How to unleash creative thinking
When you are stuck on a problem, take the time to step away and relax. When
your mind is clear, it will look to combine what is on its memory shelves and
then...aha! You will have a flash of insight — a combination of examples from
history that form an idea. It may not be one big Eureka moment. Instead, it
may be a series of smaller insights that you hardly feel as discrete cognitive
events. Regardless, the mental mechanism is the same for large and small
epiphanies — it is a feeling of excitement as the idea forms. Here is what
presence of mind looks like. Let’s say two family members who are both very
picky eaters are spending the night with you. You can’t decide what to make
for dinner that both will like. As you go up and down the aisles of the
supermarket, the contents of your cart keep changing, but each time you look
at the combination, you know that your guests will not be happy with the
dinner it would make. ... When you need a new idea, throughout the workday try
to take in as many examples from history as possible that might relate to your
problem. Don’t work late: Spend the evening on something that gives your mind
a rest. Go to the gym, have dinner with friends, take a long shower, and above
all get a good night’s sleep. This greatly increases your chances of a flash
of insight to solve your problem.
Enhancing Email Security with MTA-STS and SMTP TLS Reporting
The primary goal is to improve transport-level security during SMTP
communication, ensuring the privacy of email traffic. Moreover, encryption of
inbound messages addressed to your domain enhances information security, using
cryptography to safeguard electronic information. Furthermore,
man-in-the-middle attacks (MITM) like SMTP Downgrade and DNS spoofing attacks,
have been gaining popularity in recent times and have become a common practice
among cybercriminals, which can be evaded by enforcing TLS encryption and
extending support to secure protocols. ... Since encryption had to be
retrofitted into SMTP protocol, the upgrade for encrypted delivery has to rely
on a STARTTLS command. A MITM attacker can easily exploit this feature by
performing an SMTP downgrade attack on the SMTP connection by tampering with
the upgrade command by replacing or deleting it, forcing the client to fall
back to sending the email in plaintext. After intercepting the communication a
MITM attacker can easily steal the decrypted information and access the
content of the email. This is because SMTP being the industry standard for
mail transfer uses opportunistic encryption, which implies that encryption is
optional and emails can still be delivered in cleartext.
LAMBDA: The ultimate Excel worksheet function
Researchers have known since the 1960s that Church’s lambda notation is a
foundation for a wide range of programming languages and hence is a highly
expressive programming construct in its own right. Its incorporation into
Excel represents a qualitative shift, not just an incremental change. To
illustrate the power of LAMBDA, here’s a function written using the notation
to compute the length of the hypotenuse of a right-angled triangle:=LAMBDA( X,
Y, SQRT( X*X+Y*Y ) ) LAMBDA complements the March 2020 release of LET, which
allows us to structure the same example like this:=LAMBDA( X, Y, LET( XS, X*X,
YS, Y*Y, SQRT( XS+YS ) ) ) The function takes two arguments named X and Y,
binds the value of X*X to the name XS, binds the value of Y*Y to YS, and
returns SQRT( XS+YS) as its result. The existing Name Manager in Excel allows
any formula to be given a name. If we name our function PYTHAGORAS, then a
formula such as PYTHAGORAS(3,4) evaluates to 5. Once named, you call the
function by name, eliminating the need to repeat entire formulas when you want
to use them. Moreover, LAMBDA is the true lambda that we know and love: a
lambda can be an argument to another lambda or its result; you can define the
Church numerals; lambdas can return lambdas, so you can do currying; you can
define a fixed-point combinator using LAMBDA and hence write recursive
functions; and so on.
North Korean hackers have targeted security researchers via social media
Google said the blog hosted malicious code that infected the security
researcher's computer after accessing the site. "A malicious service was
installed on the researcher's system and an in-memory backdoor would begin
beaconing to an actor-owned command and control server," Weidemann said. But
Google TAG also added that many victims who accessed the site were also
running "fully patched and up-to-date Windows 10 and Chrome browser versions"
and still got infected. Details about the browser-based attacks are still
scant, but some security researchers believe the North Korean group most
likely used a combination of Chrome and Windows 10 zero-day vulnerabilities to
deploy their malicious code. As a result, the Google TAG team is currently
asking the cyber-security community to share more details about the attacks,
if any security researchers believe they were infected. The Google TAG report
includes a list of links for the fake social media profiles that the North
Korean actor used to lure and trick members of the infosec community. Security
researchers are advised to review their browsing histories and see if they
interacted with any of these profiles or if they accessed the malicious
blog.br0vvnn.io domain.
Open source magic solves a months-long problem in 20 minutes
Every industry is trying to get to the future as fast as possible, and
telecommunications is no different. As Iain Morris called out in a Light
Reading article, in 2018 France's Orange estimated that a third of its global
workforce--more than 50,000 employees--needed reskilling if the company hoped
to keep up with cloud vendors. In that same article, Morris pointed out that
Spain's Telefonica figured it would need nearly $2 billion in staff training
and early retirement buyouts to bring in new talent with new skills to be
competitive. Such telcos often turn to SIs, like UK-based Capventis, who in
turn bring domain expertise and work primarily with clients in the Business
Intelligence (BI), Customer Relationship Management (CRM), and Customer
Experience (CX) fields. These areas haven't traditionally been ripe for open
source, but even SIs with these focus areas rely on open source software to
help their clients. It's hard for even the best proprietary software vendors
to keep pace with the innovation cycles of successful open source projects;
so, these SIs will partner with companies like Alteryx, Qlik, Qualtrics, and
Zendesk, augmenting their proprietary software with open source expertise.
