October 02, 2016

Standardizing Requirements Descriptions on Scrum Projects for Better Quality

The direct impact of standardizing requirements descriptions on development can be seen in the example of a large social media company that owns several popular websites used by millions. A rapidly developing Agile project, with high reaching market goals set by stakeholders, existing documentation was narrowed down to information that served users and ongoing development purposes. The stakeholders were not interested in investing in the creation and support of hundreds of pages of documentation, which would have made sense and is common practice for most Agile projects. The client already had their own development team and many ambitious plans, but needed more resources to implement them. 


Will the coming robot nanny era turn us into technophiles?

Despite the thorniness of some of the issues between humans and robots, the reason we are entering this robot age is because of one simple fact: functionality. Robots will make our lives far easier. In fact, the robot nanny is a prime example: It will be adored by parents — and likely much more so than the human nannies who are known to call in sick, show up to work late and, on occasion, sue their employers when they hurt themselves on the job. Robot nannies will replace real nannies like the automobile replaced the horse and cart — allowing parents much new free time and opportunity to pursue careers. One major factor going for the development of robot nannies is their cost effectiveness. I’ve been either watching my kids or hiring nannies for the last five years.


Dear tech industry: Stop renaming stuff all the time. Just. Stop. It.

G Suite is the new name of Google Apps. Except Google Cloud is the new name for Google for Work (which is Google Apps, but for more people) and Google Apps, Enterprise, which had a comma in its name. Okay. Okay. Deep breath. Get off my lawn! No. wait. This isn't a get off my lawn moment. This isn't just whining on the part of a tech pundit who doesn't want to remember new names anymore. I got this. I read 50 tech news articles every morning. I can keep track of this because it's my job, and we have an editorial guide here at ZDNet. But regular users don't have the time for this crap. Renaming core products has serious repercussions beyond merely my desire to rant.


Retail cloud computing: The key benefits of moving to cloud-based SCM

The fact is, customers expect to be able to make purchases from whatever channel they choose in a fast, efficient manner. To make this happen, retailers are increasingly working to update traditional supply chain management (SCM) systems by embracing retail cloud computing. By using cloud-based SCM technologies and services, retailers can gain visibility and track inventory throughout the entire lifecycle, allowing them to ultimately become more agile, profitable and relevant to today’s tech-savvy and increasingly demanding consumers. Though traditional SCM platforms take a more siloed and transactional approach to the entire fulfillment lifecycle, this method no longer works in an omnichannel, hyperconnected world.


Banks like to talk about blockchain, but none wants to be the first to actually use it

If it becomes mainstream, proponents see many possibilities for blockchain. Instead of each party in a transaction keeping separate records and copies of contracts, blockchain is a bit like a Google document, where many people can look at the same record at once. The transaction takes place between two parties without an intermediary, and all changes are clear, unchangeable, and validated by everyone involved. Any additional transactions that take place get added to the chain and form part of a golden record of transactions. This opens up the possibility of what the industry calls "smart contracts." For example, let's say shoes are being manufactured in China for sale in the US. Every step of the process could be part of a blockchain.


Silicon Valley Selects Synereo Over Ethereum As Blockchain Platform

With this recent partnership Synereo is likely to catapult in the blockchain discussion and attract many of the top dApp developers. James Currier, Managing Partner at NFX, explained the Guild’s decision to choose Synereo’s technology for the project, stating: “If you do the analysis, Synereo comes out as the superior platform for developing decentralized apps. It runs fully distributed instead of massively replicated. It’s JVM top to bottom rather than Python. It’s forward compatible, vs other platforms anticipating multiple hard- forks. Synereo has the identity layer built in which provides distribution advantages and network effects. Lastly, fine-grained concurrency, vs other platforms’ linearity, provides greater speeds and scalability”


.Net application that works online and offline [Smart Client Concept]

In windows application, we are going to log in with same credentials which we have registered in web application and while we are logging for the first time in windows application we need an Internet connection to that you can also login into the application while the application is offline. After Successful login, a new form is shown in which User is going to add new product and while doing this process we do not require an internet connection. When an internet connection is available it will sync all data from windows application to web application [web server] and this process will run in background. Meanwhile it is transferring all data to the web server it will also delete that data from windows application database which is transferred.


