Daily Tech Digest by Kannan Subbiah

September 11, 2016

Why the Blockchain Is Perfect for Government Services

As a government entity, what can you do with the blockchain? Generically, there are 4 categories of activity: 1) Verification. Licenses, proofs of records, transactions, processes, or events. Did this event take place? Was this service performed on this piece of equipment? Does this person have the right permit?; 2) Movement of assets. Transferring money from one person/entity to another. Enabling direct payments, once a work condition has been performed; 3) Ownerships. Land registries, property titles, and any type of real estate ownership. The blockchain is a perfect keeper of the chain of custody for any physical asset; and 4) Identities. Government, cities should issue blockchain e-identities to its citizens, enabling them to securely use services like voting.

When A.I. whispers in your ear all day

Google is working on a secret initiative called Project Aura. (Don't confuse Project Aura with Google's Project Ara, a modular smartphone research program discontinued this week.) Project Aura is rumored to involve an enterprise version of Google Glass, plus one or two audio-only wearables -- often described as Google Glass without the glass -- essentially screen input replaced by voice and Google Now. Microsoft is reportedly building a hearable device, possibly aimed at women, called the "Clip." The earpiece would enable hands-free interaction with Microsoft's Cortana virtual assistant.

Blockchain Really Only Does One Thing Well

Despite the hype, blockchain is not a “trust protocol”; it’s actually the opposite. Just think about it: it’s not as though paying by bitcoin stops you from being ripped off. For anything of value other than bitcoin to be transacted via the blockchain requires additional layers of agents, third parties and auditors – things that just don’t square with the trust-free architecture. Lofty claims are made for blockchain’s ability to decentralise all sorts of things. But in truth, blockchain only decentralises the adjudication of the order of entries in a ledger. It is not a general or native “Internet of Value” as claimed by authors like Don and Alex Tapscott. It was expressly designed for electronic cash; it has no native connection to real world assets.

The Blockchain: An Experiment in Governance Without Power

The absence of a central authority figure is also not synonymous with a lack of leadership. To the contrary, it means anyone and everyone is able to lead. The difference is that without compulsion, different ideas and solutions must openly compete against each other. No one can be forced to accept any service or use any software. The resulting competition means that multiple solutions to different problems can be market tested and users will ultimately vote with their feet. This simple dynamic is the key to not only how the bitcoin ecosystem works, but how it can ultimately thrive over centralized planning. Ineffective solutions to problems on the part of stakeholders are able to fail in isolation without threatening the whole ecosystem, and valuable solutions can succeed and grow on their own merit and earn the appropriate amount of market share.

U.S. lawmakers make last-ditch bid to block internet governance transfer

The lawmakers said there is still no legal certainty about whether the termination of the IANA functions contract would amount to relinquishment of U.S. government property, despite a request in 2015 to the Government Accountability Office to do an audit report on the issue. Relinquishment of government property would require approval from Congress, the legislators wrote. In the Senate, Ted Cruz, a Republican senator from Texas, on Thursday urged Congress to stop the proposed “giveaway” of internet control by the administration of President Barack Obama, warning of the risks of increasing the influence of countries like Russia, China and Iran over the Internet.

Why CISOs should stop focusing on data

As technical people, CISOs and other security and risk professionals tend to be very detail- oriented, thorough and complete. But they ignore the fact that this approach will not give them the best results. If the CEOs gives you only five minutes to present, how can you use that very brief moment to make a pitch, highlight your concerns and get the funding to enable you to do the right security projects? It's a very tricky situation. So CISOs should try to make their presentations more interesting rather than complete. This is where storytelling comes to their rescue. It's a very powerful medium of communication and leverages the elements of images, visuals, events and language to convey a message effectively. Often times, CISO feel that as a part of their role they do not need the skill of story-telling.

Changing enterprise architect role opens new doors, closes others

"The enterprise architect must provide the vision on how to maintain a consistent approach to delivering IT services across all these platforms, while providing a unified approach to foundational IT components," Carroll said. This will also include providing secure, consistent access to these applications. Carroll said he envisions the new enterprise architect functioning essentially as a cloud and mobile services leader for the business, choosing the appropriate platforms and creating a clear vision for the use of cloud and mobile technology. ... Meanwhile, other experts see the role of the enterprise architect splitting, particularly as the architect role goes beyond designing systems. The rise of DevOps will bring the enterprise architect into working with application development teams, said Rich Kucharski, vice president of solutions architecture at SimpliVity Corp

Why whole-enterprise architecture matters

Although we can’t know from outside how the systems are structured, there are several options to make it work better from a user’s perspective. Whilst it depends on the actual structures, of course, one example would be to be much more explicit about what has or hasn’t been confirmed – such as the ‘success-page’ modified to show the current status for each partner-booking, and update that success-page as messages come back in, accessible via the ‘Manage My Booking’ or equivalent functionality on the airline’s web-page. Another option would be to auto-trigger email-alerts after a time-out period, to warn the customer that expected confirmation-messages have not been received. Even with current technologies, none of this should be hard to architect, design and implement.

IT4IT™ and TOGAF® – How Do They Fit Together?

For a CIO, IT4IT gives me a way to look across my organization, and to assess all its functional components for quality or maturity (or whatever other factor is important) and to decide where my biggest pain points are. IT4IT also gives the CIO a very clear way to understand the data needed to manage an IT organization and provides a framework for evaluating how well that data is flowing across the different organizational silos. A second perspective for which IT4IT is useful is that of an Enterprise Architect. As an Enterprise Architect, it would be my job to look across the entire enterprise. We use the Porter Value Chain here as one simple representation of a way to segment your Enterprise Architecture according to TOGAF.

Benefits of Agile Transformation at Barclays

It is also worth noting that teams who are just beginning their agile journey need some guidance to what practices they should implement first. Experienced agile practitioners understand that the practices you use are dependent on your context; however, for beginners this just leaves them feeling lost and confused. We use a 4 level scale for teams to measure themselves against where level 1 is more prescriptive and practice based, moving towards output/outcome measures as teams move to levels 3 and 4. These levels are a lagging indicator of agility and they aggregate things like reduced lead time, increased quality, automation, technical excellence and team structure. It is important that these are not framed as the reason as to why agile is being adopted. The reason why is separate, the levels are waypoints on the agility journey, useful for planning ahead

Quote for the day:

"Everything we care about lies somewhere in the middle, where pattern and randomness interlace." -- @JamesGleick

September 10, 2016

How GIS is Helping Electric Cars on the Road

The use of GIS is becoming of paramount importance in creating infrastructure for electric cars to become more feasible for more people traveling on road. For one, unlike normal vehicles, simply mapping the shortest or fastest route to a destination might not be feasible for an electric car, as it may need to recharge along the way. Powering stations often need to be incorporated into the calculation, including those that are available and can charge relatively quickly. This make the use of real time data about given powering points, traffic patterns, and road conditions critical. ArcGIS provides some free data on charging stations that help navigate areas. The University of California Davis created an application called EV Explorer that allows you to map your journey using information about charging points and costs of charging in planning a journey.

What would a blockchain world look like?

