinking and Lean Startup. Suddenly corporate innovators feel the need to be trained in both. But many consultancies practice or train in only one. And wherever corporate innovators sit, there is growing pressure to be more entrepreneurial. More agile. To increase speed to market. To be more like that startup accelerator your boss visited. ... The best way to tackle this would be to learn about these new approaches, test them on real innovation projects, and then adapt them so that they’re really practical and work in corporations.


What Are The Security Threats For The Cloud

What Are The Security Threats For The Cloud
Surprisingly, although cloud security is so important seeing the different data breaches we have seen around the globe, over 40% of the IT managers have no plans of purchasing ‘security-as-a-service’ solutions. This raises the question, how well such companies are prepared for a future where cloud becomes more and more important as well as criminals are targeting cloud solution on a wider scale. The security of the data in your cloud is vital for companies. Being hacked can have serious consequences for a company as well as on a personal level, seeing the Target CEO who was fired after a data breach. Once your cloud is hacked, your company has a serious issue, depending on the severity of the hack. Therefore it is wise to be aware of the security issues when dealing with the cloud. This infographic might help to achieve that.


Tech Giants Are Paying Huge Salaries for Scarce A.I. Talent


At the top end are executives with experience managing A.I. projects. In a court filing this year, Google revealed that one of the leaders of its self-driving-car division, Anthony Levandowski, a longtime employee who started with Google in 2007, took home over $120 million in incentives before joining Uber last year through the acquisition of a start-up he had co-founded that drew the two companies into a court fight over intellectual property. Salaries are spiraling so fast that some joke the tech industry needs a National Football League-style salary cap on A.I. specialists. “That would make things easier,” said Christopher Fernandez, one of Microsoft’s hiring managers. “A lot easier.” There are a few catalysts for the huge salaries. The auto industry is competing with Silicon Valley for the same experts who can help build self-driving cars. Most of all, there is a shortage of talent, and the big companies are trying to land as much of it as they can. Solving tough A.I. problems is not like building the flavor-of-the-month smartphone app.



Quote for the day:


"Nothing so conclusively proves a man's ability to lead others as what he does from day to day to lead himself." -- Thomas J. Watson


Daily Tech Digest - October 23, 2017

Internet of things illustration
Companies are starting to cast the net farther afield, taking on graduates from a far wider range of disciplines. Virtusa often looks for people with a background in the arts, says Gabrault, because alongside their analytical skills they are creative and can play a key role in user experience, and make sure a product is actually something people want to interact with. Teamwork is also important. IoT is not about beavering away on solo projects, but involves interaction with other teams, end users and customers. “Candidates need to show that they can empathise with the client,” adds Owen. Helping students become “work-ready” is one of the driving forces behind Fast Track, a programme run by the Future of British Manufacturing. It matches students from some of the UK’s leading universities with companies, to help them develop their next big innovation or connected product.


Demystifying The Dark Science Of Data Analytics

Demystifying data analytics: How to create business value with data
Deeper analytics knowledge can also help IT leaders understand why the approach often seems so mysterious. "Data science, in its best form, is an extremely creative endeavor," Johnston says. "There is not necessarily a need for managers to understand the internals of every analysis, just as owners of a software project need not understand the underlying technological internals." ... Unlike IT, where solutions are often obvious and widely adopted by enterprises worldwide, analytics processes are frequently unique and individualized. "Choosing the best analytical method is sometimes straightforward, sometimes art," Magestro says. "For example, looking for cause-effect relationships in data usually means some kind of regression, and looking for similar characteristics in large customer datasets likely involves clustering algorithms."





Select Your Agile Approach That Fits Your Context


By definition, the team finishes the work at the end of that time. The PO decides if any unfinished work moves to the next iteration or farther down the product roadmap. If your team uses iterations as in Scrum, the iteration starts with the ranked backlog and ends with the demo and retrospective. If your team uses flow, you can demo and retrospect at any time. To be fair, iteration-based agile approaches don’t prevent you from demoing or retrospecting at any time. ... Teams might have trouble finishing stories in a timebox or iteration. There can be any number of reasons for their trouble. Here are three common problems I’ve seen: the stories are too large; the people are multitasking on several stories or worse, projects; and the team is not working as a team to finish stories. If the team can’t finish because of multitasking, a cadence might make that even worse. However, visualizing their work might make a difference.



APIs Need to Be Released, Too!

