Daily Tech Digest - February 12, 2021

Remote work at industrial sites brings extra cyber risk

Consider an automation engineer who needs access to control system configuration data remotely to analyze and optimize an industrial process. Giving remote access directly to the engineering workstation for the control system increases cybersecurity risk for an industrial company. In many cases, these control systems are 20 or even 30 years old, so they weren't built with cybersecurity in mind. Because of their critical nature in driving revenue for the business, they are shut down and upgraded very infrequently as compared to IT systems. It is not uncommon to have these control systems run for five to 10 years between shutdown and maintenance routines. Therefore, they often contain known cybersecurity vulnerabilities that are unpatched even if those patches have been available for years. So, back to our example of the automation engineer, it would be very risky to enable direct access to the control system engineering workstation over the public internet even if the engineer connects to a corporate VPN first from their home office. As a result, we recommend industrial customers maintain separate copies of their industrial control system configurations in an asset management system that the engineer can access remotely.


10 Top Open Source API Gateways and Management Tools

Kong Gateway (OSS) is a popular, open-source, and advanced cloud-native API gateway built for universal deployment: it can run on any platform. It is written in Lua programming language and supports hybrid and multi-cloud infrastructure, and it is optimized for microservices and distributed architectures. At its core, Kong is built for high performance, extensibility, and portability. Kong is also lightweight, fast, and scalable. It supports declarative configuration without a database, using in-memory storage only, and native Kubernative CRDs. Kong features load balancing (with different algorithms), logging, authentication (support for OAuth2.0), rate-limiting, transformations, live monitoring, service discovery, caching, failure detection and recovery, clustering, and much more. Importantly, Kong supports the clustering of nodes and serverless functions. It supports the configuration of proxies for your services, and serve them over SSL, or use WebSockets. It can load balance traffic through replicas of your upstream services, monitor the availability of your services, and adjust its load balancing accordingly.


Three ways to bridge the IT skills gap in a post-pandemic world

New environments require new expertise. When it comes to cloud, for example, the challenge of building, maintaining and monitoring a complex cloud infrastructure is often beyond the capabilities or knowhow of existing staff. Moreover, the technology landscape shifts so often that many teams simply can’t keep up. According to Gartner, a majority (80%) of today’s workers feel they don’t have the skills required for their current role and future career. Compounding the issue, 53% of business leaders struggle to find candidates with the right abilities during the hiring process. ... Hiring new talent may seem like the first, most obvious solution. This enables organisations to pinpoint the type of candidate they require, and only interview those that will fulfil that need. However, hiring externally is made more difficult when looking for more niche capabilities, and it certainly costs more. The pool of potential candidates is extremely small when recruiting for roles that demand advanced IT skills, like cloud-native orchestration, SAP expertise or DevOps, and organisations end up paying a premium. Another obstacle when looking to hire skills from outside is that next year’s IT budgets are likely to be reduced thanks to Covid-19. While it isn’t wrong to hire new team members to support your existing IT team, and it will indeed be the right choice in certain situations, it certainly isn’t the only answer.


Will Russian Cryptocurrency Law Drive Hacker Recruitment?

Under the law, banks and exchanges in Russia can handle digital currency, provided they register with the Bank of Russia - the country's central bank - and maintain a register of all operators and transactions. The law also states that only institutions and individuals who have declared transactions to authorities can later seek redress in court, for example, if someone steals their cryptocurrency. "In Russia, the use of bitcoin and other crypto assets as a means of payment is prohibited. There are no signs that a change in legislation allowing crypto assets to be used as a means of payment in Russia will be forthcoming," legislator Anatoly Aksakov, the chief backer of legislation designed to regulate the use of cryptocurrency, told Russian radio station Govorit Moskva last month. "Taxation, compulsory declaration - these things are already enforced by law," said Aksakov, who chairs the State Duma - the lower house of the country's parliament - Committee on the Financial Market. And going forward, he predicted "there will only be more and more control over the holding of cryptocurrencies." Security experts say that for years, Russian officials and intelligence agencies have looked the other way when it comes to cybercrime, so long as criminals follow this rule: Never hack Russians or allied countries.


A playbook for modernizing security operations

Most security operations centers are very reactive. Mature organizations are moving toward more proactive hunting or threat hunting. A good example is if you’re sending all of your logs through Azure Sentinel, you can do things like Kusto Query Language and queries in analysis and data sets to look for unusual activity. These organizations go through command line arguments, service creations, parent-child process relationships, or Markov chaining, where you can look at unusual deviations of parent-child process relationships or unusual network activity. It’s a continual progression starting off with the basics and becoming more advanced over time as you run through new emulation criteria or simulation criteria through either red teaming or automation tools. They can help you get good baselines of your environment and look for unusual traffic that may indicate a potential compromise. Adversary emulations are where you’re imitating a specific adversary attacker through known techniques discovered through data breaches. For example, we look at what happened with the SolarWinds supply chain attack—and kudos to Microsoft for all the research out there—and we say, here are the techniques these specific actors were using, and let’s build detections off of those so they can’t use them again.


