Daily Tech Digest - January 28, 2022

12 steps to take when there’s an active adversary on your network

“You need to know when to break the glass. People are afraid to pull that trigger, to reach that mode, because it’s hard to take it back if you do. There’s oversight and costs, and people are afraid to spin it up sometimes,” McMann says. Given that, teams must have good guidelines to know when and how to escalate situations. “That decision point will be unique to each organization, but the escalation path, who to call, when to engage legal, [etc.] should be clearly documented,” says Nick Biasini, head of outreach for Cisco Talos, a threat intelligence organization. That prevents delays that could allow hackers more time to do damage, yet prevent costly responses to minor incidents or false alarms. ... CISOs should be looping in business during the triage process, security leaders say, a point that’s often overlooked during active responses. ... As J. Wolfgang Goerlich, advisory CISO with Cisco Secure, says: “This is a business problem. But in a security breach, a very technical person will be thinking, ‘I have to remediate.’ However, one of the things that CISOs need to remember is that a breach is a business problem not a technical problem. ... "


Innovation will drive the success of NFT gaming, not profit or hype

With so much interest in NFTs, it’s only natural that developers have begun to develop the infrastructure necessary to handle what will undoubtedly become a massive secondary market for these assets. In addition, holders want real tangible benefits to holding NFTs, and in a crowded gaming market, new entrants need to differentiate to survive. 2022 is likely the year NFT games become more mainstream, especially now that many crypto investors own these assets. And real innovation, not just in NFTs but in gameplay and mechanics themselves, will be the driving force. While NFT gaming gives gamers a way to earn while playing their favorite games, the industry lacks a social component. The advantage of owning an NFT asset is that it’s yours, and you should be able to use that asset where you want. Here are three innovations that are driving the success of NFT gaming today. It’s no secret that Virtual Reality (VR) and Augmented Reality (AR) are the future of gaming. We got a taste of this tech with Pokémon Go, but that was merely a herald of things to come.


Three Factors That Help Cost Optimise Cloud Services

The problem with prioritizing coverage is that not all commitments offer the same amount of savings. Many of the “safest” promises with the most flexibility produce less than a third of the savings rate of a commitment with less flexibility. This can result in circumstances where the coverage is high but the savings rate is low. Companies that are not growing may find themselves in a situation where they have limited options for increasing their savings rate and must just wait for the contract terms to end. When combined with percentage savings, commitment coverage provides a better picture of the net cost reduction that the commitment strategy is driving. This is especially significant when teams are comparing alternative purchasing strategies to see if better coverage actually saves the most money. ... Typically, the highest discount is obtained by making all advance payments, while the lowest is obtained by making no upfront payments. Vendors frequently take and encourage the technique of using only one level of advance payment across several contracts.


3 Strategies for Securing the Supply Chain, Security’s Weakest Link

With whom does your organization have contracts? Whom do you pay to help with day-to-day operations? Particularly for large organizations, this can be a wildly complex proposition. There will be primary providers—who are billing you for services —and secondary and tertiary providers. There will also be upstream and downstream providers, making it critical to research and uncover every single organization with which you do business. Once you’ve created a list of providers, the next step is to prioritize them. Which providers have a direct impact on users or customers? What products do they support? What business processes do they support? How important are they to your mission or your bottom line? Consider if you have any “concentration risks”—does any part of your supply chain rely on only one or two providers? This may be a risk factor. Once partners are prioritized, consider how your organization wants to work with each one. Do you want contractual agreements with each partner? Contracts can help set and manage expectations, help your organization understand the risk profile of your partners, and—just as importantly—map out your organization’s security requirements.


Demystifying machine-learning systems

MIT researchers have now developed a method that sheds some light on the inner workings of black box neural networks. Modeled off the human brain, neural networks are arranged into layers of interconnected nodes, or “neurons,” that process data. The new system can automatically produce descriptions of those individual neurons, generated in English or another natural language. For instance, in a neural network trained to recognize animals in images, their method might describe a certain neuron as detecting ears of foxes. Their scalable technique is able to generate more accurate and specific descriptions for individual neurons than other methods. In a new paper, the team shows that this method can be used to audit a neural network to determine what it has learned, or even edit a network by identifying and then switching off unhelpful or incorrect neurons. “We wanted to create a method where a machine-learning practitioner can give this system their model and it will tell them everything it knows about that model, from the perspective of the model’s neurons, in language.


