Daily Tech Digest - November 03, 2016

Machines can now recognize something after seeing it once, Cybercrime in Canada: The impact on SMBs, How integrated reporting is changing the role of the accounting profession, Saudi Arabia turns to big data to boost business innovation and more.

Machines Can Now Recognize Something After Seeing It Once

The best algorithms can recognize things reliably, but their need for data makes building them time-consuming and expensive. An algorithm trained to spot cars on the road, for instance, needs to ingest many thousands of examples to work reliably in a driverless car. Gathering so much data is often impractical—a robot that needs to navigate an unfamiliar home, for instance, can’t spend countless hours wandering around learning. Oriol Vinyals, a research scientist at Google DeepMind, a U.K.-based subsidiary of Alphabet that’s focused on artificial intelligence, added a memory component to a deep-learning system—a type of large neural network that’s trained to recognize things by adjusting the sensitivity of many layers of interconnected components roughly analogous to the neurons in a brain. 


A glimpse of the future, part three: the internet of things

Certainly, there are many projects that are focused upon creating a self-sustaining planet where, instead of using fossil fuels or other dirty power systems, we get all our energy from the Sun. Elon Musk’s company announced just the other day a range of new house tiles that look like tiles but are actually solar panels. The world is changing fast, super-fast, and much of it being driven by the visionary Elon Musk but he’s not alone. For example, Jeff Bezos is quietly building a whole new world through Amazon. In fact, it seems that we have two sorts of billionaires out there. Those who want to create new solutions for the future (Musk, Bezos and Branson), and those who want to solve present problems in the future (Gates, Buffett, Zuckerberg).


Mobile apps to take over HR technology

Businesses are showing interest in using mobile tools to measure the culture of their business. “That is becoming interesting and big,” he said. Deloitte, for example, has introduced an app called CulturePath. It asks people 10 to 15 questions about their workplace, such as how much freedom they have, how safe they feel and how much collaboration there is, to assess the culture of the organisation. “In most companies, the CEO believes the culture is a certain way. It may be that way around him or her, but it may be completely different out in the company depending on who the manager is,” he said. ... A number of recruitment tools now have tracking systems that measure how diverse the process is, highlighting any unconscious bias.


Cybercrime in Canada: The impact on SMBs

The picture of Canadian SMB cybersecurity that emerges from this survey is of many good intentions and a broad awareness that cybercrime is a threat to organizations. For instance, 96% of SMB employees think backing up company files is important, and 92% think having IT security software installed on all devices is an important IT security measure. A very encouraging 88% place a strong emphasis on “training on your company’s IT security procedures”. Yet much work remains to be done. Only 43% on SMB employees felt confident that their business and its reputation could “survive and thrive” after a cyberattack. And only 40% said they were “very satisfied” with their company’s current IT security policies, procedures, and products.


One in three targeted cyberattacks results in a security breach: Accenture Survey

A new security survey from Accenture has found that, in the past twelve months, roughly one in three targeted cyber attacks resulted in an actual security breach, which equates to two to three effective attacks per month for the average company. Still, a majority of security executives (75 percent) surveyed are confident in their ability to protect their enterprises from cyberattacks. For the survey report ‘Building Confidence: Facing the Cybersecurity Conundrum,’ Accenture surveyed 2,000 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries about their perceptions of cyber risks, the effectiveness of current security efforts and the adequacy of existing investments.


How Integrated Reporting Is Changing The Role Of The Accounting Profession

The ability to adapt to the rapidly changing business environment and anticipate the information needs of our investors, shareholders, partners and clients is a vital part of corporate reporting. At its core is the need to develop and use a best practice approach that will assist the decision-making process and contribute to the successful implementation of our strategy. As I lead the implementation of the Integrated Reporting (IR) framework and embed its principles into the fabric of our corporate reporting, my goal is to influence behavior and shift the focus to a more comprehensive view of the factors that contribute to increased strategic alignment and the long-term sustainability of our institution.