One reason the blockchain reaction is racing toward critical mass faster than previous disruptive technologies is that it is arriving in the midst of the digital transformation already sweeping through most sectors of the global economy. Consequently, despite the obstacles still to be overcome, businesspeople and governments are preconditioned to recognize blockchain’s potential and tech companies have already established much of the digital infrastructure required to realize blockchain business visions. Early pilots are already underway in many industries. They tend to focus on blockchain uses that drive cost out of business processes by making transactions more efficient.

SWIFT report examines Bitcoin as a currency

“This would create a new dynamic in the global monetary order, one in which central banks would struggle to implement monetary policy,” Wilkins said, “And, central banks couldn’t act as lenders of last resort as they do for their own currencies.” The Bank of Canada has since researched digital currencies extensively. ... Author Warren E. Weber states “it is unlikely that the Bitcoin standard will come into existence, because governments and central banks will take actions to prevent it.” A similar sentiment was expressed by JPMorgan Chase CEO, Jamie Dimon, in November 2015. “Virtual currency, where it’s called a bitcoin versus a U.S. dollar, that’s going to be stopped,” Dimon predicted. “No government will ever support a virtual currency that goes around borders and doesn’t have the same controls. It’s not going to happen.”

Winning the cyber war with AI and cognitive computing

There are some exciting developments in cognitive computing from both start-ups and industry leaders such as IBM with its IBM Watson solution. I believe we are already seeing some of these trends showing positive results with new security products hitting the market that find anomalies in unstructured data. However, I don’t see these results as a cyber silver bullet. One problem that we are going to have to overcome is that the bad guys may already (or will) have access to some of the same (or different) tool sets that use AI and cognitive computing. I have told several young audiences to remember that Darth Vader was well trained. In other words, the same technology can be used for good and for evil. Putting controls on use of this technology may be effective for a time, but they can also lead to other problems.

The Evolution of Digital Marketing In The Enterprise

Today’s digital marketing executive brings much needed focus, rigor, and strategic optimization of existing content across all channels, producing stronger outcomes and the ability to scale resources while amplifying organizational marketing efforts. It is key to increase the entire marketing team’s focus, intelligence, and internal influence while successfully advocating for digital resources to build and enhance highly skilled teams. With a strong digital marketing executive leading the digital efforts, digital marketing is positioned as an ideation hub within the business unit, driving execution of digital tactics and marketing solutions against the backdrop of corporate strategy proficiency. Supported properly, the digital team can and should deliver tactical execution of email marketing, website updates and builds, social media, SEM/SEO, video, design, and user experience

8 Vital Steps to Data-driven Operations in Your Business

While many businesses start by using data to inform their decision making, data can also go a step further and integrate into your daily business operations and help you run the business more smoothly. This aspect of big data is less about people making better decisions and more about using systems and algorithms that automate and improve processes. Whether you want to improve your manufacturing process by automatically identifying faults, optimizing delivery routes, targeting the right customers, or detecting fraud, data can help. Here I set out an eight-step process for changing the way you run your business using big data.

Ecosystem of Cloud Services for Enterprise App Development

Applications have not historically been designed to leverage third party cloud services. With the rise of cloud platforms like AWS, Azure, Bluemix, and others, has come new ways of managing and deploying applications in the cloud. The floodgates are open, and best of breed services are emerging to complement or supplement the capabilities of these cloud platforms. The Box Content API is one of many such emerging cloud services, and with this article we’ll deep dive into some of the other strategic cloud services you should be thinking of for your modern IT stack. This ecosystem diagram is not meant to be exhaustive or exclusive, it is a point in time view of the world from our vantage point with our Box customer base. We are often asked by CIOs and CTOs at our customers what we see as the landscape that Box fits into, and this is an attempt to answer those questions:

Cloud plus artificial intelligence = future

Technology around us will provide an “augmented intelligence” that will help humans to make smarter decisions, improve business models and solve problems that were previously intractable. “The ways in which we are able to interact with computers is going to make people a lot more efficient and more effective, and build digital models.” This, says Richard Paris, senior data scientist at KPMG New Zealand, is the future of digital. We are increasingly seeing the digital world interact in our everyday lives, says Paris, who spoke at the inaugural KPMG Technology Series in Auckland. People interact with smartphones and these devices are becoming our intelligent assistants. “We are moving into the Internet of Things (IoT),” he adds. “We are surrounded by devices getting data from us, so we interact with them.”

Vietnam’s Cyber Security Law Threatens Privacy Rights and Encryption

The third chapter of the law deals with ‘civil cryptography’ (the storing, sending and receiving of encrypted messages). From a rights perspective, this chapter and the subsequent July 2016Decree on Civil Cryptography is greatly concerning. Encryption tools and services are now divided into two overarching categories – those that require a license and those that can be freely distributed without a license. Widely used free chat services like WhatsApp, which employ end-to-end encryption, should not require a license: “Operating systems, Internet browsers and software with integrated cryptographic components (though cryptographic protection of information is not the primary function), which are used on a grand scale and developed to be installed by users without providers’ help” are exempted.

Fraudsters, hackers & thieves!

Financial information such as credit card numbers are still coveted information, although their per-card value is going down and their shelf life is short since credit card companies and credit card owners are using technology to shut down fraudulent transactions quickly. Instead, the new sought-after information is information from insurance, government and healthcare organisations that is being targeted. The more details someone has about an individual, the easier it is to commit identity fraud, and targeting these groups provides more complete profiles of individuals to criminals. Real names are still the most common (78%) type of information exposed, according to the ISTR, followed by home addresses, birth dates, Government IDs (such as social security numbers), medical records, and financial information.

Quote for the day:

"In order to succeed in anything you have to do even the hard things when you don’t want to." -- Elizabeth McCormick

September 09, 2016

Using analytics to align IT with the business

"Inevitably, conflicts arise because different line of business and departmental managers see IT priorities differently," said John Saaty, CEO and co-founder of Decision Lens, which provides decision analytics software that aligns the IT portfolio and its projects with business strategy. Determining the best path toward achieving company objectives with IT is also more important than it has ever been before, as CIOs continue to get pushed to deliver results that are both strategic and transformational to the business. Decision Lens offers a cloud-based, software analytics approach to this often difficult phase of mediation, where some IT projects get prioritized and others don't. "The idea actually began in political negotiations with my father, who as a mathematician developed decision concepts for conflict resolution back in the 1970s," Saaty said.

Enterprise augmented reality: AR applications are just around the bend

AR applications are not confined to the unique needs of shipbuilding. Training and education are both fertile territory for AR technologies. Emerson Educational Services and Fisher Flow Controls have come up with an AR-based training system for engineers and technicians. "One of the groundbreaking tools we are working on is augmented reality, allowing us to superimpose a 3D computer model onto a real world object in real time," said Richard Ritter, instructional designer at Emerson Process Management, in an email exchange. The goal, Ritter explained, is to show workers how to install or repair Fisher products. The application uses a platform developed by Scope AR. "This will impact how we train our employees and customers in a positive way," Ritter added.

