Daily Tech Digest - March 10, 2021

7 challenges women face in getting ahead in IT

It’s a razor thin line that’s nearly impossible to walk. Not being assertive won’t get you promoted. Being assertive makes you unlikeable. Either one makes promotion difficult. Not being liked holds women back, according to Lean In, an organization dedicated to overcoming these obstacles, because women who aren’t liked are seen as less competent. ... “My advice to women is to make sure you speak up,” says Easwar. “Don’t let your ability to express your opinions be impacted by prejudice. You have to break that mold because not speaking up can be more detrimental and can be a disservice to other women trying to follow a similar growth path.” Women can’t change this without help, though, and altering the way your company manages meetings can go a long way to preventing this. “We switch who runs meetings every week,” says Breanne Acio, co-founder and CEO of S─ôkr, a female-run tech startup. ... Women are often left out of group events or conspicuously ignored because they are not a member of the “in group,” which, in IT, is often white men. Whether this is conscious or unconscious, it is a bias that makes it difficult to get promoted.

How to mitigate security risks as cloud services adoption spikes

As organizations continue to move to the cloud, it’s vital to build a trusted foundation for computing. Security is only as strong as the layer below it, which is why it’s important to have trusted security technologies rooted in hardware for cloud. For example, technologies such as disk and network traffic encryption protect data in storage and during transmission, but data can be vulnerable to interception and tampering while in use in memory. “Confidential computing” is a rapidly emerging usage category that protects cloud data while it’s in use in a Trusted Execution Environment (TEE). TEEs enable application isolation in private memory regions called enclaves to protect code and data while in use on a CPU. For instance, healthcare organizations can securely protect data with TEEs — including electronic health records — and create trusted computing environments that preserve patient privacy across the cloud. Full memory encryption is another technology used to protect hardware platforms (in the cloud) to ensure that memory accessed in CPUs is encrypted, including customer credentials, encryption keys, and other IP or personal information on the external memory bus.

What is the future of the Proptech space?

With Proptech companies needing to increasingly digitise their operations to meet evolving customer demands, they will also need to continue paying attention to regulations, which may be equally liable to change. Roger Tyrzyk, director of global gaming and sales for UK/I at IDnow, believes that such rules would need to be reconsidered for true innovation to occur, and that this could be increasingly prioritised by regulators in the future. “Consumers have changed; they expect processes to be much quicker, more efficient and certainly not an inconvenience,” said Tyrzyk. “In response, the property sector – both conveyancing and rental markets – must adapt and the only way to do this is to leverage the innovative technologies that already exist. “However, to empower sectoral change, property regulators and the Government must revisit the archaic laws that currently exist in the UK and align them with the 21st Century. For example, under current laws, every letter a solicitor sends out must be wax sealed. To deliver a truly digitised process and harness the power of Proptech, this must be addressed and overhauled.

How to protect backups from ransomware

If your backup system is writing backups to disk, do your best to make sure they are not accessible via a standard file-system directory. For example, the worst possible place to put your backup data is E:\backups. Ransomware products specifically target directories with names like that and will encrypt your backups. This means that you need to figure out a way to store those backups on disk in such a way that the operating system doesn’t see those backups as files. For example, one of the most common backup configurations is a backup server writing its backup data to a target deduplication array that is mounted to the backup server via server message block (SMB) or network file system (NFS). If a ransomware product infects that server, it will be able to encrypt those backups on that target deduplication system because those backups are accessible via a directory. You need to investigate ways to allow your backup product to write to your target deduplication array without using SMB or NFS. All popular backup products have such options.

How the UK Has Set its Sights on Becoming a Fintech Haven in the Wake of Brexit

With global competition for fintech talent within the sector, cities like London face fresh competition from European destinations like Berlin, Barcelona and Amsterdam - which are becoming increasingly popular for fintech professionals with the right to work across the EU. This exodus is exactly what the UK is looking to prevent, and the danger posed by the situation has been underlined by Ricky Knox, CEO at fintech bank, Tandem, who said: “Tech visas are a great thing and essential if we are going to keep a competitive tech and fintech sector,” he added. “Over half of our coders are from outside the UK and some have already left due to Brexit.” Another aspect of the review has called on the UK to revise its approach to the regulation of crypto-assets as a means of welcoming more fintech businesses in the future. Recent restrictive measures by UK regulators involve bans on the sale of crypto derivatives and an anti-money laundering register that have created a somewhat hostile environment for blockchain or decentralised finance fintech businesses to set up camp in London.

