Daily Tech Digest - January 31, 2020

What Is A Data Passport: Building Trust, Data Privacy And Security In The Cloud


What Is A Data Passport: Building Trust, Data Privacy And Security In The Cloud
One of the biggest problems with data security is that so much of our computing these days takes place not in a physical mainframe, but in the cloud. It used to be that data thieves might have to break into a physical space to steal hard drives or mainframes in order to steal data. Not any more. With more and more computing of all kind taking place in the cloud, that data can become extremely vulnerable. In fact, the movement of data between parties, through the cloud, is its most vulnerable point, and with the growing use of multi-cloud environments, the problem is only exacerbated. Imagine a single piece of information that must be transmitted from Company A to Company B. Company A knows that its servers are secure, and Company B feels like its data is also secure. But what about the “space” in between? Data passports allow the data to carry its own encryption with it, so that even if it is intercepted, it’s useless. This is extremely valuable for companies and industries that transmit data in multi-cloud environments, and will be especially useful in highly regulated industries like banking and insurance.


Getting practical about the future of work


The pace and scale of technological disruption—with its risks of unemployment and growing income inequality—are as much a social and political challenge as a business one. Nonetheless, employers are best placed to be in the vanguard of change and make positive societal impact—for example, by upgrading the capabilities of their employees and equipping them with new skills. And employers themselves stand to reap the greatest benefit if they can successfully transform the workforce in this way. Many leading businesses are realizing that they cannot hire all the new skills they need. The better solution is to look internally and develop talent they already have, as this approach is often not only quicker and more financially prudent but also good for morale and the company’s long-term attractiveness to potential recruits. We already know from our executive surveys that most leaders see talent as the largest barrier to the successful implementation of new strategies—notably, those driven by digitization and automation. 


What’s next? Modernising applications following cloud migration image
IT teams should invest in a number of tactics to optimise performance. However, the number one challenge they face is their ability, or inability, to keep the application running and resolve problems due to extremely thin teams. Visibility solves this critical problem. An overview into and across the entire application and IT infrastructure is paramount in keeping applications running to reduce MTTD (Mean Time To Detection) and MTTR (Mean Time To Resolution). Teams will have a better understanding of their current resources and scale appropriately. For example, they may discover that they have excessive server resources assigned to their application, over and above those necessary to safely run the application. Plus, they will have visibility into how cloud resources are performing (how utilised they are, are they running at the proper amount of disc space, memory, etc.) and can easily see what is and is not being used. Teams will be able to benefit from higher morale, key insights, and increased overall ownership.


The risks of state-sponsored cyberattacks are rising


The good news is that robust cybersecurity measures will ward off a state attack — and your garden variety cybercriminal. “Attacks, whether from criminal or nation-state actors, largely use the same techniques. An organization’s continual vigilance to implement and maintain cybersecurity best practices is critical,” advises Cotton. Cotton suggests that small or medium company or organizations, incorporate a “Red Team” exercise to identify employees who need additional protection or training, lest they become a spear-phishing target. Likewise, increased oversight of activities logs for such individuals would help. “When targeting critical management or operations employees of either a larger nation-state target or even their sub-contractors, the use of a smaller unconnected organization might be an easier way to infect a spear-phishing target’s home computer. Then the attack would move across the corporate VPN to the actual target of the attack,” details Cotton. He adds that some of these smaller seemingly unconnected organizations might be a local library or health-care system. Using that criteria, it’s understandable why MSPs should be concerned about state-sponsored attacks.


Cloud busting is a deployment topology in which the regular traffic is directed to an on-premise deployment by a load balancer. With increasing load, new instances are spun up in the public cloud after the traffic crosses a particular threshold and additional traffic is directed there. This model is primarily used for cost optimization. A common scenario is to provision additional infrastructure in the public cloud to handle seasonal spikes and scale back or dismantle the same after the traffic returns to normal. This often turns out to be a cheaper option compared to maintaining the same infrastructure on-premise which remains unused during relatively longer periods of regular traffic. ... Systems running in organizations' data centers experience unplanned downtimes due to various reasons often causing loss to their business. To mitigate this they plan different levels of disaster recovery strategies depending on the criticality of the system/application. Setting up a disaster recovery site requires building and operating an offsite data center with its associated costs, which often looks like unnecessary overhead. 


Diagonal chain, a blockchain concept, gray closeup
Gartner analysts suggest D&A leaders pilot blockchain smart contracts now and companies should start deploying to automate a simple process, such as non-sensitive data distribution or a simple contract formation for contract performance or management purposes. D&A leaders must immediately respond to data challenges by using cost-benefit analysis or programs won't mature enough to influence enterprise-level business strategy. D&A leaders would apply master data management (MDM) disciplines, and data-quality metrics to improve process efficiency, and driver overall higher ROI from D&A strategies. Adopt emerging tech, i.e. machine learning (ML), blockchain, smart contracts, and graph tech as a cost-effective means to increase data value and drive efficient decision-making. The report warns that if D&A management doesn't move to increase data challenges with a net positive business value proposition, or influence stagnates, then neither the company or enterprise-level D&A strategies can succeed.


Say Hello To Your New Digital Colleague


Imagine you’re currently working in a NOC (Network Operations Center), where people have to monitor multiple dashboards. They have to often escalate it to L2/L3 workers to troubleshoot incidents, make war room calls regarding root cause and then actually take the manual steps to remedy them. What if you could take some of that manual work off the NOC workers and give them a digital colleague to assist? The digital colleague can reduce the number of errors, find root cause, and file service tickets and wherever possible automate the incident resolution. Not only would it reduce operations costs, but it also frees up these workers to focus on more meaningful endeavors. That’s the concept of the digital colleague. This holds true for ITSM, ESM or any function in need of assistance. A digital colleague for Service Desk will converse with end users in natural language through multiple channels, understand the user intent, map it into service catalog, ask clarifying questions and automate resolution of up to 50% of service requests, thus taking load off operations staff.


Data Science, IoT and Reinforcement Learning in High Tech Manufacturing


The goal of reinforcement learning is to train a machine learning algorithm to achieve a goal by outputting a particular sequence of outputs for a given sequence of output. The rule that the machine learning algorithm uses to map inputs to outputs is called the policy. It is the goal of the machine learning algorithm to randomly explore the solution space until it finds a policy that allows it to achieve it’s intended goal. This can require the algorithm to run for much longer than it would do if the algorithm in use was supervised. Reinforcement learning is also being explored in the industrial robotics sector to try to assist industrial machines to handle industrial goods. Handling and moving an industrial goods usually involves a large number of individual movements from an industrial robotic arm. The movements are very difficult to pre-program using convectional programming techniques because of the large number of individual sequential movements required. Research on robotics powered by reinforcement learning is now being seriously explored. Other emerging cutting edge applications of reinforcement learning includes in the allocation or subdivision of computing resources between many different industrial machines.