Ways to Make Code Reviews More Effective

As with all architecture/design areas, the non-functional requirements for the performance of a system should have been set upfront. Whether you’re working on a low-latency trading system which has to respond in nanoseconds or you’re writing a phone app to manage a “To Do” list, you should have some idea of what’s considered “too slow.” Before deciding on whether we need to undertake code reviews based on performance, we should ask ourselves a few questions about what our requirements are. Although some applications really do need to consider how every millisecond is spent, for most applications there’s limited value spending hours agonizing over optimizations that will save you a few CPU cycles. But there are things a reviewer can check for in order to ensure that the code doesn’t suffer from common avoidable performance pitfalls.


Goldman Sachs: We're in the 'second wave' of fintech

Gido believes that we are currently in the second wave of fintech development, wherein "incumbents are using their brands and infrastructure to remain competitive with the startups." ... This third wave in fact, is already happening. An increasing number of fintech startups are focusing on B2B models, with the goal of selling to and partnering with traditional players. They want to take advantage of incumbents' vast and loyal customer base and offer up their own nimble, innovative technology.  And what are people most excited about in fintech? Insurance policies, he said. These seemingly unexciting two words hold a ton of possibility for innovation.


One proven way to boost software quality: Increase your QA team's diversity

Diversity is not just about hiring equal shares of male, female, black, white, Asian, and Hispanic professionals. Real, meaningful diversity requires a collection of individuals with unique perspectives based on their backgrounds, knowledge, past experiences. and environments. Diverse testers better understand diverse end users Your applications are supposed to work for a variety of users: young, old, new language learners, people with disabilities, etc. So who better to test them than people from a wide variety of backgrounds? What’s intuitive for a teenager may not be so easy for a person not as comfortable with today’s fast-changing digital realities. A recent college grad will look at her health care provider page differently than a parent researching ways to treat a child’s condition.



Quote for the day:


"Good leaders make people feel that they're at the very heart of things, not at the periphery." -- Warren Bennis


October 01, 2016

Too few women in cybersecurity: a gap in our protections that must be addressed

Diversity in cybersecurity matters for a very practical reason. Those seeking to breach cybersecurity are willing and able to exploit any flawed thinking, any inadvertent blind spot. Cybersecurity teams that fall into group-think or are blind to alternative ways of working through challenges are more likely to miss things and enable hostile actors. Teams that include people with different expertise, backgrounds, genders, ages, cultures are more likely to deliver robust cybersecurity outcomes; implicit assumptions can be more easily challenged and the fullest range of insights on what can go wrong (and hence what can be done) can be gathered.


How to steal the mind of an AI: Machine-learning models vulnerable to reverse engineering

Taking advantage of the fact that machine learning models allow input and may return predictions with percentages indicating confidence of correctness, the researchers demonstrate "simple, efficient attacks that extract target ML models with near-perfect fidelity for popular model classes including logistic regression, neural networks, and decision trees." That's a polite way of saying such models can be reverse engineered. The researchers tested their attack successfully on BigML and Amazon Machine Learning, both of which were told of the findings in February. In an email, Cornell Tech computer science professor Ari Juels, a coauthor of the paper, suggested mitigating these attacks could prove challenging. "Effective countermeasures to model extraction could well be possible, but this remains an open research question," he said.


How Blockchain can bolster interoperability and information security at the same time

Blockchain has potential value due to its shared, fixed record of peer-to-peer transactions, built from linked transaction blocks and stored in a digital ledger, Deloitte said. The network is both secure and actionable by relying on established cryptographic techniques, and letting participants in a network interact (e.g. store, exchange, and view information), without pre-existing trust between the parties. “Interactions with the blockchain become known to all participants and require verification by the network before information is added, enabling trustless collaboration between network participants while recording an immutable audit trail of all interactions,” Deloitte explained.


