The commodification of customer data privacy
B2B customers want personalized experiences, too. Aside from the data they
might input into a contact form; B2B buyers put plenty of data online for the
world to see. You can build a B2B buyer profiles just by gleaning data from
their LinkedIn profile and their interactions online. Software exists that
enable businesses to automate the process by scraping data from public
sources. But it needs to be clear that this information is being collected and
stored in good faith. Businesses should limit the amount of data they collect
from customers, only using the data essential to their
operations. Customers should always be made aware of what data is being
collected, why, and how it will be used. This information should be easy to
find and understand, not obfuscated by legal jargon and fine print. Some good
examples of this are the “cookie” statements businesses place on their
websites under the EU’s General Data Protection Regulation (GDPR). Finally,
data must be stored in a secure environment, then erased when it is no longer
being used. The customer should be made aware of what policies and protections
are in place regarding the use of their data.
Unethical AI unfairly impacts protected classes - and everybody else as well
Why is ethics so important now with AI? Wherever there is a social context,
anything involving people, ethical questions are necessary because it becomes
personal. Before big data and data science, researchers categorized people
into cohorts, or categories, such as tofu lovers with a college degree, or
evangelical Christians. There wasn't enough data available at the individual
level to draw inference on a single person. Even when evaluating a single
person for credit or life insurance, the few available characteristics were
used to compare with a larger group. What is different today is an avalanche
intimate, personal detail, exacerbated by a shift in sources, from interval
"operational exhaust" to a myriad of external, non-traditional data, such as
pictures and videos that are not even vetted. In the wrong hands, with the
wrong model, it can wreak havoc to people's lives. The capability to produce
errant models and inferences and put them in production at a scale that is
orders of magnitude greater than anything before compounds the potential
adverse outcomes. Today, your "digital footprint," information about you on
the internet, is so enormous that it is estimated the growth of your personal
data on the internet is two megabytes per second.
Using deep learning to infer the socioeconomic status of people in different urban areas
Researchers at the Ecole Normale Superieure (ENS) de Lyon and Central European
University (CEU) have recently developed a deep neural network that could be
used to study the socioeconomic inequalities that can arise from urbanization.
Their study, featured in Nature Machine Intelligence, confirms the potential
of convolutional neural networks (CNNs) for the in-depth analysis of
geographical regions. For many years, efficiently tracking urbanization, the
process through which an urban area becomes increasingly large and populated,
has proved fairly challenging. The development of increasingly advanced remote
sensing and satellite technologies, however, opened up new exciting
possibilities for the observation of specific geographical regions and
consequently for urbanization-related research. In their study, the
researchers ENS Lyon and CEU tried to use deep learning algorithms to analyze
the images collected by these tools. "Our initial goal was actually to check
what was the finest spatial resolution that we could get our algorithm (i.e.,
predicting the average income of an area based on its satellite image) to work
with," Jacob Levy Abitbol and Marton Karsai, the researchers who carried out
the study, told TechXplore.
Digital transformation: 4 ways to help IT teams adapt to disruption
Prioritize user adoption and buy-in. That includes understanding
generational and workstyle differences of various users and establishing
clear metrics around adoption, usage, and engagement. Analyzing the depth of
communication and relationships that result from the collaborations will
reduce communication gaps and breakdowns and provide a clear indication that
the collaboration is working. ... IT leaders aiming for digital success must
better identify future skills requirements, push for increased investment
and uptake in skills acquisition, improve access to quality training to
support future skills, and create an agile skills development system that
can adapt to market needs to fuel a culture of lifelong learning. Sometimes
those answers can come from within. ... This tells us we need a
different kind of leadership, one in which leaders inspire rather than
require. ... Adaptive design allows the transformation strategy and resource
allocation to adjust over time. That includes flexible talent allocation, a
key differentiator in a transformation’s success, and ensuring resources are
earmarked for initiatives that span organizational silos. It’s also
important to practice the art of simplicity by valuing what works well
enough and accepting solutions that satisfy business needs – you can enhance
a simple solution later on.
FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State
The F.B.I. on Tuesday confirmed that the hack was the work of a state, but
it also would not say which one. Matt Gorham, assistant director of the
F.B.I. Cyber Division, said, “The F.B.I. is investigating the incident and
preliminary indications show an actor with a high level of sophistication
consistent with a nation-state.” The hack raises the possibility that
Russian intelligence agencies saw an advantage in mounting the attack while
American attention — including FireEye’s — was focused on securing the
presidential election system. At a moment that the nation’s public and
private intelligence systems were seeking out breaches of voter registration
systems or voting machines, it may have a been a good time for those Russian
agencies, which were involved in the 2016 election breaches, to turn their
sights on other targets. The hack was the biggest known theft of
cybersecurity tools since those of the National Security Agency were
purloined in 2016 by a still-unidentified group that calls itself the
ShadowBrokers. That group dumped the N.S.A.’s hacking tools online over
several months, handing nation-states and hackers the “keys to the digital
kingdom,” as one former N.S.A. operator put it.