Why good cybersecurity in business is everyone’s responsibility

A lock hangs on a fence along the Cliff Walk in Newport, Rhode Island July 14, 2015.
Creating a framework for managing risk that can be understood across the organization, even by non-cybersecurity professionals. It doesn’t need to be a comprehensive measurement of all risks, but it should use risk indicators that are representative of the main risk areas so as to provide both an overall barometer of cybersecurity risk and to ensure its kept as part of the business conversation. Making sure cyber is part of the dialogue at the highest levels of the organization. If the CEO talks about phishing awareness, there’s a good chance this will become a priority at all levels. Creating a security instruction and awareness function and appointing a senior leader responsible for running security awareness campaigns and overseeing security training. This executive should be empowered to work with colleagues across various business functions to design programmes that address the needs of different employee specialities.


5G and smart cities Q&A: What role will telcos play?

5G and smart cities Q&A: What role will telcos play? image
Emergency services and policing will also be impacted. With cities growing at the rate of 1.5 million new citizens every day, 5G services will allow police forces to better monitor the environment of the city through automation, in order to provide more efficient services, safety to the public and cities in line with environmental targets. Further to this, autonomous vehicles, high footfall areas, carbon emission levels, safety and new road and pedestrian planning will all benefit from enhanced monitoring services thanks to 5G. Lastly, there are the environmental use cases to consider. Power supply and lighting will change as a result of 5G, making the lighting of cities and distribution of energy through smart grid systems more efficient. Telecoms providers are essential to this. For a start, they can assist with connecting those who are generating energy back into the grid, which is vital for the two-way purchase and sale of energy to succeed. Substations will need higher capacity and faster connections — provided by fibre — in order to facilitate this flow.



Quote for the day:


"Leadership has a harder job to do than just choose sides. It must bring sides together." -- Jesse Jackson



Daily Tech Digest - January 30, 2020

IT pros need to weigh in on that ‘sassy’ security model

access control / authentication / privileges / security / key
Cloud and SaaS adoption by enterprises has changed network traffic patterns, requiring fundamental change in network and security architectures. As Gartner notes, the role of the enterprise data center has changed dramatically. More user traffic goes to cloud services than to those data centers, and more workloads run in IaaS than the data centers. Cloud services contain more sensitive data than enterprise data centers. The use of the enterprise network has also changed, with more user work done off the network than on, and more applications accessed via SaaS than the enterprise, Gartner says. So, controlling access and applying security policies based on the user, device and application that are connecting to the network makes more sense than focusing access control on the data center. Advances in network/security software and cloud intelligence have enabled new solutions which are quick to deploy, scalable, flexible and simple to manage such as SD-WAN, SD-Branch and CASB. Edge computing and IoT applications require distributed, low-latency networking and security that are likely to be delivered as cloud-based services.



JetBrains taps machine learning for full-line code completion
JetBrains has laid out a 2020 roadmap for IntelliJ IDEA and its IntelliJ-based IDEs. The promised new capabilities range from additional machine learning driven code completion to collaborative editing. The company said the additional machine learning based code completion capabilities would make better use of the context for ranking completion suggestions and generate completion variants that go beyond a single identifier to provide full-line completion. Considered a major area of investment, full-line completion may take a while to appear in the product. JetBrains already had been exploring the use of machine learning for code completion, and some results of that research have made their way into products. IntelliJ now uses machine learning to improve the ranking of completion variants, and language plug-ins tag each produced completion variant with different attributes. IntelliJ also uses machine learning to determine which attributes contribute to item ranking so the most-relevant items are at the top of the list. In addition to machine learning based code completion, JetBrains cited a multitude of improvements to IntellIj for 2020, subject to change.



There are certain considerations when it comes to edge virtualization. For example, admins must determine whether their data centers are ready for edge virtualization and if they require a complex instruction set computing (CISC) processor or reduced instruction set computing (RISC) processor. However, edge virtualization can ease device management, introduce reduced costs and manage vast amounts of data, all of which significantly benefit modern data centers. A main benefit of edge virtualization is device management. In implementing virtualization at the edge, admins can track resources, monitor performance and ensure the health of their systems to better control their edge devices. Admins can use VMware ESXi to control their edge devices. This is beneficial because ESXi provides added isolation, which helps increase the security of edge devices. In addition, hypervisors such as ESXi help to ensure each VM within a network has the resources required to perform efficiently.



EU implements 5G infrastructure restrictions on ‘high-risk’ suppliers


The EU sees closely coordinated implementation of the toolbox as indispensable to ensure EU businesses and citizens can make full use of all the benefits of the new technology in a secure way. “We can do great things with 5G,” said Margrethe Vestager, executive vice-president for a Europe Fit for the Digital Age. “The technology supports personalised medicines, precision agriculture and energy grids that can integrate all kinds of renewable energy. “This will make a positive difference, but only if we can make our networks secure. Only then will the digital changes benefit all citizens.” Thierry Breton, commissioner for the EU Internal Market, added: “Europe has everything it takes to lead the technology race. Be it developing or deploying 5G technology, our industry is already well off the starting blocks. Today we are equipping EU member states, telecoms operators and users with the tools to build and protect a European infrastructure with the highest security standards, so we all fully benefit from the potential that 5G has to offer.”


Google looks ahead to the next decade of AI research


While Google and the industry at large have made significant strides in AI in the past few years, public awareness of the technology's potential drawbacks -- and corresponding regulation -- is only now beginning to catch up with the industry. Google has, in turn, started talking more about the ethical guidelines it applies to its AI research. About a year and a half ago, the company released a set of principles to help guide its development of AI applications. Google also committed to refraining from building AI for technologies that could cause harm, such as weapons.  "As we start to think about how these systems and this research gets out into the world, it's really important for us to think about what are the implications of this work, and how should we be thinking about applying it to certain kinds of problems, and the problems we shouldn't be applying it to," Dean said.  While it's easy to look at Google's commitments and scratch "weaponized drones" off its list of technologies to build, there are plenty of other AI-driven technologies -- even seemingly innocuous ones -- that could cause harm.


