Israel Finally Readying a Fintech ‘Regulatory Sandbox’
A draft of the law calls for the sandbox, formally called an Experimental
Environment, to be operated by a committee comprising officials from the Bank
of Israel’s banks supervision division, the Capital Markets, Savings and
Insurance Authority, the Israel Securities Authority and the Anti-Money
Laundering Authority. It will have the authority to create a “regulatory
playground” of up to two years, with the option of extending it for a second
two years. The sandbox will offer two tracks to participating companies – a
licensing track for firms that need approvals from one or more regulators and
an escort track for all others. Companies in the licensing track will be able
to apply to regulators to awards them adjusted or less stringent regulations
for a limited period of time. One example of a less stringent rule would be to
drop the requirement for a minimum number of clients. Firms in the escort
track will benefit mainly from easier terms for meeting anti-money laundering
rules. Finance Ministry officials said they hope this will lower the risk
startups assume vis-a-vis the law and enable the Bank of Israel to ensure they
get access to banking services.
The importance of 5G, AI and embracing new technologies in a post-Covid world
AI remains an ever-developing technology where the potential is still being
realised with smart factories, smart farms and smart cities soon to become the
norm in the coming years. A smooth transition to an AI-enhanced workplace will
involve frontline staff to identify those tasks best suited to automation,
empowering them to contribute to making a difference in their business.
AI-powered machines will be able to interpret the real world in the same
context as we can. One such application will be to help autonomous vehicles
navigate poor road and weather conditions, which will make a potentially huge
difference to road safety. AI will allow businesses to boost productivity,
increase agility and flexibility, spur innovation and be the root of digital
transformation. AI is not just about robots, computing and smart factories,
it’s also about real applications in people’s everyday lives. For example,
Huawei has developed StorySign, a mobile application to help deaf children
learn to read in a fun and engaging way. It is a global initiative and in
Ireland, the company worked with the Irish Deaf Society to help develop it for
the Irish market because technology should be used to encourage digital
inclusion for all.
Vulnerable drivers can enable crippling attacks against ATMs and POS systems
As part of their research project, the Eclypsium researchers found a
vulnerability in a driver used in an ATM model from Diebold Nixdorf, one of
the largest manufacturers of devices for the banking and retail sectors. The
driver enables applications to access the various x86 I/O ports of such a
system. ATMs are essentially computers with specialized peripherals like the
card reader, PIN pad, network interfaces or the cash cassettes that are
connected through various communication ports. By gaining access to the I/O
ports through the vulnerable driver, an attacker can potentially read data
exchanged between the ATM's central computer and the PCI-connected devices.
Moreover, this driver can be used to update the BIOS, the low-level firmware
of a computer that starts before the operating system and initializes the
hardware components. By exploiting this functionality, an attacker could
deploy a BIOS rootkit that would survive OS reinstallations, leading to a
highly persistent attack. To the researchers' knowledge, the vulnerability
hasn't been exploited in any real-world attack, but based on their discussions
with Diebold, they believe the same driver is used in other ATM models as well
as POS systems.
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
One thing that's interesting to note is that we haven't seen a lot of shift in
terms of innovative or novel techniques and tricks. While approaches have
certainly been sophisticated, bad actors have tended to rely on old standards
(such as social engineering and ransomware). That's because if the old tricks
still work, they aren't likely to change tactics until they see their success
rate dropping. Cybercriminals are leveraging well-known advanced attack
techniques and layers of obfuscation — which means they have a decent
likelihood of breaking into networks and should be treated accordingly. Again,
it all goes back to the heightened sense of fear and anxiety that the pandemic
has ushered in. Bad actors are all too aware that when people's guards are
down, they may not be practicing best-in-class cyber hygiene. The importance
of due diligence cannot be stressed enough. Some might argue that too much
caution can be counterproductive, but it's certainly less counterproductive
than having your entire company shut down because someone didn't double and
triple check before clicking that file.
Android security: This fake message about a missed delivery leads to data-stealing malware
The fake applications are built using WebView and designed to look like the
real thing. After the application is downloaded – which requires the user to
allow installation from unknown sources - the fake page will redirect to the
legitimate website in an effort to help stop the victim being suspicious about
what they've just downloaded. The malware also asks for a number of
permissions it requires to operate – but given so many legitimate applications
ask for extensive use of the device anyway, the victim is unlikely to give it
a second thought. Once installed, FakeSpy can monitor the device to steal
various forms of information, including name, phone number, contacts, bank and
cryptocurrency wallet details, as well as monitoring text messages and app
usage. FakeSpy also exploits the infection to spread itself, sending the
postal-themed phishing message to all victim's contacts, indicating this isn't
a targeted campaign, a financially driven cyber-criminal operation looking to
spread as far and wide as possible with the aim of making as much money as
possible from stolen bank information and other personal credentials.
