Daily Tech Digest - September 20, 2018

Smarter analytics for banks

Smarter analytics for banks
Banks currently concentrate most of their analytics use cases in sales management (for example, next product to buy, digital marketing, and transactional analytics), financial risk management (collections), and nonfinancial risks (cybersecurity and fraud detection). These are logical first choices, but banks also need an analytics road map for the entire organization to ensure transparency and clarity on their aspiration for advanced analytics. Before launching efforts on specific use cases, banks should identify those areas where analytics will do the most to enhance their value propositions, in line with their business strategies. Over time, banks should extend analytics to other functions and set their ambitions for how analytics will help the organization in the years ahead. Across industries, analytics leaders integrate analytics not only into a few crucial business units but also across all operations. This is true for analytics leaders among banks as well: more than half have introduced use cases to three or more functional areas.



The new face of Financial Services

With universal consumer adoption of digital communication, and technologies such as Blockchain removing the need for a trusted intermediary, the role of the financial institution is in flux. An example is Bitcoin, and similar technologies launched in recent years. These new currencies seem to herald the shape of things to come, but their levels of volatility hamper their development as reliable forms of payment or stores of value. The risk is that they are becoming nothing more than instruments of pure speculation. Barely a week goes by without a new crypto currency launching, but most disappear without trace leaving early adopters out of pocket and further tarnishing the perceived reliability of such means of exchange. A lack of transparency into the workings of the system exposes it to fraud and manipulation; and the very decentralisation that gives crypto currencies their advantage over traditional counterparts also signals a disadvantage, which is the anonymity of the counter-party in a transaction.


Credential stuffing attacks cause heartache for the financial sector


Often utilized by botnets, credential stuffing describes the use of stolen or leaked credentials in automatic injection attacks. Automated scripts hammer online services with credentials in the hopes of a password and username or email address being accepted as legitimate -- which, in turn, permits account hijacking and takeovers. One of the core problems in today's consumer and employee security practices is the use of password and email combinations for multiple online services. When a data breach occurs, such as the LinkedIn 2012 security incident in which 112 million credentials were exposed, the story doesn't end there. These credentials may end up online and public or for sale in the Dark Web. Massive data dumps full of stolen credentials can be found in the Web's underbelly, all of which can be added to batch scripts which will automatically attempt to login to services. ... If a financial account is compromised in such a way, this may lead to the theft of funds or stock portfolio tampering. If the account belongs to an employee of the organization, the damage could be deeper, with the compromise of internal banking systems.


Investing wisely in the healthcare IT ecosystem

Investing wisely in the healthcare IT ecosystem
Through technology, healthcare is becoming a different kind of industry, which is not lost on the technology provider market. Healthcare CIOs have much greater choices in technology solutions, but they need to be careful. The vendor community is willing to sell a whole range of tools, but some of these tools are more mature than others. There is likely to be a long shake out and adoption period for these technologies. CIOs in healthcare have to think through how to architect these solutions as a part of their ecosystems as opposed to buying 10-point solutions that solve narrowly defined needs.  The data architecture in a healthcare system is very complex, since data comes into the system from so many places — patients, referring physicians, payers. The future includes wearables, home monitoring and other sensors that are beyond the hospital and physician office. And data comes in so many forms — diagnostic test results can be images, paper, and lab results, structured and unstructured — all of which have to be brought into the record and integrated into a set of processes.


How Non-IT Employees Can Bridge the Security Skills Shortage

How Non-IT Employees Can Bridge the Security Skills Shortage
The security skills shortage can equally apply to dedicated IT professionals and to ordinary, non-IT employees. While the worries about the potentially 3.5 million unfilled cybersecurity jobs by 2021 are certainly pressing, even the most dedicated expert will need to work with other employees. Without some knowledge of cybersecurity best practices, your security team will be fighting an uphill battle. This adds additional stress and responsibilities to their workloads, possibly increasing the burnout rate. Instead, you need to get employees involved in bridging the security skills shortage. Your enterprise can start by building awareness of how their actions can influence your enterprise’s security posture. You can and should provide engaging, work-integrated training programs at regular intervals to instruct your employees on best practices. The security skills shortage is already a struggle. Don’t compound it by keeping your other employees in the dark.