Industrial IoT leaders work towards interoperability and open source collaboration

GE and Bosch are working together to shape the connected world through a collaboration between the software divisions of both organizations, GE Digital and Bosch Software Innovations. The organizations have signed a memorandum of understanding where GE Digital and Bosch Software Innovations will further facilitate openness and growth of the Industrial Internet of Things (IoT). The agreement focuses on technology interoperability and platform integration through GE’s Predix operating system and the Bosch IoT Suite. GE Digital and Bosch Software Innovations intend to make complementary software services available on the other company’s cloud platforms to enhance the overall value of each cloud offering and provide solutions to a wider customer base.


Shaw says NHS is under frequent cyber attack

“We are seeing more and more ransomware attacks,” he said. This included one big, but unsuccessful, national level attack early this month which “may or may not have been state sponsored”. “It was big and it was hard and it was sustained... before, we didn’t know this sort of thing was happening until we got the worst outcome, but now we are in detect mode, rather than defence mode.” Shaw revealed a wide range of attacks were being made on the NHS, with some of these using well-known techniques such as spear phishing, in which hackers target an individual to inadvertently reveal useful information or spread malware. He said NHS Digital itself was successfully targeted in a spear phishing attack by a hacker pretending to be an old friend of one of its staff, using information from social media.


Tech Giants Team Up To Devise An Ethics Of Artificial Intelligence

The Partnership on AI announcement lays out an ambitious agenda for research to be conducted or funded by members, in partnership with academics, user group advocates, and industry experts. Topics on the research agenda include ethics, fairness, inclusivity, transparency, privacy, and interoperability. A recent white paper from IBM called "Learning to Trust Artificial Intelligence Systems" provides some hints as to what the Partnership on AI might be tracking. Authored by Guruduth Banavar, IBM's chief science officer for cognitive computing, it basically expands the concept of garbage-in/garbage-out to now include garbage in-between.


What to do when hackers break into your cloud

There are two major types of public cloud computing attacks: single-tenant and cross-tenant. A cross-tenant attack is the stuff of IT nightmares, but it has not yet occurred. Single-tenant breaches are more likely to occur. In these attacks, the hacker has compromised one or more machine instance, but can't go beyond that. The most likely cause of a single-tenant breach is that user IDs and passwords have been compromised. That's typically due to malware or phishing attacks on client devices. In this case, it's all on you; the cloud provider has done its job, but you haven't done yours. When such breaches occur, hopefully you'll figure it out quickly. When you recognize the breach, the best response is to invoke a prebuilt set of processes that can do the following


Task Force Tackles Healthcare Cybersecurity Challenges

According to Theresa Meadows, co-chair of the Health Care Industry Cybersecurity Task Force and CIO of Cook Children’s Health Care System, the panel’s 20 subject matter experts are drawn from a wide variety of organizations including providers, payers, pharmaceutical companies, medical device manufacturers, IT vendors, and government agencies. “We have representation from all the segments within healthcare so that we can have well-rounded discussions,” said Meadows. “There’s also a patient advocate on the task force.” Meadows said the task force has held several public and private meetings to date and will be “wrapping up its charge” early next year, after which it will report to Congress on its findings and recommendations.


An Open API Initiative Update

WebHooks can be tricky, but with the support we’ve been planning, a server designer can tell the consumer exactly what sort of signature they need to implement for successful handling of a WebHook, and even how the consumer can send messages back to the event producer with different response codes, so you can potentially describe the subscription, unsubscription, and retry flows, making the connections 100% automatable. Also, looking at representations and schemas; it may be a JSON world right now, but remember when the XML world would rule forever? We do, and getting more support for different schema formats is essential for the next 5-10 years of API design. Expect to see new and flexible techniques in 3.0 for this topic. Again, we’ll ensure that the final solution is implementable and not just a modeling proof-of-concept.


