Daily Tech Digest - November 13, 2016

Agile Sailors - A Journey from a Monolithic Approach to Microservices

“Any organization that designs a system (defined broadly) will produce a design whose structure is a copy of the organization's communication structure” Conway argues. What did we learn from reviewing our current state by then? How did we set both structures in motion? What did we plan for and what did we actually achieve? One of the first lessons we drew from Conway´s Law was the following: changing to innovative products and short time-to-market cannot be done by relying on technological changes only. Instead, organizational changes and technology have to go hand in hand. Both dimensions need to be inspected and adapted accordingly. Although this sounds simple in concept, transforming our set-up as well as our mindset took us long and is still top on our menu.


What is OData? REST Easy With This Quick Guide

OData is a REST-based protocol for querying and updating data. It is built on technologies like HTTP, ATOM/XML, and JSON. It is more flexible than other REST-based web services and provides a uniform way to describe the data and the data model for easy interoperability between data sources, applications, services, and clients. Similar to ODBC and JDBC, OData gives you a single way of accessing various data sources. Consumers of OData master one API and use it to consume multiple data sources. As a producer, OData relieves you from spending your resources to defining and maintaining data access and discovery API. OData is an OASIS standard and is beginning the standardization process with ISO. It defines the best practice for building and consuming RESTful APIs.


Next Generation Firewall Bypass Tool: FireAway

Fireaway is a tool for auditing, bypassing, and exfiltrating data against layer 7/AppID inspection rules on next generation firewalls. These tactics are based on the principle of having to allow connections to establish through the NGFW in order to see layer 7 data to filter, as well as spoofing applications to hide communication channels inside the firewall logs as normal user traffic, such as Internet surfing. Typically the FireAway server would be started on the egress side of the firewall (such as a server on the Internet), and listen on a port believed to be closed to see if any application based rules allow traffic out on this port ... All data received by the server on this port will be saved to the file ReceivedData.txt in the directory the server was launched from.


A Software Product Vs Project

In short, a software Project is all about to execute a Statement of Work of an internal or external customer, where what customer required is right irrespective of what is ideal or what the end user would expect. Though some projects are scoped in such a way that certain aspects of non-functional requirements are left to the choice of the project teams. Product development isn’t about implementing what the customer wanted to. In product development, the product manager owns and comes up with the product requirements. A large product or product suite, typically comprise of many projects and will evolve over time. Unlike a project the product will be improved continuously without an end date based on feedback from end users and the product team prioritizes what needs to be built next based on its perceived value for its target users or customers.


Understanding the CIO’s Role in Security

The CIO should take charge for two reasons. First, he or she is in the best position to understand the complexities and specifics of the IT infrastructure and services that run the business. This level of understanding allows the CIO to consider all implications, even those stemming from or affecting operations, technology and events outside the enterprise. Secondly, CIOs are often held responsible for high-profile breaches. This extra pressure is excellent motivation for a CIO to make enterprise security a personal top priority. Specifically, the CIO’s role in security should extend to three different areas to maintain a strong security posture.


Why Cultural Change Is Necessary For Big Data Adoption

Big data is transforming businesses across industry sectors — from industrial systems to financial services, from media to health care delivery, from drug discovery to government services, from national security to professional sports. The opportunity to deploy data and analytics has accelerated the speed at which companies can enter new markets, with new solutions, and quickly challenge or displace traditional competitors and market leaders. Consider some of the firms which are at the forefront of the Digital Economy – Amazon, Google, eBay, Facebook, Uber, and Airbnb. These are firms that are rooted in big data and analytics, and have leveraged new data-driven business models to disrupt and transform traditional industries such as retailing, media, and travel.


A Warning for Fintech

At stake is the bank's continued relationship with many of its clients. Cyber attacks can prompt the most tech savvy customers to walk way: about 29 percent of U.S. millennials will close all accounts with a bank after a fraud incident, according to an October-November 2015 survey by credit scoring agency FICO. But the financial damage could spread far beyond Tesco. It's easy to imagine how the rising financial cost of cybercrime could damage the big selling point for fintech firms and challenger banks: being able to acquire customers and operate at a lower cost than established rivals. ... Protecting against cybercrime is about more than just spending of money on the right technology -- and it's also about having the right plan in place when a successful attack does get through.


Don’t let email attachments become your weakest link

Employees represent a business’s first line of defence against email threats, so they have a big responsibility to help protect data and keep the company secure. Most of the time, individuals are simply too busy or too ignorant of the consequences to consider for more than a second or two whether they should open a questionable email or attachment. The hackers are making it even harder for security teams because they know that at the beginning or the end of the day, when people want to get stuff done or get out the door, they are more likely to be fooled by an email attack. For this reason, there are often spikes of malicious activity early in the day or late in the afternoon.


The Impact Big Data Is Having How We Learn

One of the biggest technological advancements that has improved the quality of the learning tools we use is the aggregation and analysis of data. According to a report by the U.S. Department of Education, “Big data captured from users’ online behaviors enables algorithms to infer the user's’ knowledge, intentions, and interests and to create models for predicting future behavior and interest.” Big data is empowering education companies to understand things they could not have previously. Companies like Edx are using that information to determine what kinds of classes can be taught online and which are better suited to a classroom environment. When it comes to learning, there’s no doubt students have more options than ever before, learning at their convenience from home, the coffee shop, or the classroom.


5 Steps To Create A Culture Of Leadership

Creating a culture of leadership is a key component in your companies’ ability to grow year over year. It is not something that can be implemented; rather a culture of leadership evolves organically by taking the necessary steps and investing the time and resources that are required to create leaders not only at the top level, but throughout your organization. For a culture of leadership to exist, companies must first define it. This definition needs to be based on core leadership capacity principles and “must have” characteristics. These can be uncovered through internal reflection and an assessment of the company leaders which we discussed in our last article. However, culture should not be developed strictly through a top down approach.


Quote for the day:


"There is a difference between listening and waiting for your turn to speak." -- @SimonSinek

Posted by at No comments:
Labels: , , , , , , , , ,

Daily Tech Digest - November 12, 2016

Cognitive computing systems a natural fit for IoT devices

Analyst firm Gartner forecast 6.4 billion connected devices will be used worldwide in 2016, jumping to 20.8 billion by 2020. But many of those devices will be relatively dumb, including things like fitness trackers, connected speakers and cameras. The real value from internet of things (IoT) devices could come from backing up a data connection with cognitive computing systems. This turns a connected device from something that strictly generates data into something much more interactive. Thomas Jefferson University Hospitals is using a similar approach to help improve the patient experience. The health system recently unveiled a speaker and microphone system that can be embedded in patient rooms. Patients can speak questions about hospital services or commands that control the room's heating and cooling, lighting and entertainment systems.


Active Cyber Defence - tackling cyber attacks on the UK

There’s a common complaint from industry to governments about cyber security. It’s generally that governments tell them they’re not doing enough and must do more, often without really understanding the real-world impacts or commercial implications of their demands. ... We’ll be eating our own dog food to prove the efficacy (or otherwise) of the measures we’re asking for, and to prove they scale sensibly before asking anyone else to implement anything. The ACD programme is intended to tackle, in a relatively automated way, a significant proportion of the cyber attacks that hit the UK. Automation means the measures scale much better. It's not a panacea but should help us mitigate the impact of a significant proportion of the attacks we see. It won't affect the really targeted attacks (at least initially) but we're hoping that we can reduce the noise enough to make the defenders' jobs easier when tackling those very targeted attacks.


