Daily Tech Digest - January 16, 2021

How next-gen cloud SIEM tools can offer critical visibility for effective threat hunting

Organizations must adopt a new cloud-centric mentality, supported by a combination of new security solutions ready to handle the high volume and velocity of data flowing across cloud environments. Organizations must focus on tools such as Next-Gen SIEM, cloud-focused tools such as cloud access security broker (CASB) and cloud security posture management (CSPM), and modern consolidated network and security services such as secure access service edge (SASE), which all enable modern security architecture approaches. These scalable tools include license models not based on the volume of data ingested but other variables, such as number of users monitored. CSPM and CASB can help users adopt new policy enforcement practices, helping organizations to navigate complex security settings and services from public cloud providers and cover any gaps in visibility from the multiple IaaS, PaaS and SaaS services adopted. Additionally, where users are operating off of personal devices and accessing cooperate resources, SASE offerings help transition controls such as secure web gateways to a cloud-based model from anywhere in the world. Companies no longer need to debate losing visibility for a better price or improved network resiliency.

Five emerging fraud threats facing businesses in 2021

Synthetic identity fraud – when a fraudster uses a combination of real and fake information to create an entirely new identity – is currently the fastest growing type of financial crime. The progressive uptick in synthetic identity fraud is likely due to multiple factors, including data breaches, dark web data access and the competitive lending landscape. As methods for fraud detection continue to mature, fraudsters are expected to use fake faces for biometric verification. These “Frankenstein faces” will use AI to combine facial characteristics from different people to form a new identity, creating a challenge for businesses relying on facial recognition technology as a significant part of their fraud prevention strategy. ... Once the stimulus fraud attacks run their course, it is predicted that hackers will increasingly turn to automated methods, including script creation (using fraudulent information to automate account creation) and credential stuffing (using stolen data from a breach to take over a user’s other accounts) to make cyberattacks and account takeovers easier and more scalable than ever before.

A guide to being an ethical online investigator

It’s not just legal issues that would-be amateur online investigators need to be aware of. Much of the online activity carried out in the wake of the Capitol riots raises ethical questions, too. Should a person who didn’t storm the Capitol but attended the rallies leading up to the riots be identified and risk punishment at work? Do those who were in and around the Capitol on January 6 automatically lose the right to privacy even if they weren’t involved in riots? It’s worth thinking through how you feel about some of these questions before you continue. Few are clear cut. So, where does the information come from? “Our bread and butter is open source,” Fiorella says. “Open-source media” refers to information that is publicly available for use. Data archivists, or those who collect and preserve information online for historical purposes, accessed such open-source data to save posts before they disappeared as social media companies pushed President Donald Trump and many of his supporters off their platforms. “If you were at the Capitol storming and recorded video and took selfies that anyone can access, and it’s openly available on the internet, it’s fair game,” says Fiorella.

Top Five Artificial Intelligence Predictions For 2021

Though regulation hasn’t reached a boiling point yet, AI governance will continue to be a hot topic in 2021. As AI becomes more pervasive, more and more stakeholders are waking up to the potential problems it introduces to the public. In response, organizations everywhere — from the most cutting-edge to the laggards — will be expected to deliver AI systems that are responsible, transparent, and unbiased. But whose responsibility is it to make sure this happens and regulates AI – the government, businesses, industry groups, or some combination? If businesses want to regulate themselves before the government does, they will have to take steps to ensure the data that feeds their AI is fair and unbiased, and that their models are empathetic, transparent, and robust. ... With several big consumer brands in the hot seat around questionable AI ethics, most people still don’t trust AI. For many, it’s because they don’t understand it or even realize they’re using it daily. Consumers are getting so many AI-powered services for free — Facebook, Google, TikTok, etc. — that they don’t understand what they’re personally giving up in return — namely their personal data. As long as the general public continues to be na├»ve, they won’t be able to anticipate the dangers AI can introduce or how to protect themselves — unless the market better educates customers or implements regulations to protect them.

Amid WhatsApp privacy concerns, the draft Data Protection Bill comes to mind

Is data property? No, because then it would fall under The Sale of Goods Act. Only if something can be physically sold, rented out or gifted, then it becomes a property. Data is an intimate connection bet­ween the human being and the thing in question. It has tremendous value, hence, there are always people waiting to take it. This was a concern in Puttaswamy vs Union of India where the Supreme Court said: “Aadhaar is a serious invasion into the right to privacy of persons and it has the tendency to lead to a surveillance state where each individual can be kept under surveillance by creating his/her life profile and movement as well on his/her use of Aadhaar.” ... Not everything is clear yet. The consent conundrum remains. With the age of majority being 18, all contracts under this age are said to have no value. Yet, when a child clicks “I agree”, it technically becomes a contract. Children often lie and say they are 18 and/or claim to have parental consent. Of course, it can have positive outcomes too. The Justice gave an anecdote of his grandson being aware of advanced mathematical concepts thanks to one Khan Academy. Consent should be given in a manner which is understood.

Can Cloud Revolutionize Business and Software Architecture?

The physics behind software development changed completely in the past two to five years, Ahlawat said, with the growth of hybrid, multicloud, and edge. “Eighty percent of enterprises today have workloads that span multiple clouds and two out of three of them are using multiple clouds for many strategic reasons,” he said. That means applications in today’s environment can span data centers and clouds as well as go to the edge. Tied to this trend is the evolution of connected devices and the Internet of Things, Ahlawat said. “Up until a few years ago, there was still a question whether IoT was hype,” he said. “Today we have 20 billion connected devices generating about 50 zettabytes of data a year.” Use cases on this front, Ahlawat said, include connected homes and smart cities, which still have room to grow to become mainstream. The further development of data and AI also affects software development, he said. “Of all the data generated ever, 90% of that was generated in the last two years,” Ahlawat said. “When we talk with large software companies and enterprises, data and AI are central to their strategies.” This is unlocking transformative use cases such as autonomous cars and medical imaging, he said.

'Scam-as-a-Service' Scheme Spreads

The fraudsters are posting fake online classified advertisements for products to dupe interested buyers into visiting phishing pages, where their personal and payment data is harvested, according to Group-IB. Although the operation started in Russia two years ago, by early 2020, it had expanded to include 40 subgroups that have focused on targets in the U.S. and Europe, the new research report says. Brands spoofed by the cybercriminal gang include French marketplace Leboncoin, the Polish online brand Allegro, the Czech website Sbazar and Romania's FAN Courier site. The report also notes the group has expanded its operations in the U.S. and Bulgaria by mimicking FedEx and DHL Express. ... The hackers have set up several Telegram chatbots for automated management and expansion of the scheme, the report notes. These bots are designed to provide scammers with ready-to-use pages mimicking popular classified advertising, marketplace and phishing URLs. "Classiscam chatbots, where fake pages are generated and profits are reported, are not completely autonomous. They require ongoing technical support and moderation," says Dmitriy Tiunkin, head of the digital risk protection department at Group-IB Europe.  

Successful Malware Incidents Rise as Attackers Shift Tactics

"That shift is really interesting because it starts to show the new reality of the work device truly morphing into a work-and-personal device," Covington says. "When you don't leave the house anymore, the phishing events and social engineering events — the ways that attackers get into organizations — are not just happening in the context of business email anymore." Others have noted the impact of the move to remote work on security. In September, a survey of CIOs found that 76% of the executives were worried that content sprawl put company data at risk. An earlier survey found that about six in 10 workers were using personal devices to work from home, and most of them considered the devices to be secure. Wandera found a similar set of impacts from the move to remote work, with many employees behaving differently. Because workers traveled less, they were about half as likely to use a risky Wi-Fi connection for work. And because personal time and work time blended together, a single device had a greater blend of business and personal applications, says Covington. "Honestly, they were looking to kill time," he says. "The types of apps that we installed on work devices this year, we would not have typically seen installed. A lot of games and a lot of productivity tools."