DNS Security Extensions - Complexities To Be Aware Of

Interoperability amongst the DNS software is another issue that is adding to the problems. Above all, attackers can abuse improperly configured DNSSEC domains to launch denial-of-service attacks. The following are some such major complexities that one should be aware of. .. This is an attractive target for attackers since it allows them to ‘amplify’ their reflection attacks. If a small volume of spoofed UDP DNSSEC requests is sent to nameservers, the victim will receive a large volume of reflected traffic. Sometimes this is enough to overwhelm the victim’s server, and cause a denial of service. Specifically, an attacker sends a corrupted network packet to a certain server that then reflects it back to the victim.



Quote for the day:


"The underlying principles of strategy are enduring, regardless of technology or the pace of change." -- Michael Porter


September 30, 2016

Ransomware Spreads Through Weak Remote Desktop Credentials

According to Kaspersky Lab, the TeamXRat attackers peform brute-force attacks against internet-connected RDP servers and then manually install the Xpan ransomware on the hacked servers. "Connecting remote desktop servers directly to the Internet is not recommended and brute forcing them is nothing new; but without the proper controls in place to prevent or at least detect and respond to compromised machines, brute force RDP attacks are still relevant and something that cybercriminals enjoy," the Kaspersky researchers said in a blog post. "Once the server is compromised, the attacker manually disables the Antivirus product installed on the server and proceeds with the infection itself." 


This Emerging Tech Company Has Put Asia's Tuna On The Blockchain

A British company just ended a pilot in Indonesia, using blockchain to pioneer a new method of traceability when it comes to fishing, which could stop many of the troubling practises within the illegal fishing industry–including slavery. Provenance used mobile, blockchain technology and smart tagging to track fish caught by fishermen with verified social sustainability claims. Their pilot successfully tracked fish in Indonesia from January to June of 2016, and demonstrated not just another digital interface, but a solution to tracking systems and claims securely and without the need for a centralized data management system.


Wealth and Asset Management Report Predicts Blockchain Use by 2021

It is predicted that by 2021, the convergence of these smart technologies will produce a huge impact on the wealth profession, unlocking the doors of global wealth across a diverse universe of investors. However, with a fast-paced marketplace, it is important for investors to understand their customers’ needs and behaviors, and make the necessary technology changes to meet their requirements. Bob Reynolds, President and CEO of Putnam Investments, commented in the report that ‘the business moves in cycles, and some are severe.” ... As a consequence, economist Dr. Nouriel Roubini said in the report that “mediocre growth and low interest rates have become the new normal.”


The Open Group Launches the O-BA Preliminary Standard Part I

Developed by The Open Group Governing Board Business Architecture Work Group, this is the first installment of a three-part standard. Combined, the three parts of the standard will explicitly address all aspects of a business architecture practice. Not only will it examine the holistic approach in modeling required, but also the way of working and thinking, as well organizing and supporting. The standard clearly defines the systemic nature of transformations, the varying interests and goals of stakeholders, and prepares for consistent communication of business priorities and needs throughout the transformation lifecycle. It addresses a real need to solve structural challenges in enterprise and organizational transformations.


How is IoT Paving The Way for the Future

As the tech world is moving towards the cloud, it’s hard to imagine it functioning without IoT. And as we indulge ourselves in our devices and pour large amounts of data in this enormous mesh called IoT, it has swelled up to gigantic proportions. Such a huge system demands an extensive amount of technology and skills in order to sustain itself. But do we have the what it takes to monitor, maintain and secure IoT? According to Nick Jones, VP Distinguished Analyst at Gartner, “A recurring theme in the IoT space is the immaturity of technologies and services and of the vendors providing them. Architecting for this immaturity and managing the risk it creates will be a key challenge for organizations exploiting the IoT. In many technology areas, lack of skills will also pose significant challenges.”


Shutterstock CIO shares SDDC architecture lessons learned

With an SDDC, there are APIs for everything, so I can enable our software deployment for our product. They can have an API through Puppet and deploy through the infrastructure, and we can set up the key metrics, so if we're seeing load increase on our conservative platform, we can automatically expand that, or I can move that up to AWS. I've got some drivers from the leadership team: [They said] 'We want to move to AWS, we want to be faster.' Okay. I would argue that an SDDC makes you incredibly fast when you look at what we need to do as a company and how we need to service dev and products team -- it's that API-driven economy. They just want to be able to fire code out and know that that code gets deployed and we're operating and monitoring it and we're ensuring that stuff is staying up.


