Daily Tech Digest - October 25, 2022

Digital-first businesses more willing to accept some fraud

“For new companies, it’s about growth – fraud in that regard can be something like you have a promotion on and people are signing up for multiple accounts. “Digital transformers are also trying to compete, so accessibility, speed, low friction and completion rates rank above compliance. Ten years ago, compliance was higher, but for digital-first companies, user experience concerns are at the top of the agenda.” However, Li stressed that this was not to say that businesses are neglecting their legal compliance obligations, but more that they simply would not survive if they provided an archaic experience that caused friction for the potential customer, such as demanding they send notarised documents through the mail. Indeed, nearly half – 46% – of respondents did feel that their customer onboarding process was still too complex, rising to 55% in the UK. Frequent complaints were that it took too long to review and verify customers when onboarding them, leading to user drop-off, increased costs, and lost revenues.

Enhance Data Analytics with oneDAL

Intel® oneAPI Data Analytics Library (oneDAL) is a library with all the building blocks required to create distributed-data pipelines to transform, process, and model data. complete with all the architectural flexibility of oneAPI. This can be achieved using Intel® Distribution for Python*, C++, or Java APIs that can connect to familiar data sources such as Spark* and Hadoop*. ... oneDAL has tools for transferring out-of-memory data sources, such as databases and text files, into memory for use in analysis, training, or prediction stages. And if the data source cannot fit into memory, the algorithms in oneDAL also support streaming data into memory. Data scientists often spend large amounts of time preparing the data for analysis or machine learning (ML). This includes converting data to numeric representation, adding or removing data, normalizing it, or computing statistics. oneDAL offers algorithms that accelerate these preparation tasks, speeding the turnaround of steps that are often performed interactively.

Google Unveils Its Latest Voice Innovations

Since releasing its first speech patent in 2001, Google has led the way in voice innovation. From interacting with Google Assistant to live captioning in Google Meet, it now boasts an extensive voice suite of tools. Within this are two core innovations: its Speech-to-Text and Text-to-Speech APIs. The Speech-to-Text API supports short and long form speech in over 75 languages and 120+ locales – out-of-the-box – without the need for training and customization. Of course, for some use cases, businesses may demand customization. As such, the API is flexible, allowing users to harness it across various audio channels. It also detects multiple speakers in the same channel, with the solution recognizing their unique voices. ... Moreover, companies can create captions and subtitles for media content or build a virtual agent. Yet, it is also possible to use the technology for speech analysis, summarization, and extraction – each of which has significant potential for contact centers. In tandem, many businesses harness Google’s Text-to-Speech API to communicate with their users. It allows them to take text and synthesize it into audio in a single step.

Why Sensors Are Key IoT Cybersecurity

Sensors enabled by the Internet of Things are network-connected smart devices that collect and transmit real-time data about their environment. The data they provide lets people make better-informed decisions. The use of IoT sensors has grown explosively in recent years because their increasing functionality, small size, and low power consumption allow designers to deploy them in new applications to increase productivity and lower costs. The sensors are being used in new ways to maximize the capabilities of network-connected systems and infrastructure. The sensors are poised for mass-scale adoption in fields including automotive, health care, industrial automation, energy, and smart cities. But the lack of standardization in IoT sensors, coupled with interoperability challenges, has made them vulnerable to cyberattacks—which creates barriers for their ubiquitous use. Hackers are targeting IoT sensors in greater numbers, in more industries, and with increased sophistication.

Transforming Observability

Digital transformation, product and technology leaders see value in observability because of its potential to measure digital experiences and measure the performance of business and digital services. To do this requires observability to meet three significant challenges. First, observability must effectively cross the complex boundaries of microservices, containers, cloud and traditional applications, multiple cloud providers, database sources, SaaS services, infrastructure and internal and external APIs. Today’s challenge is far beyond the central aggregation of large volumes of log data and suppressing non-essential alerts. Most enterprise architectures look eerily similar to a breadboard wiring project with applications, systems and data sources crisscrossing each other, representing the various pathways and interfaces across systems. Virtually any of these elements could contribute to the degradation of a digital experience, and observability must operate across these elements whether they live in our tightly controlled data centers or are distributed in microservices, cloud services or third-party interfaces.

