April 11, 2016

The truth comes out: Microsoft needs Linux

The juggernaut has finally realized where the future lies...and it is not in the desktop platform. The future is the cloud, SaaS, and virtualization. The future is big data, and massive databases. The future is Linux and Microsoft knows this. This isn't the 90s or early 2000s when it was chic to look down on the underdog and laugh as the powerhouse raked in cash like leaves on a Midwestern autumn lawn. The time for spreading Fear Uncertainty and Doubt (FUD) is over. This is now and now is all about open source. Microsoft fully understands and embraces this. And so they are bringing to Windows the tools they need to make it happen. This move isn't so much about Linux, but about Microsoft.


Get Data to the Client and Save Server-Side Storage

The normal processing cycle for an ASP.NET MVC is to retrieve some data in the Controller, move it into a Model object, and then pass that data to a View to be embedded into some HTML. It's not unusual, however, for there to be some data in that mix that shouldn't be displayed to the user but that you still need on the client (often in to pass in calls to a Web Service). It's also not unusual for some of that data not to be needed on the client at all, but is required back on the server when the user's input is posted back from the browser after the user is done. There are a couple of ways to handle that "non-displayed" data. For the data required on the client (but not shown to the user) a common solution is to shove it into HTML hidden tags in the View


Why cloud, mobile and the education sector make a perfect match

While giving students hands-on experience of modern technology is important from a development perspective, the expectations of digitally native learners means education institutions must deploy the right solutions now in order to stay relevant. As competition to recruit students increases, academies and universities in particular are turning to technology to differentiate. As a starting point, with today’s students used to consuming online services through a range of different devices, there is a growing expectation for schools and universities to deliver their resources in a similar way. While the majority of universities have provided course materials online for some time, this is only the tip of the iceberg.


Can Public Cloud Truly Meet The Data Demands Of Enterprises?

“In the last year, cloud has gone from being the untrusted option to being seen as a more secure option for many companies,” said Brian Stevens, vice president of product management for Google Cloud Platform. “We know that compliance, support and integration with existing IT investments is critical for businesses trying to use public cloud services to accelerate into new markets.” Then we have Oracle, who unlike Google, is at the other end of the stick. Oracle has been successful in the enterprise world for decades now, and has to prove to customers there’s no need to leave when it comes to cloud migration, because it also has attractive cloud offerings that can suit enterprises. Oracle’s offering comes in the form of Oracle Cloud Machine’s Cloud at Customer.


4 Ways to Close the Communication Gap and Get Your Data Seen

The integration of data science into an organization is a relatively new development that involves new personalities, skills, processes, technologies, and their related investments, so it's bound to cause some level of disruption. Executive leadership may lack a clear understanding — and perhaps even respect — for the role of data science. Likely, these leaders simply haven't had a chance to get caught up. Moreover, while the idea that no computer is ever going to beat a sharp manager's instincts that were honed over many years in the same industry contains some truth, human bias sometimes prevents leaders from making evidence-based decisions that will benefit the company. Both new terminology and a low comfort level with the relevant technology may contribute to the communication gap as well.


Three ITSM Activities to Amplify DevOps Feedback Loops

When organizations are split into silos it’s common for each silo to have its own KPIs; with the differences between these KPIs being the cracks in the floor for things to fall into. This issue can be measured by incidents that are not repaired, technical debt incurred, and a pile up of work in progress. At the enterprise company, which I’ve been talking about, the Operations team had different KPI targets for Mean Time To Repair (MTTR) compared to the Development team ... Changing how people work resulted in improvements in how incidents are resolved. Instead of “duct taping” a patch onto an application or server, the fix is built into the design at the front of the workflow, therefore avoiding future occurrences.


Are your vendors leaving you vulnerable?

