Daily Tech Digest - September 20, 2018

Smarter analytics for banks

Smarter analytics for banks
Banks currently concentrate most of their analytics use cases in sales management (for example, next product to buy, digital marketing, and transactional analytics), financial risk management (collections), and nonfinancial risks (cybersecurity and fraud detection). These are logical first choices, but banks also need an analytics road map for the entire organization to ensure transparency and clarity on their aspiration for advanced analytics. Before launching efforts on specific use cases, banks should identify those areas where analytics will do the most to enhance their value propositions, in line with their business strategies. Over time, banks should extend analytics to other functions and set their ambitions for how analytics will help the organization in the years ahead. Across industries, analytics leaders integrate analytics not only into a few crucial business units but also across all operations. This is true for analytics leaders among banks as well: more than half have introduced use cases to three or more functional areas.



The new face of Financial Services

With universal consumer adoption of digital communication, and technologies such as Blockchain removing the need for a trusted intermediary, the role of the financial institution is in flux. An example is Bitcoin, and similar technologies launched in recent years. These new currencies seem to herald the shape of things to come, but their levels of volatility hamper their development as reliable forms of payment or stores of value. The risk is that they are becoming nothing more than instruments of pure speculation. Barely a week goes by without a new crypto currency launching, but most disappear without trace leaving early adopters out of pocket and further tarnishing the perceived reliability of such means of exchange. A lack of transparency into the workings of the system exposes it to fraud and manipulation; and the very decentralisation that gives crypto currencies their advantage over traditional counterparts also signals a disadvantage, which is the anonymity of the counter-party in a transaction.


Credential stuffing attacks cause heartache for the financial sector


Often utilized by botnets, credential stuffing describes the use of stolen or leaked credentials in automatic injection attacks. Automated scripts hammer online services with credentials in the hopes of a password and username or email address being accepted as legitimate -- which, in turn, permits account hijacking and takeovers. One of the core problems in today's consumer and employee security practices is the use of password and email combinations for multiple online services. When a data breach occurs, such as the LinkedIn 2012 security incident in which 112 million credentials were exposed, the story doesn't end there. These credentials may end up online and public or for sale in the Dark Web. Massive data dumps full of stolen credentials can be found in the Web's underbelly, all of which can be added to batch scripts which will automatically attempt to login to services. ... If a financial account is compromised in such a way, this may lead to the theft of funds or stock portfolio tampering. If the account belongs to an employee of the organization, the damage could be deeper, with the compromise of internal banking systems.


Investing wisely in the healthcare IT ecosystem

Investing wisely in the healthcare IT ecosystem
Through technology, healthcare is becoming a different kind of industry, which is not lost on the technology provider market. Healthcare CIOs have much greater choices in technology solutions, but they need to be careful. The vendor community is willing to sell a whole range of tools, but some of these tools are more mature than others. There is likely to be a long shake out and adoption period for these technologies. CIOs in healthcare have to think through how to architect these solutions as a part of their ecosystems as opposed to buying 10-point solutions that solve narrowly defined needs.  The data architecture in a healthcare system is very complex, since data comes into the system from so many places — patients, referring physicians, payers. The future includes wearables, home monitoring and other sensors that are beyond the hospital and physician office. And data comes in so many forms — diagnostic test results can be images, paper, and lab results, structured and unstructured — all of which have to be brought into the record and integrated into a set of processes.


How Non-IT Employees Can Bridge the Security Skills Shortage

How Non-IT Employees Can Bridge the Security Skills Shortage
The security skills shortage can equally apply to dedicated IT professionals and to ordinary, non-IT employees. While the worries about the potentially 3.5 million unfilled cybersecurity jobs by 2021 are certainly pressing, even the most dedicated expert will need to work with other employees. Without some knowledge of cybersecurity best practices, your security team will be fighting an uphill battle. This adds additional stress and responsibilities to their workloads, possibly increasing the burnout rate. Instead, you need to get employees involved in bridging the security skills shortage. Your enterprise can start by building awareness of how their actions can influence your enterprise’s security posture. You can and should provide engaging, work-integrated training programs at regular intervals to instruct your employees on best practices. The security skills shortage is already a struggle. Don’t compound it by keeping your other employees in the dark.


False positive reduction in credit card fraud detection

MIT researchers have employed a new machine-learning technique to substantially reduce false positives in fraud-detecting technologies. Image: Chelsea Turner
The backbone of the model consists of creatively stacked “primitives,” simple functions that take two inputs and give an output. For example, calculating an average of two numbers is one primitive. That can be combined with a primitive that looks at the time stamp of two transactions to get an average time between transactions. Stacking another primitive that calculates the distance between two addresses from those transactions gives an average time between two purchases at two specific locations. Another primitive could determine if the purchase was made on a weekday or weekend, and so on. Veeramachaneni said, “Once we have those primitives, there is no stopping us for stacking them … and you start to see these interesting variables you didn’t think of before. If you dig deep into the algorithm, primitives are the secret sauce.” “One important feature that the model generates, is calculating the distance between those two locations and whether they happened in person or remotely.


Meet the women who are making sure blockchain is inclusive

The way Indilo sees it, it’s similar to the promise of the internet where everyone with access had the chance to be a participant. However, that democratization wasn’t totally realized as areas with limited access prohibited participation and the growth of large tech companies. The data created on the internet is a “huge asset essentially owned by few companies use for their own benefit,” she says. “We don’t even understand why they are doing certain things, and in many cases they hugely undermine privacy.” But blockchain can deliver on that promise. Simply being able to send and receive money in a secure, transparent way has huge implications for both the banked and unbanked populations of the world. And it’s not just about money, Indilo contends. Opu Labs is a skincare web application built on the blockchain. It allows users to scan their faces and get analysis on skin conditions. Not only is this very personal information secure and unable to be tampered with, Indilo points out that people are getting paid to get something valuable.


What’s the Secret to Success as a Data Scientist?

What’s the Secret to Success as a Data Scientist?
In essence, data scientists are tasked with making discoveries out of large quantities of data. They’re explorers who interpret the world around them. “At ease in the digital realm, they are able to bring structure to large quantities of formless data and make analysis possible,” Thomas H. Davenport writes for Harvard Business Review. “They identify rich data sources, join them with other, potentially incomplete data sources, and clean the resulting set. In a competitive landscape where challenges keep changing and data never stop flowing, data scientists help decision makers shift from ad hoc analysis to an ongoing conversation with data.” By 2020, IBM is predicting that demand for data scientists will increase by 28 percent. More than half of these jobs (59 percent) will be in the finance, insurance, professional services, and IT industries. Within two years, there will be an estimated 2.7 million data professional jobs in the United States alone. The average annual pay for advertised data scientist jobs is currently somewhere around $105,000.