Web 3.0 and the Crowdpoint Constellation

Web 3.0 is about the individual. The underlying technologies that will enable it are personal identification technologies (biometrics), the blockchain and distributed data technology. Let’s not worry about how, right now, let’s just paint the picture. Web 2.0 was all about exploiting data — a great deal of which was your data. The big web businesses mined it to their great enrichment, with the best AI tools known to man. However, it is equally possible for people to band together and mine their collective personal data to their own benefit. This has not yet happened, but the technologies mentioned above make it possible. Now if it were up to the individual to do this on their own initiative, of course, probably nothing would happen. ... If you’ve been tracking the evolution of the blockchain world you will realize that it has evolved a long way beyond the creation and marketing of cryptocurrencies. It is no longer all about speculation. It has stepped boldly into the financial sector, with the creation of services that are commonly described as Open Fi (Open Finance) or De Fi (Decentralized Finance).

Improving finance and accounting software with AI

Starting with audit analytics, auditors tend to spend too much time buried in compliance checklists and creating reports that few people read, with little time to seek anomalies in every transaction. Rather than manually sampling data points, Forrester says machine learning is being used for risk assessment of transactions. The member-based industry association American Institute of Certified Public Accountants (AICPA) is developing guidance for ML in the audit function. Mature audit support providers such as Thomson Reuters and Wolters Kluwer, as well as emerging companies like Caseworks Cloud and MindBridge, are embedding AI into their audit platforms. ... Starting with audit analytics, auditors tend to spend too much time buried in compliance checklists and creating reports that few people read, with little time to seek anomalies in every transaction. Rather than manually sampling data points, Forrester says machine learning is being used for risk assessment of transactions. The member-based industry association American Institute of Certified Public Accountants (AICPA) is developing guidance for ML in the audit function. 

Atlassian Vulnerabilities Highlight Criticality of Cloud Services

The combination of the two flaws could allow a significant attack, says Jake Shafer, a security consultant with Bishop Fox, who found the flaws. "Using the authorization finding would allow a low-privileged user to elevate their role to super admin which, in terms of information disclosure, would allow the attacker to gain access to everything the client of the SaaS had in their Jira deployment," he says. "From there, the attacker could then leverage the SSRF finding to go after the infrastructure of Atlassian themselves." Both vulnerabilities have been patched — the first within a week and the second within a month, according to the disclosure timeline published by Bishop Fox. However, companies should note that the increasing reliance on cloud applications has made attacks on cloud services and workloads much more common, so much so that the top class of vulnerability, according to the Open Web Application Security Project (OWASP), is broken authentication and access-control issues.

When CISOs are doomed to fail, and how to improve your chances of success

Sometimes, CISO candidates can spot a bad employer during the interview process. "You are not only trying to convince them that you are the person they should hire, but you are interviewing them," Callas says. The recruiting process is just like zero-knowledge proof, because neither side wants to be upfront about what is going on. One of Callas's priorities is to learn how much the company cares about security, and he does that by asking direct questions. One time, an executive he talked to admitted that management did not want better protection. A typical question potential CISOs are asked is what they might do in a difficult situation such as a breach. When Callas hears this, he smiles and says: “Has this actually happened?” Sometimes they'll say, 'Oh, no, no, no,' in a way that you know means yes," he adds, "and every so often, you get the person who looks around and says: 'Let me tell you what's really going on.'" Another priority should be understanding to whom the CISO reports: the CEO, the CFO, the CTO, or even the legal department. “[This] tells you a little bit about what they expect you to do," says Chip Gibbons, CISO at Thrive.

Why Functional Programming Should Be The Future Of Software Development

Pure functional programming solves many of our industry’s biggest problems by removing dangerous features from the language, making it harder for developers to shoot themselves in the foot. At first, these limitations may seem drastic, as I’m sure the 1960s developers felt regarding the removal of GOTO. But the fact of the matter is that it’s both liberating and empowering to work in these languages—so much so that nearly all of today’s most popular languages have incorporated functional features, although they remain fundamentally imperative languages. The biggest problem with this hybrid approach is that it still allows developers to ignore the functional aspects of the language. Had we left GOTO as an option 50 years ago, we might still be struggling with spaghetti code today. To reap the full benefits of pure functional programming languages, you can’t compromise. You need to use languages that were designed with these principles from the start. Only by adopting them will you get the many benefits that I’ve outlined here. But functional programming isn’t a bed of roses. It comes at a cost.

Quote for the day:

"Make heroes out of the employees who personify what you want to see in the organization." -- Anita Roddick

No comments:

Post a Comment