Research reveals that on average 89 third-party vendors access a typical company’s network each week, and that number is likely to grow. Three quarters (75 percent) of those polled stated the number of third-party vendors used by their organization has increased in the last two years, and 71 percent believe the numbers will continue to increase in the next two years. The report uncovered a high level of trust in third-party vendors, but a low level of visibility of vendor access to IT systems. 92 percent of respondents say they trust vendors completely or most of the time, although two-thirds (67 percent) admit they tend to trust vendors too much. Astonishingly, only 34 percent knew the number of log-ins to their network attributed to third-party vendors, and 69 percent admitted they had definitely or possibly suffered a security breach resulting from vendor access in the past year.


Reflections on the 2016 external audit season

The more expectations are defined (for our purposes – documented) the less audit issues you will have. The reason is that most technology and information security functions generally excel at implementing agreed upon requirements. These requirements are generally documented through policy. The problem arises when expectations are not communicated, agreed to and thereby documented. In these situations, the external auditor may impose their own expectations resulting in comments requiring that their expectations be implemented whether reasonable or not. So, resolve your issues within your function and other departments before the audit or the external auditor will resolve it for you.


How to apply Agile practices with your non-tech team or business

"A recruiting team can't predict candidate outcomes," says Kammersell. "Recruiting can have a pretty standard process flow from start to finish. However, there are factors on a daily basis that can rapidly change the flow." Because of the irregular nature of recruiting, the team needed to be flexible and efficient, while also maintaining transparency among their team and stakeholders. If they weren't, a recruiter might get bogged down in the workflow, causing candidates to drop out, managers to become impatient, or the cost-to-hire to rise significantly. So, Kammersell worked with the team to use the Kanban board practice of the Kanban Agile framework. The team displayed the work they had on their plate on a public, physical board for the team and other stakeholders to see.


22 insults no developer wants to hear

Some people are explicitly rough, and part of that might be the mechanisms by which we receive insults -- almost never face to face. Linus Torvalds argues that email is an inherently flawed mechanism that often hides subtle cues, like the ones that the marketing department swaps by moving their eyes. Torvalds once told a thin-skinned developer, “it's damn hard to read people over email. I think you need to be *more* honest and *more* open over email.” For a bit of fun, he inserted a logic bomb into the calls for more sensitivity by saying that his culture includes cursing. Whiners might try remembering that he comes from Scandinavia, the home of Viking warriors. In the interest of helping the technology world cope with the slings and arrows of outrageous fortune, here is a list of some common insults that no developer wants to hear -- but often will. Brace yourself.


Quote for the day:


"Experience is not the best teacher; evaluated experience is the best teacher." -- John Maxwell

Posted by at No comments:
Labels: , , , , , , , , , , , ,

April 10, 2016

U.S. Senate Bill Seeks to Ban Effective Encryption, Making Security Illegal

This bill essentially says you can not have any conversation or data exchange that the government can not access if it wants to. It is the legal culmination of what the FBI has been lobbying Congress for years. If Feinstein-Burr becomes law, it will be illegal to deploy strong encryption without key escrow maintained by each company. Cryptographers and computer scientists near-unanimously assert key backup systems are insecure at scale. The first read of the bill is chilling. Strong cryptography within the United States would effectively be banned, preventing U.S. companies from building secure software. These companies would be mandated to provide real technical assistance. Unlike the best effort of today, they would be required to give plain-text data in its original format or risk penalties for violating the law.


Security and employee privacy biggest barriers to BYOD

The biggest inhibitors to BYOD adoption, according to respondents, are, unsurprisingly, security (39 per cent) and employee privacy (12 per cent). In contrast, management opposition (3 per cent), employees’ unwillingness to take on additional expenses (6 per cent), and user experience concerns (4 per cent) were not considered significant barriers to BYOD adoption. When it comes to security, data leakage/loss was cited as the top BYOD security concern by 72 per cent of respondents. Meanwhile, 56 per cent are worried about unauthorized access to company data and systems, and 54 per cent are concerned that users will download unsafe apps or content. One in five organizations have suffered a mobile security breach, primarily driven by malware and malicious WiFi, with security threats to BYOD imposing heavy burdens on organizations’ IT resources (35 per cent) and help desk workloads (27 per cent).