How Edge Computing and 5G Work Together
Ericsson’s Head of Marketing and Communications for Networks, Cecilia
Atterwall, says that 5G will unleash new ways of solving problems. She also
adds that “it’s a combination of devices, content, 5G access networks, edge
computing and high-performance distributed 5G core capabilities that make
these innovations possible.” It’s not an understatement to say that everyone
relies on edge computing in one way or another, if not already, then at least
in the near future and going forward. However, it’s definitely grown to be an
absolute necessity for many key industries and even autonomous vehicles. For
example, edge computing is utilized for industrial manufacturing purposes,
within smart cities, AI, and even self-driving cars. The reason behind its use
and importance boils down to its ability to assist IoT devices in
low-bandwidth environments, ensuring that data is processed as quickly as
possible. Reducing network latency is especially crucial when it comes to the
computing processes behind the successful operation of self-driving cars. For
example, Tesla cars are equipped with computers that process the data obtained
by the vehicle’s sensors — allowing for this technology to function on a
split-second basis.
Why is Site Reliability Engineering Important?
“The term SRE surely has been introduced by Google, but directly or indirectly
several companies have been doing stuff related to SRE for a long time, though
I must say that Google gave it a new direction after coining the term ‘SRE.’ I
have a clear view on SRE as I believe it walks hand-in-hand with DevOps. All
your infrastructure, operations, monitoring, performance, scalability and
reliability factors are accounted for in a nice, lean and automated system
(preferably); however this is not enough. Culture is an important aspect
driving the SRE aspects, along with business needs. As the norm ‘to each, his
own’ goes, SRE is no different. It is easy to get inspired from pioneer
companies, but it’s impossible to copy their culture and means to replicate
the success, especially with your ‘anti-patterns’ and ‘traditional’ remedial
baggage. Do you have similar infrastructure and business needs as the company
showcasing brilliant success with SRE? No. Can it help you? Absolutely. The
key factor here is to recognize what is important to your success blueprint
after understanding the fundamentals of it and find your own success factors
considering your cultural needs. Your strategy and culture need to walk
together, just like your guiding (strategy) and driving (culture) factors.”
IT Career Paths You May Not Have Considered
Data analytics, DevOps, artificial intelligence and intelligent automation are
just a few of the other possibilities. "You don't need to leave IT to leave
IT," said Rials. "AI is a path I'd recommend for seasoned IT professionals. I
think more people are on the green side and they're struggling versus a
seasoned IT professional who can offer some insights." Cloud vendors are
constantly innovating, so whatever skills you have now are probably very
narrow compared to tomorrow's possibilities. In addition to IaaS-related
roles, there are many other options including cloud-first application
development (platform as a service), AI and machine learning, autonomous
systems, robotics, cloud security, serverless architectures, cloud migration,
and cloud engineering. Cloud is also a great launching pad for a new venture
if you're so inclined. You can run, but you can't hide. Business and
technology have become so interdependent that no matter how far you move away
from IT, it will always find you. Of course, that's not to say you can't
change your role. ... "I've seen people who said, 'I want to leave IT, I'm
done,' and even though they may have become a project manager or the manager
of another department, everyone knows they're still the technology expert,
which is not a bad thing."
Cisco bumps up ISR/ASR router performance and capacity
The new ASR ESP-X module features the third generation of Cisco’s Quantum Flow
processor, a Layer 3 forwarding ASIC. The ESP-X provides customers more than
265 Gbps of IPv4 and IPv6 throughput, along with IPSec that is more than 2X
better performing than previous generations of the processor, according to
Vitalone. Cisco ASR 1000s typically reside at the WAN edge of an
enterprise data center or large office, as well as in service provider Points
of Presence (POPs). The routers use the ESPs to aggregate multiple traffic
flows and network services, including encryption and traffic management, and
forward them across WAN connections at line speeds. The ESP-aX can reach more
than 2X better scale compared to previous generations for classic network
address translation (NAT), carrier-grade NAT and zone based firewall, an
important capability for edge locations that experience bandwidth demands in
great bursts or waves, Vitalone said. Cisco also introduced the 1100 Terminal
Services Gateway, a secure remote console for customers needing Out of Band
Management tools. Like the ASR devices, the 1100 runs Cisco’s IOS XE software
and lets customers securely manage a variety of networking, compute, internet
of things (IoT), and other devices.
How Outsourcing Practices Are Changing in 2020: An Industry Insight
Co-sourcing is an approach where companies hire an external team that acts as
their internal team and the two parties work in collaboration. Both the
internal and external teams work together, side-by-side to create value.
Together, they share the risks, face issues, and come up with quick solutions.
Motivating both the parties, co-sourcing will help improve the IT outcome
achieved from outsourcing. This approach vests their interests in co-creating
new values to gain a competitive edge. Even during unrest, they can easily go
through their contract and ensure that the work is not hampered. Their
interests will be focused on the outcome of the collaboration and not in
either completing the task for the client or just delegating a task for
completion. The IT sector is erupting with new advanced digital products
created by two organizations coming together from different parts of the
globe. They can delegate the development of their most important IT projects,
enterprise architecture, or other core competencies to the external team while
keeping the management at their end. More focus is on delivering a product
that delivers profits for both parties.
Quote for the day:
No comments:
Post a Comment