What’s the hype in hyperautomation?
Gartner predicted that hyperautomation would be one of the top strategic
technology trends from 2020 onwards, but that doesn’t necessarily mean that
manufacturers must buy into the hype. The first thing to do to understand
whether end-to-end automation can deliver substantial business value, is to
create a roadmap that clearly aligns business goals with the automation tools
needed to reach them. Gartner suggests considering three key objectives —
revenue, costs and risks. According to these parameters, manufacturers might
want to think about which technologies can drive revenue by enhancing customer
engagement, increasing output, and automating repetitive tasks. They should then
redesign processes to reduce the cost of poor quality and streamline production.
Finally, they might need to consider the compliance risks of inefficient
processes — for example, feeding parts to a machine manually might be not only
inefficient but also risky, and it might therefore violate safety regulations. A
careful consideration of these factors should give manufacturers a clearer idea
of whether or not hyperautomation can significantly boost productivity and give
them the competitive edge they might be lacking without it.
How to Secure the Connected & Automated Mobility (CAM) Ecosystem
Under a new regulation set by the United Nations, car manufacturers are required
to secure vehicles against cyberattacks. With the upcoming transposition of the
United Nations' regulations into EU policy, the new regulation on cybersecurity
will be mandatory in the European Union for all new vehicle types from July 2022
and will become mandatory for all new vehicles produced, regardless of the type,
from July 2024. It is important to remember that the UNECE Regulations and
related ISO standards do not apply to all CAM stakeholders. The types of
vehicles the regulation applies to include passenger cars, vans, trucks and
buses, light four-wheeler vehicles if equipped with automated driving
functionalities from level 3 onwards. The report is intended to support the work
of the European Commission and the EU Member States’ competent authorities in
the transposition of the UN cybersecurity regulation into EU policy.
Decision-makers who are responsible for the protection of security and
resilience of the CAM ecosystem at EU level will find in the report the relevant
cybersecurity measures and key challenges they need to consider to draft their
cybersecurity baseline.
Security probe of Qualcomm MSM data services
Mobile Station Modem (MSM) is an ongoing series of a 2G/3G/4G/5G-capable system
on chips (SoC) designed by Qualcomm starting in the early 1990s. MSM has always
been and will be a popular target for security research because hackers want to
find a way to attack a mobile device remotely just by sending it a SMS or
crafted radio packet. But 3GPP protocols are not the only entry point into the
modem. Android also has an ability to communicate with the modem processor
through the Qualcomm MSM Interface (QMI). MSM is managed by the Qualcomm
real-time OS (QuRT) that cannot be debugged or dumped even on rooted Android
devices. QuRT’s integrity is ensured by the TrustZone. There is only one
possible way to dynamically probe the modem, namely to use a vulnerability.
There have been several successful attempts to patch the QuRT by exploiting
vulnerabilities in the Qualcomm Trusted Execution Environment (QTEE) or
Linux-kernel. The latest compromised SoC is MSM8998 (Pixel 2). In our research,
we fuzzed MSM data services so we could find a way to patch QuRT on modern SoCs
directly from Android.
5 Ways to Be a Leader Your Employees Will Respect
Transparent communication is the ability to have open, sincere and direct
dialogue. But there's a fine line between transparency and rudeness. Keep
empathy at the top of your mind. When done right, transparent communication is
one of the foundational practices to showing inclusive leadership, and your new
hire will appreciate you for it. It's important to remember that your words
matter, especially when you're in a position of power. So assess how your
employees react to your messaging and continually adjust language and tone as
needed. Everybody has different communication preferences, so keep a close eye
on what you say and how. Flexibility is the model of the future. We all learned
the importance of flexible workplace systems this past year, which will continue
in our post-pandemic world. Flexible schedules in hybrid or remote-work
situations allow employees who are also caregivers the space in their day to
ensure family comes first. Companies like Google and Facebook have already
announced hybrid-style workplaces starting in the fall of 2021. Companies like
Slack and Twitter say employees never need to return to the office.
Emerging open cloud security framework has backing of Microsoft, Google and IBM
While they’ve pulled in some of the big cloud vendors, they’ve also got large
companies who consume cloud services like FedEx, Pfizer and Goldman Sachs.
Conspicuously missing from the group is AWS, the biggest player in the cloud
infrastructure market by far. But Lippis says that he hopes, as the project
matures, other companies including AWS will join. “There’s lots of security
programs and industry programs that get out there and that people are asking
them to join, and so some companies want to wait to see how well this pans out
[before making a commitment to it],” Lippis said. His hope is, that over time,
Amazon will come around and join the group, but in the meantime they are working
to get to the point where everyone in the community will feel good about what
they’re doing. The idea is to start with security alerts and find a way to build
a common format to give companies the same kind of system they have in the data
center to track security alerts in the cloud. The way they hope to do that is
with this open dialogue between the cloud vendors and the companies involved
with the group.