Simulating Agile Strategies with the Lazy Stopping Model

The "Lazy Stopping Model" therefore just reflects the idea that we choose how much information to gather before taking an action. If we gather less than we "should", for some reason, then we can say that the agent (a simulated person or organisation) has stopped gathering info and is taking action before it should. But in practice, it may be impossible to avoid "lazy stopping," which is where agile strategies come in. Agility is mainly a defensive strategy against your own ignorance. It’s about dealing with the costs of previous decisions by either failing fast and thereby learning quickly, and/or by lowering the costs of adjustments and re-working them when you learn that what you had built or deployed at first is not quite right. This includes creating an environment and office culture where that is OK and expected, as long as you also learn quickly. In contrast, to maximise efficiency, a more offensive strategy would need to be used when you are confident you have enough information to act quickly in order to maximise your advantage over competitors. 


Data privacy: Top trends to watch in 2020

Flat illustration of security center. Lock with chain around lap
Technology (AI and ML) is being "blamed" for our current data privacy imbroglio, but technology is what can help solve it as well. Privacy enhancing technologies (PETs) represent a new, emerging category of technologies, and are increasingly being used to protect data privacy while enabling data use. Prior to the emergence of PETs, previous solutions tended to rely mostly on de-identification and anonymization, which usually involved removing personally identifiable information(PII) fields from data sets. However, anonymization technologies have been rendered insufficient by the advancements in AI and machine learning capabilities, which enable re-identification of anonymized data. PETs in the realm of secure computing, such as homomorphic encryption, multi-party computing (MPC), zero knowledge and differential privacy are introducing new paradigms for protecting various modalities of data usage. For example, my company, Duality Technologies, enables data science computations to be performed on encrypted data, which allows sensitive data to be analyzed and processed by our customers' partners while remaining protected.


Using Azure AD conditional access for tighter security


Legacy authentication is used for many types of attacks against Azure AD-based accounts. If you block legacy authentication, then you will block those attacks, but there's a chance you'll prevent users trying to perform legitimate tasks. This is where Azure AD conditional access can help. Instead of a simple off switch for legacy authentication, you can create one or more policies -- a set of rules -- that dictate what is and isn't allowed under certain scenarios. You can start by creating an Azure AD conditional access policy that requires modern authentication or it blocks the sign-in attempt. Microsoft recently added a "report only" option to conditional access policies, which is highly recommended to use and leave on a few days after deployment. This will show you the users still using legacy authentication that you need to remediate before you enforce the policy for real. This helps to ensure you don't stop users from doing their jobs. However, this change will severely limit mobile phone email applications.


Oracle customers complain of cloud coercion


In a number of instances, the Itam Review found that Oracle customers were being coerced into buying cloud services. “We have been in an audit situation three years ago,” one user told the Itam Review. “Even though we had been licensed properly, due to mergers and acquisitions, Oracle figured out that the licenses were not properly ‘transferred’ to the new companies. Oracle then threatened us with a fine of over €150,000.” The user then said that Oracle offered to waive the penalty if €50,000 of Oracle cloud licences were purchased instead. “We agreed to do so, fixed everything, got that certificate of compliance,” the user said. “We never used that Oracle cloud because we did not need it and because that cloud was not technically effective.” For Thompson, the poll illustrates the challenges that Oracle faces as it tries to establish itself as a major cloud provider in a market dominated by AWS, Microsoft Azure, Alibaba and Google Cloud.


Cisco offers on-prem Kubernets-as-a-Service to challenge public cloud

hyperconverged
The HXAP is designed to take the hard work out of Kubernetes and make it as easy as deploying an appliance, said Liz Centoni senior vice president and general manager of Cisco Cloud, Compute, and IoT. “We integrate the Kubernetes components and lifecycle-manage the operating system, libraries, packages and patches you need for Kubernetes. Plus, we manage the security updates and check for consistency between all components every time you deploy or upgrade a cluster. We then enable IT to deliver a Container-as-a-Service experience to developers – much like they are used to getting in the public cloud.” ... As part of the HXAP rollout, Cisco said instances can also be installed, operated and managed via its Intersight platform, the cloud-based management package for its Unified Computing System (UCS) and HyperFlex computing environments.  “Intersight also adds management and monitoring of virtual machines and containers allowing operators to create, expand and upgrade Kubernetes clusters from the cloud. With the addition of the Intersight Mobile App customers can also manage and monitor their global infrastructure and container footprint from the palm of their hand,” Venugopal wrote.



Quote for the day:


"Leaders are readers, disciples want to be taught and everyone has gifts within that need to be coached to excellence." -- Wayde Goodall


Daily Tech Digest - January 29, 2020

3 Key Success Factors for Improving Test Automation Outcomes
While building automation-ready test designs and ensuring system testability are key steps to achieving automated testing, businesses can take their automation to the next level by implementing continuous testing (CT). Continuous testing can lead to faster feedback, quicker release turnaround, and higher customer satisfaction and loyalty, giving businesses the best chance of not only surviving the future of software delivery but thriving in it. Because continuous testing is the most advanced form of testing, it is also the most challenging. ... Testers should also consider the test agents when provisioning test machines (on a PC, laptop, etc.) or virtual machines (in the cloud, containers, etc.). Once the machine is set, the dispatcher should efficiently distribute the tests, and any developer or tester should kick off the tests to run in parallel. This way, if there is more than one development or scrum team with different needs, they can run automated tests without waiting for another team to complete their run.


Businesses Improve Their Data Security, But Privacy — Not So Much

"Privacy is one of the major pieces of collateral damage that no one talks about in our reaction to September 11," he says. "It set us on a path to use data and the Internet as a tool to combat terrorism, and I understand why, rather than really moving forward on where the President's instincts were on putting the consumer first." For the past decade, companies have been focused on dodging online criminals — and then nation-state actors — intent on stealing data. With the passage of the GDPR, focusing on data security became a business imperative to avoid larger fines. Yet the policy discussion and legal landscape have become more nuanced, says Ackerly. Companies are beginning to understand that customers want privacy, he says. "I am optimistic as I've ever been on this journey that we will end up in a place where individuals will be able to take control over their data where ever it is shared," Ackerly says. "I think it is a combination of technology evolving and society just waking up to the trade-offs that we have made over the past 15 or 20 years."


