Intel Releases Quantum Software Development Kit Version 1.0 to Grow Developer Ecosystem
The SDK is a customizable and expandable platform providing greater flexibility
when developing quantum applications. It also provides for users to compare
compiler files, a standard feature in classical computing development, to
discern how well an algorithm is optimized in the compiler. It allows users to
see the source code and obtain lower levels of abstraction, gaining insight into
how a system stores data. Additional features include: Code in familiar
patterns - Intel has extended the industry-standard LLVM with quantum extensions
and developed a quantum runtime environment that is modified for quantum
computing, and the IQS provides a state-vector simulation of a universal quantum
computer. Efficient execution of hybrid classical-quantum workflows - The
compiler extensions allow developers to integrate results from quantum
algorithms into their C++ project, opening the door to the feedback loops needed
for hybrid quantum-classical algorithms like the quantum approximate
optimization algorithm (QAOA) and quantum variational eigen-solver (VQE).
Day in the Life of a Chief Developer Experience Officer (CDXO)
According to Cauduro, the overarching goal is to put himself in the developer’s
shoes—he constantly thinks about common developer workflows and considers how to
create a seamless experience throughout the entire development life cycle. Next
is spreading awareness throughout the company about DX principles and how to
increase DX within their offerings. A CDXO will likely answer directly to
executive leadership but might interface with many departments. A CDXO may
direct teams to construct developer-specific tools, like libraries,
documentation, SDKs and self-service environments. “DX is a mindset,” said
Cauduro. “The whole company needs to be engaged in it.” “As with any C-level
position, your job is on the one hand to make your team’s life easier in any way
you can,” said Burazin. “And on the other to convey the developers’ issues or
ideas to the company in hopes of nudging the company in the correct
direction.”
ChatGPT vs GDPR – what AI chatbots mean for data privacy
As an open tool, the billions of data points ChatGPT is trained on are made
accessible to malicious actors who could use this information to carry out any
number of targeted attacks. One of the most concerning capabilities of ChatGPT
is its potential to create realistic-sounding conversations for use in social
engineering and phishing attacks, such as urging victims to click on malicious
links, install malware, or give away sensitive information. The tool also opens
up opportunities for more sophisticated impersonation attempts, in which the AI
is instructed to imitate a victim’s colleague or family member in order to gain
trust. Another attack vector might be to use machine learning to generate large
volumes of automated, legitimate-looking messages to spam victims and steal
personal and financial information. These kinds of attacks can be highly
detrimental to businesses. For example, a payroll diversion Business Email
Compromise (BEC) attack, composed of impersonation and social engineering
tactics, can have huge financial, operational, and reputational consequences for
an organisation
‘Most web API flaws are missed by standard security tests’
APIs can become less of a liability by including security-focused team members
during design, encouraging secure coding, conducting regular security tests,
and monitoring programming calls for attacks and misuse. Securing web APIs
requires a different approach to classic web application security, according
to Ball. “Standard web application tests will result in false-negative
findings for web APIs,” he explains. “Tools and techniques that are not
calibrated specifically to web APIs will miss on nearly all of the common
vulnerabilities.” A notable example is a vulnerability in the USPS Informed
Visibility API, first reported by security researcher Brian Krebs. The web
application was thoroughly tested one month before Krebs reported the data
exposure. During testing, tools like Nessus and HP WebInspect were applied
generically to the testing targets, and therefore a significant web API
vulnerability went undetected. This undiscovered security flaw, in the USPS
Informed Visibility API, allowed any authenticated user to obtain access to
email addresses, usernames, package updates, mailing addresses, and phone
numbers associated with 60 million customers.
Exploring biometrics within payments
It’s an obvious question but despite all the potential benefits of adopting
biometric security, the technology still features several vulnerabilities and
weak points. First, it cannot be relied upon for a fingerprint scanner or
smartphone camera to be available at every transaction. While consumers can
use biometric authorization on most mobile devices, desktops still make up a
large portion of eCommerce sales. Additionally, companies will need to adopt
hardware capable of reading and interpreting this data to accept biometric
payments. The price of this hardware could be cost-prohibitive, depending on
what is needed and how far a company wants to take contactless payments.
Finally, we cannot forget the consumer factor. They are more anxious about
their privacy and where personal data goes than ever before. Even if biometric
scans do not actually save or store their biometric information, many
consumers might still refuse to provide these identifiers.