How should DeFi be regulated? A European approach to decentralization

DeFi protocols are dependent on the blockchains on which they are built, and blockchains can experience attacks (known as "51% attacks"), bugs and network congestion problems that slow down transactions, making them more costly or even impossible. The DeFi protocols, themselves, are also the target of cyberattacks, such as the exploitation of a protocol-specific bug. Some attacks are at the intersection of technology and finance. These attacks are carried out through "flash loans." These are loans of tokens without collateral that can then be used to influence the price of the tokens and make a profit, before quickly repaying the loan. ... The cryptocurrency market is very volatile and a rapid price drop can occur. Liquidity can run out if everyone withdraws their cryptocurrencies from liquidity pools at the same time (a "bank run" scenario). Some malicious developers of DeFi protocols have "back doors" that allow them to appropriate the tokens locked in the smart contracts and thus steal from users (this phenomenon is called "rug-pull").


Social commerce has a bright future – but not on social media

Social commerce, or livestream shopping, is forecast to transform social media into one big shopping channel. The whole buying experience, from initial product discovery to check-out, will take place on social media, with the consumer never stepping out of the app. A lot of serious players agree this will happen. TikTok has launched its shopping facility in the UK, stating: “E-commerce is a big opportunity for TikTok, and it’s something we’re investing in significantly. We think it’s a really significant moment.” It also stated that its internal data shows that one in four TikTokers either research a product or make a purchase after watching a video mentioning a product. More consumers are shopping on social media platforms like Facebook, which could end up benefiting smaller brands. Accenture predicts social commerce will be worth $1.2 trillion by 2025, growing three times faster than traditional e-commerce. It also claims that by 2025, Gen Z will be the second largest set of social commerce users (29% of all expenditure), followed by Gen X, which will account for 28% and Baby Boomers only 10%. As a result, social will comprise no less than 17% of all e-commerce sales by then, too.


Why we can’t put all our trust into AI

The root of the problem is that cybersecurity is hard. For a hard problem what better solution then a magic box which produces the answers? Unfortunately (or fortunately) people still need to be involved in this. Relying solely on the black box will produce a false sense of security which can have disastrous effects. The way forward is a combination of humans and AI working together, utilizing their strengths. AI can do a lot of the heavy lifting, repetitive tasks, and spotting flaws in vast amounts of data, but humans are able to narrow down the important issues quickly and act. We tend to downplay the capabilities of people, but the more research investigates this the more we find how complex our brains are, and all the amazing stuff they can do. Self-driving cars are the classic example. Think of what goes on when driving a car – the motor skills required to steer and work the pedals, and the massive amounts of info being consumed and analyzed quickly by your senses: dashboard info, passenger info, other car info, keeping an eye on the weather, looking at the road, watching behind you, and finally using your instincts to determine when something just “doesn’t feel right”.


Productive Downtime: A New Productivity Method to Implement in 2022

We are all so busy nowadays. Always on the go, constantly checking our phones and email, trying to get things done. But what if we told you that one of the most productive things you can do is actually nothing? It may sound counterintuitive, but it is, nevertheless, true. Studies have shown that taking regular breaks and spending time doing nothing can actually help improve your productivity and creativity. In fact, some experts refer to this as the “divine art of doing nothing.” So how do you go about doing nothing? Pretty simply, it turns out. Just take a few minutes every day to relax and de-stress. Unplug from your devices, close your eyes, and focus on your breath. You can also try some simple meditation or visualization exercises. Or if you’d rather, just take a walk in nature or listen to calming music. The key is to find what works best for you and make time for it in your schedule. And if you’re sorting out deadlines for employees, factor in their need for a little productive downtime in the schedule. If you can find an hour or two each week to relax and rejuvenate, you’ll be much more productive during the rest of your day. 


How the CIO Role Will Evolve In 2022

In the coming year, one in 10 tech execs will get their performance tracked on revenue, according to Forrester projections. Right now, not many people in the technological world are holding revenue focused positions. Instead, the performance of top technology executives is measured based on their revenue sources, rather than the dollar value. With an accelerated convergence between technology leaders and the business stakeholders, leadership executives are likely to take on explicit revenue targets in the coming year. Companies that strive to integrate technology as closely as possible with business, believe that this strategy will help advance that alignment. Over the years , the CIO qualifications were seen as back-end technology service operations. But this year it will be more of a close advisor on business strategies or operations, 2022 will show that CIOs can advise and execute more widely in many areas of business.



Quote for the day:

"Successful leadership requires positive self-regard fused with optimism about a desired outcome." -- Warren Bennis

No comments:

Post a Comment