Drone Technology Extends Reach of Mobile IoT

Drones are typically equipped with two types of software. The software that’s closely coupled with the drone hardware manipulates the drone and the gear to keep it aloft while connecting it back to an operator who controls the drone’s flight path. The second type of software is the application—the programs that enables the drone to complete its specific task and to gather relevant information. Currently, there are no standards for the control or the application software, so a potential purchaser must be aware that the application software usually has to be customized to work with a specific manufacturer’s drone and its basic operating system. As a result, you have to ensure that the software you need can actually run on the drone hardware you intended to acquire. Skydio, for example, markets some applications software, such as Skydio 3D Scan and Skydio House Scan, with its drones, and also partners with third-party drone software makers for other applications. And, of course, a potential user has to confirm that the format of the data that the drone collects and disseminates is consistent with other formats currently used by the data analysis programs already in place. Some integration work may be required.

What analytics can unveil about bot mitigation tactics

Shortcomings have recently come to light about even the most common and accepted bot mitigation technologies. For example, solutions offering CAPTCHA challenges are not only ineffective at detecting and stopping automated attacks, but they often lead to a friction-filled experience, frustrating customers and leading to lower conversion rates. Many online retailers and e-commerce providers will actually forgo implementing security due to fear that this friction will have a negative impact on sales. Bot mitigation approaches that are based on observations from historical and contextual data (e.g., IP addresses and analysis of known behaviors) and then rely on taking steps to block similar behavior can often block IP addresses or stop specific user behavior that might not actually indicate an attack (e.g., late night banking or shopping). These methods trigger poor experiences and have been shown through analysis to not produce the desired mitigation or prevention results. More recently, use of a rules-based architecture to prevent attacks has grown in popularity. Unfortunately, a rules-based solution falls short when faced with advanced AI- and ML- equipped bots that can morph on the spot to evade an organization’s cyber defenses.

Quote for the day:

"When building a team, I always search first for people who love to win. If I can't find any of those, I look for people who hate to lose." -- H. Ross Perot

Daily Tech Digest - January 15, 2021

CISA Warns of Surge in Attacks Targeting Cloud Services

This week's CISA alert notes that some hackers are using phishing emails to steal credentials from employees so they can compromise cloud resources. In many cases, the malicious messages appear to originate from overseas IP addresses and domains, but attackers can easily route the traffic through a proxy server or Tor-based network to hide its origins, CISA says. Hackers also are using brute-force attacks to guess weak passwords. "In one case, an organization did not require a virtual private network for accessing the corporate network," the CISA alert notes. "Although their terminal server was located within their firewall, due to remote work posture, the terminal server was configured with port 80 open to allow remote employees to access it - leaving the organization's network vulnerable. The threat actor attempted to exploit this by launching brute force login attempts." In some cases, attackers are bypassing multifactor authentication protections by compromising browser cookies to collect one-time passwords and other data, CISA adds. After gaining an initial foothold in the network, some of the hackers attempted to change settings within victims' email inboxes that would forward messages to the attackers or hide certain emails from security tools. 

How CDOs Can Build Insight-Driven Organizations

Establish a data insights council to facilitate collaboration and build consensus. Forrester recommends that CDOs be collaborates above all else in order to establish common foundations, prioritize projects and allocate resources. "Bringing key stakeholders together in a data insights council allows them to see things differently and gives them a role in building the framework for becoming insights driven," Belissent writes. Deliver value quickly through iterative proofs of value. This is a big one. Forrester says that successful CDOs must demonstrate the value of applying data and analytics to specific business questions fast. If there aren't yet results, then the CDO should demonstrate the work in process instead. Showing results builds trust with stakeholders. One CDO quoted in the report noted that he did many "dog and pony shows" to demonstrate insights and how they provided incremental value. This takes the collaborative process one step further. The two new reports written by Belissent are titled Chief Data Officers: Accelerate Insights-Driven Business Impact in 12 Steps, and Chief Data Officers: Evolve Your Teams to Accelerate Impact from Data Insights.

Raspberry Pi 400: The inside story of how the $70 Pi-powered PC was made

Redesigning the Raspberry Pi 4's printed circuit board to fit the Pi 400 in some ways wasn't that big a deal, says Martin, but it still took him eight weeks to get the layout right. "I took a lot of the Pi 4 layout blocks – things like the processor and memory. There was a lot of effort into making that good. So instead of restarting it, I just took the entire block of all the wiring between those two parts and dropped them into my design. "The same went for the power supply circuit as well. I didn't want to redesign it, I wanted to just drop it into this board. If you look very carefully at the Pi 4 and Pi 400 circuit board, you'll see they're exactly the same layout of components in that area." Some people have commented that the Pi 400 is a left-handed computer because of the position of the USB ports on the left side of the back of the keyboard. Why put all the USB ports, add-on port, and HDMI ports on the back instead of putting some on the side? The main reason was to keep the cost of production down. After all, making a computer that costs just $70, based on a board that retails for $55, might require some trade-offs. "One of the more contentious things we've had on the keyboard is the port selection. It's been tough," he says.

How to Achieve Collaboration Tool Compliance

Third-party tools can address these Zoom-bombing risks by providing global, firmwide transparency into collaboration platform security settings and the ability to lock down and enforce settings across all accounts. Since technical controls to protect privacy are always preferable, privacy officers and compliance teams are embracing mechanisms for configuring and monitoring security settings using these new enterprise dashboards. Finally, most of the regulators flagged the physical risks of remote working environments. To translate from security-speak, "physical risks" are the risks of whiteboards, documents, people, or other viewable content in your home office. Canada's OPC cautions "[b]e careful about where you sit during the call. Who and what is visible in the background can reveal a lot of information that you might not want to share; mirrors and other reflective objects can show people in the room that may not want to be in the video." So, while we're all clamoring for Room Rater likes, the more secure approach is to use background blurs and other techniques to secure your office. Moreover, the use of innovative supporting tools to analyze videoconferences to detect problematic logos, images, or text in office backgrounds will further strengthen your privacy posture.

Understanding third-party hacks in the aftermath of the SolarWinds breach

Third-party supply chain compromises have been happening for years, and most organizations need to have an appropriately staffed and funded sub-team focused on vetting its third parties and contractually obligating them to improve their security as needed to match nation-state threats. We no longer live in a world in which it is tenable to throw up one’s hands and give up if there is a nation-state attacker targeting the organization. Assume there is a nation-state targeting your organization. Cost effective defenses do exist which can hold up even against nation states. If your organization is not there yet, don’t just focus on a SolarWinds update – focus at least on the broader need for supply chain security as a start with your CEO and your board. That said, a compromise of a supplier is just one type of a third-party compromise or abuse. There are many other types of third parties that can be compromised (or abused). Developers, partners, customers, or potential acquisitions are examples. Developers that abuse your services, as occurred to Facebook by Cambridge Analytica in 2016, is a form of third-party abuse. In the case of Dun and Bradstreet in 2017, one of their customers had a database of 33 million business contacts that they sold, and it was then stolen from their customer.

