Daily Tech Digest - February 08, 2024

The do-it-yourself approach to MDM

If you’re comfortable taking on extra responsibilities and costs, the next big question is whether you can get the right tool — or more often, many tools — you need. This is where you need a detailed understanding of the mobile platforms you have to manage and every platform that needs to integrate with them for everything to work. MDM isn’t an island. It integrates with a sometimes staggering number of enterprise components. Some, like identity management, are obvious; others like log management or incident response are less obvious when you think about successful mobility management. Then there are the external platforms that need connections. Think identity management — Entra, Workspace, Okta — and things like Apple Business Manager that you need to work well in both every day and unusual situations. Then tack on the network, security, auditing, load balancing, inventory, the help desk and various other services. You’re going to need something to connect with everything you already have, or you could find yourself saddled with multiple migrations. 

NCSC warns CNI operators over ‘living-off-the-land’ attacks

The NCSC said that even organisations with the most mature cyber security techniques could easily fail to spot a living-off-the-land attack, and assessed it is “likely” that such activity poses a clear threat to CNI in the UK. ... In particular, it warned, both Chinese and Russian hackers have been observed living-off-the-land on compromised CNI networks – one prominent exponent of the technique is the GRU-sponsored advanced persistent threat (APT) actor known as Sandworm, which uses LOLbins extensively to attack targets in Ukraine. “It is vital that operators of UK critical infrastructure heed this warning about cyber attackers using sophisticated techniques to hide on victims’ systems,” said NCSC operations director Paul Chichester. “Threat actors left to carry out their operations undetected present a persistent and potentially very serious threat to the provision of essential services. Organisations should apply the protections set out in the latest guidance to help hunt down and mitigate any malicious activity found on their networks.” "In this new dangerous and volatile world where the frontline is increasingly online, we must protect and future proof our systems,” added deputy prime minister Oliver Dowden.

What Are the Core Principles of Good API Design?

Your API should also be idiomatic to the programming language it is written against and respect the way that language works. For example, if the API is to be used with Java, use exceptions for errors, rather than returning an error code as you might in C. APIs should follow the principle of least surprise. Part of the way this can be achieved is through symmetry; if you have to add and remove methods, these should be applied everywhere they are appropriate. A good API comprises a small number of concepts; if I’m learning it, I shouldn’t have to learn too many things. This doesn’t necessarily apply to the number of methods, classes or parameters, but rather the conceptual surface area that the API covers. Ideally, an API should only set out to achieve one thing. It is also best to avoid adding anything for the sake of it. “When in doubt, leave it out,” as Bloch puts it. You can usually add something to an API if it turns out to be needed, but you can never remove things once an API is public. As noted earlier, your API will need to evolve over time, so a key part of the design is to be able to make changes further down the line without destroying everything.

Russian Ransomware Gang ALPHV/BlackCat Resurfaces with 300GB of Stolen US Military Documents

The ALPHV/BlackCat ransomware group has threatened to publish and sell 300 GB of stolen military documents unless Technica Corporation gets in touch. “If Technica does not contact us soon, the data will either be sold or made public,” the ransomware gang threatened. However, there is no guarantee that the ransomware gang would not pass the military documents to adversaries even after the military contractor pays the ransom. The BlackCat ransomware gang also posted screenshots of the leaked military documents as proof, displaying the victims’ names, social security numbers, job roles and locations, and clearance levels. Other military documents include corporate information such as billing invoices and contracts for private companies and federal agencies such as the FBI and the US Air Force. So far, the motive of the cyber attack remains unknown, but it’s common for threat actors to feign financial motives to conceal their true geopolitical objectives. While the leaked military documents may not classified, they still contain crucial personal information that state-linked threat actors could use for targeting.

6 best practices for better vendor management

To build a stronger relationship with vendors, “CIOs should bring them into the fold regarding their priorities and potential concerns about what may —or may not — lie ahead, from a regulatory perspective or the general economic climate, for example,” says Kevin Beasley, CIO at VAI, a midmarket ERP software developer. “A few years ago, supply-chain snags had CIOs looking for new technology,” Beasley says. “Lately, a talent shortage means CIOs are pushing for more automation. CIOs that don’t delay posing questions about how vendor products can solve such challenges, but also take the time to hear the information, will build a valuable rapport that can benefit both parties.” Part of building a collaborative partnership is staying in close contact. It’s important to establish clear communication channels and schedule regular check-ins with active vendors, “to understand performance, expectations, and progress while recognizing that no process or service goes perfectly all the time,” says Patrick Gilgour, managing director of the Technology Strategy and Advisory practice at consulting firm Protiviti.

