Daily Tech Digest - April 14, 2018

10 best practices for bolstering security and increasing ROI

business meeting (marvent/Shutterstock.com)
There is nothing easy about government security operations. Most chief information security officers struggle with countless manual processes, numerous disconnected tools and a shortage of properly trained talent. However, the increasing number of widely publicized breaches, the growing complexity of regulations pertaining to the protection of personal data and the uptick in ransomware attacks have made agencies' top executives acutely aware of the dangers posed by inadequate security. As a result, those executives have become more willing to approve spending on security operations -- but the increased spending has often not provided the type of returns that agency leaders and financial officers expected. So now CISOs are being asked to provide proof that the money spent -- or that they are asking to be spent -- will lead to greater effectiveness, more efficient operations or better results when the agency is attacked.  If calculating the return on security investments could mirror predicted ROI for return on a new piece of equipment, the task would be simpler.


Use case categories for IoT and blockchain or distributed ledger convergence according to Kaleido Insights' report “The Internet of Trusted Things: Blockchain as the Foundation for Autonomous Products & Ecosystem Services” - via Jessica Groopman - source and more info
In an age where consumers (also part of the ecosystem) want their goods faster than ever and the pressure for digital supply chains to be more interconnected and efficient is high. With interconnected we don’t mean supply chains as such (they are of course interconnected) but the data flows, processes, control mechanisms, myriad stakeholders, processes, actions and interactions (as mentioned in a blockchain smart port case there are over 30 different parties with on average 200 interactions between them just to get a container from one point or the other in shipping). No wonder that global logistics and transportation are among the fastest movers in testing and adopting blockchain technology. It is no different in the intersections of IoT and distributed ledgers from the ecosystem perspective as the Kaleido Insights report depicts it: supply chain is one of five blockchain IoT use case or rather industries/activities where blockchain is seen as the foundation for autonomous products and ecosystem services.



Five Reasons B2B Companies Should Not Ignore Social Media

One of the first things you may hear when you talk to B2B sales managers is that this is a purely rational market -- decisions are pragmatic and solely based on numbers, cash flow and revenue projection. This is just not true. While considerable weight is put into the rational part of the purchase, decision-makers are often filled with emotions when it comes to selecting a provider. The result of these selections could affect their jobs, their careers and their overall stability. Nobody wants to be the person who bought that customer relationship management (CRM) software that was a complete headache and generated huge losses. These emotions need to be addressed with a more humane approach, and social media gives us the ability to have a closer connection to the buyer, not the entity. Examples of this are using videos of client testimonials that feel real and not scripted and introducing your employees to your social audience to start the conversation in the digital environment, thereby creating closer relationships offline.


Understanding Virtual Private Networks [and why VPNs are important to SD-WAN]

istock 501503746
Another type of site-to-site VPN is connecting to a carrier-provided MPLS cloudinstead of the public internet, offloading establishment of the VPN connections to the provider. The service provider creates virtual connections between sites across its MPLS network. The primary advantages of this type of VPN are network agility and the ability to mesh the network. In a typical site-to-site network, each branch is connected to the data center, and any branch to branch traffic flows through that central hub. With meshing, branches connect to each other directly without going through the hub. This direct connectivity may be necessary for video conferencing and other bandwidth-intensive and delay sensitive applications, and MPLS VPNs are ideally suited for this use case. The negative to MPLS VPNs has always been cost. Private IP services, like MPLS are very expensive, particularly for international connections. SD-WANs have been red hot of late with network professionals because they provide the cost benefits of Internet based VPNs with the performance and agility of MPLS VPNs.


Think of a Number: Why Humans and Machines Are Bad at Being Random

Choosing truly random numbers is a challenge for people just as much as it is for machines. It also largely outside the control of the lottery organizers and has some potentially dangerous financial ramifications. For example, in the 1990s, the UK lottery paid a guaranteed £10 for picking three correct numbers. If enough people played the same correct numbers and won, would this bankrupt the lottery? That idea almost became reality with an experiment on the 1997 UK television series The Paranormal World of Paul McKenna. In an experiment in so-called psychokinesis — the power of mind over matter — McKenna asked the nation to concentrate on a particular set of six numbers in the hope of making them come up in the Saturday draw. It quickly became apparent that if millions of viewers bet on them, and even if only three of those numbers came up for the minimum £10 prize, the National Lottery would have to make a huge and unprecedented payout. Luckily for the organizers, the numbers didn’t win, but it led to Camelot changing the rules shortly after the McKenna program, so that four, not three, matching numbers were now required to win the minimum prize.