Your biggest cyber security threat is inside your organisation

It shouldn’t come as a surprise that staff awareness training can be difficult. That doesn’t mean you can’t put in place an effective training regime; you just need to understand the problems and find a solution. The way you do this will depend on the resources at your disposal. One of the most common solutions, particularly for organisations that are short on time, is to get help from a third party. This takes the hassle out of staff awareness training, freeing you from the worries of creating a course from scratch, making sure it’s delivered in a way that everyone will understand and checking that all the necessary information is included. You can make the process even easier by using our Information Security Staff Awareness E-Learning Course. Because it’s an online course, your employees can study at a time and place that’s convenient for them. All you need to do is send a notification to your employees, and then check that everybody’s completed the course.


Artificial Intelligence, Ratings, and the Small Print


Relying on either the wisdom of crowds or the wisdom of computers, however, might not be enough. Acquisti, who is part of the Carnegie Mellon team, believes that the onus shouldn’t be on consumers to continually track the way their data is used. “We cannot expect, or pretend, individuals to be constantly aware of and engaged with all the myriad of ways tools and services continuously collect and track their information,” he wrote in an email. “The effort needed to consciously manage such unending flows of data would be nearly superhuman.” Instead, because privacy management is a societal issue that requires societal solutions, Acquisti argues that it is necessary to set clear privacy standards that companies can adhere to. “If, as a society, we were to set a goal of handling the issue of privacy better, then a combination of smart regulation and technology would be needed,” he noted. Smart regulation should encourage technologies that allow organizations to collect and use consumer data while doing more to protect privacy.



Quote for the day:


"There comes a time when you have to choose between turning the page and closing the book." -- Unknown


Daily Tech Digest - September 19, 2018

AI and robotics will create almost 60 million more jobs than they destroy

A robotic arm at an industrial manufacturing factory. 
Developments in automation technologies and artificial intelligence could see 75 million jobs displaced, according to the WEF report "The Future of Jobs 2018." However, another 133 million new roles may emerge as companies shake up their division of labor between humans and machines, translating to 58 million net new jobs being created by 2022, it said. At the same time, there would be "significant shifts" in the quality, location and format of new roles, according to the WEF report, which suggested that full-time, permanent employment may potentially fall. Some companies could choose to use temporary workers, freelancers and specialist contractors, while others may automate many of the tasks. New skill sets for employees will be needed as labor between machines and humans continue to evolve, the report pointed out. Machines are expected to perform about 42 percent of all current tasks in the workplace by 2022, compared to only 29 percent now, according to firms surveyed by WEF. Humans are expected to work an average of 58 percent of task hours by 2022, up from the current task hours of 71 percent.



The Digital Boardroom: Industrial Boards Are Looking for More Tech-Savvy Directors


It is not enough to be fluent in Industry 4.0; directors have to be able to connect technology to the business in meaningful and tangible ways that will boost shareholder performance. If they are to be seen as respected contributors to the board, directors need to help educate other directors on the implications of technology and bring the leadership skills and business knowledge to advance the broader board’s understanding of the issues at play for the business. Without this broader business perspective, they may lack the influence with other directors and limit their effectiveness in board-level debates about strategy and capital spending. In addition, having a quantifiable way to measure digital transformation and its connection to financial outcomes will be key to their success. Ideas that were too futuristic ten years ago are now a reality, thanks to digital transformation. For example, who knew cars could drive themselves or drones could deliver packages.


All your Windows 10 devices, managed by Microsoft

The complexity of managing previous versions of Windows has meant that handing over PC management to managed service providers and outsourced IT was rarely economic. Microsoft is betting that its new versions of Windows and Office — as well as its cloud analysis and management tools — make it cost effective to take over desktops at scale, whether that management is done by Microsoft; OEMs such as Dell and HP, which already offer on-demand device replacement; or partners such as Avanade/Accenture and Computacenter. Microsoft has “tens of customers” for MMD in the UK and US, including large, regulated organizations like Lloyds Banking Group as well as SMBs like Seattle Reign. Karagounis says the MMD baseline caters for large regulated companies but “we give the smaller organizations a choice with things they don’t want to light up because they’re too heavy-duty.” The program will expand to Canada, Australia and New Zealand in early 2019 and other geographies later in the year.


This Windows file may be secretly hoarding your passwords and emails

waitlist.jpg
Since the Windows Search Indexer service powers the system-wide Windows Search functionality, this means data from all text-based files found on a computer, such as emails or Office documents, is gathered inside the WaitList.dat file. This doesn't include only metadata, but the actual document's text. "The user doesn't even have to open the file/email, so long as there is a copy of the file on disk, and the file's format is supported by the Microsoft Search Indexer service," Skeggs told ZDNet. "On my PC, and in my many test cases, WaitList.dat contained a text extract of every document or email file on the system, even if the source file had since been deleted," the researcher added. Furthermore, Skeggs says WaitList.dat can be used to recover text from deleted documents. "If the source file is deleted, the index remains in WaitList.dat, preserving a text index of the file," he says. This provides crucial forensic evidence for analysts like Skeggs that a file and its content had once existed on a PC.


3 first steps to explore blockchain in the enterprise

Blockchain and digital assets can take a while to fully understand and you really need to be willing to read, listen and experiment. When tackling any complex topic, I begin with reviewing and discussing the topic with credible sources I really trust. We expanded several of our existing collaboration relationships with forward-thinkers, such as the Ideo CoLab and the Institute for the Future, and we joined working groups across industry and academia, with organisations including Harvard University, University College London, the MIT Media Lab and IC3. We paired this outside knowledge with our own analysis. We also conduct user research with Fidelity clients and customers to gain an understanding of their interest and activity in this area, which has helped inform our pilots. ... When we started to explore the possibilities for capital markets, we started with the obvious pain points – specifically, money movement, transactions and payments. This really caught my interest as there was a lot of speculation about the day-to-day usefulness of digital assets.