False positive reduction in credit card fraud detection

MIT researchers have employed a new machine-learning technique to substantially reduce false positives in fraud-detecting technologies. Image: Chelsea Turner
The backbone of the model consists of creatively stacked “primitives,” simple functions that take two inputs and give an output. For example, calculating an average of two numbers is one primitive. That can be combined with a primitive that looks at the time stamp of two transactions to get an average time between transactions. Stacking another primitive that calculates the distance between two addresses from those transactions gives an average time between two purchases at two specific locations. Another primitive could determine if the purchase was made on a weekday or weekend, and so on. Veeramachaneni said, “Once we have those primitives, there is no stopping us for stacking them … and you start to see these interesting variables you didn’t think of before. If you dig deep into the algorithm, primitives are the secret sauce.” “One important feature that the model generates, is calculating the distance between those two locations and whether they happened in person or remotely.


Meet the women who are making sure blockchain is inclusive

The way Indilo sees it, it’s similar to the promise of the internet where everyone with access had the chance to be a participant. However, that democratization wasn’t totally realized as areas with limited access prohibited participation and the growth of large tech companies. The data created on the internet is a “huge asset essentially owned by few companies use for their own benefit,” she says. “We don’t even understand why they are doing certain things, and in many cases they hugely undermine privacy.” But blockchain can deliver on that promise. Simply being able to send and receive money in a secure, transparent way has huge implications for both the banked and unbanked populations of the world. And it’s not just about money, Indilo contends. Opu Labs is a skincare web application built on the blockchain. It allows users to scan their faces and get analysis on skin conditions. Not only is this very personal information secure and unable to be tampered with, Indilo points out that people are getting paid to get something valuable.


What’s the Secret to Success as a Data Scientist?

What’s the Secret to Success as a Data Scientist?
In essence, data scientists are tasked with making discoveries out of large quantities of data. They’re explorers who interpret the world around them. “At ease in the digital realm, they are able to bring structure to large quantities of formless data and make analysis possible,” Thomas H. Davenport writes for Harvard Business Review. “They identify rich data sources, join them with other, potentially incomplete data sources, and clean the resulting set. In a competitive landscape where challenges keep changing and data never stop flowing, data scientists help decision makers shift from ad hoc analysis to an ongoing conversation with data.” By 2020, IBM is predicting that demand for data scientists will increase by 28 percent. More than half of these jobs (59 percent) will be in the finance, insurance, professional services, and IT industries. Within two years, there will be an estimated 2.7 million data professional jobs in the United States alone. The average annual pay for advertised data scientist jobs is currently somewhere around $105,000.


Your biggest cyber security threat is inside your organisation

It shouldn’t come as a surprise that staff awareness training can be difficult. That doesn’t mean you can’t put in place an effective training regime; you just need to understand the problems and find a solution. The way you do this will depend on the resources at your disposal. One of the most common solutions, particularly for organisations that are short on time, is to get help from a third party. This takes the hassle out of staff awareness training, freeing you from the worries of creating a course from scratch, making sure it’s delivered in a way that everyone will understand and checking that all the necessary information is included. You can make the process even easier by using our Information Security Staff Awareness E-Learning Course. Because it’s an online course, your employees can study at a time and place that’s convenient for them. All you need to do is send a notification to your employees, and then check that everybody’s completed the course.


Artificial Intelligence, Ratings, and the Small Print


Relying on either the wisdom of crowds or the wisdom of computers, however, might not be enough. Acquisti, who is part of the Carnegie Mellon team, believes that the onus shouldn’t be on consumers to continually track the way their data is used. “We cannot expect, or pretend, individuals to be constantly aware of and engaged with all the myriad of ways tools and services continuously collect and track their information,” he wrote in an email. “The effort needed to consciously manage such unending flows of data would be nearly superhuman.” Instead, because privacy management is a societal issue that requires societal solutions, Acquisti argues that it is necessary to set clear privacy standards that companies can adhere to. “If, as a society, we were to set a goal of handling the issue of privacy better, then a combination of smart regulation and technology would be needed,” he noted. Smart regulation should encourage technologies that allow organizations to collect and use consumer data while doing more to protect privacy.



Quote for the day:


"There comes a time when you have to choose between turning the page and closing the book." -- Unknown