Open banking is big. Here’s why open finance is bigger
Open finance will improve the experience for customers in the U.S., but they
won’t really notice it directly, Costello says. However, under the hood, they’ll
benefit from more reliability and more symmetric customer protection end to end
— and that will make a big difference. This move to a regulated open finance
experience will give customers not just uniform access to all of the data, but
under the same umbrella of symmetric customer protection, their payment account
data will be as safe as their loan data, payroll data, and so on. “The customer
experience for the person who needs to use these services but is reluctant to is
going to be incredibly positively impacted,” he says. “Now they’re going to have
enough trust in these tools and services to know that if they’re harmed in some
way, if there’s a breach in the system or a bad actor, they’re going to be
protected.” “As this ecosystem takes off, the data that is being generated,
correlated, and used is beneficial not just for the consumer and their direct
third-party service providers, but by all thirdparty service providers,”
Costello says
5 key cybersecurity risks in 2021, and how to address them now
Cybersecurity technologies have become more advanced and more available than
ever, and this has led to a consistent pattern of over-reliance on point
products to defend against threats. While technology is essential to this
mission, it isn’t a standalone solution. Oftentimes, mid-market businesses lack
dedicated cybersecurity resources that are just as valuable. This skill shortage
has been heightened by the pandemic, as the network diagram has expanded to
include surfaces like at-home PCs and other WFH access points. According to the
Verizon DBIR, almost one in three data breaches in 2020 involved small
businesses, and mitigation will take a planned combination of both people,
processes and technology. Hiring more security professionals, especially with
the growth in demand, can be an expensive undertaking. Rather than investing in
an internal 24/7 security operations center (SOC), outsourcing this work has
become an appealing option that is a cost-effective and essential addition to
your defense strategy. This team can work in a way that unifies disparate
technologies with process to create a singular, strong point of visibility.
Is the Future of Manufacturing Automated or Autonomous?
Manufacturing autonomy is not just a good idea, it’s a timely idea, offering a
chance to democratize both manufacturing and innovation. By creating autonomous
and automated manufacturing solutions, it is possible to substantially reduce
the labor cost element in manufacturing, allowing higher labor cost regions to
bring manufacturing home. This is extremely timely given the desire of most
nations to use manufacturing as part of their post-pandemic recovery strategy.
And the pandemic isn’t the only driver or acceleration. The Covid-19 pandemic
came on the back of a bitter trade war between the US and China, creating a
perfect storm of disruption that has led to a real desire to restore supply
chains to make nations more resilient to future risk. Both Theo and Yoav agree
that autonomous and automated manufacturing solutions offer the only route to
competitiveness for the US and for Western Europe, where the benefits of massive
consumer markets are offset by high labor rates. Consumers want to buy products
made locally, but they don’t want to pay more for, or get less from, those
products.
CISA Orders Agencies to Recheck for Exchange Compromises
CISA is requiring federal agencies that use on-premises Exchange servers to
conduct two exercises by noon Monday. The agencies must run Microsoft's Safety
Scanner tool, also known as MSERT, in full scan mode and report those results to
CISA. This tool, which was released last month, can detect web shells used
during attacks that target the ProxyLogon flaw in Exchange. CISA is also
ordering federal agencies to run this same scan every week for four weeks to
check for additional compromises. In addition to mandating MSERT sans, CISA is
requiring that agencies run a script called Test-ProxyLogon.ps1 to check both
Exchange and Internet Information Services, or ISS, logs for any malicious
activity related to these attacks. "If attacker activity is identified, the
script reports the vulnerabilities for which it found evidence of use and
collects logs that it stores in the specified output path in the
Test-ProxyLogonLogs directory," CISA notes. After those tasks are complete and
the results are returned, CISA is requiring that federal agencies take
additional steps to harden networks and infrastructure by June 28.
Quantum computer has the edge for NP verification
The algorithm the researchers use to demonstrate this is known as an interactive
proof protocol. Here, one component of the experimental set-up acts as a
“prover”, using coherent light pulses to send partial solutions to the
NP-complete problem in the form of a quantum state. The second component fills
the role of the “verifier”, deciding with high accuracy whether the solution is
correct based on the limited information given. When certain bounds are placed
on the expected accuracy of the verifier, as well as the protocol’s speed and
efficiency in terms of the amount of information that can be communicated
throughout the interactions, it is possible to demonstrate that the quantum
algorithm far outperforms any classical attempts at doing the same. By showing
that a quantum algorithm can verify solutions to NP-complete problems
efficiently, the result could allow for new applications in secure remote
quantum computing. A client with a rudimentary quantum machine could, for
example, verify information they receive from a powerful quantum server without
ever having access to the full solution.