SaaS transformation: Tax Automation partners with Pulsant to reduce costs and improve delivery

SaaS transformation: Tax Automation partners with Pulsant image
Initially VAT Controller was hosted on dedicated servers in one of Pulsant’s data centres, with failover to another of its data centres in the event of unplanned downtime. With the development of Pulsant Enterprise Cloud, a combination of private cloud and managed hosting, Tax Automation worked with Pulsant to migrate to this hosting model because it features the best hardware, robust cloud delivery and proven management software. In the next phase of the relationship, Tax Automation worked with the Pulsant team to find the best way to host its Capital Assets Database software and make it quicker and easier to access for clients, without hosting the infrastructure on its own site. The Capital Assets Database is a client-server application, which necessitated the need for a more robust hosting solution. The software is accessed through a user interface, in this case Citrix, and not just a web browser. As a result, Pulsant needed to ensure a smooth integration between the hosted server and user interface. Rainer and his team worked with Pulsant to devise the most appropriate solution to meet requirements.


Opinion: ‘Scale’ is the magic word for digital transformation in 2020

Smart manufacturing requires convergence between IT and OT data to drive visibility, collaboration, and efficiency within plants and facilities and across operations. However, two decades after automation networks on the plant floor became ubiquitous, it’s still generally true that information accessibility between plant floor devices (OT) – and the people and systems that can create new value from them (IT) – proves to be a significant challenge. To remove the complexity and domain expertise required to access plant floor devices and systems, manufacturers are turning to auto-discovery tools that identify assets, collect and integrate data with full OT context, and produce models fully shareable with IT systems. By connecting existing OT infrastructure to smart factory networks and IT initiatives, and continuously generating relevant data insights and measurements, auto-discovery capabilities reduce the technical knowledge and time needed by OT teams to map industrial infrastructure and improve operational efficiency.


There are two types of Unsupervised Learning: discriminative models and generative models. Discriminative models are only capable of telling you, if you give it X then the consequence is Y. Whereas the generative model can tell you the total probability that you’re going to see X and Y at the same time. So the difference is as follows: the discriminative model assigns labels to inputs, and has no predictive capability. If you gave it a different X that it has never seen before it can’t tell what the Y is going to be because it simply hasn’t learned that. With generative models, once you set it up and find the baseline you can give it any input and ask it for an answer. Thus, it has predictive ability – for example it can generate a possible network behavior that has never been seen before. So let’s say some person sends a 30 megabyte file at noon, what is the probability that he would do that? If you asked a discriminative model whether this is normal, it would check to see if the person had ever sent such a file at noon before… but only specifically at noon. 



Having the right data at the right time and with the right level of confidence at the point of use is priceless, but all these unexpected, unannounced and unending changes to data, collectively termed data drift, is beyond our control and leads to operational risk. While still in its early days, I believe that in 2020, we will see more pervasive interest in DataOps. DataOps is the set of practices and technologies that brings the end-to-end automation and monitoring sensibilities of DevOps to data management and integration. But what makes it DataOps are drift-resilient smart data pipelines, from which living, breathing end-to-end data topologies emerge. Instead of ignoring or fighting data drift, DataOps embraces and harnesses it to speed up data analytics, with confidence. Some indicators that we’ve noticed here at StreamSets include a small, but burgeoning cross-section of customers that are embracing DataOps approaches. The recent DataOps Summit highlighted many of their use cases and resulting business impact. Searches for the term “DataOps” have tripled, vendors are entering the space with DataOps offerings, and we’re seeing a number of DataOps business titles appearing on LinkedIn profiles.


NHS suffers fewer ransomware attacks, but threat persists


Nevertheless, noted Bischoff, the decrease in attack volumes appears, at face value, to show that the money invested in security, coupled with the launch of NHSX, since the WannaCry attacks has had the desired effect, to some extent. Even so, the NHS spends only about 2% of its total budget on IT, compared with 4-10% in other sectors, according to Saira Ghafur, digital health lead at Imperial College London’s Institute for Global Health Innovation. So the health service still needs more funding to replace ageing infrastructure and secure both endpoint devices and connected healthcare equipment, she said. Speaking at a think-tank event on security in October 2019, Ghafur said the NHS faced other security challenges, particularly around skills. “We can’t compete with other sectors in terms of attracting cyber security professionals – we need to work with the industry to attract them into healthcare – and all NHS staff need better education in terms of risks,” she said.


Which cloud strategy is right for your business in 2020?

Which cloud strategy is right for your business in 2020? image
Hybrid cloud shouldn’t be an afterthought — it should instead be viewed as a fundamental design principle upon which vital infrastructure building blocks are built. We recommend beginning with a hybrid cloud infrastructure built from the ground up to ensure flexibility and choice. Companies need to consider developer enablement and productivity, allowing them to build and deploy apps to a hybrid cloud. After all, the needs of an app might change, from on premise today to public cloud tomorrow. In line with this, management tools that orchestrate workloads and automation tools to simplify day-to-day operations are essential to delivering the complete value of a hybrid cloud. Making a conscious decision to retain on-premise data centres and continuing to invest where it makes sense — for specific workloads — is often an important part of a hybrid cloud strategy. It’s not about having on-premise data centres, adopting a bit of public cloud, ending up with two and calling that hybrid cloud.


Implications of Using Artificial Intelligence in Film Studio Decision-Making

AI and the Auteur: Implications of Using Artificial Intelligence in Film Studio Decision-Making
Predictive analytics could be run against a variety of factors concerning potential actors, screenwriters, and directors: such characteristics could include one’s gender, age, race, ethnicity, disability or impairment, sexual orientation, and so on. As we have seen from studies on machine learning in the criminal justice context, algorithms can perpetuate human biases. It is foreseeable that the AI could become path dependent, err on the side of caution, and fail to account for cultural shifts in audience attitudes. For instance, of the top 100 top grossing movies made between 2017 and 2018, only 33 per cent of all speaking or named characters were girls or women. If this metric were analysed in isolation, it is not impossible to consider that a machine learning algorithm would lean towards viewing male protagonists as a safer choice for higher profits. As Norwegian filmmaker Tonje Hessen Schei told Screen Daily, a concern with this new process is that it may become “harder and harder to get a diverse span of voices that will be heard in the market.” The legal implications or responses on this point are somewhat unclear.


Securing Containers with Zero Trust

From the perspective of a firewall, all it would see is a packet coming from that host, a machine it has been told to trust. It will allow that packet, which in turn allows attackers to exfiltrate data, encrypt the data, or use SQL itself to move further across the network toward their target. Now let's add a second container to the host. In a Docker classic environment, all the containers are network-address translated to look like the host, so it's impossible to determine where the traffic originated. In a bridging scenario, there are multiple ways to impersonate the Java microservice inside the container. And just as with other network plug-ins, the Linux machine serving as the host has a large network attack surface. ... If the purpose of a policy is to only allow this specific Java microservice to communicate with a SQL database, in a firewall model, this all has to be transformed into a long series of network addresses, which have to change on the fly as the network infrastructure itself changes.



