Daily Tech Digest - October 09, 2019

Blockchain: Why the revolution is still a decade away

According to Adrian Lee, who researched the report, this was caused by a "lack of industry consensus" on key features of the technology, such as product concept, application requirements or target market. In other words, blockchain has been a victim of its own hype. Its potential benefits raised huge expectations, but in reality it is not mature enough yet to be efficiently implemented at scale. Litan compares this to the adoption of the internet: users don't have to worry about understanding protocols such as DNS or TCP/IP. This is why browsing the web is scalable, and it is why it became so mainstream. But if an enterprise wants to implement blockchain, it's a whole different story. Individual companies have to worry about picking a platform, coming up with a smart contract language, or using a specific system interface and consensus algorithms. ... Avivah Litan, research vice-president at Gartner, doesn't see this happening before 2028, which is when she expects the technology to be fully scalable.

ISO 27001. PCI DSS. GDPR. When it comes to business and security standards, it's easy to get lost in the alphabet soup of acronyms. How can you discern which ones are right for your organization? Start by asking some high-level questions as to what you hope to accomplish by adopting them – and how adhering to standards can help your growth, says Khushbu Pratap, a senior principal analyst at Gartner who covers risk and compliance. "The most important questions to ask [are]: Are your customers asking for it, and do your stakeholders think a particular standard is important?" says Pratap. Assuming the answers are yes, there are additional factors to think through before moving ahead with a strategy for compliance. The seven practical tips outlined in this feature will help. Heavily regulated organizations typically have special teams that work on these standards, but even for them, use this list as a chance to take a step back and better target your standards compliance and certification teams.

For writing more secure code, culture remains another challenge. Stu Hirst, principal cloud security engineer at British online food order and delivery service Just Eat, speaking at last week's ScotSoft conference in Edinburgh, Scotland, advocated literally showing developers the risks that poor or poor-quality reused code can create, for example, by showing them how it can be hacked. He says such discussions are essential for fostering a culture in which coders are coding securely, without trying to impose punitive measures. ... Earlier this year, the CISO of a European financial services firm told me that his organization's approach has been to maintain its own repository of code snippets that have been vetted and trusted, from which in-house developers can draw, thus saving time and contributing to more secure and stable software builds. The organization also regularly evaluates open source offerings, and it isn't afraid to tear up code built in-house when a better open source alternative becomes available. 

The Magic Of Smart Mirrors: AI, AR & The IoT

The Magic Of Smart Mirrors: Artificial Intelligence, Augmented Reality And The Internet of Things
Coty’s version of the smart mirror is the CES 2019 Innovation Awards Honoree—Wella Professionals Smart Mirror. This mirror allows stylists to provide more personalized consultations. Like the apps discussed above, the Wella Professionals Smart Mirror is able to do a live AR hair color try on and can provide a 360-degree of the style so the client can see what it will look like from all angles. In addition, using facial recognition technology, it can retrieve past styles for each customer, allowing the stylist and client to really assess what worked and what didn't. ... It also connects to a mobile app so the stylist and customer can stay in contact in between appointments. Memory Mirror, a digital mirror created by MemoMi, combines a full-length mirror with high-tech including a 70-inch LCD, computer and HD camera that can record videos so you can save, share and review your try-on sessions. Neiman Marcus installed MemoMi’s mirrors in 34 locations. Another mirror altering the retail experience is the Oak Mirror by Oak Labs. It serves as a digital assistant in a dressing room, allowing customers to request other colors, styles, or accessories from a sales assistant.

Canada’s Blockchain Sector Wants Legal Clarity

The report – one of the first to take a comprehensive snapshot of Canada’s blockchain ecosystem – sheds new light on the country’s nascent crypto firms, who appear largely bullish on their own future and are increasingly eager to know if their government feels the same. ... Though separate from U.S. regulators and from other global regulatory bodies, Canada’s government has been reticent to establish crypto regulations that might conflict with other countries’ laws, said Michael Gord, CEO of Toronto-based MLG Blockchain consulting group. Instead, Gord described a regulatory gray zone that confounds his consulting group and the legal teams he turns to for advice: “Often digital asset regulations in Canada are so ambiguous that lawyers cannot give us a yes or no answer. The regulations have not been defined enough for them to be able to.” Neither the U.S. nor Canada have developed comprehensive definitions for digital assets, and Gord doubts the Canadians will jump ahead: “Even if [Canadian regulators] were to want to create clear regulation, there’s a lot of pressure from the SEC” to follow its lead, he said.