Global industry groups voice opposition to China cyber security law

In their letter, the groups warned that Beijing’s efforts to control more of China’s Internet and technology would “effectively erect trade barriers along national boundaries” while failing to achieve its security objectives. The cyber security law would also burden industry and undermine “the foundation of China’s relations with its commercial partners,” the groups wrote in a letter addressed to the Chinese Communist Party Central Leading Group for Cyberspace Affairs. The letter’s signatories include the Information Technology Industry Council, the Internet Association, the U.S. Chamber of Commerce, the Australian Industry Group and BusinessEurope, among others. The law’s adoption comes amid a broad crackdown by President Xi Jinping on civil society, including rights lawyers and the media, which critics say is meant to quash dissent.


How Facebook Is Transforming Disaster Response

This new incarnation of Safety Check begins with an algorithm that monitors an emergency newswire—a third-party program that aggregates information directly from police departments, weather services, and the like. Then another Safety Check algorithm begins looking for people in the area who are discussing the event on Facebook. If enough people are talking about the event, the system automatically sends those people messages inviting them to check in as safe—and asks them if they want to check the safety of other people as well. In other words, the system is driven by Facebook algorithms first, and then it’s driven by the choices and behavior—and white-knuckle worries—of people on the ground.


Bringing the Power of Platforms to Health Care

Despite healthcare’s remarkable track record holding out against the tides of change, there are finally holes in the dam. The healthcare internet is emerging node-by-node, provider-by-provider, and patient-by-patient. So, there’s really no longer a question of whether healthcare will join the rest of the economy and concede to the inevitable. The real question is what it will look and feel like for patients and providers once care is connected and the “network effect” begin to take hold. It turns out we have a pretty good sense of what’s to come because we know what AirBnB has done to hotels (and homes), Waze to GPS systems and fold-up maps, and Uber to taxis. To us, these disrupters illustrate well the three dimensions of the network effect that is poised to transform healthcare: administrative automation, networked knowledge, and resource orchestration.


Travis CI Tutorial: Java Projects

This post describes how to achieve all the desired features using a whole new stack that might not be familiar to enterprise Java developers. GitHub was a perfect match. Then I went on to search for a Jenkins cloud provider to run my builds… to no avail. This wasn’t such a surprise, as I already searched for that last year for a course on Continuous Integration without any success. I definitely could have installed my own instance on any IaaS platform, but it always pays to be idiomatic. There are plenty of Java projects hosted on GitHub. They mostly use Travis CI, so I went down this road.


How to automate the enterprise: Your guide to getting started

In order for businesses to identify which roles are automatable, they will likely need to first document their processes in detail. "If you analyse all of the activities that everyone is doing in the organisation you can get a sense for which of those might be more automatable than others," said Chui. Neil Kinson, chief of staff at enterprise process automation specialist Redwood Software, recommends creating what he calls a 'robotization centre of excellence' that collates the processes taking place across the business. "It really is teaching people how to both document their process and turn that documentation into what effectively becomes a robot design," he said, using the term 'robot' to refer to the software carrying out the automation.


Why CIOs must step up to lead digital transformation efforts

"CIOs are probably the most equipped to look at the whole iceberg—they need to be front-and-center for the digital transformation," Kark said. "If they're not, it becomes an issue for business leaders, because they are only looking at the front-end stuff, not the whole picture." Though many CEOs recognize this, CIOs are often relegated to just managing technology as the extent of their role, Kark said. "Some of it is that CIOs are not raising their hands to say, 'We are ready to do this,'" Kark said. "Maybe they don't have the credibility or influence, or haven't proactively said they can help." "If CIOs don't step up, other business leaders will, who are only looking at the tip of the iceberg and aren't setting up for success," Kark said. "CIOs better understand the enormity of [digital transformation] efforts, and can articulate that to their business peers."


6 Ways To Add Cybersecurity Protections To Outsourcing Deals

The increasingly complex and geographically dispersed IT environment also complicates matters. When company data lived within one or more central data centers, it was much easier for companies or their suppliers to secure the perimeter with, for example, firewalls, physical security and controlled logical access. Today, data is scattered among data centers, clouds, and mobile devices, for a start. “The points of access and potential points of security failure multiply with this ever expanding ecosystem,” says Eisner. “In addition, many of these systems are provided or managed by third party suppliers.” For those reasons, CIOs must take a risk management approach to selecting, contracting with, and monitoring their company’s IT service providers.


Are regulations the answer to better Internet of Things security?

Regulations, whether or not anyone likes it, can be a very effective hammer for greater good. From improved health monitoring to safer highways to smart homes, IoT has already begun to touch the lives of millions of Americans and will become truly transformational in the years to come. Gartner forecasts that 6.4 billion connected things will be in use worldwide this year, up 30 percent from 2015, and will reach 20.8 billion by 2020. Unfortunately, all those new connected devices also represent the next frontier for hackers. Gartner predicts that more than 25 percent of identified attacks in enterprises will involve IoT devices by the end of the decade. Yet too little attention has been paid thus far in protecting them. 


Quote for the day:


"Leadership is a potent combination of strategy and character. But if you must be without one, be without the strategy." -- Norman Schwarzkopf

Posted by at No comments:
Labels: , , , , , , , , , , ,

Daily Tech Digest - November 11, 2016

Hedge Funds Beware: Most Machine Learning Talk Is Really ‘Hokum’

Giants like Bridgewater Associates and smaller firms such as Highbridge Capital Management and Simplex Asset Management in Japan are developing machine learning or investing in it. The next-generation algorithms, which build on the statistical tools quants have used for years, plow through financial, Internet and satellite data to find unusual patterns. A certain default premium combined with a particular yield-curve slope, for example, might produce a high probability that a stock price will rise or fall. Finding such “signals” to wager on is the holy grail. Many say AI will shake up the industry. Fifty-eight percent of managers in a recent KPMG survey said the technology will have a medium-to-high impact on the way hedge funds operate in the future.


Can we prepare for the jobs that don’t exist yet?

Ultimately technical know-how always need to be backed with something else – just as accountants still tend to do better at work if they’re easier to get on with. “Soft skills set humans apart in an age of automation and robotics,” suggests Steve Hill, External Engagement Director at The Open University. “Adaptability is itself a key soft skill that will become increasingly important as individuals have to adapt to jobs that haven’t even been created yet. Businesses need to facilitate a process of knowledge sharing – between different departments, diverse employees, and even between businesses – to boost this adaptability.” Watkins of Tyche Leadership adds that for businesses “future proofing themselves will be more about hiring people with resilience.”


Managing multiple clouds requires careful choice, architecture planning

One of the ways that companies can manage multiple clouds is before the cloud is selected, by choosing additional services wisely. Bartoletti recommends following the apps to the cloud, not the other way around. "Let your app needs drive your choice of clouds, not today's compute or storage prices - they will keep dropping," he said. Higher value services like database, analytics, mobile platforms, and integration tools should guide the choice, he added. Additionally, some companies try not to use proprietary cloud services like AWS Lambda or Google BigQuery because they're concerned about being locked into that choice, according to Mike Kavis, vice president and principal architect at Cloud Technology Partners.