Quote for the day:


"Give whatever you are doing and whoever you are with the gift of your attention." -- Jim Rohn


Daily Tech Digest - January 28, 2020

Data Protection Day 2020: What goals should companies be aiming for?

Data Protection Day 2020: What goals should companies be aiming for? image
“As 5G continues to roll out globally, everything and everyone will become more connected than ever,” said Stan Lowe, global CISO at Zscaler. “IoT devices in the streets and in the home will all become connected with 5G. Our Alexa, our Google Home, our car and practically everything else will be constantly harvesting data and forwarding it to corporations for marketing purposes and to build your digital profile. ... “It is no secret that up-and-coming companies innovate at a faster rate than governments can introduce regulations, such as GDPR,” he said. “With laws and governmental bodies usually about five to six years behind the innovators, who are constantly innovating on ways to use the data that they harvest, the onus is on these companies to use the data they collect in a safe, fair and ethical way. “Ultimately, our data is a tradeable commodity, and corporations have a lot of power when it comes to how they use the data they collect. ...”


Software developers can create better programs with AI

istock-904420104-1.jpg
Requirements management is the process of gathering, validating, and tracking the requirements that end users have for a program. But if mismanaged, this process can cause software projects to go over budget, face delays, or fail entirely. Using AI, digital assistants can analyze requirements documents, find ambiguities and inconsistencies, and offer improvements. Powered by natural language processing, these tools can detect such issues as incomplete requirements, immeasurable quantification (missing units or tolerances), compound requirements, and escape clauses. Companies using such tools have reportedly been able to reduce their requirements review time by more than 50%, according to Deloitte. As developers type, AI-powered code completion tools can serve up recommendations for finishing lines of code. Some tools can even display a list of usable code snippets based on relevance. AI-powered code-review tools can understand the intent of the code and look for common mistakes, thereby detecting bugs and suggesting code changes. Video game company Ubisoft says the use of machine learning is helping it catch 70% of bugs prior to testing.


Neural Architecture & AutoML Technology

AutoML
AutoML focuses on automating each part of the machine learning (ML) work process to increase effectiveness and democratize machine learning so that non-specialists can apply machine learning to their issues effortlessly. While AutoML includes the automation of a wide scope of problems related with ETL (extract, transform, load), model training, and model development, the issue of hyperparameter enhancement is a core focus of AutoML. This issue includes configuring the internal settings that govern the conduct of an ML model/algorithm so as to restore a top-notch prescient model. Creating neural network models frequently requires noteworthy architecture engineering. You can sometimes get by with transfer learning, yet if you truly need the most ideal performance it’s generally best to structure your very own network. This requires particular skills(read: costly from a business point of view) and is challenging in general; we may not know the cutoff points of the present cutting edge methods! It’s a ton of experimentation and the experimentation itself is tedious and costly.



LoRaWAN Encryption Keys Easy to Crack, Jeopardizing Security of IoT Networks


The LoRaWAN protocol defines two layers of security: one at the network level and another at the application level, researchers described in the report. The network-level security ensures the authenticity of the device in the network, providing integrity between the device and the network server, they wrote. The application-layer security is responsible for confidentiality with end-to-end encryption between the device and the application server, preventing third parties from accessing the application data being transmitted. Each layer of protection depends on the security of two encryption keys–the Network Session Key (NwkSKey) and the Application Session Key (AppSKey), both of which are 128 bits long. These keys are “the source of the network’s only security mechanism, encryption,” and thus, once cracked, basically give hackers an open invitation to the devices and networks being protected by them, researchers noted.


CEOs are deleting their social media accounts to protect against hackers


"It's clear that cybercrime continues to grow as an issue for CEOs around the world, meaning that for many, the threat to their margins, their brands and even their continued existence from cyber attacks is no longer an abstract risk that can be ignored," said Richard Horne, cybersecurity chair at PwC. "Criminals are becoming more adept at monetizing their breaches, with a sharp rise in ransomware attacks this last year. They can have a devastating impact on the organisations they hit, as seen in many high-profile cases". The boardroom itself isn't immune to cyber crime as attackers will target executives - and the PwC report found that almost half of CEOs are taking action to make themselves less vulnerable to cyber attacks. It said 48 per cent CEOs surveyed said the risk of cyber attacks had caused them to alter their own personal digital behavior, such as deleting social media accounts or virtual assistant applications or requesting a company to delete their data Social media accounts could potentially be targeted by criminals as a means of gaining access to personal information about victims, while there have been privacy concerns about virtual assistants and their ability to enable unwanted eavesdropping.


More people would trust a robot than their manager, according to study

Delegating that low-level work to a machine provides more time for the things that matter. “Machines will elevate the manager’s experience,” says Emily He, senior vice president of Human Capital Management at Oracle. “People see the difference between artificial intelligence and human intelligence, and they want from their managers things that machines can’t provide—things like empathy, personalized coaching, and career advice.” Imagine a workplace where managers, unencumbered by work that machines can do, can focus on people. “AI and machine learning are going to bring humanity back to the workplace,” says He. “[In] the last hundred years the advance of technology has made the workplace less human because the interface with technology has not been very natural. With AI, humans can go back to what is distinctly human and what they enjoy doing, which is to connect with each other, work on projects together, and generate new ideas.” Managers need to be prepared for this new world that will demand effective leadership.


How to build ethical AI

How to build ethical AI
One of the most difficult questions we must address is how to overcome bias, particularly the unintentional kind. Let’s consider one potential application for AI: criminal justice. By removing prejudices that contribute to racial and demographic disparities, we can create systems that produce more uniform sentencing standards. Yet, programming such a system still requires weighting countless factors to determine appropriate outcomes. It is a human who must program the AI, and a person’s worldview will shape how they program machines to learn. That’s just one reason why enterprises developing AI must consider workforce diversity and put in place best practices and control for both intentional and inherent bias. This leads back to transparency. A computer can make a highly complex decision in an instant, but will we have confidence that it’s making a just one? Whether a machine is determining a jail sentence, or approving a loan, or deciding who is admitted to a college, how do we explain how those choices were made? And how do we make sure the factors that went into that algorithm are understandable for the average person?


Will blockchain deliver across industries? Or will the tech fall flat?