How to apply a Zero Trust approach to your IoT solutions
Securing IoT devices presents a couple of additional layers of complexity
because of the incredible diversity in design, hardware, operating systems,
deployment locations, and more. For example, many are “user-less” and run
automated workloads, presenting challenges when integrating into existing
identity and access management tools. Many IoT devices have also been deployed
using infrastructure and equipment not originally designed for a connected world
or have limited capabilities and connectivity, making them challenging to
secure. And because IoT devices are typically deployed in diverse
environments—ranging from inside factories or office buildings to remote
worksites or critical infrastructure—they’re exposed in unique ways and can
offer high-value targets to attackers. ... Securing IoT solutions with a Zero
Trust security model starts with non-IoT specific requirements—specifically
ensuring you have implemented the basics to securing identities, their devices,
and limit their access. These include explicitly verifying users, having
visibility into the devices they’re bringing on to the network, and being able
to make dynamic access decisions using real-time risk detections.
IQ tests: are humans getting smarter?
From the algorithms that make our social media accounts function to the
sleep-tracking technology in our smartwatches, the world has never seemed so
technologically advanced and developed. Which is why it would be easy to assume
that with each generation, humans are getting smarter. But is this the case?
It’s a question many scientists have pondered, particularly so given that
throughout the 20th century the average score on IQ tests around the world
increased significantly – especially in the west. This increase was around three
IQ points per decade – meaning we are technically living with more geniuses on
the planet than ever before. This increase in IQ scores and the seeming tendency
for intelligence levels to increase over time is known as the Flynn effect
(named after the late US-born educator, James Flynn). And improvements in health
and nutrition, better education and working conditions, along with recent access
to technology have all contributed. Indeed, in the 19th century, for example,
industrialisation created large overcrowded cities with poor health outcomes and
premature death.
10 digital transformation metrics to measure success in 2021
Metrics tied to business case realization have or are morphing into continuous
value realization. On-time/on-budget delivery metrics are evolving into
measuring flexibility in adjusting to scope. “Before COVID, the world was
already contemplating a move from project-thinking to product-thinking,” says
Kelker, whose firm is also tracking continuous value realization across 400
companies. “The pandemic has hastened this – we have multiple clients who are
now interested in aligning, earmarking, allocating, and spending budgets in line
with the product-aligned agile delivery.” ... Matching revenue to specific
marketing efforts, for example, will be important. “This includes the gambit of
how digital transformation investments can help reduce customer churn, enhance
customer acquisition, and improve the brand experience,” says Nitish Mittal,
vice president at Everest Group. “For instance, in retail, providing a
frictionless direct-to-consumer commerce experience is a key imperative.” For
some businesses, determining how technology innovation generally is impacting
revenues will be helpful. “In all of my conversations with CEOs, CDOs, and CMOs,
they are pivoting away from cost containment and back toward capturing market
share and providing value,” says Belliappa.
Global Phishing Attacks Spawn Three New Malware Strains
The malware ecosystem used by UNC2529 consists of either a downloader
(Doubledrag) or an Excel document with an embedded macro; a dropper
(Doubledrop); and a backdoor (Doubleback). The infection starts with phishing
emails that are rigged with a link to download a malicious payload that contains
a JavaScript downloader with code that’s heavily obfuscated in order to evade
analysis. Once it’s executed, Doubledrag tries to download a dropper –
Doubledrop – in the second stage of the attack chain. Doubledrop is an
obfuscated PowerShell script designed to plant a backdoor into memory. It has
two flavors: a 32-bit and a 64-bit instance of the Doubleback backdoor. With all
that set up, the backdoor gets to work inserting plugins and reporting back to
its controllers. “The backdoor, once it has the execution control, loads its
plugins and then enters a communication loop, fetching commands from its C2
server and dispatching them,” Mandiant describes. “One interesting fact about
the whole ecosystem is that only the downloader exists in the file system. The
rest of the components are serialized in the registry database, which makes
their detection somewhat harder, especially by file-based antivirus engines.”
The ethical implications of chatbots
The most reasonable of the motives above is arguably point two. The research
related to this patent could be hugely beneficial in ways we haven’t even
conceived of yet. However, the unforeseen has no moral compass and the fact is
that it could also be used for nefarious purposes outside of the original intent
of its creators. You might think I have seen one too many Hollywood movies.
However, if you think of the already burgeoning list of morally ambiguous ways
in which technology is used, it is not so much science fiction, as it is science
fact. Just one example is bias in Artificial Intelligence (AI) algorithms. While
AI can help doctors interpret test results more accurately in certain instances,
these algorithms are trained on historical data that has our inherent human
biases built in. So when studies such as this show that black patients would
have gotten better life-saving medical care “if their kidney function had been
estimated using the same formula as for white patients”, we should probably take
notice and do something about it. In addition to simply creating your digital
zombie doppelganger, does this technology potentially open the pandora’s
box for identity theft?
Quote for the day:
"It is easy to lead from the front when
there are no obstacles before you, the true colors of a leader are exposed
when placed under fire." -- Mark W. Boyer
I agree with a lot of the points you made in this article. If you are looking for the Hyperautomation, then visit Neebal. I appreciate the work you have put into this and hope you continue writing on this subject.
ReplyDelete