How Citibank Delivers Real Business Benefits With Its Data-First Approach

In addition to architecting and engineering the data technology platform, his Data Science team often acts to “jump-start” Big Data-driven analytical activity within whatever parts of the business where it can be shown to offer benefits. Identifying where Big Data resources can most effectively be used involves lining up business use cases with technological capabilities, and is one of the biggest possibilities. Simone tells me, “Since the inception of our Data Innovation program, we have executed hundreds of proof-of-concepts and use cases, all validated against meeting specific business requirements. We are focused on having actionable results that are balanced with very specific metric-based outcomes.”

Artificial Intelligence Swarms Silicon Valley on Wings and Wheels

“Whenever there is a new idea, the valley swarms it,” said Jen-Hsun Huang, chief executive of Nvidia, a chip maker that was founded to make graphic processors for the video game business but that has turned decisively toward artificial intelligence applications in the last year. “But you have to wait for a good idea, and good ideas don’t happen every day.” By contrast, funding for social media start-ups peaked in 2011 before plunging. That year, venture capital firms made 66 social media deals and pumped in $2.4 billion. So far this year, there have been just 10 social media investments, totaling $6.9 million, according to CB Insights. Last month, the professional social networking site LinkedIn was sold to Microsoft for $26.2 billion, underscoring that social media has become a mature market sector.

Developers Are Flocking to Blockchain Bootcamps

With banks and insurers starting to tinker with the blockchain, as a tool to record transactions and asset transfers, and venture capitalists investing more than $1.1 billion in related startups, there aren’t enough developers who have mastered the software. The career site Indeed.com listed 136 jobs with “blockchain” in the description as of Sept. 7, everywhere from New York to Boston, while Monster.com posted 77 jobs. “The supply of people that have extensive blockchain experiences is pretty low,” said Jered Kenna, an entrepreneur who may be hiring a blockchain expert this fall. “And the demand is quickly increasing. Sometimes they get five job offers a day.”

BMC Advises IT Pros to Get Ready for the Hyper Agile Enterprise

Blockchain is basically a distributed database that uses a secure digital ledger of transactions that users can share across a computer network. "It has the potential to completely redesign how we do transactions if it takes off, though I don't know if it will," said Beauchamp. Finally, he noted that many essential computer technologies are being rewritten by breakthroughs in artificial intelligence changing everything from customer service to anticipating security threats. Beauchamp said a new kind of "hyper-agile digital enterprise" is needed to deal effectively with all the technology advances that continue to emerge. He emphasized it's not just about adopting technology, but redesigning how companies relate to customers, their supply chain, partners and their employees.

Why APIs Are Worth The Time And Attention Of IT Professionals

"The addition of Apigee's API solutions to Google cloud will accelerate our customers' move to supporting their businesses with high quality digital interactions," said Google SVP Diane Greene in a blog post. "Apigee will make it much easier for the requisite APIs to be implemented and published with excellence." Google is a bit late to the API management party, which ramped up in 2013 with CA acquiring Layer 7 and Intel acquiring Mashery (only to sell it to TIBCO last year). Other partygoers include 3scale, Akana, Axway, IBM, HP, Mulesoft, and Oracle, not to mention Amazon's API Gateway. Forrester has predicted a shakeout, based on its finding that only 40% of enterprises are advancing digital initiatives relating to mobility, IoT, and big data to the extent that API management investment would be beneficial.

Who influences CIOs? Here's the top 20

One surprise (until, that is, you see the quality of the content she publishes) is Martha Heller, the CIO recruitment expert. Martha has the second highest reach of all the people listed in the report reaching an exceptionally high 9.3 per cent of the CIOs in the sample...This reflects the fact that her content output, Twitter follower / following base and day-to-day focus revolve around the CIO community. Perhaps surprisingly, there are only 10 technology analysts that make the top 300, but leading the way is Michael Krigsman of CxOTalk. Michael's published content is heavily directed towards the CIO which is why they are so attentive to his output. The biggest group in the 300 are the 'CIOs and IT Management' category. Led by Chris Curran, Chief Technologist at PwC.

6 Ways to Build a Solid IT Foundation

Finding IT-centric employees is not an easy task. Consider building internship programs within your organization and work closely with local technical colleges to find IT students who are looking at the traditional IT industry without knowing that the physical security industry is even an option. Attend job fairs and educate students on the great career paths that they can take in the system integration industry. Many of these colleges have apprenticeship programs that integrators can be a part of. Growing an IT student within your organization through an apprenticeship program will result in an engaged and energetic new employee who has been trained in your company’s processes and procedures.

This USB stick will fry your unsecured computer

"When tested on computers, the device is not designed or intended to erase data. However, depending on the hardware configuration (SSD vs platter HDD), the drive controllers may be damaged to the point that data retrieval is impractical," the company said in its marketing material. USB Kill also said the device was created for use by hardware designers of public machines, such as photo booths, copy machines, airline entertainment systems and ticket terminals -- anything with exposed USB ports that need to "ensure that their systems resist electrical attacks." "Finally, the general public, or anyone who wants to test or kill their own devices should equip themselves," the company stated. "Penetration testers and security auditors should include the USB kill 2.0 to their arsenal of testing tools."

Quote for the day:

"The only way to do great work is to love the work you do." -- Steve Jobs

September 08, 2016

John McAfee’s company could spoil the party for Intel’s new venture

John McAfee states in the filing that he entered in 1991 into an agreement with McAfee Associates to transfer certain assets to it in exchange of stock and a promissory note, but at no point did he “assign the rights to his personal name, via assignment of trademark or otherwise, or agree to restrict his right to do business using his own name.” At the time of the agreement, John McAfee had not filed for or registered the trademark to “John McAfee” or “McAfee” or any other variation of the name, according to the filing. ... But none refer to John McAfee, who claims that Intel "never consulted, requested or otherwise obtained the permission of McAfee to use his last name as part of Defendants’ Marks on its products," according to the filing.

The Next Successful Hack May Be Your Fault

By a careful design and timing of the message, it should be possible to make virtually any person to click on a link, as any person will be curious about something, or interested in some topic, or find themselves in a life situation that fits the message content and context. Expecting from the users error-free decision making under these circumstances seems to be highly unrealistic, even if they are provided with effective awareness training. It's easy to become pessimistic about cybersecurity in the face of such behavior by advanced internet users who are well aware of the threat. Ordinary users, just because they are curious or easily distracted, appear to be the most vulnerable element in any computer system, and they are the one that cannot be fixed. As Benenson wrote, "human traits such as curiosity will remain exploitable forever, as humans cannot be patched against these exploits.

As strong as your weakest link: A look at application vulnerability

When it comes to patching and updating software vulnerabilities, operating systems and web browsers seem to get all the love. But in reality, vulnerabilities in those two types of software usually account for a minority of the publicly disclosed vulnerabilities published in the National Vulnerability Database (NVD), the U.S. government’s repository of standards-based vulnerability management data. Where are the rest of the vulnerabilities? The majority are in applications (i.e. software that doesn’t ship as part of operating systems or browsers), and unless you’re spending time protecting those too, your application layer could be a big chink in your IT armor. CIOs, CISOs and their security teams need to focus on assessing and patching known vulnerabilities in all business apps, or they could in fact be missing the bulk of the vulnerabilities that exist in their environments.