Are Consumers Accepting Data Breaches As The New Normal

Across the board, consumers demand more privacy and protection but are unwilling to use privacy enhancing systems such as Virtual Private Networks or in some cases even basic security software. Of course, even if they take measures to protect their information, if the business’s own security is compromised, no measures the consumer takes on their end will keep their information safe. For this reason, many consumers have simply accepted that a data breach will happen at some point. Unfortunately, this acceptance makes it easier for hackers. If consumers stop reporting, companies will not know of any security issues and some may even stop caring about cybersecurity. This will eventually embolden more hackers to attempt data breaches as they are less likely to suffer repercussions for their actions. This is a downward spiral that can get dangerous quickly.


The ‘real situation’ on the Internet of Things 2017-2027

“IoT centres around things collaborating for the benefit of humans without human intervention at the time. It does not include the Internet of People which is a renaming of the world of connected personal electronics operated by humans: it has completely different characteristics and it is cynical to conflate it with IoT.” Nevertheless, says Harrop, “we show how IoT nodes can be on people and quantify the appropriate part of wearables market because is relevant. The report explains further with a host of examples and options, even giving forecasts for agricultural robots following several respondents seeing agriculture as an important potential IoT market.” Harrop proudly boasts: “Because we run our own IoT events, we get the inside track first.”


Robots present a cyber risk

The difference between actual and potential risks with robot security incidents “is a function of the complexity of the algorithms used by robots, and the physical and social context of their operation, and their numbers,” says Tom Atwood, executive director of the National Robotics Education Foundation, which provides educational information about robotics to students, educators and professionals. ... “These contexts are growing in number as physical and virtual robots proliferate in all spheres of human endeavor,” Atwood says. Many organizations that operate autonomous machines such as industrial robots mistakenly think they will not be targets because the machines don’t process personal information or financial information. The same goes for companies that produce the machines.


Mastercard using selfies to prove cardholder identity

"Passwords are obviously a challenge to deal with, prone to compromise and difficult to remember," said Dennis Gamiello, Mastercard's vice president of identity solutions, who said the company also considered using fingerprints. "Everything we do needs to be about choice and great consumer experience and can scale. ... Not every phone has a fingerprint reader. It may not work for everyone. Most smartphones have front-facing cameras. This biometric double-check is used for what are called "card not present transactions," such as online purchases. An alert would be sent to the user's registered smartphone, asking for authentication, which comes in the form of a selfie. The cardholder has a certain amount of time in which to respond to the query.


Can Low-Power Devices Be Secure?

The attack surface increases with connected cars. “It’s really important that cars, overall, the system-wide approach is taken for their security, and that people think about security from the overall vehicle electronics system, and not just their individual chip or ECU,” said Turner. “So, that’s presenting a whole new challenge to the automotive industry, which is used to getting bits from all sorts of people in the supply chain and just putting them together without having to think necessarily about system-wide security.” He noted that both internal and external connections need to be secured. Microcontroller suppliers were on a panel at ARM TechCon, addressing the topic of IoT and security, moderated by Nandan Nayampally, vice president of marketing for ARM’s CPU Group.


Next Career Step for Best and Brightest CDOs? How About CEO?

“Organizations that have made the strategic decision to introduce the CDO role are looking to get as much new value as possible from this position,” the study continues. “Thirty percent of the surveyed CDOs said they report directly to the CEO. CDOs are adding to the competitiveness of their companies by contributing to strategic planning and decision making, and by leading digital business initiatives.” As a result, Gartner predicts that, by 2020, 15 percent of successful CDOs will move into CEO, COO, CMO or other C-level positions. Why all this optimism? Because of the growing number of organizations that are really taking seriously the value of their data, and that want somebody to take charge of it. According to Gartner, the office of the CDO is being established as an operational department with the appropriate staffing, budget and responsibilities.


Singapore has committed to eGovernment but what about the rest of Asia?

The Government Technology Agency, or GovTech, was recently created to head up the launch of these services and provide engineers for the government’s various Smart Nation projects. It is unlike the Info-communications Media Development Authority (IMDA), which is usually at the forefront of Singapore’s tech talk and builds connections with the private sector. GovTech on the other hand is tasked with reinventing the public sector. GovTech’s remit will cover cybersecurity, digital infrastructure for government, data science, data analytics, and app development. One of its most ambitious tasks is creating a one-stop vault where citizens can access and manage all of their personal data. This will tie into collaborations with the Ministry for Finance, where data can be automatically pulled from the vault to fill in forms for things like tax returns, loans, or public housing applications.


Quote for the day:


"A big part of leadership is just being comfortable with the fact that some decisions really are only yours." -- Helene D. Gayle

Posted by at No comments:
Labels: , , , , , , , , , , ,

Daily Tech Digest - November 10, 2016

AI, Cognitive Computing To Disrupt Enterprises: IDC

"Recent announcements by several large technology vendors and the booming venture capital market for AI startups illustrate the need for organizations to be planning and undertaking strategies that incorporate these wide-ranging technologies," he added. But it's not just about startups. Enterprises will play a big part, too, or risk being subsumed by digital disruptors, according to IDC. "Identifying, understanding, and acting on the use cases, technologies and growth opportunities for cognitive/AI systems will be a differentiating factor for most enterprises and the digital disruption caused by these technologies will be significant." IDC says that enterprises across a broad range of industries will be able to enable cognitive systems and AI by applying algorithms and rules-based logic to data flows.


Pixel XL with Google Daydream provide premium mobile VR

The flexible Daydream View headset simplifies alignment of the phone compared to Google Cardboard and the Gear VR. Just drop the phone into the headset, and the NFC chip inside the headset turns on Daydream VR and the Hall-effect sensor automatically aligns the screen with the lenses. The phone can be inserted quite far out of physical alignment, and the screen aligns perfectly from inside the headset. ... The Daydream controller has a very comfortable and lightweight minimalist design. It has a touchpad-like button, an application button and a home button that returns the user to the top-level menu. The overall performance and three degrees of freedom (3DOF) works well, though there is a bit of drift that can easily be corrected by pressing the home button.


How ‘Security Scorecards’ Advance Security, Reduce Risk

Understanding what makes a system secure is easy because it’s a technical problem. Deciding whether or not that’s worth doing from a business standpoint is more complicated. A lot of security people assume that security initiatives are always worth pursuing. If it takes zero resources – no time, no money, no anything – of course you’d do it. Every security improvement comes with a cost, and those costs are not always apparent or worth bearing. ... Security people would do well to accept risk, have a process for accepting risk, and make their business colleagues comfortable with accepting risk or paying for mitigation. If we have this business that is under-performing, it’s easy to look at the balance sheet of that business and know whether spending $100,000 on a pentest is worth doing.


A personal yet technology-driven approach to getting those 5-star reviews

With information on guests being so key to the success of hoteliers, it’s no surprise that they’ve been investing in innovating loyalty programmes: this has been their primary method of getting information about their guest’s behaviours and preferences and encouraging them to return. But as guest expectations continue to rise, understanding and meeting them is becoming tougher and tougher. It seems that one solution for hoteliers would be to create an app that drives the desired guest experience. This app could smartly and contextually recognise the guest from almost before the moment they log in, prioritises them based on their profile, and maintains the engagement from booking through arrival, during their stay and after check-out.