AI for Crime Prevention and Detection – Current Applications

AI for Crime Prevention and Detection - 5 Current Applications
Companies and cities all over world are experimenting with using artificial intelligence to reduce and prevent crime, and to more quickly respond to crimes in progress. The ideas behind many of these projects is that crimes are relatively predictable; it just requires being able to sort through a massive volume of data to find patterns that are useful to law enforcement. This kind of data analysis was technologically impossible a few decades ago, but the hope is that recent developments in machine learning are up to the task. There is good reason why companies and government are both interested in trying to use AI in this manner. As of 2010, the United States spent over $80 billion a year on incarations at the state, local, and federal levels. Estimates put the United States’ total spending on law enforcement at over $100 billion a year. Law enforcement and prisons make up a substantial percentage of local government budgets. Direct government spending is only a small fraction of how crime economically impacts cities and individuals.


Blockchain And Token Asset “Phenomena” Still Raging

Citing a report from PWC, as relayed by a recent Bloomberg article, the host went on to note that although 86% of the respondents in a 600-firm survey have begun tinkering with blockchain, that 54% of the aforementioned figure claimed that deploying systems based on this nascent technology “wasn’t justified.” Explaining why this is the case, Mcnamara noted that while blockchain is evidently a viable technology, firms are finding it difficult to deploy blockchain-based commercial solutions in a manner that will become profitable over time. The PWC executive then drew attention to the fact that there are still trust issues between firms and decentralized technologies, which ironically enough are arguably the most secure systems out there, so what’s not to trust? Lastly, Mcnamara brought up the perpetually controversial topic of regulation, adding that firms are wary that governments, specifically US’ regulatory bodies, will eventually lash out at this budding industry. ...”


DevOps security takes on the dark side of digital transformation


DevOps security is the only viable approach as digital assets become crucial to the enterprise bottom line, Pullen said. Ideally, IT employees should access enterprise production environments only with developers' version-controlled code, checked in to an automated delivery system -- a setup that limits internal security threats, he said. The DevOps practice of small, iterative changes to modular infrastructure also reduces the attack surface of IT systems for outside threats. However, DevOps proponents are mistaken to emphasize the gatekeeper mentality that relies on human approvals or manual work to deploy production application changes, Pullen said. "Automated changes to production scares IT folks, but version control should be the gatekeeper," he said. "Version-control systems are fully auditable, reproducible and traceable." 


Ajey Gore on Small Teams Making a Big Difference and Effective Outsourcing


There is a fundamental difference in how you look at “outsourcing”. The old school way of looking at this was to outsource for a pure labor arbitrage reason. It was implied cheaper to get work done in India. For us, it’s exactly the opposite. It’s significantly more expensive to set shop in India, but we’re in it for the talent. There is also the added benefit of India being in the top 5 countries with the largest English speaking population. Quality of talent has always been the main focus for us and there is no dearth of the type of talent we’re looking for in India. The quality of talent outweighs the higher price point because we believe in the long run the talent will prove to be more valuable than the savings. In Indonesia, especially with tech-focused companies, I feel the trend of ‘outsourcing to India’ will start to grow slowly as more companies will start to understand the value of experienced and talented developers and their contribution to the long-term goals of a company.


IBM launches tools to detect AI fairness, bias and open sources some code

Strategically, IBM's move makes sense. IBM is hoping to provide Watson AI, but also manage AI and machine learning deployments overall. It's just a matter of time before AI Management becomes an acronym among technology vendors. IBM said it is planning to provide explanations that show how factors were weighted, confidence in recommendations, accuracy, performance, fairness and lineage of AI systems. There is little transparency in the models being sold, inherent bias, or fine print. IBM Research recently proposed an effort to add the equivalent of a UL rating to AI services. IBM said it will also offer services for enterprises looking to better manage AI and avoid black box thinking. Big Blue's research unit recently penned a white paper outlining its take on AI bias and how to prevent it. IBM's Institute for Business Value found that 82 percent of enterprises are considering AI deployments, but 60 percent fear liability issues.



Quote for the day:


"Never stir up litigation. A worse man can scarcely be found than one who does this." -- Abraham Lincoln


Daily Tech Digest - September - 18, 2018

Note to CIOs: It’s time to change the network
The network is something that not enough CIOs pay attention to. It’s often the IT resource that’s last on the priority list with the majority of focus given to applications.  That might have been fine 20 years ago when most applications and data lived on the user’s computers. Also, IT had extremely tight control of the endpoints and applications so user experience was easy to manage. Since then, the world has blown up (at least from an IT perspective) with applications moving to the cloud and being procured by lines of business and workers bringing their own endpoints in. What was once a tightly controlled, end to end ecosystem, is now totally chaotic. Because we live in this highly interconnected world, the network plays an important role in how applications perform, which has a direct result on every businesses top and bottom line. With SD-WANs, there are numerous decisions to be made, such as should broadband be used? If so, where? Should services remain on premises or be moved to the cloud?Should traffic be routed directly to the cloud from a branch or be routed to the company headquarter? Each time an option is provided, it adds to the complexity of deployment.


Break Through Your Learning Blockers


One of the most important leadership skills you can develop is the capacity to objectively diagnose your counterproductive preferences and tendencies — especially the ones that insulate you from the learning that helps you stay relevant. Pay attention to the people you work with and you’ll quickly notice which ones are habitually prone to slow down their learning — or block it altogether. They’re the ones who go through the motions at meetings, failing to find relevant and interesting things to learn and contribute. They remain content with what they already know, avoiding reading or exploring new subjects. ... If you are honest with yourself, you gain a higher perspective, one that allows you to observe your actions and see how they create real patterns (instead of the patterns you wish would exist). To make sure you aren’t hindering your own learning agility with a few bad habits, take an honest look at how these three common blockers may apply to you. Then you can apply the suggestions for pushing past them.


Overhauling the 3 Pillars of Security Operations

Many security operation centers are already at the breaking point with growing backlogs of investigations and reactive triage. An often-quoted statistic is that less than 10% of investigations are completed in a typical security operation. Cloud and modern application transitions multiply the threat surface many times over, generating staggering volumes of data that need to be rapidly assimilated for insights. Further, cross-enterprise collaboration is requiring new models of distributed knowledge transfer because investigation workflows need to be shared across both security and operations. Industry hype suggests artificial intelligence, machine learning, and improved automation will rapidly replace humans in every workflow in the next few years, but the reality is that there will be a long transition in which optimizing human and machine collaboration is essential to scale the defense. Although much can be automated, human context is still essential in many security workflows.


