How can banks mitigate the risks of consumers’ poor cyber hygiene practices?
To successfully implement adaptive authentication, banks and financial
institutions must implement robust risk analytics – a sphere in which AI is
playing an increasingly large role. This is no surprise, given that the threats
to banks are becoming more sophisticated, with the emergence of
attacks-as-a-service, automated attack tools, and close collaboration amongst
bad actors enabling fraud at an unprecedented scale. An AI-powered decision
engine and machine learning model can continuously analyse a broad range of
data, events and context. Rather than simply detecting login and transaction
data, they look at a whole variety of indicators of compromise and learn from
them. These include malicious headers, referrers from a phishing site, malicious
cookies, a malicious device or IP, inhuman speed, keyboard overlay, a debugger
running and many more. Based on the risk level of each user action, a smart risk
analytics solution can generate a score and provide a recommended next step in
real time – enabling banks to remain proactive, rather than reactive. So, with
the complexity of attacks growing and fraudsters’ sophistication evolving on an
almost a daily basis, it’s clear that users cannot and should not be expected to
keep up.
The Future State of the Cloud
If findings from a decade’s worth of research are predictive, these
technologies and tools are the ones that may experience increased adoption:
Configuration management tools: Growth of configuration management tools is on
the rise, though this varies among tools; many organizations now use more than
one. Back in the early days of this research, Chef and Puppet ruled the roost,
each peaking as high as the 50% adoption mark among enterprises in the 2019
report. It was at this point that we started to see increased experimentation
with Ansible and Terraform, each of now adopted by more than one-third of all
enterprise respondents. This coincides with Puppet and Chef experiencing
significant decreases in adoption, with even fewer organizations planning on
using and/or experimenting with these tools; Platform-as-a-Service (PaaS):
Recently, there is continued experimentation and increased adoption of public
cloud PaaS services. These include data analytics, artificial intelligence and
machine learning (AI/ML), and the internet of things (IoT). ... Increasingly,
today’s industry relies on services such as these that are becoming standard
parts of operations.
The RPA world desperately needs standards
The absence of RPA design standards capable of detailing process automations in
a universally understood manner is also a major contributor to stalled
automation pipelines. Look, for example, at process discovery tools, a key
component of any automation toolchain. Without RPA standards that would assure
compatibility and interoperability, process discovery tools detail discovered
processes in different ways. This leaves RPA users with little choice but to
transcribe processes manually before they can ever start to be developed and
deployed in target automation platforms. As a result, automations stall, more
money has to be spent, and more time is wasted. Growing awareness of these
standardization issues, coupled with the inability of RPA to scale or deliver on
anticipated ROI, is causing many companies to rethink additional automation
investments. ... To better understand the kind of incredible impact industry
standards can have, look at the example provided by the Portable Document
Format, or PDF. After the PDF was released as an open standard by Adobe, the
ability not only to save a PDF in any word processor, but also to open it in
another tool suddenly unlocked a level of portability that previously had been
impossible to attain.
5 Strategies to Infuse D&I into Your Organization
The CEO needs to take a public stance, embed D&I in the organization’s
purpose, exemplify the culture, and take responsibility for progress toward
goals. They need to be out front, even if a CDO is part of the team. PwC’s U.S.
chairman, Tim Ryan, has been an exemplar for at least five years. He co-founded
CEO Action for Diversity and Inclusion after police shootings in the summer of
2016 to spur business executives to collective action on D&I. The
publication of PwC’s workforce diversity data in 2020 revealed that women and
people of color are underrepresented, especially at senior levels, showing that
even the most dedicated companies still have a lot of D&I work to do.
Nielsen’s CEO, David Kenny, added the CDO title to his leadership portfolio in
2018 so he could “set hard targets for ourselves and make those transparent to
our board and measure them like we measure other outcomes like financial
results.” He relinquished that title to a new CDO in March 2020, noting the
D&I progress his team had already made. If you’re a board member, you have
an essential role to play in D&I governance.
Explainable AI (XAI) with SHAP - regression problem
Model explainability becomes a basic part of the machine learning pipeline.
Keeping a machine learning model as a “black box” is not an option anymore.
Luckily there are tools that are evolving rapidly and becoming more popular.
This guide is a practical guide for XAI analysis of SHAP open source Python
package for a regression problem. SHAP (Shapley Additive Explanations) by
Lundberg and Lee is a method to explain individual predictions, based on
the game theoretically optimal Shapley values. Shapley values are a widely
used approach from cooperative game theory that come with desirable properties.
The feature values of a data instance act as players in a coalition. The Shapley
value is the average marginal contribution of a feature value across all
possible coalitions. In this guide we will use the Boston house prices dataset
example from sklearn datasets. It is a simple regression problem. ... The SHAP
framework has proved to be an important advancement in the field of machine
learning model interpretation. SHAP combines several existing methods to create
an intuitive, theoretically sound approach to explain predictions for any
model.