APIs Blurring Distinction Between Banking and Fintech

APIs have been used at banks and credit unions for decades, allowing internal developers the ability to interact with banking functionality without having to interact directly with the organization’s back-end systems. The beauty of an API is that it can modernize legacy infrastructure. The difference today is that financial institutions are allowing external access, expanding the possible use cases exponentially. Peter Wannemacher, a senior analyst with Forrester Research, said that “APIs will be, in the near future, a necessary and valuable means by which banks will do their jobs.” He added, “There’s a component of inevitability.” Tech writer Brian Koles says, “A company without APIs is like a computer without internet.” APIs are being used primarily to allow for the building of fintech solutions with a reduced time to market.


Oracle Widens Cloud Investments to Battle Bigger Amazon Threat

Oracle is also moving forward with home-grown tools, and in September unveiled a new plan for its own services for infrastructure, the core computing feature that lets developers easily build applications or work with databases. This business has been the laggard at Oracle, at less than a quarter of the size of the other cloud offerings and with slower growth. Hurd said the latest push -- backed by the company’s own big data centers with more efficient servers -- is something new for the business that can help spur the next chapter of growth. He’s betting customers would rather have more products from fewer providers than a patchwork of tools from a smattering of companies.


Peek at the smart tech inside Box's new headquarters

If it sounds similar to the smart campus that VMware recently opened in Palo Alto, Calif., that's because Chapman was on the team that helped design that build, before he joined Box in July 2015. Chapman was previously the CIO of HP Software and prior to HP, he was a vice president at VMware. The way the mobile app at Box works, "if I want to book a conference room, I bring it up on my app, I see the conference rooms that are available, I choose the room I want, I get turn-by-turn directions to that room and as I step into that room it automatically checks me into the room. Within 10 minutes if a room isn't claimed it's freed up. That works from an efficiency standpoint as well. A percentage of our rooms are reclaimed every day as people don't show up," he said.


New Tools Aim to Close the Cybersecurity Skills Gap

CyberSeek gives policymakers, employers, security professionals and others greater visibility into the demand for cybersecurity professionals around the country, allowing them to see the skills and types of workers that employers are seeking, as well as the true supply of professionals to fill those positions. Resembling a weather map, CyberSeek uses varying shades of color to reveal relative concentrations of cybersecurity job postings and worker supply. Users can search by state or more than 300 metropolitan areas, seeing total job openings, worker supply supply/demand ratio, a quotient for geographic concentration of workers and an area's top cybersecurity jobs by title. Here's an example NICE provides for the Kansas City metropolitan area: CyberSeek reveals that in the past year there were 2,134 job openings and 6,829 employed workers,


2017 Will Be A Bad Year For Pessimists

Everyone talks about the skills shortage, but is that really the problem? What if what is seen as a skills shortage is actually a result of employers’ addiction to Industrial Age work credentials such as college degrees and work experience? Autodidacts have discovered the power of “YouTube University,” but employers have been slow to recognize the potential. Workers wanting to learn a new skill or to pivot or accelerate their career can spend hours searching YouTube and engaging in various social media communities to develop competencies. ... Optimism extends beyond the executives I talked to. The Dalai Lama is also upbeat about the future. The Tibetan spiritual leader is heartened by the emergence of global consensus on climate goals enshrined in the Paris accord on climate change, as well as by the emerging ability to measure the willingness of nations and politicians to get along with one another.


How Java developers can use the Wiremock framework to simulate HTTP-based APIs

If you really wanted to, you could easily implement your own simple logging framework in no more than a day or two. But conventional wisdom has conditioned us never to write logging frameworks from scratch. Rather, we use Logback, Slf4J or similar off-the-shelf logging frameworks. And that’s for logging, a relatively simple function; if you ramp up the complexity of the problem, to consider for example data storage, it is almost a given that you will be using one of the ready-made frameworks available on the market, such as Oracle, MongoDB or Neo4J, depending on your requirements. Or take for example testing frameworks. You would not write a testing framework for every project you start; you’d just use JUnit or any of the other ones available, and optionally build on on top of that.


Quote for the day:


"We cannot change what we are not aware of, and once we are aware, we cannot help but change" -- Sheryl Sandberg

Posted by at No comments:
Labels: , , , , , , , , , , , , ,

Daily Tech Digest - November 09, 2016

Companies will 'get serious' about AI technology in 2017

CIOs will have to determine where to place their biggest bets -- either on AI technology or skills. Open source libraries from the likes of Google and Facebook make AI cheap and accessible, but the talent needed to leverage these libraries doesn't come cheap, Davenport said. At the other end of the spectrum is IBM Watson. Davenport called it "the big, high-price and, in some ways, high-risk option because they really want to sell it for transformative applications." In a recent Harvard Business Review article, Davenport explained that IBM helps assess where the cognitive technology will make the biggest impacts and provides consultants and researchers to help companies get there.


Docker, machine learning are top tech trends for 2017

For Docker, PaaS, and microservices, developers see containers as a self-contained process and the PaaS as the common deployment target, using microservices as the common style, according to ThoughtWorks. "What we're seeing today is the level of abstraction is being raised up," Mason said. In the previous paradigm, a process ran only on a machine. "Now, we think about a Docker image as that basic unit of work and computation," and APIs and microservices serve as a communications fabric. Intelligent empowerment, meanwhile, has companies frequently open-sourcing sophisticated libraries and tools that would have been "stratospherically expensive" and restricted a decade ago, ThoughtWorks said. New tooling has been made possible by commodity computing and targeting of specific hardware like GPUs and clouds.


Gaps starting to close in cyberinsurance policies

Some insurance companies are trying to fill the middle ground. One example is Willis Towers Watson, an insurance brokerage that recently announced its CyFi plan—that's short for cyberinsurance and fidelity, vice president Peter Foster explained. Fidelity bond is insurance-speak for a crime policy involving the theft of money. A client of Foster's in the financial field nearly lost a large sum when one of their corporate officers was asked to surreptitiously transfer money online, which inspired Willis to expedite its product offering, he said. That wouldn't have been covered in a standard cyberinsurance policy. "They managed to stop it in time, but it's what got them concerned," Foster said.


Changing IoT Passwords Won't Stop Attacks. Here's What Will.

The solution is to ensure security throughout the IoT environment — from the manufacturer, through the supply chain, into the home setup process, and on through the connection and integration a device has with other devices and apps such as Wi-Fi routers and cloud services. The initial process by which a device is brought into the home, how it's added to the home network, how it's configured, and how security credentials are established will determine the security and privacy of that device over its life cycle. The current reality is that these processes don't implement many security best practices or standards. The industry should take this opportunity to determine a set of best practices and security technologies for this key piece of device life cycle. This will take an industry effort, not just a public service announcement to consumers. And it won’t happen overnight.


Robots Present A Cyber Risk

First, these machines are generally integral to assembly line operations and other similar activities, Overly says. “An attack could literally bring a manufacturing or assembly plant to its knees,” he says. “We have seen this very outcome in a ransomware attack targeted at robotic assemblers in a plant in Mexico.” In that case, the ransomware locked up the specifications files from which the robots drew their operating parameters, he says. Second, robots are generally large and capable of causing significant bodily and property damage if operated other than in accordance with their specifications. “If the subject of an attack, the machines could cause dramatic harm, both to individuals and to property,” Overly says.