Phishing email that knows your address

"The email has good spelling and grammar and my exact home address...when I say exact I mean, not the way my address is written by those autofill sections on web pages, but the way I write my address. "My tummy did a bit of a somersault when I read that, because I wondered who on earth I could owe £800 to and what was about to land on my doormat." She quickly realised it was a scam and did not click on the link. "Then, a couple of minutes later, You and Yours producer Jon Douglas piped up as he'd received one and then another colleague said he'd received one too, but to his home email address," she added. The You and Yours team decided to contact the companies that were listed in the emails as being owed money. A spokesman for British Millerain Co Ltd, a waxed cotton fabric manufacturer, told the programme that the firm "had more than 150 calls from people who don't owe us money".


Cryptocurrency from the Dark Web to the Mainstream

Bitcoin has the added benefit of greater speed and efficiency in facilitating payments and transfers. The blockchain technology also serves as a powerful and detailed ledger that can monitor all transactions in the network. However, these benefits don’t detract from bitcoin’s indisputable flaws, which were on display in 2013 when Tokyo-based Mt Gox collapsed, wiping out hundreds of millions of dollars in client funds. Claims of bitcoin’s potential also don’t ignore the cryptocurrency’s role in facilitating online criminal behaviour, money laundering, tax evasion and fraud. ... In reality, bitcoin is just one version of the digital currency revolution. While it may be the largest, it isn’t necessarily the best. However, what these and other critics seem to forget is that the virtual currency paradigm does not live and die with bitcoin.


How to Transition Industry Toward Software-Based Infrastructure & Hybrid Clouds

A very important area of focus is network security. As we move toward a software-defined world, security is lagging behind. ONUG’s Software-Defined Security Services Working Group focuses on how to secure the software infrastructure to ensure users have access to the same level of security or better as they move from the physical to the software world. This working group is organizing a framework for software-defined security services that defines what security means in a software-defined world, both from an exploit mitigation point of view and from a compliance point of view. The group will present the framework at the ONUG Spring Conference.


Do IT groups really need to move to a software-defined environment?

Increasingly, the main motivations for moving to a software-defined world are the benefits of speed, agility, quality and cost. It enables bringing on applications quickly. With agility comes scalability to quickly grow services and infrastructure to the business needs – or shrink them. This increased speed and agility paradoxically do not come at the expense of quality. In fact, where we have been able to study software-defined environments, we find them operating at much higher quality levels. ... Finally, software-defined environments are far cheaper to operate and maintain. It is easy to understand that fewer people equals less cost, and less rework due to higher quality saves money. However, this is just the start.


Economics of Software Resiliency

Obviously, the resilience comes with a cost and the economies of benefit should be seen before deciding on what level of resilience is required. There is a need to balance the cost and effectiveness of the recovery or resilience capabilities against the events that cause disruption or downtime. These costs may be reduced or rather optimized if the expectation of failure or compromise is lowered through preventative measures, deterrence, or avoidance. There is a trade-off between protective measures and investments in survivability, i.e., the cost of preventing the event versus recovering from the event. Another key factor that influences this decision is that cost of such event if it occurs.


Duties, Skills, & Knowledge of a Software Architect

The knowledge requirement is so staggering and extensive that there are very few persons capable of performing in an above average capacity. I cannot envision how one could possibly through strictly academic coursework, acquire this knowledge without perilous and untiring pursuit. ... Appreciate the value of the contributions they can make , especially not in the short run, but over time. Build a recognition that architecture is vital to the life cycle of the information, does not exist solely to serve the application, and may well surpass several generations of application development. Recognize that like building a solid bridge, the value is not in how quickly and cheaply it can be built, but how ultimately useful, flexible, and durable it is over it's expected life.



Managing Operational Resilience

Operational resilience management draws from several complex and evolving disciplines, including risk management, business continuity, disaster recovery, information security, incident and emergency management, information technology (IT), service delivery, workforce management, and supply-chain management, each with its own terminology, principles, and solutions. The practices described here reflect the convergence of these distinct, often siloed disciplines. As resilience management becomes an increasingly relevant and critical attribute of their missions, organizations should strive for a deeper coordination and integration of its constituent activities.