Saudi Arabia turns to big data to boost business innovation

“When you are only focusing on your strategy, you can miss significant changes in the business model of your industry and suddenly a brand new competitor arrives on your doorstep. This is why Saudi CIOs are becoming more anchored in their business strategy.” Barig Siraj, director of IT and ERP at Zahid Group, one of the region’s biggest conglomerates, agreed that big data strategy would loom large as his business becomes more globalised. Although Zahid is not currently undertaking big data initiatives, Siraj said global partners of its leasing division, such as Caterpillar and Volvo Trucks, would soon require data exchange and analytics to gain global information insights.


Q&A With The Author on "Designing the Requirements”, an Alternative Approach

Obviously the book is about design of IT applications but I have long felt that it is very odd that IT design should be so different from other kinds of design like designing a building. For instance, you would never incrementally design a house; start by designing a wall say, showing it to the customer and asking if that was what they wanted and then, when they were happy with that, showing them another wall and so on. When starting on this journey many years ago, I wanted to know exactly how IT design was different from “normal” design and why. And the first point I noticed was that design of buildings or machines was hierarchical. It’s the hierarchy that gives you traceability – if something is changed or breaks, you go up the hierarchy to understand the ramifications on the rest of the design.


The True Potential of RegTech: Fostering Systemic Financial Stability

RegTech platforms to date have primarily been designed to help major financial institutions meet the burgeoning, new demands of regulators and policymakers. Yet RegTech offers regulators much more. It offers a proportionate risk-based approach where access to and analysis of data enables more granular and effective supervision of markets and market participants. This new form of data reporting and monitoring has the potential to benefit macro-level supervision and stability ... Yet to date RegTech has fallen far short of this vision. For now, RegTech’s growth has principally been in processes that substantially decrease compliance costs and the potential for regulatory fines. The most immediate practical use has been to make it easier to attact and monitor clients in compliance with know-your-customer (KYC) rules.


Do We Need Two Types of CIO?

More traditional CIOs, with a long history of infrastructure projects, are likely to be more suited, and more comfortable, keeping the lights on. They will be focused on automating core tasks and driving efficiencies in existing processes. Whereas more digitally ambitious “change agents” will want to explore disruptive technologies to transform operational models altogether. A good example of this is the IoT2.0 approach adopted by Panera Bread to digitally mobilize customer-facing processes, including ordering and paying. I talked about Panera’s innovations in some more detail in my previous post. Perhaps there is a role for both types of CIO―and perhaps we’ll see a rewriting of senior job titles to reflect this increasing alignment between IT and business strategy.




Quote for the day:


“I do not think that there is any other quality so essential to success of any kind as the quality of perseverance.” -- John D. Rockefeller


Daily Tech Digest - November 02, 2016

Tech Bytes - Daily Digest: November 02, 2016

The biggest cyber security threat is right under our noses, Will digital economy create a developer shortage, What big data is doing for shipping on a global scale, Defending against insider data breaches, Bitcoin isn't anonymous enough to be a currency and more.

The Biggest Cybersecurity Threat is Right Under Our Noses

Technology is advancing at a rate where the convergence of progress in multiple areas is finally making it possible to detect malicious insiders. The cost of storing data continues to go down. The processing capabilities of servers to sift through data keeps marching forward. And advances in machine learning—artificial intelligence—makes it possible to make sense of the data in meaningful ways. It is this confluence of massive secure scalable computing at a low cost, combined with exponential algorithm advances, that has made a breakthrough AI cybersecurity solution like Cognetyx possible. Take one of the toughest scenarios as an example. Let’s say an employee of a hospital for whatever reason decides to steal patient data. Maybe they hold a grudge against their boss. Perhaps they are going to sell the data.


6 trends that will shape cloud computing in 2017

The global public cloud market will top $146 billion in 2017, up from just $87 billion in 2015 and is growing at a 22 percent compound annual growth rate. The lion’s share of this growth will come from Amazon.com, Microsoft, Google and IBM, which have emerged as "mega-cloud providers,” Bartoletti says. They are opening new data centers and making concessions, such as Microsoft’s agreement to have T-Systems manage its cloud in Germany to meet data localization requirements. But the big players won’t be able to service every unique request, which means smaller regional players will see an uptick in adoption in 2017. Bartoletti recommends: "Keep you options open and don't be afraid to use multiple providers."