The Serious Fun of Shared Experiences at Work

Once a team is formed, ongoing shared experiences continuously elevate its performance. Shawn Achor, a happiness researcher and former Harvard professor, studied NFL teams and elite military units, investigating why high-pressure situations cause some teams to perform at a high level and others to fail. Achor’s findings suggests that the critical difference was the way in which the teams viewed stress. When stress is combined with meaning — for example, trying to win a Super Bowl — teams performed better. This link to purpose is underscored by the classic teaming theories of my colleague Jon Katzenbach, who proposes, in The Wisdom of Teams (with Douglas K. Smith), that shared purpose is one of the elemental basics that must be in place for a team to perform.


5 flavors of hybrid cloud transforming the enterprise

Public IaaS providers let you have it your way, so you can come very close to duplicating your on-premises environment in the public cloud and make one an extension of the other using a secure virtual private cloud, where cloud resources reside in a virtual network hosted by the provider. Customers choose workloads or environments that would most benefit from cloud extensibility—dev and test, analytics, or even core line-of-business applications that need to scale. ... The idea of “burst” capacity, where a private cloud acquires additional VMs from a public cloud in response to spikes in demand, got a boost with the recent deal between VMware and AWS, in which the entire VMware software-defined datacenter stack will be available as a service on AWS next year.


Security risks from the internet of things

As awareness increases, some “smarter” IoT devices can be brought up to current security standards with periodic firmware updates. While it’s a start, the majority of internet-ready devices cannot be integrated into the conventional IT hardware or software protections with which companies protect themselves against internet-based attacks. The variety of new internet-ready devices brings a mass of new data traffic to the network that must be managed and secured by IT departments. But it’s complicated by the variety of network protocols used by all of these various device types. The consumerization of IT is another factor due to the increasingly permeable borders between devices for personal use and those for business.


Future enterprise companies will be run by robots

Volkswagen has already utilized ML to predict future sales performance, depending on release date, vehicle type, area, and accessories. The CIO says the use of such technology has so far been a "stunning, surprising success," with machine-based sales predictions reaching accuracy levels of up to 90 percent -- whereas human predictors can only manage an average of 60 percent. It may also be that one day, these bots will be smart enough to automatically approve financial decisions based on cost control. Finally, Hoffman says that bots will also be used in decision making and execution. These "Mr. Know-it-all" bots will be used in team management, scheduling, time planning and the automatic management of corporate documents. Do these future applications mean that robots will be taking over all of our jobs?


HTTP Benchmark and Pipelining

Now, the problem is that this is really expensive. As in, wowexpensive. So pretty much as soon as the web started to hit it off (mid-90s or so), people realized that this isn’t going to work, and the notion of Keep-Alive was born. With Keep-Alive, you are going to reuse the same TCP connection to send multiple requests to the server. The idea is that once the connection is open, there is a strong likelihood that you’ll use it again soon, so why pay the 7 packets cost for opening and closing the TCP connection? And the more requests we make to the server, the better we are. Now, there is another trick that we can apply here. Remember that TCP is stream oriented, not packet oriented. That means that as far as the calling code is concerned, we aren’t actually seeing packets, just bytes arriving one after another.


Quote for the day:

"Talent is a dreadfully cheap commodity, cheaper than table salt. What separates the talented individual from the successful one is a lot of hard work and study." -- Stephen King,

Posted by at No comments:
Labels: , , , , , , , , , , , ,

Daily Tech Digest - November 08, 2016

Cloud-Based Network Analysis Drills Down To Users And Apps

"The applications have never been in the domain of the network guys," said G.T. Hill, Nyansa’s director of technical and product marketing. Voyance+ will give them eyes in that realm, helping them investigate and solve specific user complaints, he said. The software can identify 218 applications so far, Hill said. For some, like Skype for Business and Cisco Unified Communications Manager, it uses APIs (application programming interfaces) for specific kinds of measurements. For some applications, including SaaS offerings, it uses third-party software to get application signatures. Nyansa can also identify custom enterprise applications as long as it has information like server names, Internet Protocol addresses, and TCP port numbers.


Smartphone Security: Technologies Protecting Your Personal Data

It was very well understood from the beginning that fingerprints will have issues – the efficiency and reliability of fingerprints get affected by age and occupation. Fingerprints are known to not work for women or children with soft skin and older people who have brittle skin. Fingerprints for people in manual labour get wiped out or get damaged, hence do not match affecting the efficiency and reliability. Iris, being a protected internal organ, does not get affected by external conditions, does not change with age or occupation. Hence, it is more efficient and reliable. With respect to response time, the current devices that have been used have certain technological limitations that force subjects to stand at specific distance and sensitive to motion etc.


Cloud Infrastructure Spending Is Increasing, but Is Cloud Adoption Jumping as Well?

Despite this growth in spending on IT infrastructure for the cloud, it’s unclear if cloud adoption is growing in tandem. An online survey of 500 business and IT executives conducted earlier this fall by industry trade group CompTIA found a broad decline over the past two years in the reported use of cloud-based apps, the Wall Street Journal reports, noting a decline in the use of business productivity, email and analytics tools; and collaboration, customer relationship management, enterprise resource planning and expense management apps. CompTIA’s survey found that the number of companies running cloud productivity tools this year fell to 45 percent, down from 63 percent in 2014.


Mobile is becoming the baseline for all branded digital experiences

For brands hoping to capitalize on all this, Ask recommends that they get started now on building those experiences, which will depend on agility, continuous learning and automation to succeed. To that end, Ask predicts that we’ll see three particular trends in 2017. First, consumer app fatigue will push enterprises to build a portfolio of mobile experiences to serve customers, as well as reinvest in their owned mobile moments with renewed investment in the web to support that breadth. Second, as mobile becomes more mission-critical to their business, enterprises will take more ownership of designing mobile experiences rather than outsourcing mobile-related projects to third parties.
 writes


What’s Next For IoT Security?

One of the big problems with security is a lack of consistent and current standards. Standards that do exist, such as Transport Layer Security, do little to secure a device such as a surveillance camera or a connected entertainment system, which the U.S. Department of Homeland Security identified as the culprits in the Dyn DDoS attack. Homeland Security Secretary Jeh Johnson said in a statement last month that his department has been “working to develop a set of strategic principles for securing the Internet of Things, which we plan to release in the coming weeks.” Still, even if everything works as planned, connected devices are not suddenly going to be secure overnight. For one thing, there are plenty of legacy devices in the market. For another, even where technology does exist it isn’t always used.


French Plan For Biometric Database of 60 Million People Sparks Outcry

Minister of State Axelle Lemaire told French journalists the megadatabase used 10-year-old technology and had real security problems. For the Council, the creation of TES (from the French abbreviation for Secure Electronic Identity Documents) will result in abuses "as inevitable as they are unacceptable." TES is a dramatic expansion of an existing database used for the creation of biometric passports. The government plans to merge it with the (non-biometric) database of holders of the French national identity card This cycle of clandestine database development followed by public outcry is nothing new: France has been here before. Several times.