Creating an Enterprise Architecture to Engage with “Things”

“Economic agents are more than just people and businesses — imagine an economic agent in the role of a customer that is actually an Internet-connected thing,” said Don Scheibenreif, vice president and distinguished analyst at Gartner. “Whether it’s a refrigerator ordering a replacement water filter, a car scheduling a service appointment or an industrial machine requesting maintenance, the idea is that as the number and capability of Internet-connected things increases, they will develop the capacity to buy, sell, and negotiate for products and services, with organizations having to adapt to this new reality.”


Quote for the day:


"The old mantra of ‘be everywhere’ will quickly be replaced with ‘be where it matters to our business'." -- Mike Stelzner

Posted by at No comments:
Labels: , , , , , , , , , , ,

April 09, 2016

How is open source transforming the Internet Of Things?

Open source is a disruptor that never quits. It seems to be penetrating and transforming every aspect of established data, analytics, and applications ecosystems. In a podcast recorded at IBM InterConnect 2016, Roger Strukhoff, executive director, Tau Institute for Global ICT Research, shares his expert perspective on how open source initiatives are transforming the Internet Of Things. Strukhoff responded to the following questions: How do you define the Internet of Things?; What is the most important open source initiative in the Internet of Things?; What will the Internet of Things landscape of 2020 look like?; You’ve described a “highly supple, flexible ecosystem of ecosystems” in the Internet of Things arena? ...


Digital Disruption in Financial Services

Watch the general session on ‘Digital Disruption in Financial Services’ where Jim Marous, owner and publisher of the Digital Banking Report, led a discussion with the following panellists on how digital transformation is driving the financial services industry. ... Digital transformation is lighting up across the industry, bringing new opportunities and opening up new markets – and demands a fundamentally new approach to thrive in a mobile-first, cloud-first world. What’s your plan for digital transformation? How will you transform and perform in this new environment, satisfying clients and shareholders alike? Watch the session to hear insights and thought-provoking conversations from your industry peers.


What to use instead of the asset-based approach for ISO 27001 risk identification

One of the most significant changes in the 2013 version of ISO 27001, a worldwide standard for Information Security Management Systems, is that it does not prescribe any approach in the risk assessment anymore. While it still requires the adoption of a process-based risk assessment approach (learn more here: ISO 27001 risk assessment treatment – 6 basic steps), the obligation to use an asset-threat-vulnerability model in the risk identification step no longer exists. While this approach in the standard provides more freedom for organizations to choose the risk identification approach that better fits their needs, the absence of such orientation is the source of a lot of confusion for organizations about how to approach risk identification.


How to Build a Big Data and Analytics Team

Hiring a great team doesn’t start with posting a job ad. It starts with the company taking a hard look at its goals and the talent it needs to achieve those goals. As with anything surrounding data, the first step is to be clear on the questions that you want the data to answer and the challenges or goals you hope to address. No matter what size your business, don’t be afraid to start small and build your analytics as you go. Start with the questions in mind and identify the key performance indicators that will allow you to accurately judge when the questions have been answered. Then – and only then – start considering which team members can help you answer the questions.


Bank of Ireland experiments with blockchain technology

Tighe said that the purpose of the trial is to understand the technology and assess how it can fit with Bank of Ireland’s legacy systems as a layer on top. “We see this as the start of a new concept, just like experimenting with TCP/IP in the early days of the internet. It may not end up like this but we see a strong technology that can help with transparency in transactions. “Crucially, it has to meet regulatory requirements. “It is the underlying technology that fascinates us and it could one day be an efficient way of transacting value between people and at the same time leave a transparent trail of information.”


Linux founder Torvalds on the Internet of Things: Security plays second fiddle

Of course, Linux isn't the right operating system for all embedded devices. After all, the Linux kernel keeps growing. Therefore, Torvalds said, "If you're doing something really tiny, like sensors, you don't need Linux." But that still leaves a lot of room for big embedded Linux devices. In particular, Torvalds sees Linux playing a large role in the IoT because "you also need smart devices. The stupid devices talk different standards. Maybe you won't see Linux on the leaf nodes, but you'll see Linux in the hubs." Personally, Torvalds added, "I'm never been very interested in very small OSs. I liked working with hardware. But, if it doesn't have a memory management unit, I don't find it that interesting."