IoT for Logistics in India – One of the Largest Upcoming Domains

At the first level, the biggest contribution that IoT has is to monitor assets and focus on avoiding predictable delays. For instance a connected truck will throw up the information on the diminishing engine oil or an over exerted clutch in advance – averting either an accident or an unprecedented delay – thus enabling greater transit predictability. This connected asset will also enable organisations to achieve greater asset utilization. Fleet management can also extend to public services management tracking peak and lean times, to and fro destinations, optimizing the number of vehicles available basis the traffic flow, optimizing the available routes to minimize on road time, minimize fuel consumption, thus impacting better bottom lines.

Encrypting the Internet of Things

"We're talking about some very constrained devices, 8-bit processors [with] little memory, low speed, low power," says cryptographer and IT security author Bruce Schneier. He sees the lightweight cryptography project as important because "a lot of the algorithms we have just aren't suitable for these constrained environments. ... We want good algorithms for constrained devices." NIST plans to create a portfolio of lightweight primitives through an open process, in which submitters describe physical, performance and security characteristics of these algorithms. NIST used a similar process to develop its portfolio of block cipher modes of operations. A block cipher mode is an algorithm that provides an information service, such as confidentiality or authentication.

Half of network management systems vulnerable to injection attacks

Getting access to a network management system gives an attacker a current map of the company's environment, without risking detection by running their own scans. To take advantage of one of these vulnerabilities, an attacker could physically enter an organization's facility and connect a small device, such as a Raspberri Pi, to the network. Or an attacker who already has access to a networked device through some other kind of attack could use this vulnerability to escalate their privileges, Heiland said. The products were Spiceworks Desktop, Ipswitch WhatsUp Gold, Castle Rock SNMPc, ManageEngine OpUtils, CloudView NMS, Opmantek NMIS, Opsview Monitor, Netikus EventSentry, and Opmantek NMIS. All nine vendors have been notified and have released patches to their products, said Heiland.

New tech can help catch spearphishing attacks

"We look at the IP address of the sending domain, the age of the domain, the DNS servers that are being used, all those elements," he said. The average cost of a spear phishing attack is $1.6 million, according to a survey released earlier this year by security firm Cloudmark and research firm Vanson Bourne, and 73 percent of respondents said that spearphishing was a significant threat. Over the past 12 months, 27 percent of organizations received a targeted spearphishing attack, according to a report released today by Osterman Research. And 11 percent of organizations were successfully tricked. "That's a little sobering," said Tim Helming, director of product management at DomainTools, the company that sponsored the research.

Smart Wearables Hold Productivity Potential In Enterprises

Specifically, enterprises such as manufacturing and science labs are starting to use smart eyewear in limited settings, said Jitesh Ubrani, a senior research analyst for IDC, and the coauthor of the Sept. 6 report. Ubrani told InformationWeek that IT is still trying to find where these types of devices fit within the larger enterprise. "Right now we're in the very early stages of how this benefits [enterprises]," Ubrani said in a phone interview. "We're talking about very small pilot programs and not mass deployments, at least not yet. If businesses are not in pilots this year, they may be considering them for next year." In addition to the few pilot programs, the number of offerings for enterprise-ready equipment is slim.

Quote for the day:

"Leaders should use sweet and soft words in case they need to eat those words sometime in the future." -- @GPackwood

September 07, 2016

CIO travels new path to IT governance at native cloud company

"It’s like the European Union – we have too many conversations that go on at the company within the confines of collaboration tools,” says Settle. “We need to swallow hard, pick some winners and losers and some people are going to have to change their day-to-day activities to get some benefit out of it.” Settle must win over departments accustomed to procuring their own solutions with the promise of services they cannot render themselves, including data management, enterprise application integration and information security. In effect, he must centralize a decentralized and fragmented IT landscape. This entails instituting change control procedures, in which his department will make changes to Workday, NetSuite, Zuora and Concur, according to evolving business requirements.

Is FinTech really a game changer?

Today, FinTech is the term that sounds the death of the banking as we know it. It is shorthand for a seismic disruption of payments and lending so transformative that in less than a decade the banking system as we know it will be replaced by new services and new service providers in equal measure. Or perhaps not. To truly understand the likely impact of FinTech, you need to look rather more closely at the market participants, and what they are up to. First and foremost, that means recognising that FinTech encompasses a broad range of technologies across payments, digital currencies, personal finance and lending. From that starting point, you can begin to analyse what it takes to succeed.

Fintech Startups Face Dilemma on Banks: Are They Friend or Foe?

Fintech firms that don’t partner with banks are often at risk when big banks come into their niche, or when market forces turn against them and they don’t have deposits to fall back on. Many online lenders have learned that the hard way this year. On the other hand, startup firms that do partner with banks can be subject to all kinds of scrutiny and criticism. They are seen as capitulating to incumbents, and increasingly come under the watchful eye of regulators. “Rent-a-charter” models, in which banks backstop or formally provide services behind fintech websites, have been recently scrutinized by the Federal Deposit Insurance Corp. in the case of lending, and by states such as California and Texas in the case of money transfers.

The AI revolution is coming fast. But without a revolution in trust, it will fail

AI is going to unleash a whole new level of productivity and augment our lives in many ways. As in past industrial revolutions, AI will also be a disruptive force, dislocating people from jobs and surfacing profound existential questions about the relationship between man and machine. It’s inevitable that jobs will be impacted as AI automates a variety of tasks, but just as the internet did 20 years ago, the AI revolution will transform many jobs as well as spawn new kinds of jobs that drive economic growth. As a society, we need to adapt to the changing nature of work by focusing on training people for the jobs of tomorrow and addressing growing economic inequality.

Two Mistakes You Need to Avoid When Integrating Services

Since, an organization cannot influence the external service vendors to adhere to specific business semantics, reliability should not be tightly coupled to the business application level. Therefore, it would be essential to use a more generic (independent of its business semantics) mechanism to achieve reliability of system. Message-Broker is an intermediary pattern which decouples message senders and receivers. Most of the ESB vendors support integrating with Message Brokers (MB) via protocols such as JMS. The next sections would focus on elaborating how ESB and MB patterns together could be used to achieve a more reliable communication link between the services which are chained through the ESB (achieve zero message lost).

What Tech-Enabled Startups Should Do to Grow in a Turbulent Economy

“Start-ups of today are teenagers of corporate world, and they are disrupting the whole industry, challenging the conventional thoughts, and bringing in innovation,” said Sandeep Majumdar, Chief of Operations-North, Sify Technologies. The current generation is always on the move and connectivity for them is as essential to them as roti, kapda aur makaan. Most start-ups want to be very transparent with their customers. Many companies want to share notifications with their customers and be visible in their supply chains. So if you don’t provide transparency, the brand suffers. Today’s millennial generation is very different from pervious generations. People who belong to the selfie generation are obsessed unabashedly about themselves. It’s a good business strategy for brands if they sell products more through customer engagement and personalization.