Will Digital Economy Create A Developer Shortage?

According to Sam Ramji, CEO of the Cloud Foundry Foundation, the companies that don't see a gap are not those furthest behind the effort to move into the digital economy. They are the ones that have been functioning as part of it for several years (companies such as Amazon, eBay, Google, Apple, and Netflix) and are attracting talent because of their position in the economy. The gap shows up more clearly in companies that are still dominated by their legacy systems, he noted. He said his impression that this might be the case was confirmed when Netflix made some of its internal code for managing AWS cloud operationsavailable as open source. When he asked Netflix officials why they released home-grown code, they explained that it would make knowledge of what they were doing more widespread.


What Big Data is Doing for Shipping on a Global Scale

Another important way that the use of Big Data can help optimize the shipping process on a global scale is to provide the information necessary to help shipping companies better manage multi-stop routing, which is a nightmare for any industry, and the shipping industry is no different. The use of Big Data will allow shipping companies to use a mathematical approach to determine where shipping containers should be placed on the ship. By using data to effectively place containers where they can be reached at the proper time, the entire process can be streamlined to run more effectively and efficiently — not only making the company more productive, but also saving the shipping company money.


ALM and DevOps tooling still a critical part of orchestration

With continuous development and DevOps integration, the DevOps models or recipes associated with each ALM phase have to be designed following the ALM processes. Then it can be codified in DevOps language -- declarative or imperative, as appropriate. When development changes are made to an application, component or service, the changes not only have to be tested in terms of application functionality, security and compliance, but also in how they impact the integration between ALM and DevOps. The tight coupling of development, ALM and DevOps demanded by continuous delivery has changed DevOps already. The two most popular tools, the imperative Chef and declarative Puppet, have both evolved to support modular declarations of resources.


Defending against insider data breaches

Internal data breaches have the potential to damage reputation and incur significant financial loss – not only for law firms but clients too. As highlighted by the Panama Papers, the impact of an insider cannot be underestimated. An anonymous source from within Panamanian law firm Mossack Fonseca was able to leak an unprecedented 11.5 million documents over the course of a year, with consequences that reverberated across the globe. Of course, this is an extreme example, but it does serve to highlight the danger posed by an insider who can go undetected for long periods of time.  While there is no silver bullet, there are steps that every law firm can take to reduce the risk of internal data leakage – and these aren’t constrained to the IT department.


Bitcoin Isn’t Anonymous Enough to Be a Currency

On the surface, privacy-preserving cryptocurrencies seem designed precisely to undermine such controls. Monero mixes multiple transactions together so that a source cannot be directly linked to a destination. Zcash creates shielded transactions where everything is hidden except for a string of data that proves the transaction is valid . Bitcoin also plans to add some of these features in the near future. As bad as it looks, though, developers aren’t creating anonymous payment systems because they want to help criminals evade the law. They're doing it because that’s the only way a decentralized currency can work. If, say, users have to evaluate the acceptability of each bitcoin based on its transaction history, then one coin can be worth more than another and the currency loses its reason for existence.


How Advanced Technology Can Save Us From Future Internet Shutdowns

“One self-help mechanism would be for a ‘good’ hacker to write a virus that finds insecure devices and simply disables them. This would remove insecure devices from the pool of computers that could be used as bots,” Eli Dourado, technology policy director at the Mercatus Center, told TheDCNF. “It would be inconvenient to consumers whose devices suddenly stopped working, but that inconvenience may be necessary to prevent more serious attacks in the future.” There are also security network services available, like Cloudfare and Akamai, but they can be expensive, said Ryan Hagemann, technology and civil liberties policy analyst at the Niskanen Center. “As with any decision, a company or individual will need to assess whether the benefits of employing such a service outweigh the costs.”


How To Find The Best Wi-Fi Router For A Home Office

Before you rush out to buy an expensive Wi-Fi router with MIMO, you should know that to utilize that speedy wireless your Wi-Fi devices must also support the tech. Unfortunately, the majority of today's Wi-Fi devices, including smartphones and tablets, only support one or two spatial streams, and they won't be able to take full advantage of Wi-Fi routers with more streams. The same thing applies to MU-MIMO routers, because only a handful of mobile devices available today support the tech. In some cases, it may make sense to buy a more affordable Wi-Fi router that delivers optimal performance with your existing devices, and then later opt for a more advanced router when you upgrade your mobile devices to phones, tablet or computers that support MIMO.