22 European countries sign up to blockchain partnership


The document said that by cooperating closely, creating a “European ecosystem for blockchain services and applications”, fragmented approaches can be avoided. “It can enable the development of interoperable frameworks for blockchain in Europe based on standardised solutions and governance models,” the declaration said. “Such cooperation can also strengthen compliance with regulations and regulatory convergence, which is essential to support scalability of such solutions across borders.” Earlier this year, the EC set up the Blockchain Observatory and Forum, which will monitor blockchain developments and ensure EU organisations are engaged in the industry.  ... “Such services will create opportunities to enhance services in both public and private sectors, notably making better use of public sector information while preserving data integrity, and providing better control of data by citizens and organisations interacting with public administrations, reducing fraud, improving recordkeeping, access, transparency and auditability, within and across borders.”


Hackers Found Using A New Code Injection Technique to Evade Detection

While performing in-depth analysis of various malware samples, security researchers at Cyberbit found a new code injection technique, dubbed Early Bird, being used by at least three different sophisticated malware that helped attackers evade detection. As its name suggests, Early Bird is a "simple yet powerful" technique that allows attackers to inject malicious code into a legitimate process before its main thread starts, and thereby avoids detection by Windows hook engines used by most anti-malware products. The Early Bird code injection technique "loads the malicious code in a very early stage of thread initialization, before many security products place their hooks—which allows the malware to perform its malicious actions without being detected," the researchers said. The technique is similar to the AtomBombing code injection technique that does not rely on easy-to-detect API calls, allowing malware to inject code into processes in a manner that no anti-malware tools can detect.


Transform HR with Intelligent Automation

Intelligent Automation
Automation is everywhere. As the “new norm,” intelligent automation plays a key role in our everyday lives. From Lyft providing instant access to a ride and Alexa keeping track of the grocery list, intelligent automation is behind the scenes enhancing services and making our lives easier. With less and less effort required on our part, intelligent automation is quickly becoming the preferred way of doing things. While the world moves towards increased automation, many companies and HR organizations in particular are striving to follow. However, many HR organizations still rely on manual and unstructured work processes. In a recent study of more than 1,850 business leaders, HR was named the department “most in need of a reboot” with only 37 percent of services being automated. This makes it not only difficult for HR teams to do their jobs effectively, but also reflects on the department overall and what employees experience when interacting with HR. The lack of automation in HR organizations is especially challenging given the dramatic rise in work loads in recent years.


Artificial Intelligence - The Next Digital Frontier?

In this independent discussion paper, we examine investment in artificial intelligence (AI), describe how it is being deployed by companies that have started to use these technologies across sectors, and aim to explore its potential to become a major business disrupter. To do this, we looked at AI through several lenses. We analyzed the total investment landscape bringing together both investment of large corporations and funding from venture capital and private equity funds. We also reviewed the portfolio plays of major internet companies, the dynamics in AI ecosystems from Shenzhen to New York, and a wide range of case studies. As part of our primary research, we surveyed more than 3,000 senior executives on the use of AI technologies, their companies’ prospects for further deployment, and AI’s impact on markets, governments, and individuals. This report also leverages the resources of McKinsey Analytics, a global practice that helps clients achieve better performance through data. The research was conducted jointly with Digital McKinsey, a global practice that designs and implements digital transformations.


Technology Must Make Digital Banking More Human

There needs to be an extreme sense of urgency within the organization to accept and implement change, otherwise the organization will see the ‘doomsday’ industry scenario that we’ve been warned about. As a result, it is important to find deeply transformational levers – changes that will fundamentally make a collective difference faster than a general employee engagement program or a sheer reorganization exercise. That’s why every Emotional Banking workshop and program designed corresponds to one of four key levers … Knowledge, Passion, Courage and Language. Because the connection to brands differ from bank to bank, the process of building a successful emotional connection between the organization and the customer must be flexible. Emotional Banking is an evolutionary process, that will change over time and will be customized for each organization. I have enlisted a global deployment partner as well as Dr. Julia Furedi to build learnings around what works best and fastest, and to help demonstrate the synergy between the four levers and the technology now available at leading banks.



Quote for the day:



"The most important thing in communication is to hear what isn't being said." -- Peter Drucker