C-suite champion: what is the CIO’s position in the business today?

The future CIO will be expected to understand how every department will use technology tools and ensure a return on investment is achieved. The myriad of services out there makes this even harder. The challenges CIOs face when making purchases are exacerbated further by the different options available for the same service. Organisations can choose to use a managed service provider or OEM to complete an install. Buying from an OEM direct may seem like the cheaper option, but when you throw in added support costs and any maintenance, costs can quickly escalate. Pressure on CIOs to reduce capital spend is forcing the issue further. The latter is winning the capex vs. opex debate as IT budgets continue to be spent on technology for use across the business.


What Is Driving the Digital Economy?

Companies that thrive in the digital economy are 26 percent more profitable than their industry peers. These companies are thriving by improving customer experiences, optimizing operations and creating new business models—all through superior digital expertise and leadership. The 26 percent profit differential will shrink because the digital laggards will fall by the wayside, leaving the digital winners to compete among themselves. This is not as grim as it sounds: There is still time for the digital laggards to catch up … but not much time. We are already seeing the impact on the competitive landscape. According to R “Ray” Wang, principal analyst, founder and chairman at Constellation Research, half of the Fortune 500 companies on the 2000 list have since fallen off as a result of mergers, acquisitions and bankruptcies due to a failure to adapt digitally.


Bitcoin and the Rise of the Cypherpunks

As the bitcoin ecosystem has grown over the past few years, privacy concerns seem to have been pushed to the backburner. Many early bitcoin users assumed that the system would give them complete anonymity, but we have learned otherwise as various law enforcement agencies have revealed that they are able to deanonymize bitcoin users during investigations. The Open Bitcoin Privacy Project has picked up some of the slack with regard to educating users about privacy and recommending best practices for bitcoin services. The group is developing a threat model for attacks on bitcoin wallet privacy. ... A multitude of systems and best practices have been developed in order to increase the privacy of bitcoin users. Dr Pieter Wuille authored BIP32, hierarchical deterministic (HD) wallets, which makes it much simpler for bitcoin wallets to manage addresses.


You have the power. Should you use it?

But when you’re exercising power in an ongoing employment relationship, you should care a great deal about how the terms you dictate and the tactics you use make people feel. Their attitude toward the organization and you, their manager, directly affects the value they deliver as their part of the bargain. This is especially true when you’re dealing with geeks. The work they do requires engagement, creativity, dedication and commitment. It follows, then, that negative feelings can cost a great deal in productivity and quality. A developer who feels that she is being paid less than her equally capable peers is unlikely to think creatively day and night about how to better architect your system. A support technician who fears that his job may be converted to a contract position is thinking more about where to get a new job than about how to make a user feel good.


Quote for the day:


"The only way to discover the limits of the possible is to venture a little past them … into the impossible." -- Arthur C. Clarke

Posted by at No comments:
Labels: , , , , , , , , , , ,

April 08, 2016

Opportunities and Risks in 5 Global Outsourcing Locations

The Indian government launched Digital India in 2015 to transform the nation into a digitally empowered society and knowledge economy. The initiative aims to integrate government departments and the people of India by making government services available electronically.
Featured Resource The initiative also includes connecting rural areas with high-speed Internet networks. This initiative has three core components, i.e., creating digital infrastructure, delivering services digitally, and increasing digital literacy. Each of these components can potentially create several opportunities for the global services industry, across India-based and multinationals firms. Digital India offers four key opportunity areas for companies:


Banks finally welcome cloud computing cover

“One of the big challenges is the capital risk models that must be maintained according to regulatory demands. Banking CIOs must make that part of the opex rather than the capex,” an international banking CIO says of the increasing regulatory demands placed on banks which has created a demand for cloud technology in the sector. Regulatory demands don’t show many signs of a let-up, though Sir John Vickers, who was appointed to head the Independent Commission on Banking inquest, recently accused the Bank of England of being too light on the financial services industry. Though there have been numerous extensions to the Basel III accord, its BCBS 2329 regulates the principles of data aggregation. This means CIOs and their organisations have a responsibility to be accountable for the data they hold and who the data owners are.