Will blockchain deliver across industries? Or will the tech fall flat? image
“With the ability to span across multiple industries, it ensures products can be traced, authenticated and verified on digital ledgers. In the pharmaceutical industry, organisations can apply blockchain technologies to ensure tailored drugs are delivered to the right person. By utilising a secure IoT platform to make sure medications are the right quality and don’t fail during the supply process, which can ultimately affect the efficacy when taken by the patient. “Through blockchain, these companies are able to verify where their product has travelled, and which components have been added at each transition point. In industries where each product can use components from tens or even hundreds of companies at one time, blockchain technologies ensure that the whole supply chain is more transparent, accountable and secure.” ... There are challenges, however, as Akber Datoo — CEO of D2 Legal Technology — highlights.


AI Facial Recognition and IP Surveillance for Smart Retail, Banking, and the Enterprise

AI Facial Recognition and IP Surveillance for Smart Retail, Banking, and the Enterprise
As advances and innovation around Facial Recognition technology continues to evolve even more, one of the latest trends come from CyberLink's FaceMe® AI Facial Recognition engine integrated into Vivotek's IP surveillance solutions of network cameras and back-end video management software. This integration enable security operators to receive accurate Facial Recognition alerts based on both blacklists and whitelists. According to Dr. Jau Huang, CyberLink's Founder and CEO, "the demand for Facial Recognition is booming, driven by the latest IoT and AIoT innovations, and are enabling a wide array of scenarios across industries such as security, home, public safety, retail, banking, and more." He says that each application is dependent on the performance of the cameras used to capture faces and by integrating FaceMe into Vivotek's surveillance devices it is possible to bring accurate and reliable new solutions into the market.


Privafy claims ‘fundamentally new’ approach to mobile data security

“Data has never been less secure,” said Privafy co-founder and CEO Guru Pai. “Solutions developed by the networking industry to protect data are rapidly becoming obsolete for today’s cloud-and mobile-based workloads. “Also, technologies such as SD-WAN and cloud-based point solutions focus more on cost reductions, but don’t address the underlying security vulnerabilities to sufficiently protect internet-reliant businesses. Privafy was purpose-built to secure data in today’s modern world. We have democratised internet security to protect data in a way that is easier to deploy and far more economical for any-sized enterprise, regardless of where or how it works.” Pai cited a Gartner research document, The future of network security is in the cloud, which noted that digital business transformation inverts network and security service design patterns, shifting the focus to the identity of the user and/or device, and not the datacentre. The report said the idea of the legacy datacentre as the hub of business network and network security architecture was obsolete and had become “an inhibitor to the needs of digital business”.



Quote for the day:


"Without growth, organizations struggle to add talented people. Without talented people, organizations struggle to grow." -- Ray Attiyah


Daily Tech Digest - January 27, 2020

So long, Sonos: Meet the open-source audio system that will never die


The "official" distribution would always be available to the consumer should they decide to override the shipping firmware from the PiLe manufacturer. This would be a fallback in the event the manufacturer decided to end support for the device, becomes insolvent, or the customer prefers to use different software, for whatever reason. The official AudioPiLe software distribution would not only have a kernel that supports the necessary device drivers, but it would also have a friendly web-based UI (and potentially an app). This would not be unlike what consumer Wi-Fi routers would have, such as those made by Linksys or NetGear. But instead of strictly Wi-Fi and networking menus and settings, this software would have settings for attached subscriber streaming services and intelligent agents, such as Amazon Alexa and Google Assistant. It would have any other menus required to support whatever hardware and features that are enabled on that particular PiLe, and it would allow the user to view and diagnose underlying connectivity issues on their AudioPiLe network.



Cisco study finds huge returns for companies investing in privacy

istock-964582068.jpg
"Privacy and accountability are central to our data-driven innovation, and have become key differentiators for our brand. This research reinforces the fact that privacy is a critical investment for forward-looking companies," Caroline Louveaux, chief privacy officer for Mastercard, said in the survey. When it comes to data breaches, companies that had mature privacy policies reported steep decreases in the number of attacks and the severity. The report found that having mature and accountable processes to manage, control, and curate data seems to help organizations avoid and limit the impact of data breaches. The length of sales delays also was directly correlated to how sophisticated your privacy programs are. "The companies that are most advanced are more than twice as likely to not have been breached last year. Only 13% of enterprises didn't get breached if they were low on the privacy scale. If you were more mature on the privacy scale, 28% were not breached," Waitman said. "You're twice as likely to have a breach-free year if you invested in privacy. Going further, among those organizations, they had less down time from breaches, with 19% less downtime, 28% fewer records breached and total breach costs down 10%."


Over the years, AI tools have been used to fill gaps in mental healthcare (Photo: iStock)
The algorithm follows the theme of gatekeeper training but chooses the right people for the role through AI. “The idea is for our algorithm to help improve an intervention that is already being used for suicide prevention. It’s the most popular suicide-prevention intervention. It is often referred to with the initials QPR— question, persuade, refer," says Phebe Vayanos, assistant professor of industrial and systems engineering and computer science at the USC VSE. According to an official news release on the school’s website, Vayanos, also an associate director at the USC’s Center for Artificial Intelligence in Society, and PhD candidate Aida Rahmattalabi, the lead author of the study Exploring Algorithmic Fairness In Robust Graph Covering Problems, investigated the “potential of social connections such as friends, relatives, and acquaintances to help mitigate the risk of suicide". Their paper was presented at the Conference on Neural Information Processing Systems (NeurIPS) in Vancouver in December.


Digital transformation shaking confidence in SD-WAN

SD-WAN was found to do little for security. Although most respondents (66%) cite defending against malware/ransomware as a primary security challenge in 2020, only 37% claim their SD-WANs help protect locations from malware and other threats. This was despite most respondents (66%) prioritising defending against malware/ransomware. Secure mobile access, a strategic goal for IT executives, is ignored by SD-WAN. Managing mobile/remote access was the second most popular networking challenge for IT executives. More than half (52%) of respondents made enforcing corporate security policies on mobile users a primary security challenge for 2020. Yet, mobility is not included with SD-WAN. Most respondents (56%) consider SD-WAN as a way to reduce WAN costs, and network agility as it applies to sites – whether in the form of faster site deployment or increasing bandwidth – was also a popular outcome.