Artificial intelligence: The king of disruptors


AI has been around for decades. The science isn’t new. So why all the hubbub now? The answer is convergence. Computing power is up, while computing costs are down. In the early 1960's, for example, a gigaflop cost approximately $153 billion in today’s money. But now, a gigaflop of computing power costs about 3 cents. Plus, the increasing popularity of GPUs provide affordable, energy-efficient computational speed on top of it. Add to that affordable data storage. Storing a gigabyte of data in the 1960's cost more than $1 billion by today’s standards. Now a gigabyte of storage costs around 2 cents. That’s good news because the advent of the Internet of Things and streaming data means we’re rapidly heading into the land of zettabytes. That massive amount of data can lead to building deep neural networks to train and retrain algorithms, essential for data-hungry AI.  Decades ago, we fantasized about making AI part of everyday life, but we couldn’t afford the technology underpinning it. Now we can. Let the disruption begin.


The Digital Transformation of the Construction Industry

Moving the communication of the design intent to onsite construction has been an issue since the time of the Egyptian Pyramids. For thousands of years, the design intent was communicated in the form of a 2-dimensional document (a sketch in the sand or papyrus, an artist’s sketch on paper, blueprints). Today’s projects use a 3-dimensional tool called BIM, to communicate design intent in a form of data. This allows all stakeholders on a construction project to share and pass along work performed in a disciplined and organized manner, providing fewer mistakes and increasing profits. ... The VR/AR/MR solutions that are being used by the Sub-Contractors in the United States are breathtaking. Mostly being utilized and educated by the Sub-Trade Unions, VR/AR/MR technologies are enabling the fabrication, construction, and delivery of numerous trades work without the use of traditional tools (no blueprints, no measuring tape, no levels) and in most instances, with less workers in up to 40% less time.


Hire the Right Machine Learning Talent

Image: Pixabay
"We end up training people to make more microwaves," Kozyrkov said. "Then when you hire them into your kitchen, they end up wanting to build you a microwave. But there's already warehouses upon warehouses of microwave appliances already there." What you need is someone to innovate with new recipes. What you need is someone to apply the technology that has already been built. What you need is someone who knows how to use machine learning to achieve business outcomes. Google is trying to change this with a new approach, according to Kozyrkov"We have started training our personnel in applied data science and applied machine learning, and we are calling that decision intelligence engineering," she said. "This is about taking all those applied machine learning principles and augmenting them with insights on how to make this useful for this business. It focuses on using data to solve business problems," Kozyrkov said. A very public example of how Google has applied machine learning is in cooling its own data centers.


Will There Be Enough Power With 100 Billion Connected Things?


Now that cyberattacks are not necessarily human bad actors, but machine learning algorithms, it's a necessary knowing glance we must cast to the dark side. Where there is light, there is also dark, and I think it naive of us to only want to discuss the rose colored glasses version of the future. I am a realist. I like to prepare in advance for what can happen, and anyone involved in cybersecurity will tell you that it's never a question of "if" but rather, "when." Wouldn't you like to know what your energy and utilities companies have in-mind to make it much more complicated for a human or artificially intelligent bad actor to hack the grid? You knew I couldn't post a blog post on LinkedIn without talking about Artificial Intelligence, right? Impossible. I'm keen to learn, absorb, and enter into the discussions around our future with AI, machine learning, the Internet of Things, (IoT), and of course, my favorite, e-mobility. As I am typing this I just drove my Tesla Model X from Denver, Colorado to Boston...the infrastructure Tesla has set-up for us here in the United States is unbelievably incredible.


This Chilling Attacks Lets Hackers Steal Data From Almost Any Laptop

As long your laptop is set to go to sleep when you close the lid or after a certain amount of idle time, it's likely vulnerable. Here's how their attack plays out. Instead of sticking the entire laptop into the icebox, F-Secure used a more selective chilling process. The laptop's bottom cover was removed and the system's RAM was rapidly cooled using a can of compressed air. Not simply by blasting it with air, mind you -- by turning it upside down and directing the liquid fluorocarbons inside at the chip. Once the chip has been sufficiently cooled phase two of the attack can begin. A specialized (but fairly common) device allows them to manipulate the system's non-volatile memory. Once the tool does its thing, the attacker instructs the computer to boot to a USB flash drive. Any data that was stored in memory as the computer went to sleep can now be accessed. In this case, the hacker is able to dump a "secret password." After the hacker in the video logs in to the laptop the very same password is shown inside a WordPad document as proof the attack worked.


Why banks didn’t ‘rip and replace’ their mainframes

Why banks didn’t ‘rip and replace’ their mainframes
The hidden costs and iffy returns were what kept the stability-focused financial institutions loyal to the mainframe, which offers something no other server has: immense processing speed coupled with the ability to encrypt data from end to end, making the mainframe the superhero workhorse for finance. The processing speed of the mainframe means it can detect real-time banking irregularities before the hackers realize they’ve been spotted. The mainframe also contains layers of security, depending on the location of the data, to eliminate a data thief from being able to access personal financial information in one cache. All these benefits — encryption and security for data at rest and in transit, processing speed for crunching up to 12 billion worldwide banking transactions per day, processing power to enable analytics of enterprise-wide data, and even eliminating platform-dependent skills to develop modern applications — prove that the mainframe still remains at the hub of our financial industry’s network.


Why Cybercrime Remains Impossible to Eradicate

Cybercrime continues to be cheap and easy, especially when compared to its real-world analogs. "Effectively, criminals are simply swapping conventional crime for cybercrime," University of Surrey computer science professor Alan Woodward told me back in 2016. "Why walk into a bank with a sawed-off shotgun when you can phish for money?" These dynamics haven't changed; the tools at criminals' fingertips have become easier to procure and use. Levashov, for example, admitted to using bulletproof hosting services as part of his attacks. Such services charge a premium for hosting while promising to look the other way, for example, when said services might be used to store exfiltrated personally identifiable information or payment card details from malware victims. ... Part of the problem with stopping cybercrime is that it tends to be transnational. In addition, law enforcement experts say many cybercrime gangs continue to operate from within Russia or its former Soviet satellites, including Ukraine, with which extradition treaties are complicated or nonexistent



Quote for the day:


"Leadership happens at every level of the organization and no one can shirk from this responsibility." -- Jerry Junkins


Daily Tech Digest - September 17, 2018

jbl link 300 passive radiator
Oval shaped and available in black or white, the Link 300 has a wrap-around textured mesh grill masking a front-mounted 0.8 inch tweeter and a 3.5-inch woofer, with a large passive radiator in back that’s crucial to that JBL sound signature. The ever-ready Google Assistant wants users to control almost everything by voice. Still, this speaker’s hard plastic and rubbery-surfaced top offers press-deep (not thermal contact) volume and pause/play buttons, as well as the obligatory microphone mute button to tap if you fear Big Brother is listening. Also note the Bluetooth pairing button and a centered home button. Pressing the latter lets you abbreviate a voice command to eliminate the tedium of saying “Hey Google” before calling out a radio station, artist, or action request for news, weather, jokes, movie times, recipes, light switching, door locking, and hundreds of other commands. Although there are just two far-field microphones fitted on the top of the Link 300, they did a good job of hearing my requests, even from across the room.