4 Ways SaaS Is Transforming IT Departments

CIOs are quickly learning that the skills, infrastructure, and processes that have governed their fields for the past two decades are becoming obsolete, and a shift to SaaS necessitates a radical reevaluation of how they approach their jobs. “This is much bigger than just a technology change,” said Matt Griffiths. “There’s an entire organizational and cultural shift required to support that change.” Griffiths spent 16 years at Dell serving in various roles that included running the automation tech behind the company’s supply chain and leading the internal IT infrastructure within the organization. More recently, he served as CIO of Biogen, a biotech company that specializes in treating autoimmune diseases. It was there that he witnessed the full potential of cloud technology and began to think through the various pain points of adopting a SaaS-based infrastructure.

In Information Security, the Only Constant is Change

In the security world, new techniques for intruding into organizations appear fairly frequently. Some of them grab big headlines, which of course can increase attention and pressure on security types from non-security types in leadership or executive positions within our respective organizations. But how firm of a grasp do we have on the primary ways in which we are being attacked and owned, as well as broader patterns and trends across the industry? It is far too easy to divert important resources away from their strategically prioritized day-to-day work and onto the hack du jour. But if today’s distraction poses a minor risk to our organization, does it make sense to divert resources from mitigating risks or plugging holes that we know pose serious risk to the organization?

Mobile app reversing and tampering

When you think about hacking a mobile device you might intuitively think about an attacker trying to get a better understanding of the device so they can reverse it and build their own, similar, possibly malicious, masquerading version. Maybe they want to modify the logic so that they can bypass certain controls like authentication. Or perhaps they are just looking to steal sensitive data. In all these cases you would be correct. But there is a forth and perhaps lesser thought of motivation. As apps become more advanced they often have richer logic flows. That logic likely interacts with an organization’s backend IT infrastructure. Hacking an app can put sensitive processes, systems, networks and data in the hands of an attacker that can be used to attack traditional IT assets

The future of innovation management software

While ideas themselves are often generated rapidly, it takes considerable time to rationalize the ideas and develop the most promising into a vision board, business model canvas or similar form of initial business case that the organization can then review in more depth and decide how to proceed. Today's innovation management software does a good job of supporting idea management, but needs to expand to help companies focus their innovation teams more on deciding "where to play" and "how to scale" their big bets. If we can automate the idea-management function as much as possible -- for example, with intelligent automation to streamline processes and with analytics to aid decision making -- we can help free up resources to spend more time on the critical front-end and back-end components of the innovation life cycle.

Quote for the day:

"He uses statistics as a drunken man uses lamp posts... for support rather than for illumination." -- Andrew Lang

September 06, 2016

The Importance of Continuing Education for Digital Leaders

Chief information officers (CIOs), of course, should regularly brief the management team and the board on new developments, demoing exciting new technology, bringing in external speakers and vendors, and using other tactics that promote tech learning and engagement. But keeping up on technology trends is also the responsibility of every executive. And while that can be daunting given the vast tech landscape and seemingly limitless avenues for learning, it’s also incredibly exciting. So, if your job title doesn’t include the words information, technology, or digital, how do you stay current? And how do you ensure your organization isn’t falling behind? Consulting digitally literate kids, grandkids, or Millennial staff for help, as many chief executives tell us they do, won’t cut it.

BGP routing joining OpenFlow in software-defined networks

The use of BGP routing makes it possible for the network to continue to operate if the controller fails, or if the link from the controller to the routers goes down. Routers would no longer be able to exchange updates with the controller on network operations, status and policy, but packets would continue to flow based on previously set policies. BGP is a path vector protocol that maintains path information that gets updated dynamically and in which routing decisions are based strictly on distance and policy. Unlike link-state protocols, like OSPF, they do not create a complete network map or maintain QoS information. The size of the internet makes it virtually impossible to create and maintain a map describing each of the thousands of autonomous systems and the links between them.

How security teams can embrace the millennial shift in the workplace

The good news is that increased flexibility doesn’t need to mean that businesses are at a greater security risk. In fact, 80% of millennials feel it is important to secure sensitive information, such as data containing personal, financial, and medical information. Companies just need to embrace millennials’ acceptance of security with the understanding that security measures can’t get in the way of the on-demand mindset or inhibit work flexibility. So what can companies do? They can ensure a safer environment by prioritizing technologies that have minimal to no impact on the employee work experience. This means embracing new innovations based on artificial intelligence and predictive analytics that minimize user involvement and don’t rely on workers to keep software updated.

Adaptable or Predictable? Strive for Both – Be Predictably Adaptable!

There are three types of systems – ordered, chaotic and complex. In ordered systems a desired output can be predicted and achieved via planning based on historical data and analysis. A Chaotic system is one with complete randomness or lack of connections between the components of the system.

Our definitions of adaptability and predictability will come from the perspective of Complex Adaptive Systems (CAS). CAS are systems that have a large numbers of components, often called agents, that interact and adapt or learn3. Complex systems are non-linear and not causal. We can only understand the system by engaging with it. The components and the system itself coevolve so that we cannot predict the future.

The H Factor – Why you should be building “human firewalls”

The “H factor” can be attributed to two aspects: The attackers and the conduit for attack. On one hand, businesses in all industries, especially lucrative ones, are faced with attackers who keep growing in their sophistication, capabilities and brazenness. They keep coming up with creative ways of attacking organisations by discovering new vulnerabilities in systems and software and by tricking innocent people into falling into their traps. On the other hand, humans are considered the weakest link and can expose organisations to cyber threats through three main types of risks: human errors, ignorance and intentional harm.

Leveraging GPU-Enabled Graph Analytics to Accelerate Cyber Security Investigation

The ability to effectively enable the security information and event (SIEM) analysts becomes significantly more difficult. Threat detection can take a significant amount of time, and often cannot be done until long after the breach has taken place. Developing more effective ways for analyzing and visualizing cyber threats is critical, and that is where graph analytics comes in. Cyber security is effectively a graph problem: network traffic transactions link the external systems attempting to breach the environment with the internal systems that require protection. Each access attempt establishes a directed link between the source of the attempt and the target, and the details of the attempted access become the properties of the directed edge.

Putin Says DNC Hack Was a Public Service, Russia Didn’t Do It

Clinton’s campaign struck back at Putin on Friday for characterizing the cyber intrusions at Democratic Party groups as a public service and accused him of endorsing the disruption of the U.S. vote. “Unsurprisingly, Putin has joined Trump in cheering foreign interference in the U.S. election that is clearly designed to inflict political damage on Hillary Clinton and Democrats,” Clinton spokesman Jesse Lehrich said in an email. “This is a national security issue and every American deserves answers about potential collusion between Trump campaign associates and the Kremlin.” In a two-hour conversation near Russia’s eastern fringe, Putin touched on subjects ranging from the war in Syria to oil prices and trade with China. It came just two days before Putin, Barack Obama and other world leaders gather at a Group of 20 meeting in Hangzhou.

