Computer science-related degrees have seen a relatively low percentage of female graduates, with the percentage fluctuating between 15% and 16% from 2015 to 2019. Those low participation levels in technical courses are reflected in the small percentage of women holding tech roles in the UK. Bev White, chief executive of the Harvey Nash Group, believes that in the wake of the COVID-19 outbreak and Brexit, the UK tech landscape will significantly change. “Digital will be at the heart of the revolution,” she said. “Tech will be more important than ever and alongside this, societal appreciation of the importance of inclusion is growing all the time. I’m confident that we will see real progress in terms of women’s participation in the tech sector. We are on an irresistible path to a different kind of society and tech must reflect this.” While the coronavirus pandemic has put technology and the digital workplace front and centre in many jobs, a recent whitepaper published by STEM Women found that 60% of female STEM students have had their future career prospects affected by the pandemic.
Cybersecurity wins the award for Most Dismal Science. But if suffering attacks now amounts to a cost of doing business, then the time-honored approach of prioritizing risk and limiting damage when breaches occur still offers reason for hope. This collection of articles from CSO, Computerworld, CIO, InfoWorld, and Network World delivers specific guidance on best security practices across the enterprise, from the C-suite to developer laptops. Writing for CSO, contributor Stacey Collette addresses the age-old question of how to focus upper management's attention on security in “4 ways to keep the cybersecurity conversation going after the crisis has passed.” The thesis is that five-alarm debacles like the SolarWinds attack can serve as useful wakeup calls. Collette suggests seizing the moment to convince the board to match the company business model with an appropriate risk mitigation framework – and to use information sharing and analysis centers to exchange information on industry-specific threats and defensive measures. CIO’s contribution, “Mitigating the hidden risks of digital transformation” by Bob Violino, surfaces a problem hiding in plain sight: Digital innovation almost always increases risk.
The public sector is a unique arena, worthy of separate consideration. It is, in fact, several unique arenas, with their own agendas around using technology to ensure mission success. “Trying to cover the entire public sector perspective is difficult,” notes Juliana Vida, Splunk’s chief technical advisor for the public sector and a former deputy CIO for the U.S. Navy. “As across any industry, there’s such a huge range of maturity levels, of leadership buy-in and prioritization around technology.” But we do have one blanket prediction for public agencies: 2021 will be a new era for data in government, says Frank Dimina, Splunk’s vice president for the public sector. Between the disorder and rapid transformation of the pandemic and a fractious U.S. election year, Dimina predicts continued and heightened interest in transformative digital technologies and the power of data to improve government services and citizen experience. “Government is moving with an agility we’ve never seen in peacetime,” Dimina says. “Just one example: The U.S. Department of Defense moved a million people to remote work in a month.
Versioning a microservices-based application is not as straightforward as with a traditional app. Microservices enable developers to design, build, test, deploy and update services independent of one another -- or simultaneously, if they choose to do so. While this is great for architectural flexibility, it also means that versioning one service can cause it to lose compatibility with another if updates are not properly planned or synchronized. As such, architects must implement the right methods and tools to version services consistently and allow quick rollbacks when needed. ... In contrast to URI versioning, the main benefit of this technique is that the names and locations of application resources remain the same across updates. This helps make sure the URI doesn't become cluttered with versioning information and that API names retain their semantic meaning to the developers who regularly work with them. One downside of this approach is that information cannot be readily encoded into the hypermedia links. ... Semantic versioning is an ideal practice for projects containing public-facing or communally shared APIs that experience frequent updates. This technique uses three non-negative integer values to identify version types: major, minor and patch.
In the next 3-5 years, the digital insurance consumer will likely remain the millennials, with higher levels of income and education. It is important though to not assume homogeneity and develop solutions based on lazily assessed group characteristics. Personalisation is more important now than it ever has been. Beyond functionality and ease of access, emotions and personal growth are key drivers in consumption behaviour and like in any other group, there are a diverse set of expectations and desires amongst this group. Tailoring services and online buying journeys to the individual rather than the group is paramount; in the same way that offering life insurance immediately following a bereavement could be viewed as inappropriate, so too an offer of a social insurance be offensive to a staunch individualist. Certain benefits, although appealing on the surface to members of 'the group' may not work at a more nuanced level – a donation with every policy bought to an environmental charity will not appeal to every millennial. Hopefully, in this personalised version of the future, the benefits will be sufficiently tailored that people will see what is most relevant to them, not to whichever 'group' they may belong to.