The world's most powerful supercomputer is now up and running"

The ultra-high-performance computer Fugaku is about to go into full-scale operation," said RIST president Yasuhide Tajima. "I look forward to seeing this most powerful 'external brain' ever developed by humanity helping to expand our knowledge, enabling us to gain deeper insights into the foundation of matter in both time and space, giving us better structural and functional analysis of life, society, and industry, enabling more accurate predictions; and even designing the unknown future of humanity." Fugaku is designed to carry out high-resolution, long-duration, and large-scale simulations, and boasts up to 100 times the application performance of its predecessor, the K supercomputer, which was decommissioned in 2019. This unprecedented compute power has earned the device the top spot for two consecutive terms in the Top500 list, which classifies the 500 most powerful computer systems around the world. At 442 petaflops, Fugaku stands a long way ahead of competitors, with three times more capability than the number two system on the list, IBM's Summit, which has a performance of 148.8 petaflops.

Researchers Describe a Second, Separate SolarWinds Attack

Secureworks describes Supernova as a Trojanized version of the legitimate dynamic link library used by the SolarWinds Orion network monitoring platform. The hackers were spotted using Supernova to conduct further reconnaissance on a SolarWinds client's network, which eventually led to the exfiltration of some credentials, the researchers say. SolarWinds confirmed to ISMG that the Supernova attack researched by Secureworks is associated with earlier warnings of a second group of hackers exploiting a SolarWinds Orion flaw, which has since been patched. Secureworks' researchers discovered the Spiral attack on one organization in November 2020 when they spotted hackers exploiting a SolarWinds Orion API vulnerability on an internet-facing SolarWinds server during an incident response effort. "The threat actor exploited a SolarWinds Orion API authentication bypass vulnerability (CVE-2020-10148) to execute a reconnaissance script and then write the Supernova web shell to disk," the researchers say. "There is no known connection between Spiral activity and the recently reported compromises of on-premises Microsoft Exchange servers," says McLellan.

The Perfect Pair: Digital Twins and Predictive Maintenance

Sensors are the heart of any measurement, control, and diagnostic devices. Device telemetry is collected using the smart sensors available on the hardware / software environment and then used to create the digital twin model of the physical equipment. All of the data is then aggregated and compiled to generate actionable information. The digital twin model is then continuously updated to mirror the current state of the physical thing. It can then be used to effectively model, monitor, and manage devices from a remote location. It also enables continuous intelligence & estimated time for the next needed maintenance, which the maintenance system can use to schedule at the optimal time. ... Not all use cases or business problems can be effectively solved by predictive maintenance using a digital twin. Here are important qualifying criteria that needs to be considered during use case qualification: The problem must be predictive in nature, meaning there should be a target or an outcome to predict; The problem should have a record of the operational history of the equipment that contains both good and bad outcomes; ... 

Talent and workforce effects in the age of AI

To meet their AI aspirations, companies will likely need the right mix of talent to translate business needs into solution requirements, build and deploy AI systems, integrate AI into processes, and interpret results. However, most early adopters face an AI skills gap and are looking for expertise to boost their capabilities. In fact, 68 percent of executives surveyed report a moderate-to-extreme skills gap, and more than a quarter (27 percent) rate their skills gap as “major” or “extreme.” The gap is evident across all countries surveyed, ranging from 51 percent reporting moderate-to-extreme gaps in China to 73 percent reporting the same in the United Kingdom. What do leaders regard as the “most needed” roles to fill their company’s AI skills gap? The top four most-needed roles are “AI builders,” who are instrumental in creating AI solutions: researchers to invent new kinds of AI algorithms and systems, software developers to architect and code AI systems, data scientists to analyze and extract meaningful insights from data, and project managers to ensure that AI projects are executed according to plan

Digitally Transforming Trusted Transactions Through Biometrics, ML & AI

The EIU study found that that biometrics will become the dominant customer-authentication method for payments: "The survey shows optimism that evolving technological innovations like biometrics (fingerprint, facial, or voice recognition) could further reduce the trade-off between fraud, security, and [consumer experience], with 85% expecting biometrics to be used to authenticate the vast majority of payments in the next 10 years." Biometrics eliminates one of the riskiest forms of authentication: the username/password combination. Although there are some risks involved with biometrics — identity thieves have figured out ways to steal a fingerprint — they continue to be safer than other forms of authentication. During digital transactions, they give customers peace of mind that their data is not at risk. In fact, a recent study by biometrics company Fingerprints found that 56% of consumers would prefer to use a biometric sensor on their payment card instead of a PIN, signaling market appetite for embedding biometric authentication solutions into the payment process. Pattern recognition also plays a major role in fraud detection. Historical data shows patterns of how customers behave, what they are searching for, etc.

Quote for the day:

"The key to successful leadership today is influence, not authority." -- Ken Blanchard

No comments:

Post a Comment