12 steps to take when there’s an active adversary on your network
“You need to know when to break the glass. People are afraid to pull that
trigger, to reach that mode, because it’s hard to take it back if you do.
There’s oversight and costs, and people are afraid to spin it up sometimes,”
McMann says. Given that, teams must have good guidelines to know when and how to
escalate situations. “That decision point will be unique to each organization,
but the escalation path, who to call, when to engage legal, [etc.] should be
clearly documented,” says Nick Biasini, head of outreach for Cisco Talos, a
threat intelligence organization. That prevents delays that could allow hackers
more time to do damage, yet prevent costly responses to minor incidents or false
alarms. ... CISOs should be looping in business during the triage process,
security leaders say, a point that’s often overlooked during active responses.
... As J. Wolfgang Goerlich, advisory CISO with Cisco Secure, says: “This is a
business problem. But in a security breach, a very technical person will be
thinking, ‘I have to remediate.’ However, one of the things that CISOs need to
remember is that a breach is a business problem not a technical problem. ...
"
Innovation will drive the success of NFT gaming, not profit or hype
With so much interest in NFTs, it’s only natural that developers have begun to
develop the infrastructure necessary to handle what will undoubtedly become a
massive secondary market for these assets. In addition, holders want real
tangible benefits to holding NFTs, and in a crowded gaming market, new entrants
need to differentiate to survive. 2022 is likely the year NFT games become more
mainstream, especially now that many crypto investors own these assets. And real
innovation, not just in NFTs but in gameplay and mechanics themselves, will be
the driving force. While NFT gaming gives gamers a way to earn while playing
their favorite games, the industry lacks a social component. The advantage of
owning an NFT asset is that it’s yours, and you should be able to use that asset
where you want. Here are three innovations that are driving the success of NFT
gaming today. It’s no secret that Virtual Reality (VR) and Augmented Reality
(AR) are the future of gaming. We got a taste of this tech with Pokémon Go, but
that was merely a herald of things to come.
Three Factors That Help Cost Optimise Cloud Services
The problem with prioritizing coverage is that not all commitments offer the
same amount of savings. Many of the “safest” promises with the most flexibility
produce less than a third of the savings rate of a commitment with less
flexibility. This can result in circumstances where the coverage is high but the
savings rate is low. Companies that are not growing may find themselves in a
situation where they have limited options for increasing their savings rate and
must just wait for the contract terms to end. When combined with percentage
savings, commitment coverage provides a better picture of the net cost reduction
that the commitment strategy is driving. This is especially significant when
teams are comparing alternative purchasing strategies to see if better coverage
actually saves the most money. ... Typically, the highest discount is obtained
by making all advance payments, while the lowest is obtained by making no
upfront payments. Vendors frequently take and encourage the technique of using
only one level of advance payment across several contracts.
3 Strategies for Securing the Supply Chain, Security’s Weakest Link
With whom does your organization have contracts? Whom do you pay to help with
day-to-day operations? Particularly for large organizations, this can be a
wildly complex proposition. There will be primary providers—who are billing you
for services —and secondary and tertiary providers. There will also be upstream
and downstream providers, making it critical to research and uncover every
single organization with which you do business. Once you’ve created a list of
providers, the next step is to prioritize them. Which providers have a direct
impact on users or customers? What products do they support? What business
processes do they support? How important are they to your mission or your bottom
line? Consider if you have any “concentration risks”—does any part of your
supply chain rely on only one or two providers? This may be a risk factor. Once
partners are prioritized, consider how your organization wants to work with each
one. Do you want contractual agreements with each partner? Contracts can help
set and manage expectations, help your organization understand the risk profile
of your partners, and—just as importantly—map out your organization’s security
requirements.
Demystifying machine-learning systems
MIT researchers have now developed a method that sheds some light on the inner
workings of black box neural networks. Modeled off the human brain, neural
networks are arranged into layers of interconnected nodes, or “neurons,” that
process data. The new system can automatically produce descriptions of those
individual neurons, generated in English or another natural language. For
instance, in a neural network trained to recognize animals in images, their
method might describe a certain neuron as detecting ears of foxes. Their
scalable technique is able to generate more accurate and specific descriptions
for individual neurons than other methods. In a new paper, the team shows that
this method can be used to audit a neural network to determine what it has
learned, or even edit a network by identifying and then switching off unhelpful
or incorrect neurons. “We wanted to create a method where a machine-learning
practitioner can give this system their model and it will tell them everything
it knows about that model, from the perspective of the model’s neurons, in
language.