Building an Intentional Organisation: a Holistic Approach

In the context of the Intentional Organisation, sustainability has a broader meaning than what is often intended. For me, it is the capability of the organisation to last in order to achieve its purpose. This happens by interpreting in a new way the relationship with the ecosystem of which the company is part. Distinguishing between environment and ecosystem is essential here; we are all part of the overall environment, but it is only in the ecosystem that we develop ties and relationships, and that we can indeed act upon. This means creating awareness of our entire network of stakeholders, and an understanding of the flows of meaning that support those relationships. We always assume that financial value dominates these relationships, but we know this is not the case. Why does a customer choose our product? Why does an investor buy our shares? Why does a candidate apply to one of our jobs? Why does a supplier connect to work with us? Recent years have seen the development of many marketing initiatives, in the form of branding exactly to support some of these "meanings". This is only a partial response; we need to understand this issue needs to become part of the design of our organisations.

As the SEC Launches Crypto Office, Blockchain Security Brings Out Its Big Guns

Recent events have proven there’s financial gain in cryptocurrency, if that wasn’t clear enough already. Shortly after PayPal announced it would allow its users to buy, sell, and hold cryptocurrency and Joe Biden won the U.S. presidency, Bitcoin’s price shot up to record highs, eventually breaching the $37k mark. Other cryptocurrencies followed suit. While the latter doesn’t necessarily indicate causation, Bitcoin held its highs, and Ethereum, the second-largest cryptocurrency, boomed after the president-elect appointed cryptocurrency-savvy Gary Gensler to lead his financial policy transition team. And the icing on the cake? The U.S. Securities and Exchange Commission (SEC) announced earlier this month the launch of a new standalone office dedicated solely to blockchain and digital assets to keep up with the technological advancements. These are only the latest developments, as institutional investors put their money in crypto and digital assets exchanges sprout all over the world. Now that these novel assets are joining the big leagues, so must the security protocols entrusted to protect everyone’s money. And the security heavyweights are bringing out the big guns.  In early December, cyber startup GK8 brought its high-security vault for digital assets to the Spain-based Prosegur, one of the world’s largest custodians in the field of physical security for traditional banks. The vault will power Prosegur’s new service for custody and management of digital assets, representing the first time a cash-management company enters the digital asset space and offers custody of cryptocurrency. 

The next S-curve in model risk management

Proactive MRM activities, aligned with both business needs and risk-management objectives, must be in place to prevent overgrowth of the model inventory. To ensure that the inventory is rational and effective, banks need to manage the model landscape as a whole. They also need to ensure that model quality is high. Gaining transparency to direct such efforts can involve deploying model workflow and inventory tools, consistently applied model-risk-rating approaches, and regular monitoring of model performance and use. The MRM function can support the bank by fully optimizing the portfolio of models. This support goes beyond performing validation work and ensuring consistency across modeling and monitoring practices. Model development is also in need of optimization and consolidation, since development is usually fragmented across different business units. Hundreds of models now need to be adjusted, developed, and recalibrated. There is a lesson in this—the effective and efficient development of new models must result in models that are easy and inexpensive to maintain in the future. In taking stock of existing models, banks should seek to improve the quality of the best models while decommissioning poor-quality, ineffective, and outdated models.

Pandemic ushers in the next big wave of IT outsourcing

Every outsourcing wave in history has been accompanied by an acute crisis along with an outsized opportunity. In the first wave, it was the bogey of Y2K that terrified companies into thinking the world would stop dead in its tracks when computer clocks, engineered with only the twentieth century in mind, entered the 21st century. The Y2K non-problem fired up the rockets for Indian IT by introducing the opportunity of using cheap labour to architect applications and taking care of a company's tech infrastructure remotely. Then came the global financial crisis in 2008 and glimmers of a new dawn began to appear on the horizon. This new dawn shined a light on the urgency of the incoming digital age and the need to rapidly buy into it by ditching the old labour arbitrage business for a world that necessitated more complex digital solutions using the cloud, AI, machine learning, and big data. These technologies became the new gospel. And yet, despite that evangelism, most IT services companies failed to embrace the digital with an urgency that was crucially needed. The flow of easy money from the old business still continued, albeit at a dwindling rate. Both companies and IT providers were reluctant to jump ship, and the new world of digital solutions was still too unfamiliar to be embraced wholeheartedly.

Businesses Struggle with Cloud Availability as Attackers Take Aim

The cloud-related challenges companies face set a concerning stage for an alert published this week by the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA). US officials warn of "several recent successful cyberattacks against various organizations' cloud services," done by attackers exploiting poor cyber hygiene practices within a victim's cloud services configuration. These attacks frequently occurred when a target organization's employees worked remotely and used a combination of corporate and personal devices to access cloud services, CISA states. Despite the use of security tools, poor user practices paved the way for successful attacks. Attackers used a variety of techniques – phishing, brute force login attempts, and possibly a "pass the cookie" attack – to breach cloud services. CISA warns of phishing emails with links to harvest credentials for cloud service accounts. With these credentials, the attackers were able to log in and send emails from the target user's account to other accounts in the same business. In several instances, they say, attackers collected sensitive data by abusing email forwarding rules that employees had set up to send business emails to their personal accounts. In one, they modified an email rule to redirect emails to an account controlled by the attackers.

Quote for the day:

"People will not change their minds but they will make new decisions based upon new information." -- Orrin Woodward

Daily Tech Digest - January 14, 2021

WhatsApp in a catch-22 situation over the new privacy policy

Concurring with Sinha, Kwebmaker founder, and CEO Dhananjay Arora said that the WhatsApp privacy policy is no threat to personal chats and group chats as WhatsApp has confirmed that these are secure and users' personal data, chats, location, contacts, etc. are not shared. "The sharing of data comes for WhatsApp Business accounts (which is an important monetization platform for otherwise free to use WhatsApp). Data on business chats can be shared with Facebook and from a marketer's perspective, this is a good thing. This will allow brands and marketers to target users across the Facebook universe which includes Facebook, WhatsApp, and Instagram to do even better 'targeting' of your clients/customers." He further stated that the policy will help marketers to do targeted advertising. He also said that India needs better privacy and data protection laws to prevent misuse of data. "From a digital advertising perspective, it actually narrows down the users even more precisely which means brands get more focused advertising which leads to more tangle and better ROI. On the flip side, this should not be used by anti-social elements to promote hate messages and polarisation. ...."

Vulnerability Management Has a Data Problem

Security teams need data that helps them prioritize remediation based on business risk as well as information that guides and drives process improvement. Data should help them identify weak spots and refocus remediation efforts for the most at-risk technology impacting the most critical business areas. For example, if a scanner identifies a SQL injection in line 7 or a patch needed on the Red Hat box, that information doesn't convey the specific product impacted, the owner, or the business criticality for the organization. Does one of those vulnerabilities pose more of a risk to keeping the lights on than the other? Which needs immediate attention if the team can't fix both concurrently? Another consideration is the fluctuating criticality of impacted technology depending on the enterprise's business cycle. For example, many retailers see increased risk during holiday shopping seasons, while grocery chains introduce new products on a monthly basis that can cause priorities to shift across multiple IT and business units. For these situations, teams need better data to facilitate making decisions based on business expectations in real time. Next, the remediation team needs an understanding of how a particular fix could impact operations.