Building resilience in a polycrisis world
Seeing and responding to risk differently first requires leaders to clearly
pinpoint where plausible risks could materialize and do the most damage to key
operations and services. This can be tricky if companies have traditionally
approached risk in a siloed way. Company leaders should spend time with one
another to work through what if? scenarios, with an eye toward highlighting
where exactly in the business a problem or failure would be most catastrophic
to customers. ... Now that the executives had their focus—the outcome of
getting cash—they could begin looking at all the ways customers do so,
including ATMs and the workers who service them, brick-and-mortar banks, and
the tech and third parties that help with electronic transfer payments and
build resilience across all functions, rather than focusing on individual
mechanisms. Prioritization exercises also help leaders tease out false
assumptions. Leaders at a UK housing management company had believed that
collecting rents via the company’s app was the key to business continuity.
Field-Programmable Qubit Arrays: The Quantum Analog of FPGAs
FPQAs make quantum algorithms more resource-efficient by reducing qubit and
gate overhead. The ability to quickly update the qubit layout and connectivity
enables rapid testing, benchmarking and optimization of algorithms—in a way,
delivering a customized computer for each calculation. One example of how
FPQAs can be used to achieve better quantum computing performance is
optimization. Many optimization problems can be described mathematically in
terms of graphs. The nodes describe the variables in the optimization problem
and the edges can represent various relationships between them. For instance,
the nodes can describe the potential location of 5G towers, and edges describe
pairs of towers that cannot be simultaneously operated without generating
interference. In another, more abstract representation, each node can be a
stock, and an edge between two nodes denotes that these stocks are correlated.
These graphs can be mapped onto analog FPQAs by assigning each node to a qubit
and setting the connectivity so that two qubits interact if the corresponding
atoms have an edge.
CISA director urges tech industry to take responsibility for secure products
Accepting the continued use of unsafe technology products presents a greater
risk to the nation than the Chinese spy balloon that was shot down off the
coast of South Carolina and cannot be allowed to continue, Easterly said. “By
design, we’ve normalized the fact that technology products are released to
market with dozens, hundreds or thousands of defects — such poor construction
would be unacceptable in any critical field,” she said during the address. The
burden for cybersecurity has disproportionately been placed on consumers and
small organizations who are least aware of the threats or able to protect
themselves. Easterly said no one would be expected to go out and buy a car
that lacked seat belts and air bags as standard features, and nobody should be
expected to go out and pay additional money for secure technology products.
Government can advance legislation to prevent technology companies from
disclaiming liability by establishing higher standards of care, Easterly said.
Cybersecurity in wartime: how Ukraine's infosec community is coping
Defending organizations during an ongoing war put Cossack Labs' cybersecurity
experts on an accelerated learning path, says Pilyankevich's colleague
Anastasiia Voitova, head of customer solutions. "What I learned is that the
priorities are very different from peacetime," she says. "The risks are
different; the threats are very different. We have this real enemy. It's not
textbook security. No. These are real issues, and we need to build real
mitigation to these real issues." One could easily fall into the trap of
creating systems that use the highest possible level of security, but Voitova
believes this can be a mistake because a system that's too paranoid won't be
usable. "This trade-off drama of how to balance security and usability, right
now, can cost you even more because if you create a super secure system, but
no one will use it, it will lead people to adopt insecure methods," she says.
"And if insecure messages are intercepted, people might be injured." Such
mistakes are more likely to occur as the war continues and users face
prolonged stress and tiredness.
The CIO’s new C-suite mandate
Executives who used to stay in their own lane now find themselves needing
closer alignment with one another to manage economic uncertainty, explosive
growth, and digital and business transformations, and CIOs have become central
figures as business strategists and changemakers. This new C-suite dynamic
requires three big shifts to be successful, according to Dan Roberts, CEO of
Ouellette & Associates Consulting. CIOs must change the narrative of their
relationship with their counterparts, they must prepare their IT teams to
deliver on the new narrative, and they must convince the C-suite to share the
technology load. It’s a tall order for sure. “I would say just 10% to 15% [of
C-suite relationships] are healthy and thriving and are in the trenches
together with shared ownership and accountability,” Roberts says. But those
CIOs who can look across the enterprise and find new ways to drive revenue or
better orchestrate the customer experience and then can communicate and sell
their vision to their C-suite counterparts are at the high end of the maturity
curve, he adds.
Quote for the day:
"We get our power from the people we
lead, not from our stars and our bars." -- J. Stanford
No comments:
Post a Comment