CIOs lack faith in IT’s ability to meet digital demands of business

Many lack faith in the ability of the IT underpinning their organisation to support such a speedy product release cycle, with 68% raising concerns about the pressure this will put on their existing infrastructure and staff. This, in turn, could have dire consequences for the customer satisfaction they can deliver, and their brand reputation, according to 69% of respondents. Nigel Moulton, CTO for EMEA at VCE, told Computer Weekly that the survey highlight a difference in opinion between the IT department and the wider business about IT’s abilities. “When we looked at the CIO and the estimation of their IT organisation, they tended to be more critical of its capabilities than the business leaders were,” he said.


Red Hat's open source success story built on killing complexity in IT

What used to be a matter of "helping [customers] carve out costs" has become a matter of "building new architectures." I don't personally feel OpenStack has the same resonance as things like Docker, though Red Hat begs to differ, but the general point is correct: Open source increasingly drives innovation, and as more developers pile into open source, the complexity quotient keeps rising. ... The challenge for any would-be open source vendor is two-fold: First, they need to stop trying to exclusively sell whatever project they first developed. Second, they need to stop selling software and instead sell subscription services around the software they corral. This sounds simple, but in practice virtually no open source company follows both of these principles.


Organizations Confirm Big Time Need for Real-time Data

In the midst of all the technology innovation, data scientists and architects still suffer similar challenges of the past. Slow data loading is perhaps one of the most prevalent. With increasing volumes, it simply becomes harder to ingest and store new data. Legacy data architectures based on disk drives or single server systems simply cannot meet today’s performance needs. Slow queries also pose a challenge for similar reasons that disk-oriented and single node systems quickly reach a limit on performance. The lack of concurrency, otherwise known as multi-tasking, further inhibits what older systems can handle. Ideally you have fewer data systems that can handle more types of workloads and models to simplify infrastructure and reduce costs.


Restaurant waitlisting app NoWait rolls out mobile payments

Now that the company has established a large enough business customer base and consumer user base, it’s been expanding what’s possible on its platform. For example, it more recently rolled out a way for diners to privately rate their experience and for restaurants to respond, instead of turning to Yelp. With mobile payments, NoWait is looking to close the loop between the restaurant and consumer, explains CEO Ware Sykes. The company has already been testing payments in its hometown of Pittsburgh, and early results are promising, the CEO claims. “Restaurants are seeing faster table turns, servers are seeing substantially higher tips, and consumers save five to ten minutes at the end of the meal,” he says.


Hybrid cloud: The smart person's guide

In optimal deployments, hybrid cloud provides the best of both worlds of computing. Public cloud providers offer the ability to instantly provision computing resources on demand, without the extensive upfront costs and time needed to build on-premises solutions. The private cloud component delivers information quickly, and does not rely on internet connectivity to operate — an important consideration as ISPs consolidate, and struggle to provide service. Having a private cloud component provides peace of mind; with an on-premises server, a disruption to internet connectivity will not bring your business to a complete standstill. Cost is a substantial factor for many organizations. For industries with seasonal or variable workloads, assembling a private cloud to handle normal workloads while relying on public cloud providers to handle burst workloads can be a budget-friendly IT strategy.


How To Handle A Zero-Day Attack - From Lawyers

When it comes to analyzing or even manipulating the data, try to avoid using any custom code. It’s going to be much easier for all concerned if you use products and methods that can be easily reproduced, even if a clever AWK script with some APL matrices would be more elegant. Any settings and parameters for the apps and databases used in your analysis should be recorded in your journal entries, and use screenshots liberally to substantiate the details.  Of course, anyone with an interest in the outcome of the case should not be analyzing, let alone manipulating, data. Typically, this means consultants should be doing all the data crunching. Make sure that the consultant has no investments in your company or the opposing party, and that your contract with them contains no incentives or bonus payments for specific outcomes.