Russian users far better at passwords than U.S. users

When it comes to names or email address usernames used in passwords, several countries finally did worse than the US. China was the worst offender with close to 14 percent, followed by India and then Pakistan. In the US, a little more than six percent committed this password sin, compared to a little less than four percent in Russia. While India and Pakistan tend to have close percentages, India scored a bit better. Ahmad wrote, “This proves the fact that Indian people are indeed better at security than Pakistani people.” Being from Pakistan, Ahmad said, “People here use really, really weak passwords.” He followed that comment with analysis about using the weakest passwords.


Solving Business Problems with Data Science

Data science is a catch-all term for a set of interdisciplinary techniques which put data to work to extract useful insights, predictions, or knowledge - calling on elements of statistics, programming, data mining, and machine learning. It shows up in a large variety of areas, some that are literally rocket science while others are much more prosaic. Data science is behind consumer internet magic like Amazon’s book recommendations or LinkedIn’s People You May Know. It’s behind new things like self-driving cars, which use these techniques to learn how to drive safely. And it’s behind day to day practical applications like a supermarket loyalty scheme, such as Tesco’s Clubcard, figuring out which vouchers to send you. The theory behind most of these applications has been around for decades.


IT/OT Convergence and Industrial Cybersecurity Q&A

The IT/OT convergence is a phrase used to describe the trend that is blurring the line between what had traditionally been well-differentiated classes of IT-based systems. As noted in my previous IT/OT blog, this trend is well established, but the full implications are still developing in areas such as the management and protection of systems against cyber security threats. The diversity of technologies involved ensures that there is effective collaboration across multiple disciplines. Key issues covered in the recent webinar include: How the convergence is reflected in international standards for cybersecurity, such as ISA/IEC 62443 The typical and needed responses from the various stakeholders The importance of consequence estimation for the asset owner


How Do You Define Prevention?

It’s time to adopt a new definition for the word “prevention” when it comes to cybersecurity. New or next-generation prevention should stop focusing on trying to stay on top of a constantly changing pool of malicious tools and start focusing on the underlying techniques employed by threat actors, such that blocking a single technique could stop an entire class of attacks. The fact is that, while malware and other tools are growing in number daily, the ways cyberattackers use to deliver threats (spear phishing or stealing legitimate credentials, for example) haven’t changed nearly as significantly. In light of this, wouldn’t it be more efficient to focus on stopping the methods used to deliver threats, rather than the threats themselves?


Quote for the day:


"Encouraging Smart Risk Taking Doesn't Mean Tolerating Dumb Mistakes." --  @GordonTredgold

Posted by at No comments:
Labels: , , , , , , , , ,

Daily Tech Digest - November 07, 2016

IBM hybrid storage play acknowledges enterprise realities

Systems such as file and block storage weren't designed to deal with petabytes of data and file counts that can climb into the trillions, but object storage is ideally suited for metadata capabilities and rich database capabilities needed to automate data management, said Steven Hill, senior storage technologies analyst with 451 Research. " ... what IBM has come around to understand is picking up the value of what object storage does and trying to do it better in cloud than Amazon is doing," Hill said. In some scenarios, whether regulatory or financial, it makes more sense to continue to store data on premises, so the IBM hybrid storage approach will be attractive to customers that aren't all-in on public cloud, said Patrick Harr, CEO of Panzura, a cloud storage provider based in Campbell, Calif., that partners with IBM, Amazon, Google, Microsoft and others.


Digital Asset Holdings Targets Systemically Important FIs With New Blockchain Tech

The first function of the GSL is to ensure that "mutually exclusive events" are in fact unique. Or to put it another way, to ensure that smart contracts only exist in one place and that if an older contract is referenced by a newer contract, only the new one survives. Notably, the paper does away with the term "smart contract" altogether, opting instead for the more traditional term "contract." But in addition to ensuring duplicate contracts don't exist, the service works as a messaging system to inform all parties affected by a contract — perhaps thousands of them — that something has happened on the blockchain that they should know about. To do this, the contract is processed off-chain. This could include processing ranging from flows of transactional data to common models of workflow behavior.


Big banks have nothing to fear, but need to learn, from fintech, Salesforce says

Rather than regarding fintechs as disruptors out to take over their market share, banks should regard them as partners, Mahna says. “Banks have an unbelievable knowledge of products and services, really understand the regulatory landscape, not only in Canada but around the world,” he says. “Fintechs, on the other hand, are innovative, agile… they’re very complementary when you think about it. ” For her part, Drew-Lytle disagrees with Mahna’s assertion that banks could be in danger of being eclipsed by fintechs if they don’t adopt an innovation mindset; and though she agrees the two sectors should collaborate she notes that the banking industry has never considered fintechs their enemies to begin with.


Container interoperability: Do standards really matter?

A group of container loyalists believe that Docker should not become the way that the industry defines containers. CoreOS has Rocket, a competing container runtime, as well as its own container format. In addition, Google, Red Hat and VMware have aligned with CoreOS.  While Docker and CoreOS looked like they were going to battle it out in the market, that hasn't happened. Both have decided to cooperate, at least for now, and both are stakeholders in the Linux Foundation's Open Container Project (OCP).  The Docker format and runtime forms the foundation of the evolving OCP standard, and Docker, to its credit, will provide both the draft specifications and the code around its image format and runtime engine. This has jump-started the project. Now the container community is waiting to see what will come from it.


The Challenge Facing Businesses in The Machine Learning Age

Companies that look at this changing roadmap and understand its challenge are already repositioning themselves to take advantage of the new deluge of data that they can now tap into and see the new patterns it reveals. In the not too-distant past, marketing personas allowed a company sales director to create marketing campaigns that passably addressed the personality profile of the company’s targeted audience. This led to a sense that the company understood customer needs and it created a connection with its audience which is how it found its customers. The better representative of its potential customer the marketing persona construct was, the closer was the connection and relationship between the company and its public.


How to become a data-driven 'algorithmic enterprise'

"Harnessing data is absolutely crucial for incorporating the latest generation of machine intelligence, but most organisations suffer from having data locked up in legacy systems or dispersed across a variety of databases, often with poor data quality and conflicting sources of truth. "IT leaders must implement an effective data strategy to unlock, preserve and grow their data assets. Data strategy often relies on an underlying platform strategy - such as public or private PaaS - in order to manage and process data, as well as rapidly deliver applications that unlock business value. In our experience, organisations have difficulty gaining full value from cloud, often building superficial private clouds which we caution against.


The inside man: your biggest risk may be closer than you think

The business of healthcare has drastically changed in a short amount of time. As such, cyber security is fast becoming one of the biggest concerns for the healthcare industry, with more pressure than ever before to minimise the damage associated with a data breach. This can be a daunting task for digital healthcare providers in particular, given the nature of the information they deal with. While addressing the fear of coming under external attack is an important part of the puzzle, for many data breaches the risks lie much closer to home. Insider threats can result from human error or intentional theft, but both are equally damaging for health professionals that aren’t prepared. In today’s digital world, users need access to a myriad of critical systems, applications, and data in order to do their jobs.