How to prepare tomorrow’s workforce? Focus less on devices and more on digital thinking

Mastery of technology skills + knowledge.
In most liberal arts institutions, students are situated in a brick-and-mortar, face-forward teaching environment that says, “read this book, do this essay, or submit this paper. In their own personal lives, they are digital natives, using an iPhone and technology to do just about everything – from communicating to ordering food. They must push that world aside, however, to conform to teaching methods and teachers that are not digitally literate. The solution is not just to introduce more digital devices and technical training into a classroom to get faculty and students to think more digitally about what they are doing, but to improve their overall digital literacy or ability to live, work, think and communicate in a society that is driven by the Internet, social media, mobile devices and other digital technologies. In short, change the education and learning formula to be more closely aligned with the demands of today’s digital world.

74% of global workers say the tech industry needs more regulation

Overall, nearly three-quarters (74%) of global workers said the tech industry needs more regulations. Snow surveyed 3,000 professionals across the US, Europe, and the Asia-Pacific region to determine how employees felt about about data privacy regulation standards. As technology enables more organizations to harbor personal consumer data, standards must be put in place to make sure this information isn't exploited. ... Millennials were more likely to feel like their data is protected by regulations (44%) than baby boomers (21%), the report found. Some 55% of tech company vice presidents and 52% of directors also said they feel more protected from data breaches, while only 27% of entry-level employees said the same. The rise in data regulation has resulted in more pop-up and opt-in messages for employees, but opinions are split down the middle whether these messages are disruptive to their workday or not.  "But at the same time, the increase in regulation makes administratively navigating the internet much more difficult, and some might find this to be an annoying and tedious user experience," Larson said.

How the Software-Defined Perimeter Is Redefining Access Control

An SDP or zero-trust model can be used within the modern perimeter-less enterprise to help secure remote, mobile, and cloud users as well as workloads. SDP isn't just about having a secure tunnel — it's about validation and authorization. Instead of just trusting that a tunnel is secure, there are checks to validate posture, robust policies that grant access, segmentation policies to restrict access and multiple control points. The increasing adoption of zero-trust security technologies by organizations of all sizes is an evolving trend. As organizations look to reduce risk and minimize their potential attack surface, having more points of control is often a key goal. Security professionals also typically recommend that organizations minimize the number of privileged users and grant access based on the principle of least privilege. Rather than just simply giving a VPN user full local access, system admins should restrict access based on policy and device authorization, which is a core attribute of the zero-trust model. 

How to build a better cybersecurity defense with deception technologies

Deception technology addresses these key challenges with early and accurate detection coupled with automation to accelerate incident response. The solution tricks threat actors into revealing their presence with authentic, high-interaction decoys that blend seamlessly into the production environment. As soon as an attacker attempts to scan the network, steal credentials, or move laterally, the deception platform raises a high-fidelity alert, reducing dwell times. From there, defenders can remediate or safely let the attack play out and collect company-specific threat intelligence to strengthen their defenses. ... One way to be more proactive is to assume the attacker will get in, and plan a defensive strategy that leverages the entire network to detect them early, while gathering adversary intelligence to better defend against future attacks. In the perimeter-less society that we find ourselves in, with the rapid adoption of cloud infrastructure and ubiquitous global access, traditional security can't scale to keep up with where organizations now operate.

Hype vs reality: Is the tech industry on the cusp of another ‘AI winter’?

The amplification benefits that AI can bring to the IT work that humans are responsible for within organisations was one area called out by Chandrasekaran during the panel as sign of the good that the technology can do. Although a lot of the reporting on AI focuses on how its proliferation within enterprises could lead to job cuts, the converse is often true, he said. “When we [Cisco] look at any IT organisation, they are growing,” he said. “They are hiring hundreds of people to run the network, or the digitisation that’s happening. What we see is that the [AI] tooling is basically to free them up from dealing with the complexity that comes along, so that they can actually get their job done. “We look at all this automation, and… the idea is to free people so that they don’t become completely buried with the burden that’s coming along with the number of devices coming on board.”

Quote for the day:

"Leaders are people who believe so passionately that they can seduce other people into sharing their dream." -- Warren G. Bennis

No comments:

Post a Comment