Super-Secure Processor Thwarts Hackers by Turning a Computer Into a Puzzle
To stop attacks, Morpheus randomizes these implementation details to turn the
system into a puzzle that hackers must solve before conducting security
exploits. From one Morpheus machine to another, details like the commands the
processor executes or the format of program data change in random ways. Because
this happens at the microarchitecture level, software running on the processor
is unaffected. A skilled hacker could reverse-engineer a Morpheus machine in as
little as a few hours, if given the chance. To counter this, Morpheus also
changes the microarchitecture every few hundred milliseconds. Thus, not only do
attackers have to reverse-engineer the microachitecture, but they have to do it
very fast. With Morpheus, a hacker is confronted with a computer that has never
been seen before and will never be seen again. To conduct a security exploit,
hackers use vulnerabilities in software to get inside a device. Once inside,
they graft their malware onto the device. Malware is designed to infect the host
device to steal sensitive data or spy on users. The typical approach to computer
security is to fix individual software vulnerabilities to keep hackers
out.
Cybersecurity is Now Essential to Corporate Strategy. Here's How to Bring the Two Together.
Compliance is not security. This is an essential difference to understand.
Compliance is about checking the same processes to meet some pre-established
requirements and procedures. Security is about continually monitoring for new
and unexpected vulnerabilities. The best way to think of this important
difference is as though there is an (ideally) impenetrable net covering every
component of your business. Compliance checks the state of that net at a moment
in time and from an established list of criteria, but it isn’t checking for a
continually growing set of new threats that are not yet on the list. Security
requires ongoing vigilance for unexpected vulnerabilities. It’s very much a real
time and continuous effort. When it comes to cybersecurity planning, the lesson
for businesses is that following established processes is not enough. It’s about
anticipating what could happen or what could possibly go wrong. Security is like
an ongoing and engaged state of being — it needs active and ongoing vigilance
and maintenance to remain operational and be ready to pivot when the expected
happens.
Can Your Enterprise Benefit from No-Code AI?
There are many ways no-code AI can be used in businesses, including small
businesses looking to find ways to embrace the power of automation. Here are
just a few examples of how no-code AI is impacting different industries. Several
financial services firms have started incorporating no-code AI into their
workflows to improve security and provide an enhanced customer experience. By
using no-code AI, the entire customer experience can be streamlined. Let’s take
an example of a loan application. Using no-code AI, financial services teams can
build an ML model to quickly scan loan applications and determine which ones
meet the required criteria. The underwriting team now has more time to focus on
approved applicants instead of spending all their time sifting through
applications. As different teams need new ML models to improve their processes,
they can use a no-code AI platform to create them. This makes their operations
more efficient because they no longer need to wait for their IT team or data
scientists to develop a new model every time a need arises.
Blockchain, when and why to use it in business processes
The feature of intrinsic disintermediation and crystallization of traceability
of the transferred asset are among the most innovative requirements of
blockchain technology, which has and will have increasing impacts on the
evolution of social and organizational models, as well as positive impacts in
terms of technological process innovation. Service providers can interface with
the blockchain to offer advanced functionality to users, for example API
integrations services. ... Blockchain makes it possible to track when and by
whom a given change was made, which is why blockchain technology is spreading in
all scenarios where it is required to ensure traceability and authenticity for a
product or service, such as the agri-food supply chain. In addition, another
widespread application is that of notarization or crystallization of data on
blockchain, which ensures the association of a certain date. Another application
on which various projects and concrete initiatives have focused is that of smart
contracts, i.e. the automatic activation, based on distributed ledger software
technologies, of contracts between private individuals upon the occurrence of
certain events or conditions predefined by two or more parties.
AI is no villain: six steps to build your AI strategy
During AI transformation projects, companies often make the mistake of
separating the vision from the execution, resulting in disjointed and
complicated AI programs that can take years to consolidate. This can be easily
avoided by choosing AI solutions based on concrete business objectives that have
been established at the project’s outset. It’s important to align your corporate
strategy with measurable goals and objectives to guide your AI deployment. Once
complete, the strategy can be easily escalated down into divisional- or even
product-level strategies. ... Identify the real problem; don’t assume it is
AI. This might seem like common sense, but the problems you’re looking to
overcome have a large impact on your success. Some problems are not AI problems
at all, and for the ones that are, the business should advocate the delivery
through small lighthouse projects that act as a beacon for their capabilities.
In identifying ‘lighthouse’ projects, your business will need to assess the
overall goal and importance of the project, its size, likely duration and data
quality. Lighthouse projects tend to be able to be delivered in under eight
weeks, instead of eight months, and will provide an immediate and tangible
benefit for the business and your customers.
Quote for the day:
"Time is neutral and does not change
things. With courage and initiative, leaders change things." --
Jesse Jackson
No comments:
Post a Comment