Minimizing cyberattacks by managing the lifecycle of non-human workers

A chatbot uses AI to simulate conversations with end-users in natural language. This type of bot may be used on a website, messaging application, or mobile app, and it fosters communication between machines and humans. Cybercriminals can transform a chatbot into an “evil bot” and use it to scan an organization’s network for other security vulnerabilities that could be exploited at a future date. With an evil bot at their disposal, cybercriminals can steal an organization’s data and use it for malicious purposes. An evil bot can also disguise itself as a legitimate human user and gain access to another user’s data. Over time, the bot can be used to accumulate data about a targeted victim from public sources and the dark web. A transactional bot acts on behalf of a human and lets a customer make a transaction within the context of a conversation. The bot cannot understand information outside the conversation – instead, the bot serves one specific purpose, and it provides a customer the ability to quickly and conveniently complete a transaction. Transactional bots are likewise not hacker-proof. If cybercriminals access a transactional bot, they can use it to collect customer data. They can also use the bot to conduct fraudulent transactions or prevent an organization from utilizing the bot to respond to customer concerns, questions, and requests.

Learning on the job when working from home

Some companies are planning for most work to take place remotely in future, including US-based file host service operator Dropbox, which in October announced its intention to go ‘virtual-first’. “We had some reservations about a hybrid model because you get two very different employee experiences that could result in issues with inclusion or inequities with respect to performance or career trajectory,” says its global head of channels, Simon Aldous. With most people working remotely, new starters doing likewise will be included in the conversation, he adds. Dropbox runs a two-day initial induction, held virtually since the start of the pandemic, followed by training and networking events over the first 90 days. It has also set up virtual ways to build relationships such as CoffeeBox, designed to recreate chats with colleagues in coffee shops. “We randomly assign a Zoom room with four other Dropboxers to casually connect,” says Aldous. The company has also run more open forums and ‘at home’ chats with its leaders. It also plans to turn existing office space it rents in San Francisco, Seattle, Austin and Dublin into Dropbox Studios, designed for collaboration such as team meetings and group events and with no desks for individual working.

Why DevOps Will Have To Change This Year

Wee observed that network engineering and software development principles are coming together, meaning that organizations will soon need to build teams with skills and credentials in both areas. "We expect to see hiring managers adapt by keeping an eye out for these credentials as they shift toward new workforce priorities and needs," Wee said. "Employing DevOps practices with trained and certified talent allows companies to proficiently respond to business demands, shorten time-to-market, and accelerate digital transformation." ... One of the biggest issues facing DevOps leaders this year will be deciding how to deploy and manage artificial intellicene applications. "AI doesn't fit well with the patterns and tools that we've developed," said Mike Loukides, vice president of emerging technology content at learning services firm O'Reilly Media. "In 2021, we'll see new tools for things like model versioning and management, data versioning and management, testing non-deterministic systems, and more," he predicted. AI system development promises to be challenging for DevOps teams accustomed to tackling conventional IT projects. "Models are built, trained, tested, and validated based on different data sources; these are the main stages the current DevOps pipeline would need to incorporate," observed Hasan Yasar

CISA: Hackers bypassed MFA to access cloud service accounts

CISA believes that the threat actors were able to defeat MFA authentication protocols as part of a 'pass-the-cookie' attack in which attackers hijack an already authenticated session using stolen session cookies to log into online services or web apps. The agency also observed attackers using initial access gained after phishing employee credentials to phish other user accounts within the same organization by abusing what looked like the organization’s file hosting service to host their malicious attachments. In other cases, the threat actors were seen modifying or setting up email forwarding rules and search rules to automatically collect sensitive and financial information from compromised email accounts. "In addition to modifying existing user email rules, the threat actors created new mailbox rules that forwarded certain messages received by the users (specifically, messages with certain phishing-related keywords) to the legitimate users’ Really Simple Syndication (RSS) Feeds or RSS Subscriptions folder in an effort to prevent warnings from being seen by the legitimate users," CISA added. The FBI also warned US organizations about scammers abusing auto-forwarding rules on web-based email clients in Business Email Compromise (BEC) attacks.

How to switch IT service provider with minimal disruption to your business

Many businesses prefer to employ a dedicated in-house IT manager or team, as this often increases reliability and response times to issues. However, it is simply unaffordable for many start-ups and SMEs. Employing an in-house team means covering salaries, onboarding costs, benefits and more. Given the inconsistent nature of IT demand, it is more financially viable to outsource work to a vendor as and when needed. Managing an IT environment comes down to defining priorities. Those who prioritise speed and access — for example, e-commerce businesses – may look to invest heavily into an internal team, minimising the risk of downtime which could impact customers. However, it is not always a case of one or the other. Businesses’ needs are likely to change over time and, for many, a mix of in-house and outsourcing provides convenience and financial stability. An in-house IT director may be tasked with building out the business’ IT infrastructure and managing system performance, while unexpected issues or projects are outsourced to an IT provider, so not to impact daily work or disrupt employees. ... Compared with employing an in-house IT manager, businesses are able to harness the knowledge and labour-power of a wider team of IT specialists, all while only paying a set fee as and when needed.

World’s largest dark web market disrupted in major police operation

Netherlands-based Europol said its dedicated dark web team – which works with law enforcement both inside and outside the European Union (EU) – was delivering a “completed, coordinated approach” to disrupting the underground illegal economy, including information-sharing, support and expertise, new tools, tactics and techniques, and target and threat identification. “The team also aims to enhance joint technical and investigative actions, and organise training and capacity-building initiatives, together with prevention and awareness-raising campaigns – a 360° strategy against criminality on the dark web,” the organisation said. “A shared commitment across the law enforcement community worldwide and a coordinated approach by law enforcement agencies have once again proved their effectiveness. The scale of the operation at Europol demonstrates the global commitment to tackling the use of the dark web as a means to commit crime.” IntSights cyber threat intelligence adviser Paul Prudhomme said the end of DarkMarket removed a key enabler for the cyber criminal underworld. “Dark web marketplaces such as this now-defunct website serve as key enablers for cyber criminals,” he told Computer Weekly in emailed comments.

Mobile RAT for Android Offered on Darknet Forums

The Rogue RAT is being offered for sale or rent in darknet forums, Check Point says in its new report. Once a hacker uses the Trojan, portrayed to victims as a legitimate app, to infect a device, the malware can exfiltrate data, such as photos, location information, contacts and messages. It also can download additional malicious payloads, including mobile ransomware. "When Rogue successfully gains all of the required permissions on the targeted device, it hides its icon from the device's user to ensure it will not be easy to get rid of it. If all of the required permissions are not granted, it will repeatedly ask the user to grant them," the Check Point report notes. "If the user tries to revoke the admin permission, an onscreen message designed to strike terror in the heart of the user appears: 'Are you sure to wipe all the data?'" The Rogue RAT takes advantage of a targeted device's Android Accessibility Services, which are designed to assist users with disabilities, according to the report. These services generally run in the background but can access apps and other components within an Android device. By accessing these services, hackers can gain control over a device without the victim knowing, the report notes.

Remote Reshapes the Future of Work

Video conferencing is great, but it's not a replacement. In some cases it may be contributing to more stress during an already stressful time. Not long after Zoom became a verb, "Zoom fatigue" became a much discussed affliction, with plenty of articles written about best practices to avoid it. Consider that we may now just be in version 1.0 of work-from-home collaboration technology. Chat software and video conferencing will become the primitive antecedents to the technology that will enable the workplace of the future. Just what will those technologies look like? Will you be able to project your hologram for conference calls and messages like in Star Wars? In an interview conducted last year about CIO priorities for 2021, Forrester VP and research director Matthew Guarini told InformationWeek that when things settle down after the pandemic, organizations will have 3x the number of home workers than they did pre-pandemic. In pre-pandemic times, extraverts and those in the physical office had an advantage over home workers. But the playing field will be more level with so many more people working from home. It will be up to the CIOs to improve the way the company collaborates and engages. One of those new technologies will be virtual worlds, like Second Life.