Security Think Tank: Malware infection is inevitable, so be prepared

It seems some companies have already hit the self-destruct button by permitting users to access company resources using their own devices, with limited protection in place. While all your machines in the office might have the latest and greatest malware protection available, Mrs Trellis from her holiday home in north Wales is unlikely to even know what this is. Users should not be able to double click and open an untrusted file. They should be prompted with a warning message before being allowed to open untrusted files. This is a basic Cyber Essentials control that most small companies fail when I go in and assess them, yet remarkably simple and effective once in place. Do it. No excuses.

Python vs. C/C++ in Embedded Systems

Python isn't only the most-popular language for introductory CS programs, it's also the fastest-growing language for embedded computing. Maybe that sounds silly when you scan the numbers again and realize it's the fastest-growing language of the remaining 5% of embedded systems code that aren't C/C+ +, but Python will start eating into C/C++'s monopoly even more over the next few years. Hobbyists migrating into the industry with experience programming drones, robots, or other projects frequently have an Arduino or Raspberry Pi background. They'll likely have dealt with Python on some level in that time, and it's also likely that they'll have bumped up against some embedded systems programming.

Data science industry eyes machine learning, recommendation engines

The traditional roles of systems analyst or business analyst are still there, but what has changed is the intensity and enormity of how they are used across the business. Data science used to answer questions of a limited scope. If you look at where the changes are in the industry today, data science is used far more profusely across the organization. This means applying analytics and insights across every stage of the business. It's a lot more pervasive and that makes the demands on data scientists a lot more pervasive, too. ... Yesterday's database administrator is today's data engineer. If you look at what data engineers do, they do some programming, math, SQL, administration and storage. Data scientists are different; they do model building, develop algorithms and do storytelling based on what the data says.

Quote for the day:

"Too often we think we can act without explaining and take decisions without justifying them." -- Peter Mandelson

September 03, 2016

Informatica CEO: 'Data security is an unsolved problem'

"We think our focus on data can bring a new approach," Chakravarthy explained. "Rather than focusing on infrastructure and networks, you need to focus on the data, wherever it is." The problem requires insight and visibility into data at a detailed level, in other words, and Informatica thinks it can offer that in a way no other provider can. "I don't see anyone else with the same approach," Chakravarthy said. It's been just over a year since Informatica went private in a US$5.3 billion buyout that included investments from Microsoft and Salesforce. Chakravarthy, who had been chief product officer, took the CEO chair at the same time, replacing Sohaib Abbasi. Speeding Informatica's transformation for the cloud and big data was the primary objective in going private, and the past year has brought good progress, Chakravarthy said.

20 of the biggest influencers on US CIOs

Bearing in mind the increasing importance of security to the enterprise, we were surprised by how few security specialists the typical CIO follows. An explanation for this could be that serious security issues and news find its way into the technology press pretty quickly, so the imperative to follow people like Brian Krebs is probably not as urgent as it would be for the CISO. The report is an essential information source for anyone involved in selling to CIOs based in the USA. Whether your role is comms, marketing, social media, advertising, sponsorship, events organisation, etc. this report will make your life easier and help you do your job better. The report is available from our website but please feel free to email me at richard [at] apolloresearch.com or leave comments here if you have any questions regarding this research.

How to increase profits with digital transformation fueled by mobile

How does digital transformation unlock value and increase profitability? Research from IBM shows that combining mobile with data and analytics unleashes the power of employees. The concept is simple: Deliver the right information to the right person, when and where he or she needs it. This is the concept of the “individual enterprise,” and it represents digital transformation at its best. Think of an employee bringing to bear the capabilities of the enterprise. Digital transformation with the individual enterprise means using technology to work smarter and more productively. Let’s take a look at two companies that are using mobile as a catalyst for digital transformation to empower employees and increase profits:

Prescriptive Analytics: The Ultimate Self Help Tool

What is making prescriptive so attractive is that it does not discriminate between internal and external behaviors. For example, a retailer might leverage prescriptive to determine which sections of a store are receiving the most attention from customers and how to capitalize upon that (i.e. external behaviors). Versus a supply chain manager who uses prescriptive to identify average shipping times which can increase the efficiency of deliveries (i.e. internal behaviors). Furthermore, it democratizes analytics by delivering the information in plain English, right to the person who should see it, rather than requiring a trained professional for interpretation. But prescriptive also has the potential to go beyond simple practice improvement. As solution providers create more intelligent engines, they are able to actively identify problem areas that are costing the organization in revenue.

Will Artificial Intelligence help Big Data deliver on its promise?

One area which will be interesting to observe is the relationship between Data Scientists and AI. As AI and Machine Learning progresses and evolves, some of the more basic and straightforward tasks that Data Scientists perform routinely will become automated and will yield great results in productivity. AI is certainly not going to replace Data Scientists any time soon, and can in fact be a massively helpful tool to utilise, however how will they view it: Friend or Foe? Could this also be one of the many ways that the industry can combat the talent deficit, automating the more basic tasks and reserving the more complicated Data Science processes for the Data Scientists?

What Makes FinTech So Successful and Disruptive?

Traditional financial institutions have been in this game for a while and operate in a vast and complex ecosystem, which now serves a foundation for FinTech growth and development. In fact, some estimates suggest that three of the largest FinTech investors are international financial institutions – Citi Ventures by Citi, followed by Goldman Sachs and JPMorgan. Aside from the largest investors, a range of financial institutions has been actively supporting financial technology startups in one way or another – through substantial money injections, accelerators/incubators, challenges, etc. And although no money can guarantee success, as the saying by Tim O’Reilly goes, “Money is like gasoline during a road trip. You don’t want to run out of gas on your trip, but you’re not doing a tour of gas stations.”

How algorithms rule our working lives

These algorithmic “solutions” are targeted at genuine problems. School principals cannot be relied upon to consistently flag problematic teachers, because those teachers are also often their friends. And judges are only human, and being human they have prejudices that prevent them from being entirely fair – their rulings have been shown to be harsher right before lunch, when they’re hungry, for example – so it’s a worthy goal to increase consistency, especially if you can rest assured that the newer system is also scientifically sound. The difficulty is that last part. Few of the algorithms and scoring systems have been vetted with scientific rigour, and there are good reasons to suspect they wouldn’t pass such tests. For instance, automated teacher assessments can vary widely from year to year, putting their accuracy in question.

5 Traits Effective IT Leaders Need

What are the characteristics that make these and other industry luminaries so revered? The technology they created? The artful design they infused into function? The plethora of free food and other perks they doled out to employees? Turns out there are five characteristics that more than 8,000 IT workers surveyed in North America by Robert Half Technology pointed to as traits that are important for an IT leader to possess. But often challenges crop up that prevent tech executives, managers, and team leaders from reaching such regarded heights. "The most successful leaders are in touch with the needs of the organization and their team, but are also keenly aware of industry trends and factors that impact the tech industry as a whole," John Reed, senior executive director for Robert Half Technology, told InformationWeek.

Why a security team embraces shadow IT

Bartholomy says the end-user technology unit also works with the broader IT unit on corporate technology strategy, including implementing other cloud solutions, such as Workday. While the company consumes a lot of cloud software for a financial services firm, it doesn’t adopt cloud casually. Like any other vendor Western Union works with, SaaS providers go through a risk assessment process to ensure that they meet the company’s rigorous security standards. "Because we are in a financial services organization, compliance is a big part of what we do so making sure that those vendors are doing all of the right things to make sure that we feel good about using them,” Bartholomy says.