Cisco says it'll make IoT safe because it owns the network

Within the next year, Cisco will launch a program to certify IoT devices as compatible with its network-based software. Among other things, the software should be able to automatically authorize these devices on a “white-list” basis, allowing only endpoints that are safe instead of trying to find and block those that are not. Devices themselves will play a role here, telling the network what kinds of things they should be able to do, such as only connecting to the home server for the service it provides. This approach might help to prevent devastating events like the recent Mirai botnet attack that employed thousands of insecure internet-connected cameras. But the IoT onboarding and management capabilities go beyond security to include automation of other tasks like network configuration that administrators would otherwise have to do.



Quote for the day:


"The aim of education should be to teach the child to think, not what to think." -- Indira Gandhi


Daily Tech Digest - November 01, 2016

Tech Bytes - Daily Digest: November 01, 2016

Devops engineer skills needed for continous deployment, Digital radically disrupts HR, Microservices governance requires standards security & scrutiny, Why don't all businesses have a good continuity strategy, Red Hat EMEA chief sees opportunities in shifting markets and more.

17 essential tools to protect your online identity, privacy

Most users know the basics of computer privacy and safety when using the internet, including running HTTPS and two-factor authentication whenever possible, and checking haveibeenpwned.com to verify whether their email addresses or user names and passwords have been compromised by a known attack. But these days, computer users should go well beyond tightening their social media account settings. The security elite run a variety of programs, tools, and specialized hardware to ensure their privacy and security is as strong as it can be. Here, we take a look at this set of tools, beginning with those that provide the broadest security coverage down to each specific application for a particular purpose. Use any, or all, of these tools to protect your privacy and have the best computer security possible.


DevOps engineer skills needed for continuous deployment

Speed and fluidity are the hallmarks of a DevOps culture -- code is always changing, and it takes sound collaboration and version management skills to assemble the correct components and craft a release that runs. DevOps engineers work with tools such as Git, Perforce and Apache Subversion for version and revision control. To better deploy this ever-changing code, many DevOps engineers embrace configuration management, which is almost always automated to accelerate the pace of new version releases. Many DevOps engineers are experts with tools such as Puppet, Chef and Vagrant. DevOps engineers don't just shepherd code through development; they also provide the bridge needed to facilitate those new releases on the operations side


Digital Radically Disrupts HR

Technology advances are enabling HR to put the “human” back into human resources, and helping give people management back to the people. This could include involving employees and managers in high-impact talent processes—including recruiting, hiring, succession planning, learning and shaping career paths. ... Just as digital changed marketing by enabling customization of products and messages, digital is similarly transforming HR. Digital can now be used to push out customized offerings, including learning and job opportunities, targeted, personalized messages, or personalized information based on an analysis of an individual’s social media digital trail and artificial intelligence that predict what an individual needs and values based on their unique employee segment.


Data Science Predictions for 2017

Data is now creating opportunities for business growth and profit like never before. In the last decade, the emergence of advanced data technologies and superior analytics tools has made it possible for business operators to reap numerous benefits from their data assets, yet for most they’ve only just scratched the surface of data’s potential. Data Science is allowing enterprise’s to successfully leverage that potential like never before. A particular McKinsey report published in 2013 predicted that the global business community would feel the pinch of an acute shortage of Data Science professionals for the next decade, specifically a shortage of “1.5 million analysts” skilled at deriving competitive intelligence from the vast amounts of static and dynamic (real-time) data.


Microservices governance requires standards, security and scrutiny

"It is important to look at governance holistically as not only microservices management during runtime, but also as an inculcation of best behavior within domain teams during design and development," Kohli said. While the first part can be addressed through APIs, best practices can be more difficult since they deal with the human element. Things like posting microservices on a collaboration hub and encouraging merit-based reuse with reviews and ratings can help, he said. Ultimately, the popularity of microservices will require standards, which will likely stem from collaboration between companies in the cloud computing space. Until then, products do exist to help shore up security issues and ensure that the microservices are flexible enough to meet the needs of the company.