Quote for the day:

"Open Leadership: the act of engaging others to influence and execute a coordinated and harmonious conclusion." -- Dan Pontefract

Daily Tech Digest - January 13, 2021

Retrospective in Scrum & Agile: A Quick Start Guide for Managers

Speaking of Scrum, retrospective meetings play an important role in this agile framework for leading projects. Typically, retrospective reviews are held at the end of each sprint. Unlike other types of analytical meetings such as after-action reviews (AAR), project post-mortems, or agile sprint reviews (more on this in a moment), sprint retrospectives are organized with the team only (not managers or other stakeholders). It’s a ‘private’ ceremony, facilitated by a Scrum Master, where each person is asked to share their honest observations and feedback (without any blaming or shaming). A good Scrum Master can elicit answers to the following questions from the team: What went well during the sprint and what didn’t; Which areas are due for an improvement (across people-processes-tech).; and What should be added or removed from the current process? The purpose of such project retrospectives is to locate areas for improvement (similarly to what VSM does) and prompt the team to correct their behavior. But, unlike other types of ‘reflective meetings’, retrospectives are held at regular intervals during the project, not at its very end. ... In short, the difference between sprint review and sprint retrospective is the intention behind each meeting. The goal of a sprint review is to discuss the overall project progress including ‘done’ things, future project backlog, any bottlenecks, goals, plans, and timing.

6 Reasons to Start Managing Technical Debt in 2021

Technical debt is one of the reasons people leave - or asking themselves if they should leave. The Codeahoy survey found that 50% of developers surveyed are likely or 'very likely' to leave their jobs because of tech debt. Another 27% percent indicated that they think about it, but aren't sure. All in all, that's a sizable chunk of people who could be swayed by a compelling job offer from a competitor. Suppose your company is experiencing a high turnover of developers. Technical debt might be a factor, especially amongst those who are spending their time putting out fires in response to errors in legacy code at the expense of more exciting projects. ... Every minute spent on maintenance due to technical debt is a lost opportunity for innovation or value-adding work. Research by Accenture into Federal IT systems suggests that technical debt and resulting IT discontinuities impede Innovation and agility and engineering velocity suffers. 83% indicated that technical debt severely limits their ability to be innovative, and 79% report that it inhibits their responsiveness to change. Notably, only 38% of those surveyed were even estimating the cost of remediating technical debt.

Google: Our work to keep you safe and in control of your privacy

In 2020 we continued to invest in easy-to-use privacy and security settings, which are automatically built into every Google Account and Google products. How you use our products and services is a personal choice: When you sign up for Google products and services, we offer you settings that let you choose how to personalize your experience, and control what activity gets saved to your Google Account. And you can change these settings at any time. These privacy and security controls are available in your Google Account and the products you use every day across platforms and devices, including on iOS. For example, Your Data in Search, Maps and YouTube helps you easily understand how data makes these apps work for you and quickly access the right controls, directly in the apps. You can also just search for things like “Is my Google Account secure?” and a box only visible to you will show your privacy and security settings so you can easily review or adjust them. Google Pay, which was recently redesigned in the U.S., has strong privacy and security controls built-in that are easy to understand and simple to set up, access and manage.

How banks and financial services players will monetise open banking

“To provide real-time data sharing solutions through the pre- and post-transaction processing lifecycles allows automation and streamlining of operational processes as they [clients] do not have to rely on batch reports anymore, which are now perhaps legacy,” Vadakath says. Alongside this and fundamental to the success of the partnership between bank and corporate client, she explores how the purpose of APIs have been reinvented and today, they can be utilised as a client access channel and improves said access to various payment rails and a suite of treasury data solutions. In the custody space, as Wayne Hughes, head of data and digital for FI&C at BNP Paribas explores, there is no regulatory requirement for APIs, but the bank’s business goals are aligned with those at NatWest and BNY Mellon. Hughes explains that in addition to enhancing client experience with self-service, BNP Paribas are using APIs to optimise internal processes and build services that their customers will require in the future. “In providing our clients a new flexible means of interacting with their data, this will allow them to both directly extract their data into their platforms as they require and when they require, but also to allow us to implement new solutions and new packages,” such as a client facing chatbot that leverages natural language processing.

The CIO’s next key role: Change agent

As roles shift, Darren Ash, assistant CIO for the USDA Farm Production and Conservation Mission Area, says it’s critical for CIOs to act as an enabler and a partner with the business—not just to identify and deploy technologies to solve business problems, but to get everyone on board with new ways of working. Ash and his IT team do that through direct and sustained outreach to frontline workers in the various mission areas that comprise the USDA agency, including soliciting feedback from agency personnel and final customers to promote transformation. These efforts are designed to increase the stickiness of any digital initiative and to ensure everyone is onboard with the art of the possible when it comes to new implementations. “It’s our responsibility to better educate the business on technology and how it can be used,” Ash explains. “For us to drive change, we have to be better partners with the business, specifically the frontline employees across the mission areas and not just IT employees.” Ash and his CIO agency peers also make a point to have their teams capture the voice of the customer—in this case, farmers and ranchers dependent on agency services—to gauge what works or what can be done better and to foster organic support.

What Is A Time Series GAN?

Built on generative adversarial networks (GANs), Time Series GAN or TadGAN has been trained with cycle consistency loss to allow for effective time-series data reconstruction. With a claim to outperform baseline methods in most cases, the researchers are planning to present this novel framework at the upcoming IEEE BigData conference. The research was done in collaboration with satellite company SES, looking to leverage a deep learning approach to analyse vast time-series data from communication satellites. ... According to the researchers, there are two types of anomalies in time series data — point anomaly and collective anomaly. To flag both anomalies in time series domain, the researchers relied on GAN architecture, often used for image analysis, to generate time series sequences and outperform state-of-the-art benchmarks. Using the generator and discriminator functioning of the unsupervised learning of GAN architecture, the proposed model was able to flag anomalous data points. The researchers implemented five of the most recent deep learning techniques and compared their performances with a baseline method from the 1970s, ARIMA. While some deep learning methods were able to beat ARIMA on 50% of the datasets, two failed to outperform it at all, because of its ability to fit anomalous data well.

IoT 2020 in Review: The 10 Most Relevant IoT Developments of the Year

IoT played (and still plays) a crucial role in navigating the pandemic. A few IoT-centric use cases played (and continue to play) essential roles in helping the world navigate through the pandemic. The most notable ones include IoT-based contact tracing in workplaces, hospitals, and elsewhere (Example: Concept Reply Tracking & Location System) as well as product tracking and verification across the vaccine supply chain (Example: Controlant – see below).  Apart from those IoT 2020 use cases that support the “new reality”, a number of additional themes emerged, many of which have longer-lasting structural implications. IoT Analytics first published these observations in April 2020 in an analysis called “The impact of Covid-19 on the Internet of Things”.  A survey of 60 senior IT decision makers in manufacturing, transportation, and industrial companies, in October 2020 confirmed that nearly all of these 25 trends were perceived as having a longer-lasting effect on their organizations (The results were published in the “Industrial IT Outlook 2021” – available for download for corporate clients).