Christine Doig on Data Science as a Team Discipline

Data science is about the design and development of solutions to extract insights from data (structured and unstructured) using machine learning and predictive analytics techniques and tools. Data Science as a discipline and Data Scientist as a role have been getting lots of attention in the recent years to solve real world problems with solutions ranging from fraud detection to recommendation engines. Christine Doig, Senior Data Scientist at Continuum Analytics, spoke at this year’s OSCON Conference about data science as a team discipline and how to navigate the data science Python ecosystem. She talked about how to transition from data to models to applications. Christine also discussed the different roles and skillsets needed for the data science discipline: Statistician, Computational Scientist, and Developer.

Quote for the day:

"Together we must learn how to compose differences, not with arms, but with intellect and decent purpose." -- Dwight David Eisenhower

September 02, 2016

Digital Transformation: A ‘make or break’ challenge

The Progress research says that CEOs are the main advocates of change but IT leaders will lead the charge. That said, many respondents who observe recalcitrance to change put the blame on IT. It’s not just about who leads the project though; digital transformation is all about widespread organisational reform according to Progress’s Armstrong. “There appears to be a lack of joined-up thinking in many businesses,” he says. “Digital transformation is like any other project in that it needs buy in from all relevant stakeholders. The challenge comes from the fact that digitalisation affects your whole business and everyone is a stakeholder. When it comes to digital transformation, the biggest risk isn’t choosing the wrong software – it’s actually a lack of internal alignment.”

Hackers prey on human resources using ransomware

"They are very focused. In a spear phishing attack, many times I get somebody compromised, but it’s someone who won’t get me any closer to the crown jewels," Nesmith said. Hackers know that they have to be careful and strike a balance with their attacks, but they have come to understand that volume is not in their favor. "Ransomware is a little different because with most attempts to penetrate, you want to compromise the device and be fairly quiet. Ransomeware, once in, moves aggressively. HR is the perfect world for ransomware. It infects one device and thirty others get infected," said Nesmith. HR departments are useful to bad actors because they have access to a lot of systems. Once in, they can move laterally and they are quickly onto something really important.

Why Google Might Make a Big Change to Its Android Strategy

Now, Google may be showing signs of changing its approach to Android and smartphones more broadly. The move, experts say, appears motivated by a desire to make the Android experience more uniform. Technology news site The Information reported earlier this year that Google is looking to take more control of its Nexus devices, which the company typically creates in collaboration with hardware partners. Google CEO Sundar Pichai said this summer that Google would “be more opinionated about the design of [Nexus] phones” moving forward. And just this week, tech blog Android Central reported that Google may even go so far as to add features on top of so-called “vanilla Android” for its Nexus phones. A rebranding effort, possibly along with a new name besides “Nexus,” might follow. Google declined to comment for this story.

IT Project:Internet of Things

Some of the issues associated with IoT involve privacy and security, both of which can be minimised with standardisations and security best practices (both built-in and at the same time enforced by organisations), according to Catalin Cosoi, chief security strategist at Bitdefender. "IoT ubiquity will not only mean placing more security controls in place, but also including them in the security lifecycle of the company. While the rewards of supporting IoT in organisations have yet to be fully explored, companies cannot afford to be ill-prepared for full-blown IoT market penetrationwithin coming years," he says. There is also a risk that in developing an IoT project that a firm simply deploys technology for its own sake.

U.S. Cloud Vendors Adjust To Snowden Effect

“Just the fact that we have these discussions tells me… that you can’t just run it all from U.S. soil,” says Gartner analyst Carsten Casper, who is based in Germany and regularly advises U.S. cloud providers about their go-to-market strategies in Europe. Casper says common questions from clients include whether vendors must establish a new subsidiary or build a data center to meet data residency and sovereignty requirements. He pointed to the deliberate expansion of data center facilities by AWS, Microsoft and Google in recent years. But even that sometimes isn’t enough. In one scenario, which Casper calls the most extreme of its kind, Microsoft owns a data center in Germany that is actually operated by Deutsche Telecom. “Providers must adapt,” he says.

U.S. Cyber Command director: We want 'loud,' offensive cyber tools

The development of “loud” offensive cyber tools, able to possibly deter future intrusions, represent a “different paradigm shift” from what the agency has used to in the past, Turskey said. “We will continue to work with the intelligence community for offensive means and offensive operations," he said. "But as the United States Cyber Command, we need totally separate tools and infrastructure to conduct our operations.” The comments come at a critical time for the command as the organization shifts from “capacity building to capability delivery” since its inception six years ago, Turskey said.

The future of machine learning in cybersecurity: What can CISOs expect?

While most of the people we’ve spoken to for this piece agree there may be the less jobs in the future, no one is currently under threat. Kris Lovejoy, President and Chief Executive of Acuity Solutions Corporation, believes there will be a ‘change in the dynamics’ of how security is run. The lower-level, ‘eyes on glass’ type analysts who are there merely to log incident and discard the false positives, may end up seeing their services required less and less and the systems learn what’s right and wrong. The people above them and providing initial analysis into what kind of threat the business is facing, however, will be more useful. “People don't realise how much just horrible manual labour and just waiting around sitting around is involved in these kinds of investigations,” she says.

Google will not make Project Ara modular smartphone

Google said in May that developers would get their hands on an early release version of Ara by the end of this year to start building custom hardware modules for the device. It changed its design philosophy to integrate many core mobile phone components like the CPU and radio into the Ara 'frame,' while leaving other modules to be customized. The company said at Google I/O 2016 that it had integrated the phone technology into the frame to free up space for modules that add new functionality not found on smartphones today. Future frames could be larger, smaller or completely different from a smartphone, executives said, while talking about a modular computer platform. Other vendors have also been experimenting with modular phones, with some variations in the main concept.

Hong Kong Government Hacked by Chinese Cyberspies, FireEye Says

On at least three occasions in early August, the China-based group APT 3 targeted the organizations with “spear-phishing” attacks, in which e-mails with malicious links and attachments containing malware are used to access computer networks, said John Watters, president of iSIGHT, a unit of FireEye Inc. He said the hacks were “certainly” politically motivated, based on their targets. Watters declined to say what agencies were attacked because his firm seeks to identify attackers, not shine a spotlight on the victims. It wasn’t possible to confirm whether APT 3 was linked to any Chinese government organization, he said, adding that the Hong Kong authorities had been informed of the incidents.

Latent-to-live code & forward compatible interim versions

Latent-to-live code pattern is the process of gradually putting latent code in use in production, before the related feature, or feature changes, are made available to the users, while keeping it invisible from the user and at the same time collecting valuable learnings from the execution of the new or changed code. ... Once the code is shipped into production, the incomplete feature enhancement is not exposed in the front-end, thanks to the feature toggle, while the 4 variables calculation is executed live every time the original feature invoke the 3 variables version of CalculateTyreDegradationDeltaTime. From running the new calculation into production we can learn sooner if new code works as expected for all the cases where the 4th variable is set to zero, and if it works without breaking existing features.