Data Dive: Square, Ripple and Mastercard Embraces The Blockchain

Mastercard is taking a collaborative approach to leveraging the blockchain, both exploring the technology itself and encouraging developers to use distributed ledger technology to create solutions that Mastercard may want to incorporate in the future. According to Pinkham, Mastercard is looking into using blockchain for interbank payments — key to cross-border transactions — and trade finance use cases. “Mastercard’s virtues are well-appreciated by the stock market, but the evolution of mobile payment habits and the rise of blockchain ledger technology could pose longer-term challenges to the company’s wildly profitable business model,” Mastercard investor Sequoia Fund warned of the threat the blockchain could pose to operators of traditional credit card rails like Mastercard.


Flood of threat intelligence overwhelming for many firms

"Despite the fact that we have the finest tools that can defend against advanced persistent threats, we still need qualified security analysts or engineers to look at the incidents thrown out by the tools, comb out false positives, and take actions," he said. To help deal with the issue, 66 percent of companies said that they used third-party consultants or managed security service providers to develop or implement their cyber security plans. Intergration was an issue here as well, Chabra added. "Your security technology vendor isn't the same as your managed security service provider," he said. "You've got multiple vendors involved -- one vendor managing the security, another managing the technology, and there's a gap there."


Doing the Bare Minimum for Compliance Could Leave Enterprises Overexposed

When trust is lost, relationships with shareholders, stakeholders, peers, customers and employees are stressed. The impact extends beyond the enterprise or its industry. In the United States, exploited vulnerabilities cost American enterprises billions of dollars and the American economy hundreds of thousands of jobs each year. Fewer jobs translate into less tax revenues, more deficit spending, more debt, and less infrastructure spending, handicapping a superpower. The law is immature. Enterprises should turn to leading published perspectives for more timely and accurate guidance. Latent vulnerabilities are inherent in the business processes and technologies in all enterprises. 


Quote for the day:


"Every shadow no matter how deep is threatened by morning light." -- Isabel, The Fountain

Posted by at No comments:
Labels: , , , , , , , , , ,

Daily Tech Digest - November 06, 2016

Analytics: The lifeblood of the Fourth Industrial Revolution

Healthcare is an industry that's been described as ‘data rich but insight poor.’ Yet, it’s on the cusp of a data revolution. Two-thirds of the data generation are comfortable sharing their personal information with the healthcare sector, more than any other sector. Also, they're more willing to share vital health statistics than any other form of data. This generation understands that by making better use of the data available – be it patient data, performance data, clinical data or administrative data – the healthcare industry will be able to be better understand patient conditions. And as a result, they'll be able to diagnose diseases more quickly, support better interventions, deliver new models of care and improve quality of life.


The future of big data

There have been many instances where businesses had been ahead of their time in regards to big data – for example when Boots first introduced the loyalty card in 1997 as a way of rewarding people in return for their data. ... These larger organizations have now moved on from simply analysing their data to report on how they are performing, and are now attempting to analyse their data to predict the future. Staples are a great example of this – they measure the behaviour of their customers directly before they stop buying from the company, giving them the ability to predict when their current customers will stop buying from them. With this data, Staples can focus their marketing efforts on the people who look like they are about to stop buying from them – it’s cheaper to retain a customer than it is to acquire a new one.


How Cloud Is Driving The Next Industrial Revolution

Now, the fourth Industrial Revolution is gathering steam thanks to developments in Internet of Things (IoT), automation and robotics. These technologies, along with big data and analytics, are key elements in this new industrial revolution, commonly called Industry 4.0.This is driving developments in a range of sectors. In manufacturing, smart factories with automated maintenance and significant improvements to efficiency are becoming a reality. In the financial services sector, automation is being used to cope with an ever-increasing volume of data, whether for customer service or shifting focus to areas such as security and risk. No matter what industry you’re in, cloud technology is a critical enabler of the next Industrial Revolution, by providing the means for businesses to innovate around these technologies.


Improving lives with digital transformation in healthcare

Technology isn’t just centered around medicine. It can also enhance the patient experience, help ease their life while at hospital and reassure families. Dr Samir Abbas Hospital has also deployed tamper-proof RFID ankle bands for babies to track the location of infants within the hospital. The system has been designed to eliminate risks of abduction or baby swapping. You may be surprised to find that Orange has been involved in these transformation developments at Dr Samir Abbas Hospital, as you probably don’t associate us with health. In fact, we are making huge investments in the sector. A few years ago, we set up a dedicated unit, Orange Healthcare, within Orange Business Services to provide reliable and effective solutions that can help both patients and healthcare professionals.


Machine Learning Is No Longer Just for Experts

For most software developers, there have historically been many barriers to entry in machine learning, most notably software libraries designed more for academic researchers than for software engineers as well as a lack of sufficient data. ... In tandem, the last few years have seen a proliferation of cutting-edge, commercially usable machine learning frameworks, including the highly successful scikit-learn Python library and well-publicized releases of libraries like Tensorflow by Google and CNTK by Microsoft Research. The last two years have also seen the major cloud providers Amazon Web Services and Google Cloud Services release machine learning–specific services — both Machine Learning as a Service platforms and graphics processor unit machines optimized for machine learning work.


IoT edge analytics is transforming manufacturing

Edge analytics can increase your ability to monitor and react to equipment health, resulting in lower costs. Evaluating asset performance at the point of monitoring helps drive corrective action and reduce premature degradation. It is estimated companies can recover as much as half their annual maintenance budget by aligning maintenance investment to asset condition. Increased condition-based and predictive maintenance frees up capital investment for other expansion projects or return on shareholder value. As examples, consider condition-based maintenance (CBM) and predictive maintenance. CBM uses sensor data from equipment and applies a monitoring strategy that uses the actual condition of the asset to decide when and what maintenance should be done. CBM can augment a time-based maintenance strategy and help reduce failures.


Making Algorithms Accountable

“We urgently need more due process with the algorithmic systems influencing our lives,” says Kate Crawford, a principal researcher at Microsoft Research who has called for big data due process requirements. “If you are given a score that jeopardizes your ability to get a job, housing or education, you should have the right to see that data, know how it was generated, and be able to correct errors and contest the decision.” The European Union has recently adopted a due process requirement for data-driven decisions based “solely on automated processing” that “significantly affect” citizens. The new rules, which are set to go into effect in May 2018, give European Union citizens the right to obtain an explanation of automated decisions and to challenge those decisions.


Virtual Panel: State of Reactive in JavaScript and Elm

Exciting things have happened over the past two years: Reactive programming has come to the forefront in front-end JS on several fronts, and has become mainstream in terms of technique and mindshare. However, the current generation of implementations have some issues that we need to solve. For example: hot vs. cold can add significant cognitive overhead for developers, glitches and weird gotchas such as diamond shapes like: combine(f, stream1, stream1), while infrequently encountered, will be surprising to many devs. The community is just starting to research other implementation techniques, including rigorous FRP approaches to correctness, such as signal functions, signal vectors, pull-based, and push-pull-based. These can help us create implementations that rule out glitches.


Top 7 Programming languages to learn in 2017

The description of a programming language is usually split into the two components of syntax (form) and semantics (meaning). Some languages are defined by a specification document (for example, the C programming language is specified by an ISO Standard), while other languages (such as Perl) have a dominant implementation that is treated as a reference. Some languages have both, with the basic language defined by a standard and extensions taken from the dominant implementation being common. You don’t need us to tell you that when it comes to tech, staying ahead of the curve is a pretty good idea. In such an innovative and fast-paced industry, new technologies are emerging every week, every day… basically all the time!