Blockchain Comes Under Data Privacy Scrutiny
The decentralized nature of blockchain eliminates the need for an intermediary
serving as a central clearing authority and decreases risks associated with
traditional centralized systems and their functionality. By removing the
intermediary between a given server and the data being collected, distributed,
and analyzed, blockchain enables an increase in the speed and efficiency of data
processing. Additionally, blockchain reduces the risk of human error, which
typically leads to a reduction in costs and expenses. Traceability is one of the
major benefits of blockchain that businesses in various industries are
exploiting. Tracing transactions on blockchain is simplified because all data is
stored on one immutable digital distributed ledger, which makes it easy to
review the history of transactions. The traceability element of blockchain has
been especially useful for businesses distributing products on a complicated
supply chain because blockchain facilitates tracking within a supply chain.
Blockchain will increasingly change how businesses operate in various industries
and sectors, but this disruptive technology will undoubtedly continue to face
legal and regulatory challenges as it becomes more widely accepted.
Cisco streamlines, upgrades its SASE bundle
The offering includes Cisco's Viptella and Meraki SD-WAN software packages,
Duo and AnyConnect remote access, Umbrella security as well as Duo zero trust
and other security components. The integrated package will be a plus for
enterprises, experts say. “Eighty percent of organizations want to reduce the
number of security vendors and products to create a more integrated
protection/incident-response and easier to manage security operations," said
Peter Firstbrook, a Gartner research vice president. “Reducing the barriers to
adoption and increasing the level of integration is going to be a major task
for multi-product vendors,” Firstbrook said. “At the same time SASE is a hot
topic as more network traffic moves off the LAN and into the cloud. The more
of this problem that Cisco can address the more successful they will be.”
Within the bundle Cisco added features including the ability to support remote
browser isolation, data loss prevention (DLP), cloud malware detection, and
support for Cisco Meraki MX environments with Umbrella security. “DLP and
remote browser isolation are desirable but they are catch-up items,"
Firstbrook said.
A strategic vision for model risk management
Banks face cost and capacity pressures as they strengthen frameworks and
expand model inventories. Validation backlogs and delays mount as existing
validation capacity fails to cover expanding demand. Inventory is increasing
as new models are developed outside traditional areas of financial risk. The
rapid development of AI is increasing model complexity and adding to the
backlog. The quality of validation can consequently suffer unless the bank
brings in external support. To manage the model-validation budget, leading
banks have industrialized validation, using lean fundamentals and automated
processes. Models are prioritized for validation based on key factors such as
their importance in business decisions and materiality of the model exposure.
Validation intensity is customized by model tiers to improve speed and
efficiency. Likewise, model tiers are used to define the resource strategy and
governance approach. The use of model tiers to improve efficiency varies by
region. In Asia and Latin America, where MRM functions are still maturing,
about half our surveyed banks report using tiers in their model
inventory.
Bitcoin was always bound to fail its most important mission
Although Bitcoin has been around for more than a decade, the cryptocurrency
industry is still in its nascent stages and the process of maturation requires
all manner of approaches to be explored. The underlying technology has already
come a long way and so have its alternative use cases (look at the rise of
DeFi), but crypto is still largely battling the same demons: volatility,
limited adoption and regulatory uncertainty. However, Schwartz is convinced
the magnetism of cryptocurrency and the commitment of the community to
innovation will mean technological solutions are found to some of these most
pressing questions. “It’s going to be an interesting growing up process for
cryptocurrency, because regulators have legitimate interest in preventing
things like money laundering and terrorist financing. But most [members of the
crypto space] want to comply with these kinds of measures.” “Generally
speaking, it's not a very good business model to be in defiance of regulation.
And it has been a drag on the adoption of crypto that people have had
difficulty figuring out how to remain compliant.”
Importance of data governance and management in times of a global pandemic
The problem of data governance has now become prominent. Data governance is
different from data management. The latter has to do with the engineering
aspects of data – how it is created, stored, accessed, processed, secured, and
whether it is complete, are issues that are of relevance. Data governance, on
the other hand, is concerned with issues of policy, which are larger and have
an impact on the economy and society. Data governance has to do with where
data originates, who collects it and how, where it is stored, who uses it and
for what purpose, how the information obtained from data is used, and how data
is erased. Data governance presents many challenges, contradictions, and
consequent trade-offs. For example, one challenge is that of maintaining
privacy of data on individuals versus using data for surveillance. During the
pandemic this contradiction became prominent. Several countries, including
India, introduced infection-tracking software that would inform individuals
who were using these apps whether they were close to others who were
infected.
Quote for the day:
"Great Groups need to know that the
person at the top will fight like a tiger for them." --
Warren G. Bennis
No comments:
Post a Comment