8 misleading AI myths — and the realities behind them

8 misleading AI myths — and the realities behind them
“The initial wave of AIOps did revolve our event management systems to perform noise reduction based on correlating alerts, like grouping of similar alerts,” said Ciaran Byrne, vice president of product strategy for OpsRamp, developer of AIOps software. This was a significant step forward, given that noise has long hindered the usability of event management systems. But even greater benefits are on the horizon. “The next wave has broadened to other areas of IT Operations such as automation and monitoring/observability,” Byrne said. “Use cases would include intelligent routing of tickets or automation based on learned patterns.” ... Early on, AIOps was perceived as being a “black box,” i.e. a mysterious system that generated output without providing insights into what the underlying algorithm did and why. However, over time we are seeing these solutions mature, and more “white box” approaches that are gaining trust and adoption. “While some systems don’t provide transparency, increasingly software vendors and AI systems are providing more visibility into why they did what they did,” said OpsRamp’s Byrne.


Intelligent Automation is a term that can be applied to the more sophisticated end of the automation-aided workflow continuum consisting of Robotic Desktop Automation, robotic process automation, machine learning, and artificial intelligence. Depending on the type of business, companies will often employ one or more types of automation to achieve improved efficiency and effectiveness. As you move along the spectrum from process-driven automation to more adaptable data-driven automation, there are additional costs in the form of training data, technical development, infrastructure, and specialized expertise. But the potential benefits in terms of additional insights and financial impact can be greatly magnified. To remain competitive and efficient, businesses now must contemplate adding machine learning and artificial intelligence to traditional RP in order to achieve intelligent automation. ... Current AI and machine learning models differ from human intelligence in part because they depend entirely on their initial training data and usually do not have an automatic and recursive mechanism to absorb and process new data for course correction i.e. continuous retraining. 



Ensuring that bias in algorithms and data sets is accounted for is only the first step. Engineers must be certain that AI systems are properly performing the tasks they claim to address, hopefully in the ways in which developers intended. In an ideal world, one could draw scrutable lines from characteristics of underlying data sets to the conclusions drawn from them. Nonetheless, increasingly complex algorithms often give rise to unexpected or even undesired results that cannot be traced back to their source. There is an argument to be made for some form of licensure being required in order to implement certain "black box"-style architectures, and perhaps outlawing them in the context of particular applications (e.g. military, pharmaceutical, criminal justice). The movement toward explainable AI (XAI) is rooted in precisely these concerns. DARPA has made strides toward establishing such a standard that paves the way for what they call "third-wave AI systems." There were a number of libraries and toolkits released in 2019 that exist to further the cause of XAI.


IoT security: Your smart devices must have these three features to be secure


Many connected devices are shipped with simple, default passwords which in many cases can't be changed, while some IoT product manufacturers often lack a means of being contacted to report vulnerabilities – especially if that device is produced on the other side of the world. In addition to this, it's been known for IoT products to suddenly stop receiving support from manufacturers, and by providing an exact length of time that devices will be supported will allow users to think about how secure the product will be in the long-term. If products don't follow these rules, the new law proposes that these devices could potentially be banned from sale in the UK. "Whilst the UK Government has previously encouraged industry to adopt a voluntary approach, it is now clear that decisive action is needed to ensure that strong cyber security is built into these products by design," said Warman. "Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people's privacy and safety. It will mean robust security standards are built in from the design stage and not bolted on as an afterthought," he added.


Met Police to launch facial recognition operationally


“This is an important development for the Met and one which is vital in assisting us in bearing down on violence. As a modern police force, I believe that we have a duty to use new technologies to keep people safe in London,” said assistant commissioner Nick Ephgrave. “We are using a tried-and-tested technology, and have taken a considered and transparent approach to arrive at this point. Similar technology is already widely used across the UK, in the private sector. Ours has been trialled by our technology teams for use in an operational policing environment.” The MPS said the technology, which is provided by Japan’s NEC Corporation, will be deployed in locations where “intelligence suggests we are most likely to locate serious offenders”, and that the cameras will be focused on small, targeted areas to scan passers-by.


AutoInsights: Leveraging a platforms approach

AutoInsights: Leveraging a platforms approach image
For a picture of what this translates to in terms of everyday business, consider the Wipro AutoInsights platform—a modern, connected vehicle platform designed to meet the needs of progressive auto Original Equipment Manufacturers (OEMs) and various stakeholders in their journey towards digital transformation offering connected experiences to their customers. Automotives have a long ownership lifecycle, on an average around 10 years. This brings an opportunity for automakers to provide services (as experiences) to their customers beyond just offering a great vehicle. These services have the potential to touch customers at every interaction, deliver an experience which is relevant to their needs and re-iterate the value of the automaker’s brand. Consumers are known to be drawn to brands which deliver on their needs consistently and AutoInsights offers a great platform for OEMs to do so.



Quote for the day:


"Coaching isn't an addition to a leader's job, it's an integral part of it." -- George S. Odiorne


Daily Tech Digest - January 26, 2020

AI to play a greater role in Financial Services in 2020


One of the major threats to productivity is the inability for FS firms to connect and organise all of the data they have at their disposal, so that they can use it as the basis for improved and new customer services. Compared to newer industry challengers, established banks and FS providers have far richer data going back decades or longer. If institutions could tap into this considerable resource, it could be used to distil invaluable intelligence and insights into consumer trends, product performance, and relative account profitability. Although organisations have all of the underlying information stored within their legacy systems, it is typically very difficult for teams to access, combine and cross-analyse this data. This is because, too often, systems are unconnected, use incompatible data formats and feature considerable data duplication between applications. In our research, FS providers confirm that, on average, they store information and content across nine different systems. And these systems tend to operate in silos: almost three-quarters of respondents say their organisation’s systems are not fully connected with each other.



Tridash 0.8: Stateful Applications using Functional Programming

With imperative programming, a typical implementation, of the sum application, involves attaching event listeners to both fields, which are called whenever their values change. In the event listener, the value entered in the text field is read from memory, and stored in a variable, a reference to another memory location, which is accessible to the internal sum component. A procedure is called to recompute the sum. This procedure reads the values of the internal variables, which store the values entered in the text fields, and computes the new sum. Finally this new sum has to be written to the memory, in which the value displayed to the user, is stored. The problem with this approach is that the synchronization of the application state, across all its components, is left entirely up to the programmer. This quickly becomes repetitive and the application logic is buried under layers of state updating and synchronization code. This approach is also inflexible to changes in the application's specification.