2021 Technology trend review, part 1: Blockchain, Cloud, Open Source

Open source is winning, in databases and beyond. Gartner predicts that by 2022, more than 70% of new in-house applications will be developed on an open source database, and 50% of existing proprietary relational database instances will have been converted or be in the process of converting. That was our opener for 2020, and if anything, it looks like the trend has accelerated. Open source use went up while the economy went down, and open source jobs are hotter than ever. Open source software is a boon for developers who use it, as it lowers the barrier to entry, and makes their skills transferable. But what about developers who create the software? They get the raw part of the deal, it would seem. The reality is that in the majority of open source software above a certain threshold of complexity, a core team of few people does most of the work. This empirical fact is backed up by analysis on Github data. We highlighted this theme in early 2020, following up on the New York Times article on the relationship between AWS and commercial open source vendors. Wired followed up with another article highlighting the ordeal of open source creators. Salvatore Sanfilippo, Redis' "benevolent dictator", stepping down from his role is another incident in a long chain of open source creators burnout.

How to prep for becoming an IoT leader

One area that will be important going forward is understanding how IoT and Industrial IoT (IIoT) will eventually merge. "There is a lot of existing infrastructure that is working well, but under-monitored and -utilized," Floyd says. It will be interesting to see how legacy industrial equipment will be adapted for greater efficiency and cost savings, he says. The growth of IoT and IIoT will likely lead to a "culture clash" between IT and operations/facilities, Floyd says, "and anyone who can traverse these two worlds, from either side, will find themselves indispensable." Overall, Floyd thinks gaining IoT skills and certifications has proven to be useful in advancing his career. "It provided a lens to view future technologies and their interconnectedness, as well as an avenue towards 'the next big thing' for a career," he says. "Understanding better how to guide a new technology [from] concept to approval and then through implementation and delivery are skills that can be applied to other enterprise technology projects." In addition, Floyd says acquiring these certificates demonstrates a dedication to advancing his career and displays a curiosity about future technologies. "When this topic does come up in my organization, people understand that I have some background, and I can advise if needed."

Productivity Life Hacks for Software Engineers (and All Knowledge Workers)

Why do we need sleep, anyway? Why shouldn't you routinely stay up late into the night coding? After all, time spent sleeping is time not spent getting work done. But, it turns out that sleep is crucial in retaining what you learn. It's during slow-wave sleep (SWS) and rapid-eye-movement (REM) sleep that the information you've learned is consolidated and stored in long-term memory. We sleep in cycles, so a short amount of sleep or a restless night of sleep means less time spent in these phases. To that effect, it is counterproductive to consistently spend late nights working and studying without giving your brain adequate time to process and save all this new information. Lack of sleep can also lead to irritability, the inability to focus, and lower productivity, which hurts your work performance as well as your relationships with your coworkers. Exercise is also important, not just for your body, but for your mind. show that exercise is linked to reduced stress, higher work performance, and increased creativity. Conversely, sitting for long periods of time is correlated with lower work output and poorer mental health. So next time you're feeling an afternoon slump, rather than reach for the caffeine, try taking a short walk.

Quote for the day:

"The greatest thing is, at any moment, to be willing to give up who we are in order to become all that we can be." -- Max de Pree

Daily Tech Digest - January 12, 2021

What industries need to avoid transformation limitations?

Already in 2020, we’ve seen dramatic change thanks to changing consumer habits, a year of online-shopping, a variety of item delivery, pick-up and return models, and store closures. These changes show no signs of slowing down in the years ahead. Likewise, another two industries that are going to undergo a sustained period of innovation-led change are the insurance and transportation industries, respectively. All three will be absorbed by broader, horizontal ecosystems. Although this change will be dramatic and may cause some unrest at first, ultimately, it will mean happier and more loyal customers and corporate leaders who are not under constant strain to reimagine the business. This change is just the tip of the iceberg. Today’s successful CEO would be wise to look at this trio of disappearing industries as canaries in the mineshaft. The evolution from vertically-oriented industries to horizontal ecosystems, constructed from a complex value chain of partners, has begun. Transportation, insurance, and retail represent the three first industries changing at a faster pace than other verticals. Any number of sweeping technological breakthroughs — artificial intelligence (AI), blockchain, the internet of things, and the data-crunching power of advanced analytics — will have a similar impact on other industries.

Addressing the lack of knowledge around pen testing

Pen testing will only be truly effective if it is implemented with the right processes, including both preparation and follow-up. Before carrying out the test, it is important to have the scope and boundaries thoroughly documented. This includes safeguards and processes to cover any issues that might result in discovery, particularly when social engineering and physical security are involved. We provide our team with Get Out of Jail Free cards that explain their purpose and who to contact at the business to avoid a scenario like the Iowa arrest. However, while someone at the organization must be aware of everything the pen testers may be doing, it would be ideal that as few people as possible know about it. It’s also important to have a clear strategy for following up once the pen test results are in. Organizations are often fixated on the number of issues a pen test uncovers (usually a greater number than they were expecting). This information alone is useless, and priority should be given to implementing a plan of action to close those gaps. Given the huge variation of potential threats, the results of a pen test can feel overwhelming and dispiriting. 

Data Science Learning Roadmap for 2021

A significant part of data science work is centered around finding apt data that can help you solve your problem. You can collect data from different legitimate sources — scraping (if the website allows), APIs, Databases, and publicly available repositories. Once you have data in hand, an analyst will often find themself cleaning dataframes, working with multi-dimensional arrays, using descriptive/scientific computations, and manipulating dataframes to aggregate data. Data are rarely clean and formatted for use in the “real world”. Pandas and NumPy are the two libraries that are at your disposal to go from dirty data to ready-to-analyze data.... Data engineering underpins the R&D teams by making clean data accessible to research engineers and scientists at big data-driven firms. It is a field in itself and you may decide to skip this part if you want to focus on just the statistical algorithm side of the problems. Responsibilities of a data engineer comprise building an efficient data architecture, streamlining data processing, and maintaining large-scale data systems. Engineers use Shell (CLI), SQL, and Python/Scala to create ETL pipelines, automate file system tasks, and optimize the database operations to make them high-performance.

Donkey: A Highly-Performant HTTP Stack for Clojure

Clojure makes writing concurrent applications easy. It frees the developer from the implications of sharing state between threads. It does so by using immutable data structures, as described by Rich Hickey in his talk The Value of Values: If you have a value, if you have an immutable thing, can you give that to somebody else and not worry? Yes, you don't have to worry. Do they have to worry about you now because they both now refer to the same value? Anybody have to worry? No. Values can be shared. Because all objects are immutable, they can be concurrently accessed from multiple threads without fear of lock contention, race conditions, proper synchronization, and all the other “fun” stuff that makes writing concurrent programs so difficult to get right. The downside is that every mutating operation produces a new object with an updated state. An inefficient implementation would cause a great deal of CPU time to be wasted on copying and creating new objects and, as a result, longer and more frequent GC cycles. Fortunately, Clojure uses a Hash Array Mapped Trie (HAMT) to model its data structures internally. By sharing structures that do not change, and copying only what does, it maintains immutability and thread-safety - and does so at a minimal cost.

The UK’s struggle with digital schooling

“There is a huge digital divide and it is getting worse with schools being shut down due to Covid-19. Teachers and school leaders are trying their best to continue with online teaching by providing resources, virtual check-ins and recorded lessons,” said EdTech adviser and consultant Joysy John, who added that many children cannot access these services due to a lack of technology or connectivity. “There are many new initiatives like Oak National Academy, National Tutoring Programme and free resources from Edtech companies, but these benefit those who already have digital access. So the digital divide is going to get wider unless the government thinks of a more holistic approach and provides disadvantaged parents with additional financial and educational support.” Once the lockdown was announced, education secretary Gavin Williamson outlined a number of plans for remote education, including the mandate for schools to provide a set number of hours of “high-quality remote education for pupils”. This is of no help to those without access to online learning, so the government has tried to address the digital divide causing disparity in home schooling during pandemic lockdowns by giving laptops to those from under-privileged backgrounds – something it began doing in the UK’s first lockdown.