Artificial Intelligence And The Power Sector: A Promising Future
AI powers electrical grids that allow two-way communication between utilities
and consumers. Smart grids are embedded with an information layer that allows
communication between its various components so they can better respond to
quick changes in energy demand or urgent situations. This information layer,
created through widespread installation of smart meters and sensors, allows
for data collection, storage, and analysis. Given the large volume and diverse
structure of such data sets, techniques such as machine learning, Internet of
Things, etc are best suited for their analysis and use. This analysis can be
used for a variety of purposes, including seamless fault detection in meters,
predictive maintenance needs, quality monitoring of sustainable energy, as
well as renewable energy forecasting, along with latest innovation in
Information and Communications technology (ICT). The power sector in developed
countries has already started using AI, Data Analytics, Internet of Things
(IoT), and related technologies that allow for communication between smart
grids, smart meters, and computer devices. These technologies help prevent
power mismanagement, inefficiency, and lack of transparency, while increasing
the use of renewable energy sources. Operations Model: DevOps, NoOps, AIOps or None of the Above Ops?
Traditional IT operations (ITOps) is the process of designing, developing,
deploying and maintaining the infrastructure and software components of a
specific product or application. It also ensures the customer experience is
delivered through traditional means of support such as tickets and escalated
paths for resolutions. DevOps is a process for accelerating the delivery of
features to the application or product infrastructure in a consistent model
with less human intervention, while also providing a better quality product
through automation in the software development life cycle. An AIOps process
introduces data science into the operating model by learning the behavior of
the systems, scaling according to the needs of a platform (both infrastructure
and customer usage of the platform). It expands the horizon of DevOps through
the introduction of machine learning, focusing on data generated from the
hardware and software systems, and allows organizations to grow organically
based on demand. NoOps, although the name suggests otherwise, is an advanced
approach to managing IT operations through the mindset that everything is
derived as development. This model is best applied with startups and companies
with high technological maturity.How To Become A Cybersecurity Analyst
Cybersecurity analysts are the forefront warriors of an enterprise’s cyber
defense. The role demands keeping a constant tab on any threat and monitoring
the company’s network for potential vulnerabilities. A cybersecurity analyst
lives by the adage– ‘a company’s security is as good as its weakest link’, and
is always on the lookout for any untoward event across the network. The major
responsibilities of a cybersecurity analyst include: Maintaining a firewall to
protect confidential information and encrypting data
transmission; Monitoring the entire network for any attacks, intrusions
or unauthorised activity; Determining emerging threat patterns and
vulnerabilities using advanced analytics tools; Generating reports for
all the stakeholders involved– both technical and non-technical; Carrying
out risk assessments to ensure best security practices are in place; Help
in developing cybersecurity awareness training for colleagues; Educating
users about threats and vulnerabilities ... Cybersecurity analysts are the
forefront warriors of an enterprise’s cyber defense. The role demands keeping
a constant tab on any threat and monitoring the company’s network for
potential vulnerabilities.7 digital transformation leadership sins – and what to do instead
While it’s true that organizations across industries are under enormous
pressure to transform, it is still incumbent upon digital leaders to convince
the organization to buy into the effort. “The typical operating budget is
under constant pressure, driving the need to maximize efficiency,” says Greg
Bentham, vice president of cloud Infrastructure Services at Capgemini North
America. “As with any sales transaction, a level of trust needs to be
established before the buyer is inclined to buy.” ... Businesses tend to
lowball the effort required to plan and execute a successful digital
transformation. “Many organizations believe that they can layer transformation
on top of their normal activities without dedicated resources,” says Greg
Stam, managing principal in the CIO advisory at digital business consultancy
AHEAD. “They pull together matrix committees to discuss the problems of the
day and how they might attack them.” They ultimately decide they need to
modernize applications, upgrade technology, or retrain staff, but perhaps
without a cohesive strategy. “All these things are good but will not produce
digital transformation,” Stam says. ... It’s lonely at the top – particularly
when it comes to digital transformation. What’s more, old-school hierarchical
leadership is ineffective and often counterproductive to these efforts.Why the first five minutes of a meeting shape its outcome
Many people arrive at meetings prepared to be disengaged. Whether it is a
recurring team call, a project team update, or a longer strategy retreat,
participants often lack a clear sense of why the meeting is necessary. And
people are distracted. Their minds may still be focused on their last call or
an upcoming deadline. These days, they may have kids at home learning remotely
or a relative to care for; they may be anxious about economic upheaval and
societal uncertainty. Facilitators clearly can’t resolve all these issues, but
they can help people to be more present and productive while in a meeting. In
most cases, lack of engagement stems from the mistaken assumption that
meetings are time sinks. But leaders who routinely host dynamic,
high-engagement meetings set up conversations as opportunities for real work —
regardless of the specific purpose. They approach and design them with this
premise (and cancel them if there is no real work to be done). And, with this
simple shift, they tap into one of the biggest day-to-day sources of team
motivation: a sense of progress toward a worthwhile goal. With this lens,
leaders can engage any group more actively and productively. The most
important moment, other than crafting your original invitation, is when you
begin.Quote for the day:
"Any one can hold the helm when the sea is calm." -- Publilius Syrus
No comments:
Post a Comment