WhatsApp’s privacy U-turn on sharing data with Facebook draws more heat in Europe

In the PM interview, Denham was also pressed on whether the ICO is doing anything to stop data flowing now, while it probes the arrangement, but she said she thinks no data is yet flowing from UK WhatsApp users to Facebook. “We are told that data is not yet being shared — so I am hoping that there is a pause in the data-sharing, and some rethinking of the terms and the consent and what data is being shared,” she said. We’ve asked Facebook to confirm whether or not it is harvesting UK WhatsApp data at this point or not and will update this post with any response. Making a general statement about the data-sharing agreement earlier this month, Europe’s Article 29 Working Party ...  asserted that: “Users should keep control of their data when Internet giants massively compile it.”


Why Automation Doubles IT Outsourcing Cost Savings

Automation is having the biggest impact on areas in which employees manage physical devices, such as network services. Most IT towers see an average 25 percent decrease in the number of resources required as a result of automation, but certain IT services experience a 50 percent headcount reduction, according to ISG. ISG found that network and voice costs are declining by 66 percent mostly due to the convergence of voice, video and data solutions built on highly standardized and virtualized capabilities, an environment ripe for leveraging automation. Service desk and end user support costs declined by 26 percent due to increased adoption of self help and remote support, the introduction of self-healing functionality, and significant automation of level one and two incidents.


The Top 10 AI And Machine Learning Use Cases Everyone Should Know About

Machine learning is a buzzword in the technology world right now, and for good reason: It represents a major step forward in how computers can learn. Very basically, a machine learning algorithm is given a “teaching set” of data, then asked to use that data to answer a question. For example, you might provide a computer a teaching set of photographs, some of which say, “this is a cat” and some of which say, “this is not a cat.” Then you could show the computer a series of new photos and it would begin to identify which photos were of cats. Machine learning then continues to add to its teaching set. Every photo that it identifies — correctly or incorrectly — gets added to the teaching set, and the program effectively gets “smarter” and better at completing its task over time.


On Abstractions and For-Each Performance in C#

A common misconception is the foreach loop in C# operates on IEnumerable. That is almost correct, but it actually operates on anything that looks like an IEnumerable. That means it must have a GetEnumerator method and that method must return an object (or struct) with Current and MoveNext methods, the latter of which returns a Boolean. This was necessary back in the .NET 1.x era when we didn’t have generics or IEnumerable<T>. If you used a non-generic IEnumerable to loop over an integer array, it would have to allocate a new object for each item in the array (an operation known as boxing). As that would be ridiculously expensive, they decided C# would look for a custom enumerator first, and if it couldn’t find one then it would fall back on IEnumerable.GetEnumerator.



Quote for the day:


"The Crystal Wind is the Storm, the Storm is Data, and the Data is Life The Players Litany" -- Daniel Keys Moran


September 28, 2016

Data Governance: From Insight Comes Action

On average, a knowledge worker spends 36 percent of their time looking for information. If content creators can’t keep up with the amount of data across apps, how could we expect IT to protect it? This is the paradox of shadow IT: corporate intellectual property stored in many repositories must be secured and protected by IT professionals not consulted by users as they select the apps to work and collaborate on this content. The conversation needs to shift from blocking unsanctioned productivity apps manipulating this content, to intelligently protecting the content at the source (i.e. repository) itself so users who should be able to leverage their favorite apps – even when not approved by IT - but only for the content they are allowed to access to. Information governance is the industry term for having clear processes for users and IT on the secure handling of content.