Cutting through the blockchain hype


“Now, that is very attractive to smaller firms because they have a chance to come together to beat the bigger companies,” he said. “But not so much for the market leaders, without which the blockchain ecosystem won’t spin up fast enough.” Sprenger also touched on the security of blockchain systems that are deemed secure as far as the immutability of information is concerned. However, he said that notion would not apply to data privacy and access management. Citing AdNovum’s Car Dossier project, which uses blockchain as a technological basis to create trust and drive value within the used and second-hand car industry in Switzerland, Sprenger said details such as the location of a car that had been involved in an accident could be captured on a blockchain. “So you have location information and you know who owns the car at a certain point in time – that’s very sensitive information, at least in Switzerland,” he said.



Cloud complexity management is the next big thing

Cloud complexity management is the next big thing
The growing cloud computing complexity was recently documented by the Wall Street Journal that cites a survey of 46 CIOs by KeyBanc Capital Markets. It found that 32 percent said they plan to use multiple vendors to create internal private cloud systems, while 27 percent planned hybrid cloud arrangements. ... Traditional thinking is that cloud computing will replace hardware and software systems, so things will be simpler. You’ll just have to spend a few days moving workloads and data using processes so easy that the applications and data almost migrate themselves. But it turns out to be a complex migration process with many new choices to make and new technology to use. Where you once had five security systems, you now have 20. Where you had three directories, you now have seven. Why? It turns out you cannot just shut down the old stuff, so the hardware, software, and supporting systems remain. At the same time, you are standing up cloud-based systems that used a whole new set of skills and technology. Thus the complexity.


Smart building and IoT technology are highly fragmented

traffic on a city street at sunset surrounded by binary code / smart cars / smart city
One vendor of automation software for, say, elevators might use a much different data format than the manufacturer of a given building’s HVAC systems, making it difficult to integrate these two critical systems into the same framework. Part of what makes the problem of standardization at the building level so difficult is that most systems currently being used for digital facilities administration were originally designed to perform a wide range of functions. For example, the Green Building XML schema, or gbXML, was created to be a standard format for sharing CAD-based information between different building blueprints, but it’s now in use as a tool for live analysis of energy usage in smart buildings, for example. The centralization of these myriad systems is, nevertheless, underway at the National Institute of Standards and Technology. The “IoT-Enabled Smart City Framework,” or IES-City Framework, that NIST is working on with groups in other countries, is largely a conceptual one at this point, but highlights several potential concrete use cases for more unified standards down the line.


Google remotely alters battery settings on some Android 9 Pie devices


If you are using a beta version of Android, the user license agreement gives Google the right to modify system settings for testing purposes, by way of an update sent "over the air" to your device. However, remotely modifying the system settings of devices running the retail version of Android, without informing the user about what's going on, is a new precedent. Under ordinary circumstances, a user can instruct their Android Pie device to start saving battery juice when it reaches 75 percent capacity. This is supposed to be the highest threshold at which power saving can be enabled. Google's unexpected experiment, however, raised this to 99 percent and turned the feature on without notifying the user. When Android Pie's Battery Saver function gets triggered, several strong measures are enforced to reduce drain: Location Services are disabled if the device is locked, apps no longer refresh with new data in the background, and some notifications won't even show up.


Key steps to ensure data protection amidst the growth of mobile apps


It's likely you already have conventional security measures in place to monitor your organization's network, devices and users. That may or may not extend to mobile users entering your system, and if it doesn't, you'll need to look for mobile solutions specifically. This is where a diagnosis of your mobile framework will come in handy. What kind of policies do you have in place to protect your network and users? Are employees forbidden to download and install applications from third-party mobile app stores, for example? Have you instead decided to issue enterprise-exclusive devices and restrict business-related activities to said platforms only? Additionally, consider what can be done to protect the network from users tapping in. For instance, you might look at separate network access between customers and employees. You might also deploy a joint security monitoring and firewall system that can be used to identify, track and block access to various users based on activity.


Cyber security: A work in progress


Whether it is the lack of skills to deal with increasing threats or the fact that many users still fall for scams and click on malicious links or open suspicious documents, one thing has been constant over the past three years. When asked what the biggest problem is – people, process or technology – the results leave little room for ambiguity as to where the challenge lies, with 82% saying that cyber security is a people problem – consistent with the responses of the previous two years. So, what can we conclude from three years of IISP surveys? The ongoing problem that security teams are trying to solve is clear. New attacks continue to emerge and new vulnerabilities are discovered and patched. Data volumes and technology reliance continue to increase and the burden often falls to a team with roughly the same headcount and budget as the year before.


Europe Catches GDPR Breach Notification Fever

Europe Catches GDPR Breach Notification Fever
After notifying authorities, many organizations that have suffered a data breach will be instructed to notify victims, or else choose to do so on their own. Because consumers are already seeing a sharp rise in breach notifications, some have voiced concern that it could lead to "breach fatigue" and perhaps a sense of helplessness at their lack of power to control the fate of their data. "There is an argument that we risk people suffering data breach notification fatigue," says Honan, who is also a cybersecurity adviser to Europol, the EU's law enforcement intelligence agency. "However, I would argue that people are better off knowing that their data is at risk so they can take appropriate action to protect themselves. We should also be aware that breach notifications serve to provide not just the individuals affected by the breach details of what happened but also should be used by other organizations to learn from. If we are more aware of the root causes of breaches in other organizations, we can use that information to better secure our own systems."