Competing in the Age of AI


Oddly enough, the AI that can drive the explosive growth of a digital firm often isn’t even all that sophisticated. To bring about dramatic change, AI doesn’t need to be the stuff of science fiction—indistinguishable from human behavior or simulating human reasoning, a capability sometimes referred to as “strong AI.” You need only a computer system to be able to perform tasks traditionally handled by people—what is often referred to as “weak AI.” With weak AI, the AI factory can already take on a range of critical decisions. In some cases it might manage information businesses (such as Google and Facebook). In other cases it will guide how the company builds, delivers, or operates actual physical products (like Amazon’s warehouse robots or Waymo, Google’s self-driving car service). But in all cases digital decision factories handle some of the most critical processes and operating decisions. Software makes up the core of the firm, while humans are moved to the edge.


What are the Most Valued Skills of an Enterprise Architect?

Enterprise architecture is the process by which an organization (or enterprise) aligns its business objectives with IT infrastructure. The strategies needed to execute this powerful approach involve those at the highest level of the business. IT capabilities and investments are guided by their alignment with the needs of the business as a whole. Enterprise architects must understand the strategy and develop the best way to execute it. As the need to ensure legacy programs, procedures, and technology are carefully managed to align and transform towards modern practices – through digital transformation or IT modernization – the enterprise architect must possess the skills of a technical specialist as well as those of a technical leader. ... These technical skills are tablestakes when it comes to being valuable to prospective employers, but exhibiting emotional intelligence and other soft skills will give you a real competitive edge as an enterprise architect.


Why the perception of digital transformation needs to change image
Many organisations call on digital transformation for a single project, without understanding how to fully utilise the process to bring about transformative, long-term change. To maximise transformation, businesses and leaders need to question everything – their operations, processes and current ways of working – to really understand what is and isn’t working, gaining a clear insight into what needs to be changed and why. In understansding how damaging the phrase ‘but we’ve always worked this way’ can be, business leaders start to shift their perceptions and focus on what they want their business to look like and why. Business leaders believe conventional digital transformation is about technology – in replacing it with ‘outcome realisation’, they will understand it’s not just about digital. It’s about people, hearts and minds – everything. A core part of ‘outcome realisation’ is having objectives, goals and targets; knowing exactly what you want from transformation and change.


Trend Micro antivirus zero-day used in Mitsubishi Electric hack

trend micro
This week, Japanese media dug deeper into the hack. According to reports, the hack first originated at a Mitsubishi Electric Chinese affiliate, and then spread to 14 of the company's departments/networks. The intrusion was allegedly detected after Mitsubishi Electric staff found a suspicious file on one of the company's servers. None of this was confirmed by the Japanese company, but discovered by Japanese reporters. The only technical detail in relation to the hack Mitsubishi Electric disclosed was the fact that hackers exploited a vulnerability in one of the antivirus products the company was using. A source with knowledge of the attack told ZDNet that the hackers exploited CVE-2019-18187, a directory traversal and arbitrary file upload vulnerability in the Trend Micro OfficeScan antivirus. According to a security advisory Trend Micro sent out in October 2019, "affected versions of OfficeScan could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE)."



Project management v. business process management: What you need to know

Multiethnic businesspeople develop business strategy on whiteboard
Business process management involves the redesign and management of a company's internal processes or workflows. It isn't necessarily a project but an ongoing initiative to ensure a company's processes are effectively working to meet company goals. A company can kick off a specific process improvement project. That project would have a defined start and end, but the company would establish an ongoing process monitoring and management phase that continues after the project is closed. Project management has a defined start and end; it doesn't have any ongoing stages or components like process management does. Projects accomplish specific objectives within a set timeline and follow five unique phases: initiation, planning, execution, monitoring and controlling, and close. Projects are managed by a project manager and his or her team. In contrast, business process management initiatives can be managed by a business analyst, business process improvement specialist, or other functional team leads. Now that we've looked at each as a separate discipline, it's essential to recognize how business process management and project management must work together to create organizational success.


How AI Is Improving Omnichannel CyberSecurity In 2020

How AI Is Improving Omnichannel CyberSecurity in 2020
The survey’s results are noteworthy because they reflect how AI and machine learning-based fraud prevention techniques are helping retailers, financial services, insurance and restaurants to reduce false positives that in turn reduces friction for their customers. All industries are in an arms race with fraudsters, many of whom are using machine learning to thwart fraud prevention systems. There are a series of fraud prevention providers countering fraud and helping industries stay ahead. A leader in this field is Kount, with its Omniscore that provides digital businesses with what they need to fight fraud while providing the best possible customer experience. ... The insurance industry has a friendly fraud problem that is hard to catch. Over half of the financial institutions interviewed, 52%, plan to invest in additional technologies to secure existing accounts, and 46% plan to invest in better identity-verification measures. Based on the survey banks appear to be early adopters of AI and machine learning for fraud prevention.


2020: Disruption, The Changing Workplace And The Future Of Automation

2020: Disruption, the changing workplace and the future of automation
The workplace in 2020 will see ‘augmented collaboration’, with humans and robots increasingly working together side-by-side. This amalgamation of human and robots is already visible on the shop floor, as Amazon Go-style stores begin to spring up, allowing for a completely cashier-less retail experience. This isn’t necessarily new: people have been working collaboratively with tech such as laptops and mobile phones for many years. However, what’s new is the advent of human-machine convergence. This goes hand-in-hand with advanced robotic technology, powering anything from ‘smart glasses’ to intelligent assistants. Furthermore, autonomous machines will be capable of taking on even more tasks, enabling humans to focus on the real value-add work. On the flip side, companies will need to prepare their employees for this shift, as Gen Z start to enter the workforce. With their own unique set of demands and expectations, the new generation’s life experiences affect the types of jobs they seek and define what’s most important to them. They’re naturally tech-savvy, for example, with a recent survey finding that technology offered by an employer would influence the job choice of 91% of respondents.


Internet Security- Get Ready for the "Splinternet"

The main defense against the hypothetical 2028 scenario I described earlier is an economic one–at least when it comes to America shutting its doors to the global web, says Professor Rajneesh Narula, the John H. Dunning Chair of International Business at Henley Business School. “America’s bargaining power vis-a-vis such unilateral actions has declined considerably over the last 50 years. This is because there are multiple economic poles of strength, and as the U.S. becomes more inward looking it is pushing others to discover that when America sneezes the rest of the world no longer catches a cold–although some may also sneeze,” says Narula. Yet he does concede parts of America’s internet may splinter off from the rest of the global web. “I think there will be two levels to this trend–one level that will be a world wide web for e-commerce, while sensitive matters will roll into regional webs–it is already happening,” says Narula. “Can this be used for leverage by the U.S.? Only to a point, because the large U.S. [technology] firms will resist this vehemently. "



Quote for the day:



"A leader takes people where they would never go on their own." - Hans Finzel