Would it come as a surprise to hear that at the core of each and every one of these priorities are APIs and DevOps? So, just what is an API? API stands for Application Programming Interface and it’s a highly common software development term ­– an initialism you’re bound to have come across. In some form or another, development has always relied on interfaces. Without going too deep, APIs are primarily concerned with enabling communications between ‘private’ and ‘public’ interfaces. Private interfaces are used internally between individual developers and development teams. These aren’t accessible to third parties and can be changed as often as required. This is in stark contrast to public interfaces, which are exposed to third parties – be they internal or outside the company – and shouldn’t change often as other services using these interfaces may break or stop functioning.


Quantum physics boosts artificial intelligence methods


A popular computing technique for classifying data is the neural network method, known for its efficiency in extracting obscure patterns within a data set. The patterns identified by neural networks are difficult to interpret, as the classification process does not reveal how they were discovered. Techniques that lead to better interpretability are often more error-prone and less efficient. “Some people in high-energy physics are getting ahead of themselves about neural nets, but neural nets aren’t easily interpretable to a physicist,” said USC’s physics graduate student Joshua Job, co-author of the paper and guest student at Caltech. The new quantum program is “a simple machine learning model that achieves a result comparable to more complicated models without losing robustness or interpretability,” Job said.


How Close Are You Really?


The network of links between individuals—their social network—has long fascinated social scientists. These networks are neither random nor entirely ordered. Instead, they occupy a middle ground in which people are strongly linked to a few individuals they know well, with weaker links to a larger group of friends and coworkers plus extremely weak links to a wide range of casual acquaintances.  Social scientists measure the strength of these links using a variety of indicators, such as how often a person calls another, whether that call is reciprocated, the time the two people spend speaking, and so on. But these indicators are often difficult and time-consuming to measure. So network theorists would dearly love to have some way of measuring the strength of ties from the structure of the network itself.


 The Future of Enigma and Data


In practice, to build a data marketplace, the Enigma protocol needs to implement the infrastructure for a decentralized database, with storage and computational abilities that far exceed those that blockchains offer. While all blockchains are, in a manner of speaking, protocols for decentralized computing and data storage, their poor scalability and lack of privacy features limit potential use-cases. We need a second-layer network that can handle more data, faster, and can provide better privacy features — and that’s where the Enigma protocol comes in. Our protocol is based on the ideas presented in the 2015 Enigma whitepaper, as well as in our subsequent work (paper, thesis). It aspires to complement a blockchain (of any kind) with an off-chain data network (essentially — a single, always-on decentralized database), in much the same way that payment networks (e.g., Raiden) offer better financial transactions scalability.



Could Your Reactive Cyber Security Approach Put You Out of Business?

reactive-cyber-security-2
One scenario could involve your organisation becoming the victim of ransomware where an attacker hijacks your data and demands compensation for it. Without paying up, your operations come to a screeching halt, and your revenue plummets overnight. Another would be having sensitive customer or employee information fall into the wrong hands. This can lead to everything from identify theft to corporate espionage. Even basic information, like email addresses, phone numbers and billing addresses can be of significant value to cyber criminals and open a can of worms. You also have to consider the level of disruption that comes along with an attack. Not only does downtime cost your business serious money, it can tarnish your brand reputation, and many customers may end up turning to competitors.


Digital brains are as error-prone as humans

Imagine a future where you are regularly stopped and searched by the police, based simply on bad information fed into a computer. That is the fear of one authority on the subject, who is concerned that human biases and errors are being programmed into machine learning
The algorithms that make up these neural networks can unintentionally boost these biases, giving them undue importance in their decision making. Writing in the WSJ, Professor Crawford said: 'These systems “learn” from social data that reflects human history, with all its biases and prejudices intact.  'Algorithms can unintentionally boost those biases, as many computer scientists have shown. 'It’s a minor issue when it comes to targeted Instagram advertising but a far more serious one if AI is deciding who gets a job, what political news you read or who gets out of jail. 'Only by developing a deeper understanding of AI systems as they act in the world can we ensure that this new infrastructure never turns toxic.' Research has already demonstrated that AI systems trained using such data can be flawed.


The Role of Data in the Financial Sector


What makes the financial sector even more interesting from a big data standpoint is the constant stream of new regulations and reporting standards that bring new data sources and more complex metrics into financial systems. ... The ForEx markets, as mentioned earlier, trade 24 hours per day, from morning in Sydney to evening in New York, except for a small window during the weekend. Additionally, algorithmic trading has been used in the financial markets for a long time in one form or another. The NYSE introduced its Designated Order Turnaround (DOT) system in the early 1970s for routing orders to trading desks, where the orders were executed manually. Now, algorithmic trading systems break very large orders into smaller pieces that are executed automatically based on time, price, and volume, optimized for market parameters.





Quote for the day:

"Defragmenting data silos is key for accelerating research."  -- Joerg Kurt Wegner