Dealing with Remote Team Challenges
Most of us are social creatures who enjoy the company of others. The concept
of coming together to solve a common goal isn’t necessarily displaced by the
concept of remote or distributed, but it can be trickier. There are
opportunities for asynchronous communication, increased productivity through
"flow" or uninterrupted time, and reduced travel and asset management costs.
On the other hand, there are the challenges of equitable access, ensuring
adequate resources and tooling as well as the need to address social
isolation and the issue of trust. What seems to be happening more and more
though is the shift away from a hierarchical structure to a more neural one
with teams becoming smaller, more agile and cross-functional, as suggested
by the May 2020 McKinsey Report. Mullenweg’s five stages of remote
working suggest that those teams that have moved beyond trying to replicate
the office model to be remote-first and truly asynchronous are edging closer
to Nirvana, a state where distributed teams would consistently perform
better than any in-person team. At this point, the creativity, energy,
health and productivity of the team are at their peak with individuals
performing at their highest level.
CIO interview: John Davison, First Central Group
“Intelligent automation means so much more for us than an efficiency tool,”
says Davison. “We are building an entirely new technical competency into our
business, so that it becomes part of our DNA. This not only changes
operational execution but, importantly, changes the management mindset about
the art of the possible and strategic decision-making.” The automated
renewal process is another area where Blue Prism has been deployed. With the
support of Blue Prism’s partner, IT and automation consultancy T-Tech, the
First Central team can check for accuracy the issue of more than 3,000
renewal invitations daily in just two hours. The new process verifies each
renewal notice, removing the need for costly, time-intensive manual work
downstream to correct anomalies and reduce the risk of a regulatory
incident. Along with driving operational efficiencies, Davison
believes RPA also boosts business confidence. “Risk mitigation is a lot more
intangible, but can measure the cost of distraction and can measure our
effectiveness from a robotics perspective,” he says. Davison’s team has
established a robotics capability for the business capability. “It is not my
job to close down operational risk,” he says.
The best programming language to learn now
The typed-language lovers are smart and they write good code, but if you
think your code is good enough to run smoothly without the extra information
about the data types for each variable, well, Python is ready for you. The
computer can figure out the type of the data when you store it in a
variable. Why make extra work for yourself? Note that this freewheeling
approach may be changing, albeit slowly. The Python documentation announces
that the Python runtime does not enforce function and variable type
annotations but they can still be used. Perhaps in time adding types will
become the dominant way to program in the language, but for now it’s all
your choice. ... If you’re writing software to work with data, there’s a
good chance you’ll want to use Python. The simple syntax has hooked many
scientists, and the language has found a strong following in the labs around
the country. Now that data science is taking hold in all layers of the
business world, Python is following. One of the best inventions for creating
and sharing interactive documents, the Jupyter Notebook, began with the
Python community before embracing other languages.
Millions of IoT Devices at Risk From TCP/IP Stack Flaws
The research is a continuation of Forescout's exploration of TCP/IP stacks.
In June, Forescout revealed the so-called Ripple20 flaws in a single but
widely used TCP/IP stack made by an Ohio-based company, Treck. This time
around, Forescout broadened its research into more types of TCP/IP stacks.
The stacks enable basic network communication. Software developers don't
develop their own but instead use off-the-shelf open-source stacks in their
products or forks of those projects. "We discovered...33 vulnerabilities in
four of seven [TCP/IP] stacks that we analyzed," Costante says. The flaws
were found in uIP, FNET, PicoTCP and Nut/Net. Forescout also examined IwIP,
CycloneTCP and uC/TCP-IP but didn't find any of the most common coding
errors. But Forescout says it doesn't mean those TCP/IP stacks are
necessarily free of problems. Many of the issues are centered around Domain
Name System functionality. "We find that the DNS, TCP and IP sub-stacks are
the most often vulnerable," Forescout says in its report. "DNS, in
particular, seems to be vulnerable because of its complexity." Brad Ree, who
is CTO of the consultancy ioXt and board member at the ioXt Alliance, says
it is concerning to see the IPv6 vulnerabilities in Forescout's findings.
How Kali Linux creators plan to handle the future of penetration testing
The Kali Linux distribution, designed specifically for penetration testing and
digital forensics, is still offered free of charge. Under her leadership
OffSec has formed a dedicated Kali team and made quarterly releases since
January 2019, which has received positive reviews from the community. “Kali
and other projects like Exploit Database, the largest collection of exploits
and vulnerabilities on the internet, keep us uniquely in tune with the needs
of the security community and continue to inform our company direction,” she
explained. But the thing she’s most proud of is that OffSec has become a
company with a clear set of well-defined core company values: family, passion,
integrity, community and innovation. “We live by these values as we scale,
hire and operate. As a CEO, I found my own style through the support of our
team members: have the courage to be authentic and vulnerable. We have
cultivated an environment to embrace and practice a growth mindset, build
vulnerability-based trust, and empower and enable our team to do their best.
My job as CEO is about how to make our people happier in ways I or OffSec can
influence.”
Quote for the day:
"Success consists of going from failure to failure without loss of enthusiasm." -- Winston Churchill
No comments:
Post a Comment