Quote for the day:

"Preconceived notions are the locks on the door to wisdom." -- Mary Browne

September 01, 2016

Technical Practices as a Hack on Consciousness: Why to Hack Yourself

The emergence of integral consciousness is a result of rapidly increased access to many different perspectives and many people of different backgrounds coming together in postmodern society. As a result individuals then can begin to realize the vast range of choice in who they are and the burden of self-authorship. In other words, they realize that both their mental models of who they are and how the world is are not necessarily as immutable as they appear. The principle of “mutual causality” as described by Buddhist scholar and environmental activist Joanna Macy means the doer and the deed are co-arising and create each other. We are created by our actions. We co-arise through our work and our interactions with others. When teams form and perform well, they likely have taken advantage of mutual causality.

3 new programming languages: What their creators say

It’s one matter to create a language; it’s another to ensure it’s of use to others who may be bumping up against similar problems. Each of the developers of these three emerging languages see use cases already evolving. Oden, Wickström says, is good at tasks within Go’s wheelhouse: web servers, back-end services, and command-line tools, to name a few. It is also good for building libraries that provide generic user-defined data structures, generic algorithms, and control-flow abstractions, he says. Crystal, meanwhile, is suited for web services, because it has nonblocking I/O and lightweight processes, Borenszweig says. Existing applications have included command-line applications, emulators, websites, and IRC bots. “It can also be used in competition programs, where you need to prototype fast but achieve good performance,” Borenszweig says. “Finally, it can be used to build compilers, such as Crystal.”

10 Essential Resources for Evaluating Backup and Disaster Recovery Solutions

When it comes to the selection of a solution for a new backup and recovery initiative, where should you start? A typical internet search may yield some worthwhile answers, though you’ll likely be bombarded with sponsored links to so-called ‘expert’ analysts pushing their own agendas. Consulting trustworthy sources of information is the name of the game. At Solutions Review, we put ourselves in the middle of it all, searching for resources that can assist buyers of enterprise technology to achieve their goals in selecting the tools that best fit their needs. With this in mind, we’ve compiled a list of the 10 best resources solutions-seekers should consult while in the research phase of a new backup and recovery solution project.

SQL engines boost Hadoop query processing for big data users

Deploying a SQL-on-Hadoop query engine might require more processing horsepower in a Hadoop cluster, as well. For example, Premier added five compute nodes to its cluster when it moved the ETL processing for physician performance data to the Hadoop system, increasing the total number of nodes to 19. And Palmer said he expects the cluster to grow further as the company puts more applications on it. But he added that the SQL-driven expansion of the cluster, which currently holds about 65 TB of data, has saved money overall by enabling Premier to completely replace one data warehouse appliance system and reduce its use of another one -- both being higher-cost processing platforms than Hadoop. The new Hadoop math is simple, according to Palmer: "I like to say that the more we expand the cluster, the more money we save."

Notebook Workflows: The Easiest Way to Implement Apache Spark Pipelines

Databricks Notebook Workflows are a set of APIs to chain together Notebooks and run them in the Job Scheduler. Users create their workflows directly inside notebooks, using the control structures of the source programming language (Python, Scala, or R). For example, you can use if statements to check the status of a workflow step, use loops to repeat work, or even take decisions based on the value returned by a step. This approach is much simpler than external workflow tools such as Apache Airflow, Oozie, Pinball, or Luigi because users can transition from exploration to production in the same environment instead of operating another system. Notebook Workflows are supervised by the Databricks Jobs Scheduler. This means that every workflow gets the production functionality provided by Jobs, such as fault recovery and timeout mechanisms.

Keezel's wireless device protects hotel Wi-Fi , home IoT connections

The latest use is as a security layer for connected home appliances. Smart lightbulbs often contain dumb security flaws, and many of them are never patched. Rather than leave your entire home network at risk of some hacker finding your lightbulb and using it as a staging post for an attack, you could to use Keezel to isolate it from other devices on your home network, co-founder Friso Schmid said. Future software updates to Keezel could also block ads or prevent access to malicious websites, Muller and Schmid suggested. Keezel recently upgraded its design with a new Wi-Fi chip that covers the 5 GHz band, so it now supports 802.11 b, g, and n. There's no point in adding 802.11ac, Muller said, because the dual-core ARM chip at the heart of the device wouldn't be able to keep up.

Why Agile Is Critical for Attracting Millennial Engineers

A Millennial-generation developer who works on JIRA Software at Atlassian told me, "I chose to work in an Agile environment because our industry moves fast, and I don't want to sink time and energy into something that doesn't matter, or won't help me move forward." Agile development, he said, "goes beyond the technologies we use or the processes we follow. It's an attitude, and it needs to be present throughout the entire organization." For some Millennials, working with less-than-pure Agile methods is a compromise. A 27-year-old project manager told me he left a Big 5 Consulting Firm after nearly 5 years because the architecture-driven version of Agile practiced there was "too constrained by governance." He made a lateral move to a job with a software developer focused on small, private customers.

Creating the next wave of data center innovations

The biggest opportunity for the data center industry lies in the effective use of the vast quantities of data unleashed by IoT, combined with big data analytics as a catalyst for the next wave of innovation. As an industry, we must not only be able to instrument a data center and provide data to the data center operators, we must also be able to consolidate millions of data points every minute from multiple data centers and use sophisticated data mining tools to spot trends. ... If the industry can come together to achieve that, we will be able to perform true benchmarking with universal metrics across the entire industry, and with that, we are looking at the possibility of true machine learning – not just machine learning on one data center in one location, but machine learning throughout the entire data center ecosystem – where not only does one company benefits but the ecosystem as a whole benefits.

Encryption hiding malware in half of cyber attacks

The trend is expected to grow in parallel with the greater legitimate use of encryption. Inbound encrypted traffic is expected to rise from 39% to 45% next year, and outbound encrypted traffic from 33% to 41%. When asked about malware hiding outbound data within encrypted traffic, 74% said this was highly likely but only 16% thought their organisation could identify and mitigate SSL-encrypted malware attack before data exfiltration. When asked if traffic from an SSL-secured malware server could be spotted by their intrusion prevention system (IPS), 79% of respondents said it is highly likely this could occur in their organisation; only 17% thought their organisation has the ability to mitigate such an attack.

Detection & Response: Where To Begin

As with any technology, though, machine learning is another one of the many layers in the entire security infrastructure. "It’s an additional layer on top of a SIEM that augments and helps to tune the system," Poulin said. CISOs struggle with determining which of those layers are most important, and when there are so many layers that the technology becomes redundant or inharmonious. Poulin said, "Perspective is everything. My personal philosophy is borrowed from a wood-working expression, 'measure twice cut once'. You need to have something to measure the information." All they have to do to weed through the overgrowth is determine where the problem is for them--at the perimeter, user role management, data access? The problem for many who are feeling so overwhelmed and understaffed is that looming question,Where do I begin?

Quote for the day:

"Program testing can be used to show the presence of bugs, but never to show their absence!" -- Edsger W. Dijkstra