Dealing with digital disruption in Africa

“No African company can afford to face these kinds of changes without having some kind of digital strategy,” Southwood said. “But this kind of strategy is to some large extent going to be reactive whereas the smarter corporations will begin to make innovation a core part of their business so that they help disruptive start-ups launch and invest in them so that they know how to shape their businesses in the future.” Regulations could also pose a challenge to disruption. Southwood gave the example of mobile money in Kenya and Nigeria. In Kenya, mobile money was allowed to operate until the regulatory bodies understood its implications. “But by the time Nigeria drew up its m-money regulatory framework, it insisted that the banks - not the mobile operators - were formally responsible for offering the services. If disruption threatens powerful players in the economy,


0 Bugs Policy

Bugs that were opened during the development of a new feature. If you are working in Scrum for example (or any other agile iterative methodology), these are the “in sprint” bugs that were found for the new user story you are currently implementing. These kinds of bugs must be fixed right away, otherwise the story/feature is not really DONE, and you are violating a basic agile rule saying that: DONE is DONE is DONE; which means, the story/feature is really completed, only after it was fully tested and approved by the product owner. No loose ends. If this concept is not crystal clear, than we need to go back for agile basics, but that is another article…


Could the Internet of Things morph into the Abandonment of Things?

As developers, we understand that even the simplest of IoT products represents a significant investment. They contain embedded software to make the thing work, server side applications to process messages or send out alerts, databases for maintaining user accounts, iOS and Android mobile apps for controlling devices from your reclining chair, and more. There are license fees for software libraries, too. I can understand the underlying economic reason for leaving the past behind, but in this connected age, before you arbitrarily put a bullet through your products and applications, you’d best provide a soft landing for the people who paid for the privilege of using them.


Quote for the day:


"To improve is to change, so to be perfect is to have changed often." -- Winston Churchill,

Posted by at No comments:
Labels: , , , , , , , , , , ,

April 07, 2016

How New Technology Trends Disrupt the Very Nature of Business

In the Museum of the Future, you can see what it would be like to be going to a doctor to get a new body part to jump higher or move faster. You look at these types of ideas, and the business embraces the same sort of idea. How can I augment my business to actually run smarter and be better? What are things on which I can augment myself to use data better? You can no longer be an island as a company. You need to share ideas and innovation with others. You need to be connected, and when you're connected, you can transform your business, you can do new things, you can take on new capabilities, and you can augment your business.


Are CISOs Building Effective Business Cases for Data Security Investment?

CISOs will have to redesign this undemanding path toward an approach for making business cases in terms executives can appreciate and directly connect to the organization’s top strategy goals and objectives. Making more effective business cases can help to gain investment dollars and increased control for a budget not always under a CISO’s direct management. Security investment decisions are only as good as the business case process. The first step in this process is to define the security initiative well enough so that decision makers can make informed choices. ... In short, they drive results, and not just promise them, because they’re used to ensure the project and the benefits are delivered.


Time to separate the fintech fictions from the fintech facts

It’s an exciting time to be in the fintech landscape. People love to talk about fintech as the next big thing, and as time goes on we’ll have more and more examples of fintech companies hitting it big. With this excitement though, there has been some misinformation and fear shared in the community and among observers. It’s understandable; fintech as a sector is new, and in some ways untested, but people understand the possible gains to be made by innovating the financial services industry. Fintech is a force, and we’re only just beginning to feel its effects. What’s needed is a definitive way to separate the fintech fictions from the facts.


IoT will shake up world of data analytics, says report

“The view has been that IoT is a mashup of complex technologies used only by early adopters,” said Mike Lanman, Verizon senior vice-president of IoT and enterprise products at Verizon. “In the past year, we’ve seen compelling examples of how the IoT is being deployed by a wide-range of enterprises, entrepreneurs, municipalities and developers to address relevant business, consumer and public needs. “Meanwhile, consumers are more willing to try new technologies and apps that introduce a better way of life. The end result will not only give rise to thousands of new use cases over the next two years, but will also create an accelerated pipeline for innovation and a new economy.”