The Role of Data in Digital Transformation

Disparate data sources are often a barrier to organizations looking to make use of their digital content to gain greater business insights. Only a third of those surveyed see themselves as extremely effective in managing and utilizing digital content and channels, and less than a third reported being “extremely confident” in their ability to integrate all data sources and applications. Many organizations have taken to storing data in data lakes, which, put simply, are archives that store a tremendous amount of raw data in its native format (whether structured, unstructured, or semi-structured) for as long as it needs to be held for analysis purposes. However, as the business ingests new types of poly-structured data, it can become increasingly difficult to make sense of it without accessing all of the data stored in the various sources.


73% of companies using vulnerable end-of-life networking devices

Old equipment that is no longer supported by the vendors who made it are vulnerable because newly-discovered vulnerabilities and other problems are not being patched. That puts those companies at higher risk of security breaches, network outages and higher future replacement costs. "If its an older device, there are vulnerabilities against it," he said. But companies often keep the older equipment around because it still works. "If something isn't having an issue, we tend to forget about it," Vigna said. "If there isn't pain, there isn't a reason to change a lot at companies." In addition, the companies might not even be aware that some of their equipment is past its due date.


In The “Second Wave” Of Cloud Computing, Hybrid Cloud Is The Innovator’s Choice

Hybrid is the palette they’re painting with, best expressed by the analysts at Frost and Sullivan. “At their core, successful hybrid cloud strategies support the delivery of high-value applications and services to the business, while at the same time driving cost and inefficiency out of the IT infrastructure,” the study said. Fine, but how does adopting a hybrid cloud strategy support business success, particularly as we enter the era of cognitive computing? Successful organizations provide the answer. They aren’t adopting cloud technology for its own sake. Instead, they’re pursuing a business strategy that’s equally about transformation and industry disruption.


Improve application rollout planning with advanced options

One drawback of canary deployment to consider during application rollout planning is the time it takes to complete an update, as the new version is tested and phased gradually into production. This means the application owners must manage more than one version simultaneously, and it demands careful change and version management on the part of IT operations staff. The incremental increase in usage allows ample opportunity to gather load metrics, however, allowing production IT capacity planners to see how load demands change with the updated code. And the canary process provides a relatively safe and rapid rollback process if unintended consequences occur.


BTCPoint Creates 10,000 Bitcoin-Enabled ATMs Using Spanish Bank Network

To access the service, BTCPoint users enter the amount of money they'd like to withdraw from an ATM using the application and send bitcoin to a company address. Next, users receive an SMS and a PIN code, input the PIN code into an ATM on the network and withdraw their funds. The service today is one-directional, with users only being able to withdraw cash from units, though Lopera said BTCPoint is working on solutions that diversify its service. "We are focusing on changing bitcoin into cash, and we’re also talking with different credit card processors, who could enable the buy option so you can buy at a very low fee," he said. Lopera suggested BTCPoint is in talks with US and Latin American banks as a means to expand its service.


Enabling a digital future requires smart capital strategy.

Executives recognize that digital transformation is impacting all aspects of their business — from the front - end to the back. They also know that the competitive landscape is changing rapidly as barriers to entry are eroded. Digital is a continuous form of disruption to existing (or new) business models, products, services or experiences, enabled by data and technology across the enterprise. The key challenge for many companies will be a lack of sufficient capital to meet their digital ambition. Enabling a digital future requires smart capital allocation. Selecting the right strategic investments — organic or inorganic — offers routes to growth. The key question is can companies build the capabilities required to succeed in the brave new world — or do they need to buy?


Why London will remain a global tech hub post-Brexit

London’s corporate tech base is impressive and should also help maintain its position. The presence of big global tech companies, such as Google, Amazon, Facebook, Microsoft and Yammer, provide a solid foundation for the tech sector, while fast-growing smaller companies, such as Skyscanner, Badoo, Hailo and Mind Candy, provide that drive for innovation for which London’s tech sector is renowned. Accelerator programmes to help the Capital’s tech start-ups expand and succeed are another factor why the doomsayers over London’s tech future are wrong. Currently there are around 4,000 start-ups in the Capital and about 40 accelerator programmes, such as Seedcamp, TechStars, Wayra and Oxygen, help foster these young firms and buoy their growth.