SolarWinds Hack Lessons Learned: Finding the Next Supply Chain Attack

It is interesting to note that FireEye's initial detection of the SolarWinds compromise didn't find complex lateral movement, or even data exfiltration. What triggered FireEye's deeper investigation, according to reports, was an unusual remote user login from a previously unknown device with an IP address in a suspect location. It was only upon further review that FireEye discovered the intrusion and ultimately traced it back to SolarWinds. This scenario, now all too real for thousands of enterprises around the world, underscores the importance -- if not necessity -- of having behavioral analytics as a key component of contemporary enterprise cybersecurity product architectures. Behavioral analytics supercharges threat detection by not only analyzing event input based on activity from users and devices, but also by using machine learning, statistical analysis and behavioral modeling to correlate and enrich events. World-class behavioral analytics technology can factor in a wide variety of data points -- such as peer groups, IP association, personal email addresses, and kinetic identifiers like badge reader activity -- to identify a malicious intrusion by stitching together a half dozen or more events that, by themselves, would seem benign.

How IT must adapt to the emerging hybrid workplace

The implications for IT are many: extended support desk hours; remote-support and remote-management tools; work-specific user training; cloud enablement of all software possible; appropriate security for distributed work; enabling multiple forms of collaboration and related activities like scheduling, whiteboarding, and availability tracking; provisioning equipment to home-based workers and/or supporting employee-provided equipment; aiding Facilities in modernizing building technologies to avoid touch-heavy surfaces; and partnering more closely with HR for policy enablement and enforcement and for appropriate monitoring. ... The workforce will not all work in the traditional office or company location, nor will they all be remote. Many people will work from home, but many people still need to work in a corporate facility, such as a production line, data center, retail store, shipping center, lab, or even traditional office. And there are employees whose work is location-agnostic but who can’t work at home due to lack of space or insufficient internet access. Gartner’s Adnams estimates that — although it varies by industry — about half of the workforce in advanced economies will need to work in a corporate facility, 25% to 30% will work permanently at home

Spotlight on home-office connectivity intensifies in 2021

"As the pandemic wears on, we are seeing organizations solidifying their plans for remote working, including adding more sophisticated hardware and software for work from home, with primary drivers including security and productivity," said Neil Anderson, senior director of network solutions at World Wide Technology, a technology and supply chain services company. "For IT, this means quickly assessing and deploying new cloud-based security models and building trust quickly in a solution," Anderson said. "We're also seeing a lot of interest in experience monitoring and optimizing software to put better analytics in place around what the home-office employee app performance is like and how to make it better." While individuals have limited options to speed up their home-office connectivity, IT can step in to provide enterprise-grade services to high-value workers for whom every minute with clients, customers, and coworkers counts, wrote Jean-Luc Valente, Cisco vice president, product management, enterprise routing and SD-WAN, in a blog post about the future of home office connectivity. "The high-value workforce needs superior connectivity that makes working at home just as fluid as being in the office with consistent connectivity and performance. ... " Valente stated.

Competition and Markets Authority battles with cookies and privacy

The CMA said it had been considering how best to address legitimate privacy concerns without distorting competition in discussions of the proposals with the Information Commissioner’s Office (ICO), through the Digital Regulation Cooperation Forum. As part of this work, the CMA said it had been in discussions with Google to gain a greater understanding of the proposed browser changes. The current investigation will provide a framework for the continuation of this work, and, potentially, a legal basis for any solution that emerges. Andrea Coscelli, chief executive of the CMA, said: “As the CMA found in its recent market study, Google’s Privacy Sandbox proposals will potentially have a very significant impact on publishers like newspapers, and the digital advertising market. But there are also privacy concerns to consider, which is why we will continue to work with the ICO as we progress this investigation, while also engaging directly with Google and other market participants about our concerns.” The CMA said it has an open mind and has not reached any conclusions at this stage as to whether competition law has been infringed.

Verizon CEO Talks 5G, Drones, and Compute at the Edge at CES

The move to the higher capacity broadband standard has been trumpeted by others as the beginning of a new frontier with huge amounts of data moving wirelessly. Vestberg said the speed of 5G would reveal new possibilities that transform the world from playing video games to receiving deliveries. “Mobile edge compute will allow businesses to get things done more quickly and easily,” he said. Vestberg talked up the upload and download speeds of Verizon’s 5G Ultra Wideband network, which he said sees peak throughputs of at least 10 times faster that the 4G standard and more than 4 gigabits under ideal conditions. The extremely low lag of 5G, Vestberg said, could eventually make extremely delicate procedures such as remote surgery possible. He also expects the new broadband standard to ramp up the population of connected wireless devices. “In the future, 5G could support more devices than ever before,” Vestberg said. “Up to one million per square kilometer.” The wireless connections could also be support on devices moving more than 500 kmph, he said, allowing users to maintain signal on highspeed vehicles such as commuter trains, aerial drones, or self-driving cars.

Quote for the day:

"Authority without wisdom is like a heavy ax without an edge -- fitter to bruise than polish." -- Anne Bradstreet

Daily Tech Digest - January 11, 2021

AI and automation are linchpins for post-pandemic business success

An investment in AI not only has immediate impact, but also provides longer-term opportunities to unlock new sources of value and drive growth. Today, many uses of AI involve iterating on existing processes to improve efficiency and productivity. In the future, organizations can use AI to reimagine business processes and operational models altogether, finding new ways to measure and deliver real-time value. For example, Land O' Lakes, the American agricultural company best known for its butter, until recently relied on a slow and disconnected legacy system that required multiple tools, extensive infrastructure, and hard-to-find developer skill sets. The challenges and changes presented by COVID-19 didn’t help. They turned to automation and AI to bring together sales, marketing, and commerce to streamline its supply chain management process, enabling a stronger flow of work for both our customers and our employees. Land O’ Lakes built a new system in less than 30 days, transforming its e-commerce and supply chain management processes — increasing company productivity by 25%. The company now uses AI and automation at scale to offer its 2,500 farmers, 1,000 retail partners, and 10,000 employees real-time purchase information on their e-commerce platform along with shipping and tracking data.

Shifting Modes: Creating a Program to Support Sustained Resilience

Incidents are a signal from the system that change is happening too quickly and that there are mismatches between people’s models of the system versus the actual system. Incidents are a buffer that stabilizes the pace of change. Success is the reason that you will never be able to truly prevent incidents according to the Law of Stretched Systems. Embracing this inevitability will be the key to continued success in a climate of increasing complexity and interconnectedness. What I'm witnessing in the software industry is that we're getting stuck in a local maxima. We've plateaued in our approach to safety. I predict that if we don't level up how we cope with increases in complexity and scale soon, we'll be in big trouble. At Indeed, we’ve recognized that we need to drive organizational change to maintain the success we’ve had and keep pace with changing complexity and greater scales. Over the last 16 years, Indeed has grown quickly and the pace of change has accelerated. Because we recognize the importance of getting this right, we are implementing a shift to a Learn & Adapt safety mode within our resilience engineering department.

