How to Build a Data Science Enablement Team
Data scientists may use processes and tools you’re unfamiliar with, and those
processes may not initially jibe with your own. For instance, data scientists
may not think twice about emailing you code via Jupyter Notebooks. Or, they
might use different versions of Python to create base images, with none in
synchronization with each other. Consider offering alternatives to help them
improve their workflows (and make your life a bit easier). For example, help
them organize what they’re working on by setting up a Jupyter Hub instance or
git repository. Making their jobs easier will help build the relationship. ...
Most data scientists don’t want to become software developers any more than you
probably want to become a data scientist. But bringing them into the DSET isn’t
about getting them to learn more about software development — it’s about helping
both you and them become more cognizant of the processes you both adhere to. So,
while you’re empathizing with their work patterns, get them to understand how
adopting some of your processes can help them in their daily workflows.
Feds Issue Alerts for Several Medical Device Security Flaws
The FDA in its alert for healthcare providers says the RUO devices are typically
used in a development stage and are not for use in diagnostic procedures. But,
it adds, many laboratories may be using the devices with tests for clinical
diagnostic use. The vulnerabilities are exploitable remotely and have a low
attack complexity, CISA says. The Illumina vulnerabilities involve path
traversal, unrestricted upload of file with dangerous type, improper access
control, and cleartext transmission of sensitive information. The
vulnerabilities were scored as having CVSS v3 base scores of between 7.4 and
10.0. "Successful exploitation of these vulnerabilities may allow an
unauthenticated malicious actor to take control of the affected product remotely
and take any action at the operating system level," CISA warns. "An attacker
could impact settings, configurations, software, or data on the affected product
and interact through the affected product with the connected network." "Illumina
has confirmed a security vulnerability affecting software in certain Illumina
desktop sequencing instruments," the company says in a statement provided to
Information Security Media Group.
Crypto FUD: Quantum Computing Will Dwarf Blockchains’ Security
According to the research carried out by the team at Sussex, they concluded that
only a supercomputer with a processing power of over 317 Quantum Bits could
break down the SHA-256 algorithm in an hour or two. At the moment, the IBM
supercomputer boasts around 127 qubits showing that it is still far behind the
‘possible’ processing power required to start causing damage to the Bitcoin
algorithms. For Bitcoin’s blockchain to be broken, the supercomputer would need
to perform a 50+1 attack involving taking over the blocks’ mining process.
Bitcoin mining is done using special hardware called the Application Specific
Integrated Circuits (ASICs), specifically made for the mining rigs. The circuits
use a programming method/ hash function known as “puzzle friendliness,” where
every input is expected to provide a good output, and if it doesn’t, then it is
detected by the whole system, and the miner gets notified. That means the
operation of the ASICs cannot begin to be tampered with by any computer without
all miners working on the same block being notified concurrently.
8 ways level of detail could improve digital twins
The architectural, engineering, and construction industry uses a related concept
called Level of Development in Building Information Modeling (BIM) to
characterize changes in technical design depth across a project’s development
process. It describes the level to which planning teams have fleshed out the
specifications, geometry and attached information. In the early stages, planning
groups may just want to quickly estimate the overall cost and complexity of a
project before proceeding. Later, domain experts such as electricians, plumbers
and structural engineers can plan out exact gauges of wire and pipe in richer
depth. These later levels of development can help plan orders and schedule the
construction sequence so that teams do not interfere with each other. ... In
good experience design, it is often helpful to guide a user’s attention to a
particular detail. For example, it might be more beneficial to highlight the
exact screws a repair technician needs to remove rather than render a scene in
complete detail using an augmented reality overlay. Researchers believe that
using LOD for glanceable interfaces could clarify complicated repairs and
procedures. In musical concerts, visual augmentation with LOD could enhance the
audience experience.
Considering digital trust: why zero trust needs a rethink
Knowing that digital trust is now critical for all businesses and organisations
today; why has zero trust gained so much attention? Well, simply put, we can’t
assume that we should trust everything, take a zero trust approach, then
establish and maintain trust. From a security leader and CISO perspective, that
means that we need to establish and maintain trust with all entities that make
up and interact with the business. As such, digital trust here is the trust in
machines, software, devices, and humans interacting with digital services that
now power our world. It should not be confused with zero trust, which is often
misinterpreted. The ‘zero’ implies no trust at all exists. Trust is dynamic, and
it needs to be constantly upheld. The way enterprises approach establishing
digital trust is important to ensure the functioning of the business, but
specifically the security of both human and machine identities. While many
organisations focused on zero trust initiatives over the past few years, many
recognised that trust in humans and machines is the foundational layer. In the
modern enterprise, security leaders must design solid identity-first security
frameworks deeply rooted in cryptography for digital trust to be established.