Why don't developers have a 'spellchecker' for security'?

Wouldn't it be nice if software developers had something like a spellchecker, but instead of catching typos and simple grammar mistakes, it caught basic security problems? Developers would be able to fix them immediately, and also learn to write more secure code in the process. The traditional approach is to test software for vulnerabilities after it has been written. But today the testing is moving to earlier in the development process, to when commits are made, or even earlier, while the developer is actually writing the code. "We really need to be implementing this type of application security in our software development stage," said Doug Cahill, analyst at research firm Enterprise Strategy Group. "There are some organizations that are integrating these types of security best practices into their software methodology, but not enough.


Quote for the day:


"Oh yes the past can hurt. But you can either run from it or learn from it." -- Rafiki, The Lion King

Posted by at No comments:
Labels: , , , , , , , , , , ,

Daily Tech Digest - November 05, 2016

How to Boost Your Skills to Become a Better Developer

Having the final user in mind is the first skill of a good developer. Make sure you know the problems of your end users. Make sure to know their needs. Then develop the product that solves their problems and fills their needs. Software development is all about that. The second skill concerns the quality of what you deliver. Delivering with zero defects is a skill. Obviously, it is hard to reach — but it’s not impossible. ... The third skill is about simplicity and not fearing inherent and accidental complexity. This skill is about decomposition and abstraction: your ability to break down complex systems/problems into smaller ones, contrast those smaller parts to make them independent, and organise those smaller parts to make them understandable at the right level of abstraction


Prince George’s County Grooms Millennial IT Workers for the Future

For Sinclair, the leadership training has had as much, if not more, of an impact than the technical training. “I’ve grown tremendously working under Mr. Loveless and Ms. Longs, as well as others, but definitely my leadership skills have grown tremendously,” he says. “The first day I started, I would’ve been scared to read a report in front of my parents. But now, I can give a speech on the spot to a room of 50 people, confidently, that I don’t even know.” If Prince George’s County’s approach to internship and young professional training in IT pays off in the long run, it can hopefully shift perceptions about the county and get young people to realize that they don’t have to move to Silicon Valley or Manhattan to do challenging and rewarding IT work.


This Evil Office Printer Hijacks Your Cellphone Connection

Oliver’s fake printer, which he calls the Stealth Cell Tower, could potentially eavesdrop on the voice calls and SMS messages of any phone that’s fooled into automatically connecting to it. Since it sits indoors near its victims, Oliver says it can easily overpower the signal of real, outdoor cell towers. But instead of spying, the printer merely starts a text message conversation with the phone, pretending to be an unidentified contact with a generic message like “Come over when you’re ready,” or the more playful “I’m printing the details for you now.” If the confused victim writes back, the printer spits out their response on paper as a creepy proof of concept. It’s also programmed to make calls to connected phones and, if the owner answers, to play an mp3 of the Stevie Wonder song “I Just Called to Say I Love You.”


How to thrive in a hybrid cloud world: Data governance and management best practice

It can be difficult to retrofit governance into existing systems. Often, the focus is on the initial data migration to the new operational application or analytics, where a simple bulk data loader is employed in the interest of speed and agility. ... Once the new applications have gone live, focus shifts to ensuring data consistency. Moving between cloud and on-premise systems and cloud-to-cloud brings new challenges, and leave fewer resources dedicated to overall data management. If you don’t want to slow down the business initiatives that are driving the new applications, but still want to prevent that data complexity or chaos, it will pay to have a data management architecture and best practices in place before-hand.


Spending on enterprise mobile apps is up, will continue to increase for the next three years

Enterprise mobility continues to serve as a driving force in boosting company productivity and flexibility. The ubiquity of mobile devices ensures that the business apps running on them can reach large-scale audiences and address an array of organizational needs. This driving force will only increase as wearables and the Internet of Things (IoT) become more mainstream. It's a common trend now for employees to choose the business apps they feel best meet their needs, and this in turn challenges enterprises to produce mobile apps to solve these needs. With that trend in mind, Adobe conducted a recent survey to examine the state of mobile apps in the enterprise, with a focus on the opportunities for organizations seeking to leverage apps to stoke productivity and remain competitive.


Information Governance Insights: Ch-ch-ch-Changes!

Many of us in Information Governance already know plenty about this group because we’re part of them! Like it or not, most organizations consider that Information Governance comes under the purview of the Information Technology. The one thing that many Information Governance professionals fail to understand is that the job of Information Technology is to keep the computers running. They are mechanics, highly skilled and very adaptive, but they want to solve problems and keep the trains running. They can find new software, add new servers to solve business issues, and implement it faster than you can keep up with. The best way to solve this is to get involved! Do what you can to become an active part of your organization’s procurement process.


How Artificial Intelligence Will Redefine Management

Many alarms have sounded on the potential for artificial intelligence (AI) technologies to upend the workforce, especially for easy-to-automate jobs. But managers at all levels will have to adapt to the world of smart machines. The fact is, artificial intelligence will soon be able to do the administrative tasks that consume much of managers’ time faster, better, and at a lower cost. How can managers — from the front lines to the C-suite — thrive in the age of AI? To find out, we surveyed 1,770 managers from 14 countries and interviewed 37 executives in charge of digital transformation at their organizations. Using this data, we identified five practices that successful managers will need to master.


Citibank's plan to fight the fintech revolution

"I describe it as the extinction phase," said Stephen Bird, Citigroup's CEO of global consumer banking, to Fortune.com in June. "What happens in an extinction phase is that you either rapidly adapt and new means of competition are created, or you go extinct.""The future of banking is about focusing on advisory and consultation rather than transactions," said Baxter. "We need to take cost out of the middle and back office of doing simple repetitive rules transactions and move those people into other roles." Citibank plans to do this by retraining their employees through a range of educational classes to help them expand their skill sets to be more relevant as the bank expands the remits of its staple employees.


Are smart cities just a utopian fantasy?

Current funding for smart city initiatives is only good enough for proof-of-concept trials, which would lead, at best, to a piecemeal approach to smart city construction. The reluctance is understandable — Songdo cost roughly $35 billion to build from scratch — but without genuine investment in changing the infrastructure of a city to fit smart city needs, widespread deployment will be riddled with integration and adoption issues. Maybe the biggest obstacle to its full deployment is one question: Are smart cities profitable? There have been compelling waste-reduction efforts based on smart city sensor technology, like using sensors in the water supply to mitigate waste. While these efforts have resulted in corking budget leaks, they haven’t appeared to bleed over into other aspects of smart city deployments.


Databricks has designs on democratising Deep Learning

“Most of the time and effort of building machine learning systems goes into configuring them, collecting these massive amounts of data that these algorithms need, doing feature engineering, extracting the features that you need, tuning that, and then running it through machine learning, then doing the verification, using tools to make sure that you’re managing all these resources that you have. “The hard part of this is really all the other stuff that goes around it, not necessarily running the algorithm. So how do we democratize this?” The company first released the Open Source TensorFrames - a software library that enables the Google’s Tensorflow deep learning framework to run on Spark – in March.


Quote for the day:


"Beginnings are scary, endings are usually sad, but it's the middle that counts the most." -- Birdee Pruitt

Posted by at No comments:
Labels: , , , , , , , , ,
Subscribe to: Posts (Atom)