Daily Tech Digest - July 10, 2020

SWOT analysis: Why you should perform one, especially during times of uncertainty

If your company is going to develop a sustainable advantage, it will need to first know where its strengths, weaknesses, opportunities, and threats exist. Without conducting a SWOT analysis, your company is flying blind and could be wasting precious resources and time on activities that propel it in the wrong direction. Conducting a SWOT analysis is particularly important during times of crisis and uncertainty. Since the COVID-19 pandemic began, many companies and industries have had to revisit their SWOT analysis as a result of internal and external factors outside of their control. As a result of the pandemic impact, industries like travel and tourism, restaurants, entertainment, and many others have been forced to devise ways to address new risks and reevaluate new opportunities. Conducting a SWOT analysis helps your leadership team gain a clear view of what your company is doing well compared with its competitors and where it needs to pull up its socks. It also helps shine a light on areas where potential opportunities exist and where risks may reside. Having a solid understanding of all of these areas identifies your current state and increases your company's visibility into how to best allocate its budget, resources, time, and effort. 

When WAFs Go Wrong

"Organizations want more from their WAF providers — and the degree of negative feedback from vendor-supplied references warns that, unless vendors adapt quickly, the WAF market is ripe for disruption," according to Sandy Carielli, principal analyst at Forrester Research, who led the firm's most recent market research on the WAF market this spring. The Forrester report shows that organizations are particularly struggling as their current WAF deployments are unable to handle a broader range of application attacks, particularly client-side attacks, API-based attacks, and bot-driven attacks. On the API (application programming interface) front, for example, an increasing number of server-side request forgery (SSRF) are made possible due to how cloud architectures use metadata APIs and webhooks. "The WAF may not necessarily be deployed in-line to monitor the outbound HTTP requests made by the web application. Many SaaS companies offer some form of web hook product which makes an http request on behalf of the user and cannot be easily differentiated from an SSRF attack," explained Jayant Shukla, CTO and co-founder of K2 Cyber Security

Overcoming Data Security Challenges in a Hybrid, Multicloud World

With each step, from IaaS to PaaS to SaaS to DBaaS, organizations give up some level of control over the systems that store, manage, distribute and protect their sensitive data. This increase in trust placed in third parties also presents an increase in risk to data security. Cloud deployments work on a shared responsibility model between the cloud provider and the consumer. In the case of an IaaS model, the cloud consumer has room to implement data security measures much like what they would normally deploy on premises and exercise tighter controls. For SaaS services, cloud consumers have to rely on the visibility provided by the cloud provider which, in essence, limits their ability to exercise more granular controls. It’s important to note that regardless of the chosen architecture, it’s ultimately your organization’s responsibility to ensure appropriate data security measures are in place across environments. To learn more about how to adapt your data security, data privacy and compliance practices to the hybrid multicloud, read the “Overcoming Data Security Challenges In a Hybrid Multicloud.”

Are Today’s Banks Prepared To Deploy Tomorrow’s Technologies?

While it is impossible to determine what the “new normal” in banking will look like, it will undoubtedly be far different than the past. It is still unknown how the negative financial impact of the pandemic on consumers will impact future banking behavior. While we have seen a spike in digital transactions and in the amount of savings set aside by consumers, it is too early to develop reliable trend lines going forward. There is little doubt that the banking industry will face a stretch of economic pressure created by delayed loan payments, lower fees, narrow margins and increased risk from credit losses. While government stimulus packages may help, there will still be capital and liquidity challenges. These financial challenges create a very clear call to action for financial institutions used to doing business the way it has been done for decades. Banks and credit unions must reimagine legacy business models and the technology used to serve the marketplace. Speed of change will determine winners as much as the changes themselves. Being a “fast follower” will no longer be acceptable.

Career advice for a changing world

For those growing up as digital natives, the principle of owning your network and profile may seem obvious. Everything we do will be captured digitally somehow — in both the professional and the social milieus. What you choose to post and how you present yourself matters: It is the foundation on which to build your network. The changing nature of work, including the fact that people may switch jobs frequently or be employed under a variety of types of agreements, will require the ability to present a compelling profile of who you are, and communicate this to your peers and potential collaborators. Here’s where your platform will find its outward presentation — where you can bundle your various talents, skills, aptitudes, and interests to present to prospective employers, mentors, and others you’ll work with or for. People at all stages of their career will need to do this, and as they add new abilities through upskilling, they add to the richness of their profile. You also need to build your network both digitally and physically (when that again becomes possible). If you are looking to change jobs, you should start by looking for ways to situate yourself among people who are already doing what you aspire to do, and build your new contacts.