What is multi-access edge computing, and how has it evolved?

edge computing
Multi-access edge computing (MEC) is a network architecture that supports compute and storage capacity at the network edge, rather than in a central data center or cloud location. MEC enables rapid and flexible deployment of new applications, and it offers significantly lower latency -- and better performance -- for local applications and data, compared with centralized data center resources. Prototypical MEC applications require ultrafast response times and high availability, and they derive security benefits from localized data flows. MEC provides the intelligence for taking real-time actions and the ability to perform complex data analytics. Applications suited to MEC capabilities include virtual reality, self-driving cars and business-critical IoT applications, all of which require real-time response. Any application that generates a large amount of data can benefit from MEC, as edge computing can make immediate decisions and only transmit aggregate data to central cloud infrastructure, thus significantly reducing network bandwidth requirements.


Hackers wage a new Cold War

The cyber Cold War isn’t just a matter for military and intelligence personnel to ponder. It can easily affect the life of any business. Personal financial information can be stolen and sold for profit by a crime ring, or used to finance a terrorist attack. A company’s intellectual property can be targeted by an industrial rival, or its systems sabotaged, or its stock price manipulated by a fake Twitter account, or its reputation and business relationships ruined through leaks and hoaxes. Citizens can be disenfranchised by hacked voting systems that render polling places inoperable or change recorded votes. Cities can be imperiled by attacks on the electrical power grid, or on the systems controlling large dams, or even on the connected cars and smart homes that fill their streets and neighborhoods. What can you do about it? In our interconnected world, the lines between espionage, war, and business can be all too blurry. If you run a business, work with sensitive data, or work in cybersecurity, you’re already considered fair game—and so are your customers.



Quote for the day:


"Management is efficiency in climbing the ladder of success; leadership determines whether the ladder is leaning against the right wall." -- Stephen Covey


Daily Tech Digest - September 16, 2018

For a digital transformation to be successful, organizations need to have a digital strategy connected with the organization general strategic objectives. This implies that the transformation process should be pervasive through the whole organization, it is no longer and IT or automatization issue. Implies having new digital products and services, a new and more innovative business model, a more complex channel strategy, an aggressive digital marketing and developing the right capabilities to offer customers a good digital experience. All of this of course needs to be supported by technology capabilities and platforms. This can only be achieved if the whole organizational landscape is described and understood. An ‘architectural landscape’ essentially represents the different components of the business – including business processes and information technology resources – making it possible to modify existing operating models in order to harness new technological trends in an efficient and timely manner.


Leveraging Segmentation to Secure IoT

The biggest challenge facing most organizations is simply identifying and tracking all IoT devices connected to the network. Network Access Control allows organizations to authenticate and classify IoT devices securely. Real-time discovery and classification of devices at the point of access allows IT teams to build risk profiles and automatically assign IoT devices to appropriate device groups, along with associated policies. ... Once the network has identified IoT devices, IT teams then need to establish IoT attack surface controls. Segmenting IoT devices and related communications into policy-based groups and secured network zones allow the network to automatically grant and enforce baseline privileges for specific IoT device profiles. While inventory management tools can track these devices, and behavioral analytics can monitor their behavior, Internal Segmentation Firewalls (ISFW) need to be applied to enable organizations to not only quickly and dynamically establish and control network segments but also inspect applications and other traffic that need to cross segmentation boundaries.


CDOs are a crucial hire for any organisation looking to unlock the value of their data. Companies sit on a mountain of data, including marketing and sales, finance, HR and operations and to store, process, analyse and use this data effectively requires a specific set of skills. They have a broad role, encompassing parts of other c-suite roles. But some companies mistake it with the chief information officer (CIO). However, whereas the CIO deals with the technology, infrastructure and software/data engineering of a company, the CDO should be more commercially minded. As Pete Williams, former analytics head at M&S explains: “The CIO can have responsibility to ingest data. But for a CDO, we are talking about a level of commercial awareness that needs to come from the business.” They look at how data can be used by a business to gain a competitive and commercial edge. CDOs are more important than ever, especially now the General Data Protection Regulation (GDPR) has become a business-as-usual requirement. Indeed, the hefty fine for infringing GDPR has helped to elevate data governance to board-level status.


The Future of Networking Is 5G: Businesses Must Prepare Now

Between now and 2020, a few things must still happen: The industry must complete the entire set of 5G standards. Even though most of the radio standards are defined, we have about another year of work on the core network standards. Expect to see both established service providers and startups, even some large enterprises, roll out localized wireless 5G networks over the next year. They will use slight modifications of the 4G core but take advantage of the current patchwork of 5G radio spectrum. Network trials and proof-of-concept applications will represent the bulk of those efforts. The real 5G core, with full network-slicing capability, will start to show up in large-scale production networks around 2020. Understanding 5G and its implications should be high on your company’s priority list. How will setting up a private 5G network slice improve your company’s critical applications, services and security processes? Could new network services open up revenue-generating opportunities?


The Smart City Trailblazers

The Smart City Trailblazers TechNative
Could smart canals ever become a reality? If so, Amsterdam is likely to lead the charge. As an early investor in smart technology, Amsterdam first hired a chief technology officer back in 2004, at a time before some of the foundational concepts of smart cities had terms we would recognize today. As with many smart cities, Amsterdam has long focused on transportation, and the use of satellite navigation technology and other sensor-derived data has provided a more pedestrian-friendly cityscape. The success of these transportation improvements is clear. The city had to update their traffic information in 2016, as the previous data, gathered in 2011, was already obsolete: In that time, the number of cars dropped by 25 percent, and the number of more efficient scooters rose by 100 percent. Amsterdam’s unified approach toward smart technology better enables it to combine both private and public efforts, leading to a cohesive approach that’s already paying off.


Safe Artificial Intelligence Requires Cultural Intelligence


Building machines that can perform any cognitive task means figuring out how to build AI that can not only learn about things like the biology of tomatoes but also about our highly variable and changing systems of norms about things like what we do with tomatoes. Humans live lives populated by a multitude of norms, from how we eat, dress and speak to how we share information, treat one another and pursue our goals. For AI to be truly powerful will require machines to comprehend that norms can vary tremendously from group to group, making them seem unnecessary, yet it can be critical to follow them in a given community. Tomatoes in fruit salads may seem odd to the Brits for whom Kington was writing, but they are perfectly fine if you are cooking for Koreans or a member of the culinary avant-garde. And while it may seem minor, serving them the wrong way to a particular guest can cause confusion, disgust, even anger. ... Norms concern things not only as apparently minor as what foods to combine but also things that communities consider tremendously consequential: who can marry whom, how children are to be treated, who is entitled to hold power, how businesses make and price their goods and services, when and how criticism can be shared publicly.