The Shifting Cyber Attack Target Set And Why It Matters To The Mid-Sized Business

What is troubling about this is that smaller firms have a much harder time recovering from attack. Breach requires cleanup, forensics, notification of employees, customers, clients, causes costly damage to brand, may diminish goodwill, and can result in direct financial loss. A smaller firm can have a very hard time recovering. In fact, according to surveys by the National Cyber Security Alliance, approximately 60% of small businesses that fall victim to a cybercrime each year go out of business six months after an attack. Digital life is unfair. The big guys like Target, Home Depot, eBay all recovered from massive cyber attacks with no noticeable impact on share price a year after their attacks. But mid-sized businesses may well be driven to bankruptcy.


Why don’t all businesses have a good continuity strategy?

Most businesses are familiar with the idea of data backup, but a proper disaster recovery strategy goes beyond data. Businesses often have data backed up, but don’t consider the systems that rely on that data. What use is data if a disaster renders the IT infrastructure inaccessible? While data backup is essential, it serves little purpose when all of your applications and systems are out of commission. Disaster recovery is usually a manual process, in which IT teams are on-call and recovery time is dependent upon how quickly they can restore service. A more effective continuity strategy takes the full implications of downtime into account. Downtime means a hit to the bottom line. It means employees getting paid to wait for crucial systems to come back online. It means your customers going elsewhere.


Here's How Businesses Can Prevent Point-of-Sale Attacks

Typically, point-of-sale malware works by reading payment data the moment the card is swiped through the retail checkout machine. It does this by scraping the RAM memory of the point-of-sale terminal, where the payment data can be unencrypted. "The malware techniques are evolving all the time," Rice said. Criminals also understand that retailers are continually updating their point-of-sale machines for pricing or inventory reasons. "So they (the hackers) are using a variety of vulnerabilities to insert the malware into the system," he added. However, businesses are far less vulnerable to any data breach if they move to end-to-end encryption, according to Rice. That means encrypting the customer's data throughout the entire payment process, including the moment the credit card is swiped.


Zcash, a Harder-to-Trace Virtual Currency, Generates Price Frenzy

The privacy features of Zcash could make it harder for the currency to win support from regulators and bankers. Investigators have used Bitcoin’s ledger, known as the blockchain, to track down some people selling drugs for Bitcoins on black market websites. Such websites have proliferated since the first popular black market site, the Silk Road, was taken down in late 2013. Since the demise of the Silk Road, mainstream financial institutions have shown significant interest in virtual currencies and particularly in the blockchain technology, which provides a new decentralized way to keep financial records and to power transactions of all sorts. Major central bankshave recently been talking about using the technology for their own currencies.


Red Hat EMEA chief sees opportunities in shifting markets

OpenShift is key here and Knoblich nominates it as “becoming the hottest product for Red Hat, not necessarily for revenue but in terms of interest, proofs of concept and net new customers. Here, Knoblich sees Linux becoming the common denominator underlying physical servers, virtual servers, private clouds and public clouds. There is a different buying audience for OpenShift where DevOps is at the heart of activity and it is one that the company is quite comfortable. A related opportunity lies in JBoss middleware where Knoblich says some firms are swapping out BEA WebLogic for JBoss. In telecoms Red Hat is helping carriers virtualise their networks having created a unit that is focused purely on telco, and banking is another market where restructuring of the sector will lead to a requirement for agility.



Quote for the day:

"The basic story is that we have been gradually losing our privacy in a whole bunch of ways that people don't appreciate." -- Matthew Green

Daily Tech Digest - October 31. 2016

Tech Bytes - Daily Digest: October 31, 2016

Algorithms built on digital footprints will revolutionize lending, Will the fourth industrial revolution have a human heart, Why big data leaders must worry about IoT security, 5 mistakes to avoid when building the business case for IT, Financial sector urged to strengthen governance and more.