"Often when management and executives hear 'disability accommodations,' they're thinking of physical or medical things to do," she said "They're not thinking about the fact that autistic people just think differently, and most of us neurodivergent professionals function fine." Roddie founded the Actually Austistic Task Force when she joined IBM. This group provides a closed communication channel for anyone who identifies as autistic and meets weekly through WebEx. She said companies should use these employee resource groups to guide initiatives and collect feedback, as the Neurodiversity at IBM team does. "A lot of organizations mess up where they create a neurodiversity program in the workplace, and they don't actually talk to any neurodiverse people and mostly go based on stereotypes or assumptions," she said. "Having conversations with and including neurodivergent people in the development phase of social initiatives is important." Roddie said companies should set more intentional outreach goals to bring more neurodiverse individuals into the workforce.
Sidharth Sogani, CEO of the Indian crypto intelligence firm CREBACO, told Decrypt that it’s the industry’s persistent dialogue with the government that has prevented a blanket ban. Sogani, who also heads the industry pressure group, the Association for Blockchain, Crypto, and Digital Asset Entrepreneurs (ABCE), knew there wasn’t going to be an all-out restriction as the government asked “very inquisitive questions”, signaling that careful consideration is being paid with a regulatory framework in mind. As mainstream institutions flock to the crypto space, the Indian government has seen crypto as an unmissable global trend, according to Sohail Merchant, CEO of the Indian crypto exchange PocketBits. PocketBits is one of the members of the Blockchain and Cryptocurrency Committee (BACC), part of the wider tech industry association Internet and Mobile Association of India (IAMAI). BACC has been campaigning for a regulatory framework instead of an outright ban. “The Indian government realizes that crypto is being adopted globally by corporations like PayPal, Tesla and top-tier banks,” Merchant told Decrypt.
Kunchala says secure code is more critical today than ever before due to remote working. Kunchala, who formerly led Deloitte’s application security practice, explained that knowing the risks of a pure remote workforce is critical for a good cyber hygiene interface. “Your attack surface is much larger now. It’s not within the four walls of your enterprise,” he says. “Application security should be a top priority. The biggest attack vector is the application layer.” This focus on application security is nothing new, however. Because most attacks occur at the application layer, Kunchala says, the focus on building secure code has been happening for the last decade. And with that focus, of course, the push and pull between developers and security experts has increased. In dealing with multiple clients across a diverse set of industries, Kunchala suggested that those groups in which defense is built into the culture have less friction for application security. Of course, it’s highly dependent on the industry. For some, like health care and finance, security may be more at the forefront. For others, it may not be as critical. “It’s a mixed bag, and a lot of that is defined by how the company perceives security, and how important security is for their products and solutions,” he says.
Dubai’s airport, the world’s busiest for international travel, can already feel surreal, with its cavernous duty-free stores, artificial palm trees, gleaming terminals, water cascades and near-Arctic levels of air conditioning. Now, the key east-west transit hub is rolling out another addition from the realm of science fiction – an iris-scanner that verifies one’s identity and eliminates the need for any human interaction when entering or leaving the country. It’s the latest artificial intelligence programme the United Arab Emirates has launched amid the surging coronavirus pandemic, contact-less technology the government promotes as helping to stem the spread of the virus. But the efforts also have renewed questions about mass surveillance in the federation of seven sheikdoms, which experts believe has among the highest per-capita concentrations of surveillance cameras in the world. Dubai's airport started offering the program to all passengers last month. On Sunday, travellers stepped up to an iris scanner after checking in, gave it a good look and breezed through passport control within seconds. Gone were the days of paper tickets or unwieldy phone apps.
One area of digital innovation that’s been prominent in anti-money laundering (AML) and Know Your Customer (KYC) is biometric security. Eradicating the need to remember log-in credentials, this allows users to verify their identity using fingerprints, selfies or other biological characteristics. Biometric security also includes detection of suspicious behaviour that deviates from how a user normally uses a platform, such as a different IP address. Banks, for example, have been starting to provide the option of fingerprint or facial recognition-powered access to accounts. But today’s solutions should look out for false face IDs, which have also risen and aim to fool the system. “Our research indicates that fake face IDs are available on the dark web for as little as €50 and some of them are so realistic, they can often fool human passport agents,” said Roger Tyrzyk, director, global gaming and sales for UK&I at IDnow. “The most commonly faked documents are national ID cards followed by passports. Other documents include residence permits and driving licences. The quality of these fake IDs is increasing too.
Quote for the day:
"People seldom improve when they have no other model but themselves." -- Oliver Goldsmith