Bitcoin Blockchain Technology Implementation In India Not An Easy Task

There will be a complete transformation which will cost a fortune in the complete makeover along with a dedicated time. In addition to this, recruiting blockchain experts and data scientists is definitely much costlier as compared to hiring software developers. The biggest applications of blockchain rely on public frameworks such as Bitcoin and Ethereum. All the parties can make transactions within the same network that is monitored. But the entire process is expensive and needs a lot of investment to keep it under operation. For a government projects or any public blockchain-based applications, the role of cost bearer in terms of network maintenance and the validation of transactions is still not clear. Despite all the issues, there is a significant rise in the number of blockchain developer requirement in the market. It is even alleged that cryptocurrency and blockchain jobs are gradually more appealing to job seekers from more conventional sectors especially in Asia.


Onelink: IoT Smoke Alarm Now Alexa-Enabled

First Alarm Onelink IoT Smart Smoke Detector App Notification Alexa Enabled Night Light Home Office
Onelink Safe & Sound is not your ordinary smoke alarm. It is a smart IoT alarm that could detect smoke and carbon monoxide in your home or office. Powered by First Alert’s technology for smoke and carbon monoxide detection, it has an 85-decibel alarm, and it also sends notifications to your mobile phone if the device detects any smoke or carbon monoxide within the premise. It also has a built-in Alexa voice service which allows you to access all the features found on Amazon Echo. You can use voice commands on Onelink Safe & Sound to play your favorite music, audiobooks, control smart devices, and even have it read the news. Also known as an electrochemical gas sensor is a gas detector that measures the density of a target gas by oxidizing or decreasing the target gas at an electrode and measuring the resulting current. To get your very own Onelink Safe & Sound Smoke and CO alarm, check out their product page on Amazon for easy ordering. The device can currently be bought for $241.53. There are also bundles that tie in Amazon Echo devices, in case you’re looking to buy one.


Building the Pillars of Data Modeling and Enterprise Architecture

Enterprise Architecture
Ruff said, “ER/Studio doesn’t do the Data Governance for you,” but Data Governance can’t be done without an Enterprise Architecture solution like ER/Studio as a foundation, “because if you’re not managing your data at the low level, you can’t manage it at a higher level,” she said. Having a complete model of the data gives business users access to that global vision they need and a thorough understanding of the value of that data. “It’s extremely important that every single thing that an organization does has a data representation and a process representation,” in the model, “because it’s really through the modeling that we are able to improve our business processes, improve our data quality, and everything else,” said Huizenga. ... The consequences of non-compliance can be great, so it’s vital to fully understand how regulations affect business practices. “You will need to verify that the safeguards you have in place are indeed sufficient, rather than just assuming they meet the requirements.” Compliance is an active process and it’s imperative that companies implement the appropriate protections proactively.


Transforming The Transformative: The CMO's Role In Leading Digital Transformation

As a CMO, it’s important to remember that technology alone won’t ensure your company’s DX is a success. When Forrester identified the capabilities most vital to DX success, just four out of the top 10 are technology-based.  To accelerate digital transformation and drive revenue growth, CMOs must develop and redesign organizational capabilities like strategy, culture, change management, digital experiences, innovation management and customer journey mapping. Reshaping your culture to be customer-centric is essential in order to support continuous innovation and drive effective change throughout the organization. Unsurprisingly, data and analytics capabilities are most critical among technologies that drive digital transformation success. Modern marketers are data-driven, and in an age where customer experience is the ultimate factor that can make or break a brand, CMOs often rely on customer datawhen strategizing how to meet and exceed high customer expectations.



Quote for the day:


"Great leaders don't need to act tough. Their confidence and humility serve to underscore their toughness." -- @SimonSinek


Daily Tech Digest - September 14, 2018

Apple Watch - Series 4 > Athletics / health / fitness > ECG / heartrate / sinus rhythm
Apple has very clearly focused on healthcare, steadily building an in-house team of experts, most notably around medical devices who know how to work with regulators, researchers and IT. With the introduction of HealthKit, ResearchKit and CareKit, Apple has been at the forefront of unlocking personal health data and allowing users to share it with care teams, researchers and even first responders. Some of the broadest health studies ever conducted have relied on ResearchKit. iPhones and Apple Watches make it possible to contact emergency services and care-givers in seconds, and they provide key information about us using the emergency medical information card that can be accessed on an iPhone – even when the phone is locked. And increasingly, they alert us to signs of danger and disease that might otherwise go unnoticed. Apple is not slowing its efforts; in fact, it’s just getting started. The announcement this week of fall detection, complete with an understanding of different types of falls, is a major improvement aimed directly at older users.



Is Pattern Recognition Killing Innovation?

Underrepresented founders face greater challenges in convincing a fairly homogeneous industry that issues they are solving are significant enough, that the services they provide are widely needed and that they are the ones to take this vision into a multibillion dollar company. Katrina Lake, founder of Stitch Fix, and Shan Lynn Ma, founder of Zola (both multibillion dollar companies) have spoken out about their struggle to raise funding and felt it was due to the lack of diversity in the VC industry. "You can't blame the kind of individual for having that preference, but then you step back and realize 94% of venture investors are male and have similar preferences. And so, I think that it unquestionably made it harder," says Lake. In a sector that is driven by business ‘intuition’ and ‘gut feeling’ based on past patterns, female founders and other underrepresented founders, lose out. This is, to some extent, due to what experts call “homophily” in which similarity breeds connection, which means VCs prefer to hire, invest in, or co-invest with those that are similar to themselves.


Outcomes-based security is the way forward


“We are still finding the same problems every year that we have found in previous years, with things like credential theft and abuse still common, and multifactor authentication – especially for privileged accounts – still rare, even though this would reduce the attack surface massively,” he says. The only real change, he adds, is that there is now a lot more on the corporate IT network, with “almost everything” connected and online as business processes become increasingly digital and the dependency on IT is greater than ever before. “But businesses still assume that if they have spent millions on security products everything is fine, but bad guys usually work out what has been done to make something more secure and will find a way around it, so it is a continual arms race,” he says. As a result, Raeburn believes most cyber security technology innovations tend to provide a false sense of security for organisations because they will be effective only for a limited period of time.