Algorithms built on digital footprints will revolutionize lending

Fintech will also be very influential in the area of payment banks. One of the reasons for the slow growth of bank lending is that there are very few banks that have licenses. The deposit rate and lending rate is quite high so there’s a lot of sticky money in the economy. Until now, there was no competitive dynamics that upset the apple cart. Now with the emergence of fintech firms on the credit side and the rise of payment banks on the deposit side, the established banks will face pressure on the credit and deposit side. This will also mean that the customer will benefit both ways, from a higher deposit rate and with lower interest rates on loans and at the same time with better access to both. So, fintech will change the nature of existing businesses in areas of transaction, credit, and deposits.


5 Lessons We Learned on Our Way to Centralized Authentication

In many startups, centralized authentication is a "future us" problem. Setting up centralized auth is useful for managing your network, but requires time, domain knowledge, and patience to get many of the technical solutions working. Compare this with the ease of user management via configuration management (CM) tools that your DevOps teams are already using — they work well enough (and did we mention that they're already in place?) — so it makes total sense that many organizations "punt" on this issue. However, once your organization grows to a certain size, managing users through CM can be a hassle. For one thing, not all systems are going to rely on UNIX authentication (such as Jenkins, Grafana, etc.), so you’ll need to start configuring those separately and possibly outside of your CM platform.


Will the Fourth Industrial Revolution Have a Human Heart?

In this new industrial revolution, it is believed that robots and humans could be living and working together a lot more. This raises questions of trust. A good example is if a person is faced with an illness and a robot and human doctor prescribe different drugs and care strategies to get well. It would be hard to know who to trust. Another great example provided is if you were arrested for a crime that you didn’t commit, would you rather get tried by a robot or a human judge. These are questions we may face and sooner than you think. In fact, in some cases it is already happening. Some believe that there could end up being conflict between people and robots. This could have two potential outcomes. One would be and economic struggle where humanity is destroyed at its core.


Getting data privacy and security right is 'paramount' to success of open banking, says regulator

"To ensure that enough time is available to work through the important details of this remedy, particularly those that ensure that customers’ data is secure at all times, we are requiring that the release of information under this remedy takes place in stages," Smith said. "The least sensitive information – for example about banks’ prices, terms and conditions and branch location – will be made available by the end of March 2017. We expect that all aspects of an open banking standard will be up and running in early 2018 to coincide with the implementation of the second Payment Systems Directive (PSD2)." Smith described the CMA's open banking plans as "the most fundamental" of its remedies from its market review and said open APIs have the potential to "transform the financial services sector".


An absolute beginner’s guide to machine learning, deep learning, and AI

Here’s a simplistic breakdown: a neural network consists of several layers of neurons. Inputs are passed into the first layer. Individual neurons receive the inputs, give each of them a weightage, and produce an output based on the weightages. The outputs from the first layer are then passed into the second layer to be processed, and so on. The final output is produced. Then the magic happens. Whoever runs the network defines what the “correct” final output should be. Each time data is passed through the network, the end result is compared with the “correct” one, and tweaks are made to the weightages until it creates the correct final output each time. The network, in effect, trains itself. This artificial brain can learn how to identify chairs from photos, for example. Over time, it’ll learn what the characteristics of chairs are, and increase its probability of identifying them.


Why big data leaders must worry about IoT security

One problem facing companies that use or are planning to use IoT with their big data plans is that there currently is no consensus on how to implement security in IoT on a device. This lack of consensus is an issue for standards committees to resolve, not for corporate IT to address. So what do you do if your company is using or planning to use IoT? Follow these steps. First, identify all of your IoT exposure points for hacks and breaches, and write and enact a plan for regularly monitoring them. This monitoring should occur at two levels: regular physical inspections of devices and continuous software-based monitoring and logging of emissions from these devices that are conducted by a network-based system. If unusual activity from a device is detected at any time, there should a way to immediately shut down that device.


5 mistakes to avoid when building the business case for IT

Now, more than ever before, companies are looking closely at the impact of IT spending on their bottom line. Economic pressures, coupled with years of heavy IT spending without clear returns, have driven corporate demands for a tighter rein on IT expenditures and clear justification of every dollar being spent. Technology and finance decision makers need metrics and measures they can trust to ensure that they are making IT decisions that will have a positive impact on the corporate bottom line. Although the buzzwords may have changed and the expectations for payback and risk have become more precise, the path to a credible business case hasn’t changed. Building a business case for a tech investment isn’t difficult, it’s just structured: identify the top areas of benefit, quantify the costs and benefits, and calculate the metrics.