Three tips for change management success in public sector transformation

Public sector organisations should include members of their leadership teams in pilot groups to kick off digital transformation projects. These leaders shape their organisation’s culture, so ensuring they are on board with change means they will champion the benefits of new ways of working. Change management success is then promoted from within and from above, rather than something that is dictated by an outside force. Having this internal drive from above is especially important in the public sector. With higher job retention than the private sector, employees often work in their roles for decades, so are likely to be used to a certain way of doing things. Change can also be harder given that those on the frontline – from social and council services, to police forces – often deal with stressed or vulnerable residents, so using new tech will not be top of their list of concerns when trying to solve a problem or helping a citizen. Having decision makers brought in to the transformation can help address this challenge and encourage change in others who may be hesitant or unsure of what it means for them.

When It Comes To Security Tools, More Isn't More

It's no secret that companies have been moving to the cloud in droves. In some cases, the pandemic sparked this shift, but many were already on the path. And COVID's impact hasn't been all negative; in many ways it let organizations hit the "restart" button and take a close look at their security strategy. Regardless of what prompts a company's move to the cloud, it's important to not neglect the first requirement of any successful security program: Visibility. Companies must be cognizant that their existing tools may not provide as much (if any) value in the cloud. Visibility is the key to determining whether old tools still provide value, and if not, what should be replaced. Additionally, companies need to set a cadence of patching and maintaining systems that are no longer on-premises. Even though an organization is in the cloud, there are still infrastructure components that must be patched, like software as a service (SaaS), infrastructure as a service (IaaS), function as a service (FaaS), and containerization. When it comes to data loss prevention (DLP), storage strategies used on-premises won't fit the bill. There will be an onslaught of SaaS applications storing data, so companies need a strategy for gaining the data control and protection they need.

The art and science of SaaS pricing: True usage-based pricing

Usage-based pricing can be incredibly powerful, particularly in cases where the SaaS solution handles the flow of money, and the transaction fees can be imbedded — or sometimes buried — in the flow of money. Examples are obviously B2B payments for goods and services, either on the buy side (e.g. expense management, purchase-to-pay, supply chain finance, freight audit and payment) or the sell side. In such cases the SaaS usage fees can be extracted from (revenue) or tagged onto (expenses) the business’ flow of money and are thus often seen as “cost of doing business,” as part of COGS. And that can be incredibly lucrative for the SaaS vendor and usually allows a far higher share of value than a simple subscription ever would. Subscriptions are seen as OpEx spend, an IT budget line item that receives initial and often annual scrutiny, particularly as the solution’s value proposition over time comes to be seen as status quo. I have personally witnessed cases where large enterprise customers balked at a six-figure annual subscription but happily allowed a very healthy seven-figure usage fee to be embedded in the payments flow. As OpEx it was a show-stopper. In COGS it was a rounding error.

How 5G is pushing the envelope on latency

Ericsson calculated that a latency of 50 ms would mean the difference of almost 6 feet of additional travel for a drone flying at 80 mph. "Our radio technology allows us to design complex, three-dimensional drone racing courses that can stretch a mile-long and weave through concrete while enabling our elite drone pilots to compete at the highest level," Ellefson explained. Thus, it's no surprise that T-Mobile recently invested in DRL through its new T-Mobile Ventures investment arm. The company didn't disclose the amount of the investment, but one of the goals is to eventually get the DRL to add 5G drones into its tournaments. "We're excited to partner with T-Mobile to custom-build new racing drones powered by T-Mobile 5G in 2021. These drones will enable high definition-video streaming to create new immersive first-person viewing opportunities and experiences for the tens of millions of DRL fans and T-Mobile customers," Ellefson wrote. "While we are still in the early stages of development and have not announced plans around transitioning our racing to a 5G network, our aim is to one day integrate 5G-powered racing drones into our sport."

Jobs in fintech bounce back after brief lockdown lull

A chief technology officer at a large fintech firm can earn an annual salary as high as €250,000, said the report. Meanwhile, a tech leader at a small to medium-sized fintech can expect to earn between €120,000 and €150,000 a year. It warned that businesses should consider talent acquisition possibilities when deciding where to locate new operations during expansion. “Companies planning tech expansion should make talent acquisition a top strategic priority and should conduct a market mapping exercise prior to deciding on the location for their technical hubs,” it said. Due to the high demand for talent, many European fintechs and payment companies are looking to recruit in Eastern Europe. Although nearshore locations in the region traditionally offer skills at a lower cost, the Headcount report warned that competition was driving salaries up. “In Europe, many employers have focused on tech team growth within Eastern European countries, though frequently discover shallower talent pools than were hoped for here, leading to bidding wars,” it said. But fintechs must focus beyond just offering competitive salaries to attract staff and should also adapt their plans to match talent availability.

Top Predictions For The Insurance Industry In 2021

Whilst technology will continue to be the general enabler, it has opened the mind-set of insurers to adopt a data-led approach. Data is the key ingredients towards successful transformation and a shift from protection to prevention. With an explosion of digital technology, real-time data has become increasingly available, whether it’s to analyse water pressure, personal fitness, how we drive, the status of machine components and much more. Often insurers sell a policy and a customer commits with the hope that it will never be used – using it means there has been an accident or loss. When the insurance model is traditional i.e. when it is a “repair and replace” model, premiums are based on historical data. However, now that customers ask far more questions related to a policy, with the majority related to Covid-19, there’s a higher expectation for insurers to provide a satisfactory solution. A common example has been eligibility for money back on car insurance. This trend was confirmed when Admiral automatically gave customers a £25 car insurance refund during the first national lockdown. Access to risk data is essential in allowing insurers to establish trust with their customers and help businesses themselves with long-term profitability.

How CDOs Can Solve the Top Data and Analytics Challenge

One of the big impediments implementing a data and analytics program that delivers business value is a misalignment between the business organization and the data organization. The data professionals spend time and money building the infrastructure like a data warehouse, data lake, or moving the infrastructure to the cloud. But that focus on the data and analytics infrastructure doesn't satisfy the business use cases and therefore doesn't satisfy the business users, Bean told InformationWeek. "Data organizations that look at business use cases and let those drive investments tend to be the most successful for a number of reasons," he said. "By doing that they establish credibility within the business and within the organization. That can lead to establishing a level of momentum that results in progress." While appointing a chief data officer is not a silver bullet for achieving success in being data driven, more organizations than ever are establishing that role. The 2021 survey reveals that 65% of organizations have appointed a CDO, up from just 12% in 2012. The NewVantage report notes that over half of leading companies have established a CDO function and appointed a CDO for each of the past 5 years.

Some ransomware gangs are going after top execs to pressure companies into paying

Ransomware groups hope that companies will be desperate to avoid having proprietary data or financial numbers posted online and accessible to competitors and would be more willing to pay a ransom demand instead of restoring from backups. In other cases, some ransomware gangs have told companies that the publishing of their data would also amount to a data breach, which would in many cases also incur a fine from authorities, as well as reputational damage, something that companies also want to avoid. However, ransomware gangs aren't always able to get their hands on proprietary data or sensitive information in all the intrusions they carry out. This reduces their ability to negotiate and pressure victims. This is why, in recent intrusions, a group that has often used the Clop ransomware strain has been specifically searching for workstations inside a breached company that are used by its top managers. The group sifts through a manager's files and emails, and exfiltrates data that they think might be useful in threatening, embarrassing, or putting pressure on a company's management — the same people who'd most likely be in charge of approving their ransom demand days later.

Quote for the day:

"The role of leadership is to transform the complex situation into small pieces and prioritize them." -- Carlos Ghosn