Connected Healthcare Takes Huge Leap Forward
Business and IT leaders who ignore connected healthcare do so at their own
peril. A study from Doctor.com found that 83% of patients using telemedicine
plan to continue with it after the pandemic. In addition, 68% prefer to use
their mobile phone to make appointments and handle other tasks, and 91% say that
connected tech is valuable for managing prescriptions and compliance. At some
point -- and there’s some indication that it’s already happening -- consumer
companies like Apple, Withings, Ōura and Fitbit will steal away opportunities
for new products and services. Already, drug store chains and smaller and more
disruptive companies are establishing footholds, and new and innovative
healthcare products are appearing. “There are growing opportunities for data and
app-related services, apps, subscriptions and more but traditional healthcare
providers often don’t see this,” Schooley points out. Establishing an IT
foundation to support connected health is vital. Hall says this includes a
cloud-first architecture, integrating IoT and edge technologies, focusing on
data standards, building more sophisticated and interactive apps, exploring
partnerships, and cultivating skillsets needed to support both innovation and
operations.
The costs and damages of DNS attacks
A DNS attack does not just result in an inconvenient business disruption but can
be a costly expense for organizations. In the past 12 months, APAC has become
the region with the highest average cost of a successful attack at $1,036,040,
an increase of 14% when compared to 2021, while EMEA and North America’s average
cost of successful attack has decreased by 4% and 7% respectively. Malaysia
(21%), Germany (18%) and both India and the UK (14% each) experienced the
highest increase in the cost of an attack, while Spain saw its cost of damages
plummet by almost half (48%) when compared to 2021. France and the US were the
only other countries that saw a decline in the average cost with 21% and 5%
respectively. Cybercriminals are continuing to use all available tools to gain
access to networks, disrupt the business and steal data by specifically
targeting the hybrid workforce, with DNS-based attacks becoming increasingly
pervasive across all industries. In the last year, 70% of organizations suffered
with in-house and cloud application downtime, with the average time to mitigate
these threats increasing to 6 hours and 7 minutes, meaning that employees,
partners, and customers were unable to access any services.
Government Agencies Seize Domains Used to Sell Credentials
"The actions executed by our international partners included the arrest of a
main subject, searches of several locations, and seizures of the web server's
infrastructure," according to the DOJ. In December 2020, Britain's National
Crime Agency reported arrests of 21 individuals on suspicion of purchasing
personally identifiable information from the WeLeakInfo website for a variety of
purposes, including the buying and selling of malicious cyber tools such as
remote access Trojans, aka RATs, as well as to buy "cryptors," which can be used
to obfuscate code in malware, according to the NCA. It has said that all are
men, ranging in age from 18 to 38 and the arrests took place over a five-week
period starting in November 2020. Beyond the 21 people arrested by police,
another 69 individuals in England, Wales and Northern Ireland have received
warnings from the NCA or other domestic law enforcement agencies, saying they
may have engaged in criminal activity tied to the investigation. Sixty of those
individuals also received cease-and-desist orders from police.
The Value of Data Mobility for Modern Enterprises
Despite all the excitement about data analytics, it’s not a silver bullet.
Turning data into real business value isn’t simply a matter of deploying all the
right tools. To be sure, it requires some smart investment in good technology,
but ultimately, it’s got to be about identifying high-value business cases and
making sure that your business users have what they need to deliver positive
outcomes. Business success is virtually always about compromise. For years, CTOs
have grappled with the pros and cons of unified systems versus best-of-breed
environments. They have weighed the advantages of diverse, purpose-built systems
against the inherent value of a large-scale monolithic platform that offers a
holistic approach to the business. In the end, best-of-breed won that battle. As
a result, the problem of data silos became more pronounced. The hunger for
real-time analytics has rendered the pain caused by data silos far more
palpable. But there is good news; if we make the data from all those different
systems available in a single place, we can have the best of both worlds.
Digital transformation: How to gain organizational buy-in
Data analytics does not always require data scientists. CIOs and IT leaders
often reach a turning point when they discover that most employees can be
trained to become resident data analytics subject experts. When employees
combine new knowledge of data analysis with their existing knowledge of the
processes or machines, they can quickly be at the forefront of a digital
journey. This is welcome news to most IT leaders, simply because the demand for
skillsets in data science and cybersecurity has skyrocketed. Upskilling existing
team members can be critical in attaining sustained adoption and continuous
improvements of digital solutions. This includes long-term improvements in
employee engagement and retention, increased cross-functional collaboration, and
adoption of modern technology trends. Along with their technical skills,
employees need to be skilled at diagnostics and problem-solving using the data
now readily available to them. Employees who may have previously been
data-gatherers can shift to become problem-solvers based on new data-driven
insights. Make sure your employees are ready to learn and grow to take advantage
of these opportunities.
Quote for the day:
"The essence of leadership is the
willingness to make the tough decisions. Prepared to be lonely." --
Colin Powell
No comments:
Post a Comment