3 Big Trends in Business Intelligence and Analytics

Lack of good, consistent quality data is cited as the number one challenge organizations face to realizing the full potential from analytics (A.T. Kearney’s “2015 LEAP Study - Leadership Excellence in Analytic Practice”). Excessive time and resources are needed to manipulate and “roll-up” data before business analysts can start to use it for reports, analytics and insights. Often these challenges are compounded when analysts create work-arounds that drive “shadow” data bases and ad hoc data management processes that undermine confidence in the data. Strong business intelligence can become the data syndication traffic cop and data clearing house for enterprises that need to make better, faster decisions using good quality data and insightful analytics.


Traffic Data Monitoring Using IoT, Kafka and Spark Streaming

In order to process the data generated by IoT connected vehicles, data is streamed to big data processors located in the cloud or the data centres. An IoT connected vehicle provides real time information of the vehicle like speed, fuel level, route name, latitude and longitude of vehicle etc. This information can be analysed and data can be extracted and transformed to the final result which can be sent back to the vehicle or to a monitoring dashboard. For example, using the information collected for different vehicles we can analyse and monitor the traffic on a particular route. In this article, we’ll use Apache Spark to analyse and process IoT connected vehicle’s data and send the processed data to a real time traffic monitoring dashboard.



Quote for the day:


"Any sufficiently advanced technology is indistinguishable from magic." -- Arthur Clarke


September 27, 2016

Why Hire a Corporate Lawyer When a Robot Will Do?

Well-tuned search engines could save people a lot of time and suffering. Luminance promises to increase the efficiency of contract review by at least 50 percent. Kira Systems claims a time reduction of as much as 90 percent. If Bayer’s legal team had included robot lawyers, maybe they could have completed due diligence for the Monsanto deal in days. So will the associate attorney, among the least satisfying jobs in the U.S., become a thing of the past? Not necessarily. Even though automated-review tools are great for organizing documents into actionable information, intelligent humans are required to step in when the computer encounters ambiguous language or unexpected cases. It’s like how self-driving cars still have human supervisors in the vehicle to deal with rogue squirrels or trolley problems.


One Fantastic Keyboard For Your Compiter, Phone And Tablet

This full-size, six row keyboard features a complete set of function keys and a number pad. Certain keys—such as Alt and Ctrl—will automatically change functions depending on which operating system you’re working in. Running the length of the keyboard is a rubberized tray that holds your mobile devices at the correct viewing angle. You can link up to three devices at a time to the K780 via Bluetooth. Those without Bluetooth can connect via Logitech’s Unifying USB dongle. At the top left of the keyboard are three white buttons used to pair your devices. Switching between paired gadgets is as simple as tapping the corresponding button.


How to succeed with hybrid cloud application integration

The biggest mistake you can make in hybrid cloud integration is overspecializing. You should establish a common network connection model across your entire hybrid cloud and then work to define a standardized hosting model to deploy applications/components. The connection model issue can only be addressed by creating a virtual private network that can host all of the applications and components. Enterprises are increasingly looking to adopt software-defined or virtual networks as their connectivity core, and if the proper software-defined network or software-defined wide area network model is adopted, it can connect everything, whether in the cloud or the data center. There's no substitute for open uniform connectivity, so it's critical to get this right, and enterprises are recognizing that the basic cloud networking tools are best used to supplement this enterprise virtual network, not create it.


Government lawyers don’t understand the Internet. That’s a problem.

Today, cyber, data and privacy questions lie at the core of numerous corporate and government cases, and there aren’t anywhere near enough practicing lawyers who can adequately understand the complex issues involved, let alone who can sufficiently explain them in court or advise investigators on how to build a successful case. “This is a problem that pervades all of the national security apparatus,” says Alvaro Bedoya, who previously worked as the chief counsel to the Senate Judiciary Committee’s subcommittee on privacy, technology and the law, and now leads Georgetown Law’s Center on Privacy & Technology. “You don’t have a pipeline of lawyers right now who can read code.”