7 Wall Street Firms Test Blockchain for Credit Default Swaps

The companies did not disclose which blockchain or ledger systems were used as part of the trial, though only a few firms currently offer support for smart contracts, with Symbiont and Ethereum being perhaps the most notable. According to the statement, the test showed that regulators could view in "real time" a wide range of financial events including trade details, counterparty risk metrics, and exposure to reference entities. “Our experiments with Axoni demonstrate that confidentiality and privacy can be preserved between bilateral parties on an immutable distributed ledger at scale," said Emmanuel Aidoo, who is in charge of the blockchain and distributed ledgers at Credit Suisse, in a statement. Over the course of the months-long project, the group said it built its network using Axoni-hosted software that was installed locally.


Your car's computers might soon get malware protection

Modern cars contain tens of specialized computers that control everything from infotainment functions to steering and brakes. The pressing need to protect these computers from hackers will likely open up a new market for car-related software security products. Karamba Security, a start-up based in Ann Arbor, Michigan, is one of the companies that has stepped up to answer this demand. The company's anti-malware technology, unveiled Thursday, is designed to protect externally accessible electronic control units (ECUs) found in connected cars. These controllers, like those that handle handle telematics, infotainment and on-board diagnostics, can be accessed via Wi-Fi, Bluetooth or even the Internet, so they can serve as entry points for hackers into a car's network.


Veriflow promises to bulletproof networks

Veriflow believes its mathematical approach across a network-wide infrastructure, solves the above problems and also results in zero change-induced outage and breaches. Unlike techniques such as penetration testing and traffic analysis, Veriflow performs mathematical analysis of an entire network's state, and does so proactively – before vulnerabilities can be identified and exploited, and without waiting for users to experience outages. If there is a network policy violation, Veriflow will find it and provide a precise identification of the vulnerability and how to fix the flaw. Otherwise, Veriflow can provide mathematical proof that the network is correct, giving enterprises the confidence to change their infrastructure.


Cyber Insurance Coverage Gaps May Surprise Many Organizations

Even after providers assess whether they are buying enough coverage and can financially handle additional costs once sublimits are reached, providers must look closely at the definitions contained in the policies. “The real issue in cyber coverage is definitions of certain terms, which could exclude coverage,” Hite says. Coverage goes into effect on the day it was bought, but in instances where a hacker already has infiltrated information systems before a policy was purchased, there is no coverage because policies often don’t work retroactively. Hite advises buying a “retroactive date” policy that covers the organization back at least one year. Organizations with the financial and technical means should have a strong response team in place with everyone knowing what their duties are if an attack comes.


Face it: Developers are becoming babies

It's perhaps not surprising that the developer population keeps getting younger, at least as measured by experience. For example, while the early open source community largely focused on rewriting legacy, proprietary software as open source (Linux replacing Unix, OpenOffice replacing Microsoft Office, etc.), today's open source community is building the future. ...  Developers, focused on their code, can't be bothered to write good documentation which, in turn, hampers adoption. Brian Rinaldi venturedto call the situation a "mess," one that keeps getting worse as more developers jump into code without recognizing that good documentation is an essential feature of the best open source projects (and always has been).


A (new) discipline: The (new) security engineer

This discipline is security in pursuit of designing, architecting, developing and deploying secure products; this is not your father's "security engineer," the one responsible for setting up firewalls and ensuring the VPN was running. While the latter is still an incredibly important role, this new role is about building secure products, rather than working with security products. It requires deep knowledge of developer languages and practices, infrastructure architecture, usability design, legal liabilities and contractual language, regulatory standards, tooling, threat landscapes and hacker trends, supply chain management, and corporate governance. It begs for a passionate evangelist who can dig into dry and dusty regulatory documents, someone cynical enough to expect to be hacked at any time who can also be an enthusiastic and patient mentor ...


Quote for the day:



"Cyber is the one area where we have pure competitors who have the capabilities that we do." --  Adm. Michael Rogers

Posted by at No comments:
Labels: , , , , , , , , , , , ,
Subscribe to: Posts (Atom)