How should DeFi be regulated? A European approach to decentralization
DeFi protocols are dependent on the blockchains on which they are built, and
blockchains can experience attacks (known as "51% attacks"), bugs and network
congestion problems that slow down transactions, making them more costly or even
impossible. The DeFi protocols, themselves, are also the target of cyberattacks,
such as the exploitation of a protocol-specific bug. Some attacks are at the
intersection of technology and finance. These attacks are carried out through
"flash loans." These are loans of tokens without collateral that can then be
used to influence the price of the tokens and make a profit, before quickly
repaying the loan. ... The cryptocurrency market is very volatile and a rapid
price drop can occur. Liquidity can run out if everyone withdraws their
cryptocurrencies from liquidity pools at the same time (a "bank run" scenario).
Some malicious developers of DeFi protocols have "back doors" that allow them to
appropriate the tokens locked in the smart contracts and thus steal from users
(this phenomenon is called "rug-pull").
Social commerce has a bright future – but not on social media
Social commerce, or livestream shopping, is forecast to transform social media
into one big shopping channel. The whole buying experience, from initial product
discovery to check-out, will take place on social media, with the consumer never
stepping out of the app. A lot of serious players agree this will happen. TikTok
has launched its shopping facility in the UK, stating: “E-commerce is a big
opportunity for TikTok, and it’s something we’re investing in significantly. We
think it’s a really significant moment.” It also stated that its internal data
shows that one in four TikTokers either research a product or make a purchase
after watching a video mentioning a product. More consumers are shopping on
social media platforms like Facebook, which could end up benefiting smaller
brands. Accenture predicts social commerce will be worth $1.2 trillion by 2025,
growing three times faster than traditional e-commerce. It also claims that by
2025, Gen Z will be the second largest set of social commerce users (29% of all
expenditure), followed by Gen X, which will account for 28% and Baby Boomers
only 10%. As a result, social will comprise no less than 17% of all e-commerce
sales by then, too.
Why we can’t put all our trust into AI
The root of the problem is that cybersecurity is hard. For a hard problem what
better solution then a magic box which produces the answers? Unfortunately (or
fortunately) people still need to be involved in this. Relying solely on the
black box will produce a false sense of security which can have disastrous
effects. The way forward is a combination of humans and AI working together,
utilizing their strengths. AI can do a lot of the heavy lifting, repetitive
tasks, and spotting flaws in vast amounts of data, but humans are able to narrow
down the important issues quickly and act. We tend to downplay the capabilities
of people, but the more research investigates this the more we find how complex
our brains are, and all the amazing stuff they can do. Self-driving cars are the
classic example. Think of what goes on when driving a car – the motor skills
required to steer and work the pedals, and the massive amounts of info being
consumed and analyzed quickly by your senses: dashboard info, passenger info,
other car info, keeping an eye on the weather, looking at the road, watching
behind you, and finally using your instincts to determine when something just
“doesn’t feel right”.
Productive Downtime: A New Productivity Method to Implement in 2022
We are all so busy nowadays. Always on the go, constantly checking our phones
and email, trying to get things done. But what if we told you that one of the
most productive things you can do is actually nothing? It may sound
counterintuitive, but it is, nevertheless, true. Studies have shown that
taking regular breaks and spending time doing nothing can actually help
improve your productivity and creativity. In fact, some experts refer to this
as the “divine art of doing nothing.” So how do you go about doing nothing?
Pretty simply, it turns out. Just take a few minutes every day to relax and
de-stress. Unplug from your devices, close your eyes, and focus on your
breath. You can also try some simple meditation or visualization exercises. Or
if you’d rather, just take a walk in nature or listen to calming music. The
key is to find what works best for you and make time for it in your schedule.
And if you’re sorting out deadlines for employees, factor in their need for a
little productive downtime in the schedule. If you can find an hour or two
each week to relax and rejuvenate, you’ll be much more productive during the
rest of your day.
How the CIO Role Will Evolve In 2022
In the coming year, one in 10 tech execs will get their performance tracked on
revenue, according to Forrester projections. Right now, not many people in the
technological world are holding revenue focused positions. Instead, the
performance of top technology executives is measured based on their revenue
sources, rather than the dollar value. With an accelerated convergence between
technology leaders and the business stakeholders, leadership executives are
likely to take on explicit revenue targets in the coming year. Companies that
strive to integrate technology as closely as possible with business, believe
that this strategy will help advance that alignment. Over the years , the CIO
qualifications were seen as back-end technology service operations. But this
year it will be more of a close advisor on business strategies or operations,
2022 will show that CIOs can advise and execute more widely in many areas of
business.
Quote for the day:
"Successful leadership requires
positive self-regard fused with optimism about a desired outcome." --
Warren Bennis
No comments:
Post a Comment