Fighting the fear of new tech with the chief technology evangelist

Training is also paramount, and should be conducted in virtual or test environments as much as possible, long before the new technology goes live. It’s also important to remember that every employee will need to transition to a new technology at a pace that works for them which won’t interfere with their primary objectives. This can be especially important in organizations like healthcare, where doctors and other clinicians can’t be pulled away from their patients, or afford to slow down the treatment process due to the implementation of a new technology. Getting buy-in and acceptance from the workforce that will be using any new system is critical, since they will ultimately make or break the project. And for that to happen, the new technology needs an advocate, someone who can rally the troops and make people actively excited about the pending change long before the wheels start to turn on a new project.


Mobile fraud is increasing, attack rates rising 24% year-over-year

mobile fraud increase
Financial institutions were besieged with 81 million cybercrime attacks in the first half of 2018 on the ThreatMetrix global network. Of these, 27 million were targeting the mobile channel as fraudsters turn their attention to the success story that is mobile banking adoption. Financial services mobile transactions are growing globally, with China, South East Asia and India showing the strongest regional growth. This indicates that the mobile channel is a key enabler for financial inclusion in emerging economies. Overall, the biggest threat in financial services comes from device spoofing, as fraudsters attempt to trick banks into thinking multiple fraudulent log in attempts are coming from new customer devices, perhaps by repeatedly wiping cookies or using virtual machines. Mule networks also continue to negatively impact the global banking ecosystem, particularly as financial crime becomes an ever-more sophisticated and hyper-connected beast. The challenge for financial institutions is detecting mule activity even when individual account behavior may not trigger red flags.


Smartwatches finally evolve into a viable platform

snapdragon wear 3100
The Qualcomm Snapdragon Wear 3100 platform allows for a pervasive display, and the watches have battery life measured in days, not hours. This means that a watch maker can create a watch with a pervasive, attractive face designed to work with the watch case and look good to others, not just the watch user. Therefore, companies like TAG Heuer and Louis Vuitton (who owns TAG Heuer and Hublot) are now planning on releasing smartwatches by year’s end.  Finally, we have smartwatches that embrace the idea of a watch being a showcase of wealth and status. The part the watchmakers need to address is collectability…and that suggests a modular approach, where the movements and the cases are separate. That way you can buy and collect cases and then insert your up-to-date smartwatch component (which will then morph its display to match the case it’s placed in). I’m aware that TAG Heuer was working on a project like this about a decade ago, so my money is on them getting this right first.


Supermicro unveils an insanely fast, insanely thin storage server

Supermicro unveils an insanely fast, insanely thin storage server
The new Supermicro product, the SSG-1029P-NMR36L, has 36 18TB NF1 drives in its 1U chassis, doubling the capacity of a model introduced in January with 288TB. The server also comes with two 28-core Xeon SP processors and holds up to 3TB of memory in 24 DIMM slots and dual 16-lane PCIe network cards. The NF1 drives are all front-loaded and hot-swappable using the NVMe protocol for high-capacity network storage and very low latency performance. The optimized power profile of the fully hot-swap-capable NF1 devices means more processing power can be reserved to drive IO with the fastest CPU and memory available. "At Supermicro, we consistently offer our customers early access to the very latest and best technologies," said Charles Liang, president and CEO of Supermicro, in a statement. "Our 1U NF1 storage server features the most power-efficient, next-generation flash technology with the highest storage density and best IOPS performance. This provides a real time-to-value competitive advantage for users with data-intensive workloads like big data, autonomous driving, AI, and HPC applications."



When to use a CRDT-based database

Everything looks good with the eventual consistency model until there are data conflicts. A few eventual consistency models promise best effort to fix the conflicts, but fall short of guaranteeing strong consistency. The good news is, the models built around conflict-free replicated data types (CRDTs) deliver strong eventual consistency. CRDTs achieve strong eventual consistency through a predetermined set of conflict resolution rules and semantics. Applications built on top of CRDT-based databases must be designed to accommodate the conflict resolution semantics. In this article we will explore how to design, develop, and test geo-distributed applications using a CRDT-based database. We will also examine four sample use cases: counters, distributed caching, shared sessions, and multi-region data ingest. My employer, Redis Labs, recently announced CRDT support in Redis Enterprise, with conflict-free replicated data types joining the rich portfolio of data structures—Strings, Hashes, Lists, Sets, Sorted Sets, Bitfields, Geo, Hyperloglog, and Streams—in our database product.


14 Things I Wish I’d Known When Starting with MongoDB


MongoDB’s security checklist gives good advice on reducing the risk of penetration of the network and of a data breach. It is easy to shrug and assume that a development server doesn’t need a high level of security. Not so: It is relevant to all MongoDB servers. In particular, unless there is a very good reason to use mapReduce, group, or $where, you should disable the use of arbitrary JavaScript by setting javascriptEnabled:false in the config file. Because the data files of standard MongoDB is not encrypted, It is also wise to Run MongoDB with a Dedicated User with full access to the data files restricted to that user so as to use the operating systems own file-access controls. MongoDB doesn’t enforce a schema. This is not the same thing as saying that it doesn’t need one. If you really want to save documents with no consistent schema, you can store them very quickly and easily but retrieval can be the very devil. 


Four key considerations for evaluating graph warehouses

Organizations should also evaluate graph databases in terms of how much reading and writing they’ll require. GOLAP systems mostly read data for query purposes. Since data warehouses are usually batch jobs, their writing capabilities aren’t as important as their ability to swiftly query data for answers. However, the performance of batch loading is crucial. OLTP systems are constantly updating small portions of their transactional data via their writing capacity. For example, tollbooths are continually reading the license plates of vehicles and updating transactional data for passing motorists. Other examples include point-of-sale (POS) checkout systems, either for e-commerce or physical shopping locations. The same data from the tollbooths or consumer checkout is subsequently used by OLAP systems for establishing highway systems improvements, or pricing and marketing options for POS. Another defining attribute of OLTP and OLAP systems is the type of query required. In general, OLTP systems are primed for answering narrow, well-defined questions. 



Quote for the day:


"It's very important in a leadership role not to place your ego at the foreground and not to judge everything in relationship to how your ego is fed." -- Ruth J. Simmons