Three commitments of the data center industry for 2024

To become more authentic and credible in these reputation-building dialogues and go beyond the data center, we must be more representative of the people our infrastructure ultimately serves. Although progress has been made, we must keep evolving. We need diversity of background, experience, ethnicity, age, and outlook in order to fully embrace the challenges of digital infrastructure. The range of roles, skillsets, and opportunities in the sector is far wider than many outside the industry recognize. Creating organizations where every person can be themselves, and deliver in line with their ethics, values, and beliefs is a prerequisite for building a positive reputation. And of course, the more attractive an industry we become, the more great candidates, partners, and supporters we’ll attract. ... Speaking of inspiring the next generation, 2024 can be the year in which we embrace youth. How do we attract more young people into the industry? By inspiring them. The data center sector is a dynamic, exciting, and rapidly growing sector. We want to ensure this is being effectively articulated in print, across social media, and online.

Is your cloud security strategy ready for LLMs?

When employees and contractors use those public models, especially for analysis, they will be feeding those models internal data. The public models then learn from that data and may leak those sensitive corporate secrets to a rival who asks a similar question. “Mitigating the risk of unauthorized use of LLMs, especially inadvertent or intentional input of proprietary, confidential, or material non-public data into LLMs” is tricky, says George Chedzhemov, BigID’s cybersecurity strategist. Cloud security platforms can help, he adds, especially for access controls and user authentication, encryption of sensitive data, data loss prevention, and network security. Other tools are available for data discovery and surfacing sensitive information in structured, unstructured, and semi-structured repositories. “ It is impossible to protect data that the organization has lost track of, data that has been over-permissioned, or data that the organization is not even aware exists, so data discovery should be the first step in any data risk remediation strategy, including one that attempts to address AI/LLM risks,” says Chedzhemov.

Shadow AI poses new generation of threats to enterprise IT

Functional risks stem from an AI tool's ability to function properly. For example, model drift is a functional risk. It occurs when the AI model falls out of alignment with the problem space it was trained to address, rendering it useless and potentially misleading. Model drift might happen because of changes in the technical environment or outdated training data. ... Operational risks endanger the company's ability to do business. Operational risks come in many forms. For example, a shadow AI tool could give bad advice to the business because it is suffering from model drift, was inadequately trained or is hallucinating -- i.e., generating false information. Following bad advice from GenAI can result in wasted investments -- for example, if the business expands unwisely -- and higher opportunity costs -- for example, if it fails to invest where it should. ... Legal risks follow functional and operational risks if shadow AI exposes the company to lawsuits or fines. Say the model advises leadership on business strategy. But the information is incorrect, and the company wastes a huge amount of money doing the wrong thing. Shareholders might sue.

Creating a Data Quality Framework

A start-up business may not initially have a need for organizing massive amounts of data (it doesn’t yet have massive amounts of data to organize), but a master data management (MDM) program at the start can be remarkably useful. Master data is the critical information needed for doing business accurately and efficiently. For example, the business’s master data contains, among other things, the correct addresses of the start-up’s new customers. Master data must be accurate to be useful – the use of inaccurate master data would be self-destructive. If the organization is doing business internationally, it may need to invest in a Data Governance (DG) program to deal with international laws and regulations. Additionally, a Data Governance program will manage the availability, integrity, and security of the business’s data. An effective DG program ensures that data is consistent and trustworthy and doesn’t get misused. A well-designed DG program includes not only useful software, but policies and procedures for humans handling the organization’s data. A Data Quality framework is normally developed and used when an organization has begun using data in complicated ways for research purposes. 

Meta Is Being Urged to Crack Down on UK Payment Scams

Since social media market platforms such as Facebook Marketplace do not have dedicated payment portals that accept payment cards, Davis said, standard security practices adopted by card issuers cannot be used to protect customers. As a result, preventing fraud on social media platforms is a challenge, he said. "To tackle this, we need greater action from Meta to stop fraudulent ads from being put in front of the U.K. consumers," Davis said. Meta Public Policy Mead Philip Milton, who testified before the committee, said his company takes fraud prevention "extremely seriously." Milton said Meta has adopted such measures as verifying ads on its platforms and permitting only financial ads that have cleared the U.K. Financial Services Verification process rolled out by the British Financial Conduct Authority. "A good indicator of fraud is fake accounts, as scammers generally tend to use fake accounts to carry out scams. As fraud prevention, Meta removed 827 million fake accounts in the third quarter of 2023," Milton said. Microsoft Government Affairs Director Simon Staffell said the computing giant pursues criminal infrastructure disruption as one of its fraud prevention strategies.

Quote for the day:

"If you are willing to do more than you are paid to do, eventually you will be paid to do more than you do." -- Anonymous

No comments:

Post a Comment