Daily Tech Digest - January 10, 2019


Senior leaders must objectively assess not only their own strengths, but also where they have knowledge or experience gaps — areas where they need to build new skills. A recent PwC study (pdf) found, as one might expect, that those in senior management roles are less likely than, for example, those in factory or clerical roles to be entirely displaced by automation. But the nature of leaders’ work will undoubtedly undergo major shifts. These shifts will open up more time for forward-looking activities; executives will be helped further here by the presence of increasingly sophisticated data. Meanwhile, leaders in customer-facing roles need to figure out how to best serve customers, taking advantage of automation to provide customized products and services on demand. Functional leaders must consider the following matters as they define their role in the age of robots: What actions will they need to take now to prepare for the ways that robots will transform their industry and business? Structurally, what has to change in the organization?


fog obscures the horizon beyond a highway / uncertainty / unknown future
The inevitable next step — something that is already happening — is the augmentation and eventual automation of corporate decision making based on this proprietary knowledge. Cognitive platforms such as CognitiveScale and Maana are at the forefront of this type of contextual, knowledge management automation — but they are just the leaders in a rapidly developing market full of some of the brightest, most progressive minds in technology. While every company that is developing AI-based technologies today will tell you that their goal is to augment human capabilities rather than replace workers, the reality is that this story is leading to an inevitable conclusion. While it may not be politically correct (or good for sales) to acknowledge it openly today, the writing is on the wall: if we can reduce something to an algorithm, we will automate it in the very near future. 


How to tackle phishing with machine learning

istock-625496696phishing.jpg
As the various elements of an email are very clearly defined (return-path, content-type, etc.) EdgeWave reviews each of these for every email against our threat database. In many cases, we see where individual elements can be suspicious, but when combined together they create a malicious email. ... The challenge for email is that it tends to be the starting point for cyber-attacks rather than the sole perpetrator. Consider, for example, situations where JavaScript is embedded in a PDF attachment, which is opened. JavaScript only kick-offs the exploit process. Determining if the JavaScript itself is malicious is challenging without directly running the script and evaluating the subsequent actions (sandboxing). The outcome of the JavaScript actions can be evaluated against our threat database to determine a level of suspicion. EdgeWave has a taxonomy of over 40k rules based on the information and processes described above. Many of these are the result of machine learning (A+B+C = bad) plus detailed analysis by our threat detection analysts.



Moving to a Next-Generation SOC: Critical Factors

Organizations looking to migrate to a next-generation security operations center must first carefully assess any problems they are facing with current security technology, says Vikram Mehta. "The first thing that organizations would need to do before they embark on this journey is to identify which problems they are really trying to solve, identify pain points and document use cases which are challenging to solve with the traditional framework of SOC implementation," Mehta says in an interview with Information Security Media Group. Organizations should make a gradual shift to a next-generation SOC, he advises. "Just implementing a piece of technology and expecting it to solve all problems is absolutely not the way to go," he says. In this interview Mehta also discusses: Common mistakes companies make while shifting to a next-generation SOC; Problems that a next-generation SOC can help resolve; The technology stack, including open source components, that MakeMyTrip leveraged to implement a next-generation SOC.


Unified communications market sees demand for customized offerings


"Some customers want a simple workflow that expands outside of a traditional UC application," he explained. "When we are helping customers with UC API engagements, we tend to look at the larger picture typically through an ideation process. As a result, we may help investigate ways to build a custom digital transformation outcome that may include ... UC, mobility and customer experience." But with the opportunity comes challenges, and the biggest one Lazar sees is the ability to find developer expertise. "API [and CPaaS] vendors like Nexmo/Vonage tout about 700,000 developers; others are diligently working to build developer awareness or create tools that enable nondevelopers to use API-based services," he said. Another challenge is matching API capabilities to customer's business workflows, said Derek Lohman, Cisco prototype lead at WWT.