Overcoming Digital Transformation Challenges With The Cloud

The cloud can enhance information sharing and collaboration across data platforms and digital ecosystems. Deloitte research shows 84% of physicians expect secure, efficient sharing of patient data integrated into care in the next five to 10 years. Real world evidence will be critically important in enhancing digital healthcare with historical patient data, real-time diagnostics, and personalized care. Organizations can leverage the cloud for greater collaboration, data standardization, and interoperability across their ecosystem. Research shows digital business ecosystems using cloud experience greater customer satisfaction rates, with 96% of organizations surveyed saying their brand is perceived better and saw improved revenue growth -- with leaders reporting 6.7% average annual revenue growth (vs. 4.9% reported by others). ... As organizations rely on the cloud, cloud security becomes increasingly important for data integrity and workload and network security. Information leakage, cloud misconfiguration, and supply chain risk are the top concerns for organizations. A federated security model, zero trust approach, and robust cloud security controls can help to remediate these risks, increase business agility, and improve trust.


AI Can Now Identify Humans' Valnerabilities & Use Them To Influence Their Decision Making

A team of researchers at CSIRO’s Data61, the data and digital arm of Australia’s national science agency, devised a systematic method of finding and exploiting vulnerabilities in the ways people make choices, using a kind of AI system called a recurrent neural network and deep reinforcement-learning. To test their model they carried out three experiments in which human participants played games against a computer. The first experiment involved participants clicking on red or blue coloured boxes to win a fake currency, with the AI learning the participant’s choice patterns and guiding them towards a specific choice. The AI was successful about 70 percent of the time. In the second experiment, participants were required to watch a screen and press a button when they are shown a particular symbol (such as an orange triangle) and not press it when they are shown another (say a blue circle). Here, the AI set out to arrange the sequence of symbols so the participants made more mistakes, and achieved an increase of almost 25 percent. The third experiment consisted of several rounds in which a participant would pretend to be an investor giving money to a trustee (the AI). The AI would then return an amount of money to the participant, who would then decide how much to invest in the next round.


Dark web analysis shows high demand for hackers

The research found that in the vast majority of cases on these forums, most individuals are looking for a hacker, and in 7 out of 10 ads, their main goal is to gain access to a web resource. The research discovered that in 90% of cases, users of dark web forums will search for hackers who can provide them with access to a particular resource or who can download a user database. Only seven percent of forum messages analyzed included individuals offering to hack websites. The remaining three percent of the messages analysed were aimed at promoting hacking tools, programs and finding like-minded people to share hacking experience. Positive Technologies analyst, Yana Yurakova said: “Since March 2020, we have noticed a surge of interest in website hacking, which is seen by the increase in the number of ads on forums on the dark web. This may have been caused by an increase in the number of companies available via the internet, which was triggered by the COVID-19 pandemic. “As a result of this, organizations that previously worked offline were forced to go online in order to maintain their customers and profits, and cybercriminals, naturally, took advantage of this situation.”


Digital Trends 2021: Responsible Business Puts Trust, Ethics, And Sustainability First

Many businesses have done some soul-searching in the wake of the pandemic, political discord, and long-simmering equity demands. Two years ago, Business Roundtable, an association of U.S.-based CEOs, updated its purpose statement of a corporation to "take into account all stakeholders, including employees, customers, and the community,” rather than only profit. Maybe that’s partly why Gartner analysts predicted the emergence of responsible AI, meaning the operationalization of AI accountability across organizations and society. They saw responsible AI as an umbrella term covering many aspects of AI implementations including value, risk, trust, transparency, ethics, fairness, interpretability, accountability, safety, and compliance. Most analysts predicted that sentiment analyses and metrics documenting a company’s contributions to society’s measurements will matter even more in 2021 and over time. Gartner analysts predicted 30 percent of major organizations will use a “voice of society” metric to act on societal issues, and assess the impacts to their business performance by 2024. Turns out what’s damaging to society is damaging to business.


Agile Approaches for Building in Quality

Built-in Quality is a core pillar in agile. If you take Scrum for instance, the team should deliver potentially shippable products. These done increments are to be of sufficient quality. We like to say that quality is built in the product. When working with multiple teams on one product or service, we can apply a scaling agile framework. There are a few scaling agile frameworks, e.g. LeSS, Nexus and SAFe. The latter is most prescriptive, so I like to look at SAFe to answer this question. SAFe states BIQ to be one of its fundamental pillars and advises a few practises: Think test first, automate your tests, have a regression test strategy, set up CI/CD pipelines and embed quality in the development process. The other frameworks are less explicit but expect you to do good Scrum, so with that, they embrace all these development practices as well. ... Agile coaches help teams and organisations to embrace the agile way of working. I think agile coaching evolves into three roles: the agile counsellor, the delivery coach, and the team coach. The team coach typically helps the team with understanding the agile principles and mindset. In this role, the coach can create awareness at the team level for the typical development practices I talked about earlier.



Quote for the day:

"Generosity is giving more than you can, and pride is taking less than you need." -- Kahlil Gibran

No comments:

Post a Comment