Your users have porous passwords? Blame yourself, IT.

Maybe IT needs to tone down its security awareness efforts. New research by psychologists into password strength delivered the non-intuitive conclusion that users who are well briefed on the severity of security threats will not, as IT had hoped, create stronger passwords to better protect themselves. They actually tend to create much weaker passwords because the briefings make them feel helpless, as if any efforts to defend against these threats are pointless. The research, from a Montclair State University study — detailed here in a story from The Atlantic — suggests that IT staffers need to make sure that they emphasize how powerful a defense passwords, PINs and secure phrases can be in defending against threats, at least until we are able to deploy better authenticators.


Psychology Is the Key to Detecting Internal Cyberthreats

The key to identifying and addressing at-risk employees before a breach or incident occurs is to focus as much on understanding and anticipating human behavior as on shoring up technological defenses. The best way to do this systematically is by analyzing employees’ language continuously and in real time, in a way that still respects privacy. And, the data is readily available to do so because email, chat, and texts are now one the most common methods of communication in business. ... The opportunity for using psychological content analysis in the corporate workplace is vast. Not only can leaders utilize this to intervene before a security breach, but leaders can also use insights to support other efforts to build a healthier culture and develop the organization’s talent.


Mood of the Boardroom: Hacking a serious business

The fact that cybersecurity now ranks alongside what have long been seen as the world's greatest challenges is telling. A real estate director said, "Both terrorism and cybersecurity are always cause for concern of the highest level, as we do not know when and where it will next hit." In light of the increasing acknowledgement of the risk, there are opportunities for the businesses that help address it. Kordia acquired Aura Information Security, a leading cybersecurity company, for just over $10m in late 2015. Bartlett sees addressing cybersecurity threats as a potential selling point for New Zealand. "We are small enough to make our little country a stand-out example of how to get it right," he said. "If we can, our cyber-safe brand will be as important as, and more credible than, 100 per cent Pure New Zealand."


Companies say IoT matters but vary on how to secure it

Overall, their biggest challenges in deploying IoT revolved around security and privacy. But most are taking an “ad hoc” approach to security, doing things like securing individual devices using firewalls. However, 23 percent said they are integrating security processes into their IoT workflow. No single approach has won out yet, MacGillivray said. Finding people with the right job skills is another thing that makes IoT difficult, respondents said. That's a pain point especially in terms of crunching all the data that flows in from the new systems. Also, most enterprises haven’t taken advantage of edge computing, which may be one of the most important parts of IoT, according to IDC. A majority of organizations that have deployed IoT devices just use them to collect data and send it to the cloud or a data center for processing.


How To Mitigate Hackers Who Farm Their Victims

The farming is more sophisticated now with advanced Command and Control (C&C) servers that they use to make system changes remotely, multiple backdoors in multiple systems, bogus accounts they create to sell or reuse, and sensors they leave behind to identify and harvest specific data, says Inskeep. Command and control servers work by receiving communications from malware-infected systems that call out to the internet via outbound network traffic. This works because most network security is geared to defend against what is coming in, not what is going out. Hackers can spread large numbers of Trojans into different kinds of systems because they can pair these backdoors with many different kinds and pieces of legitimate software from OS and application updates to games.


Is the internet of things the new DDoS attack weapon?

It’s been posited that attackers are leveraging internet of things (IoT) devices to grow their botnet capacity to this new level, which in itself is troublesome, but first, the backstory. Krebs is one of the most prolific cybersecurity-focused investigative journalists and has broken a number of high-profile stories and been responsible for numerous arrests over the years. As a result of his intrepid work, Krebs has come into direct contact with plenty of criminal gangs and met the perpetrators of many of the world’s most notorious cybercrime fraternities face to face. Speculation that this is why his site was attacked has stemmed from his recent coverage of an Israeli online DDoS attack service called vDOS – still available to read via Google’s webcache.



Quote for the day:


"Optimism is the faith that leads to achievement. Nothing can be done without hope or confidence." -- Helen Keller