Microsoft Teams' new 'Together mode' aims to make video calls more engaging

On most video calls, eye contact – or the lack of – is an ongoing problem, with people often appearing to look in the wrong direction. Together mode mimics the geometry of reflection, meaning that every participant is looking at the whole group through a big virtual mirror. “Once direct eye contact errors become hard to detect, people intuitively position themselves to look as if they are reacting to one another appropriately,” Lanier explains. Microsoft said its research has shown that as a result people tend to feel happier and more engaged in meetings. Additionally, everyone in Together mode is in a fixed position. If one person happens to appear in the fourth seat of the bottom row on their own screen, that person would appear in the fourth seat of the bottom row on everyone else’s screen. Angela Ashenden, principle analyst for workplace transformation at CCS Insight ,said the combination of both features helps to make the video meetings feel more natural. She notes that if a meeting leader tells everyone to click a button on the right of the screen, you see everyone’s gaze looking in the same direction.

Open source license issues stymie enterprise contributions

"The No. 1 issue [in enterprise open source] is still licensing," said Kevin Fleming, who oversees research and development teams in the office of the CTO at Bloomberg, a global finance, media and tech company based in New York. "But it isn't the licensing discussion that everybody was having five to 10 years ago -- now, the licensing discussion is about really important projects that enterprises depend upon deciding to switch to non-open source licenses." The legal outlook for enterprises has also been further complicated by varied approaches among vendors and open source foundations to copyright agreements, and a general lack of legal precedents to guide corporate counsel on open source IP issues. While Bloomberg's Fleming, and many other enterprise open source contributors, believes new license types such as the server side public license (SSPL) and the Hippocratic License clearly fall outside the bounds of open source, in the wider community, those aren't entirely settled questions. "Open source is bigger than licenses," said Coraline Ada Ehmke, software architect at Stitch Fix, creator of the Hippocratic License and founder of the Ethical Source Working Group.

Agile Initiative Planning with Roadmaps

Plans are critical because they set expectations on the goals, the strategy and the resources you need. They justify the organisation's expenditure on the initiative. They allow you to consider the problems you are likely to incur along the way and develop ways to avoid them. Plans build a bridge between management and the development team. With a plan, you can prepare for different eventualities to improve your chance of success. With a plan, you can get the commitment and resources you need to achieve your objective. Without a plan, it's unlikely that people will give you the funds or resources you need to succeed. Over the last few years, I have developed and refined an Initiative Roadmap process that allows you to define, design and plan an initiative in weeks instead of months or years. In an Initiative Roadmap, you set your goal, strategy and direction in a high-level plan so that you can get the necessary funding and support you need to build a delivery team. When the development team starts, they evolve the plan with business stakeholders to deliver the maximum business value possible within the time and budget available.

Google open-sources Tsunami vulnerability scanner

Google said it designed Tsunami to adapt to these extremely diverse and extremely large networks on the get-go, without the need to run different scanners for each device type. Google said it did this by first splitting Tsunami into two main parts, and then adding an extendable plugin mechanism on top. The first Tsunami component is the scanner itself -- or the reconnaissance module. This component scans a company's network for open ports. It then tests each port and attempts to identify the exact protocols and services running on each, in an attempt to prevent mislabelling ports and test devices for the wrong vulnerabilities. Google said the port fingerprinting module is based on the industry-tested nmap network mapping engine but also uses some custom code. The second component is the one that's more complex. This one runs based on the results of the first. It takes each device and its exposed ports, selects a list of vulnerabilities to test, and runs benign exploits to check if the device is vulnerable to attacks. The vulnerability verification module is also how Tsunami can be extended through plugins -- the means through which security teams can add new attack vectors and vulnerabilities to check inside their networks.

Up Close with Evilnum, the APT Group Behind the Malware

Evilnum's primary goal is to spy on its targets and steal financial data from businesses and their customers. Its attackers have previously stolen spreadsheets and documents with customer lists, investments, and trading operations; internal presentations; software licenses and credentials for trading software and platforms; browser cookies and session data; email credentials; credit card information; and proof of address and identity documents. The group has also obtained access to VPN configurations and other IT-related information. Like many threat groups, Evilnum starts with a phishing email. Messages contain a link to a ZIP file hosted in Google Drive. This archive has multiple LNK files designed to extract and execute a malicious JavaScript component while displaying a fake document. These "shortcut" files have "double extensions" to trick victims into believing they are harmless and opening them. These LNK files all do the same thing: When opened, a file searches its contents for lines with a specific marker and writes them to a JavaScript file. This malicious file is executed and then writes and opens a decoy file with the same name as the LNK file.

Quote for the day:

"Challenges are what make life interesting and overcoming them is what makes life meaningful." -- Joshua J. Marine

No comments:

Post a Comment