How agile development can give organizations competitive edge

This works especially well in the tech industry, especially when dealing with new technologies like Blockchain, for a number of reasons, namely that there are a lot of pedants working to make those environments unpleasant and rigorous. This, fortunately, is an unsuccessful way to run almost any businesses as it prevents ingenuity and uniformity. Instead of fearing changelogs or criticism, the agile developers welcome it and work tirelessly to bring value to products over meeting deadline requirements. Agile developers value collaboration and welcome change. In other words, they eschew traditional working values. Individuals come first. Teams self-organize. Developers and corporate people interact and communicate. Why are Agile methodologies such a big deal in tech? Making it in the tech industry can be hard. Projects can get lost. Budgets can get devoured. It’s all very simple to lose track of it all when building a software product.


2FA bypass tool highlights top business security vulnerabilities


The reverse proxy tool, which is available on GitHub along with user guidelines, can be used to bypass most of the currently used 2FA authentication schemes and uses a technique that Duszyński said he has exploited for “quite a while already”. He further justifies the creation and release of the tool by saying it should be useful to all penetration testers who want to carry out an effective phishing campaign as well as for organisations’ red teaming exercises to test the effectiveness of their cyber defences. The tool puts an imperceptible phishing site between the user and the legitimate site in a classic man in the middle-style attack to harvest credentials including second factor authentication codes, and therefore does not require the attacker to create a fake version of the site to trick users into entering their details. However, this reverse proxy technique does not work against 2FA schemes that use universal 2nd factor (U2F), which is a type of physical authentication device that uses encryption and private keys to protect and unlock supported accounts.


Server sales projected to slow, while memory prices drop

While total server sales were up 5 percent, with Q2 of 2018 being especially strong with more than 10 percent quarter-over-quarter growth in global server shipments, the shipment growth is expected to slow down to 2 percent in the first half of the year. The reason is that there are new generations of processors from Intel and AMD on the way. Intel just announced its latest Xeon Scalable Platform processor, code-named “Cascade Lake,” while AMD has a next-generation Epyc code-named “Rome” in the works. ... Something else that’s slowing down: NAND flash memory output. The bit output from the NAND Flash industry in 2018 turned out to be higher than expected. Vendors such as Hynix and Micron got great yields from their 64-layer 3D NAND production lines. However, NAND Flash demand has remained sluggish for several reasons: the looming trade war between China and the U.S., the shortage of Intel CPUs, and the lower-than-expected sales of the new, overpriced iPhone.


The future of the CIO

Architectural dome reflected in a crystal ball. / future / predictions / forecast / fortune telling
CIOs say that today is crazy and challenging and in 5 years, it will be much the same. One CIO responded by saying as many years as I've been doing this, the details of what kind of crazy is what changes. Historically, IT was a supporting function to business strategy, but more and more with digital, IT is redefining business strategy. In 5 years, AI will manage all infrastructure (networks and systems) and machine learning may replace the need for strategic planning and robots will replace the CIO? The CIO role today has different impact across organizations and industries. In the future, CIOs will emerge into the front-line of driving customer engagement and business innovation.  IT is clearly moving from the back office to center stage, so any disruption instantly impacts every customer and employee. CIOs, for these reasons, must be more adept at communicating, leading, persuading, apologizing, and selling. One CIO suggest here that they call the path forward a three-legged race.


Digital insurance in 2018: Driving real impact with digital and analytics

We believe the industry is now in a position in which executives can embark on a digital journey to achieve real impact. It is no longer “if” digital technologies will change the industry, it is “how” and “when.” The challenge—or opportunity—for incumbents in the digital transformation lies in determining the concrete steps they should be taking right now to join (if not lead) the digital revolution while maximizing existing assets. With new attackers on the hunt for customers, incumbents must move quickly to integrate digital technologies into their operations. Claims should be a top priority. To capture the value of digital, claim functions must embark on a transformation to become customer-centric, digitally enabled organizations. So where to start? We offer five essential elements needed to digitize and transform property-and-casualty (P&C) claims. By examining each of these areas, P&C claim functions can start to rethink the claims customer journey and back-office processes.



Quote for the day:


"True leaders bring out your personal best. They ignite your human potential" -- John Paul Warren