Financial sector urged to strengthen governance

According to Rwangombwa, banks can promote corporate governance by harnessing the relationship between management, shareholders and other stakeholders. He added that the structures through which a firm’s objectives are set, and the means of attaining those goals, and constant performance monitoring play a critical role in strengthening governance. “It is, therefore, important to ensure timely and accurate disclosure on all matters, including your financial health, performance, ownership and governance,” he said. He argued that financial institutions are unique and should uphold public trust to succeed. Rwangombwa noted that the concept of corporate governance is relatively new, adding that even some directors do not understand the ‘heavy’ responsibilities of a director.


Visa Taps Blockchain for Cross-Border Payment Plan

Visa and Chain’s system represents a brand new effort to challenge the Swift electronic messaging network because the dominant methodology for moving giant sums of cash across borders between banks on behalf of companies. Swift has been the topic of recent high-profile hacks and is beneath intensive restrictive scrutiny. But cross-border payments ar still a moneymaking business for banks. Visa, that is attempting to become a a lot of relevant different within the space, are providing the merchandise beginning next year to its member banks as a tool to supply their business customers. The California-based network operator is best famed for facultative personal line of credit and debit cards.


What Really Happens When You Run IT Like a Business?

As an Enterprise Architect working in the IT Management, you have the heavy task of aligning between different organisational silos as well as architectural framework, and industry standards and best practises. Whilst each existing framework and standard has its own intended points of focus, they all share the same restrictive principle i.e. they take a “toolbox” approach where the more content you have in your framework, the more value you provide to the architecture practitioners – but only in and of the particular framework and do not take into account the need to provide insight into how they connect to the broader environment. It is therefore difficult for practitioners to implement the frameworks, understand how to integrate between multiple frameworks or what to prioritize for the benefit of the organisation.



Quote for the day:


"If someone likes your idea the first time you explain it, your idea isn't risky enough." -- Nicolas Cole


October 30, 2016

Tech Bytes - Daily Digest: October 30, 2016

Shareholders sue companies for lying about cyber security, Can anyone keep us safe from a weaponized IoT, The top reason digital transformations fail, Experts share their cybersecurity horror stories, Important tips for updating your breach response plan, Actionable agile tools and more.

Shareholders Sue Companies For Lying About Cyber Security

Directors owe fiduciary duties to their shareholders and have an important role in overseeing corporate risk management, which is now understood to include cyber security risk. There are two ways that breaches can give rise to suits in this context. The first involves a board making an affirmative decision regarding cyber security that permitted a breach—say, putting a woefully inadequate security system in place, or just delegating the whole issue to IT. A second factual scenario would involve the failure to take any precautions at all. Because it established that a board has a duty with respect to cybersecurity, doing nothing about risk would land you in trouble.


Can anyone keep us safe from a weaponized ‘Internet of Things?’

The big problem is that too many of those connected products come with lax security features that make them juicy targets for hackers, according to Herzberg. For instance, cheap Internet of Things devices are often secured with default passwords and may lack support for security updates. And the rapid expansion of the Internet of Things market means even more vulnerable devices are likely to be in use soon: By 2020, there will be over 20 billion Internet of Things devices online, according to one estimate from analysis firm Gartner. ... “It would be great if we could say, 'If you want to produce a device connected to the Internet you must go through basic security checks,’ but we don’t have that right now,” he said.


Synchronous vs. asynchronous communication: The differences

A key challenge in asynchronous execution is ensuring that the clocks of all participants and constituent components or modules remain synchronized. For human interaction, such as a live chat session, such skew is not important. However, in synchronous execution, read-and-write storage operations are likely to occur milliseconds (or less) apart, so proper clock synchronization is essential in guaranteeing that I/O operations occur in the correct order. Another challenge is the need to correlate multiple data streams that encompass both synchronous and asynchronous collection methods. Especially acute in the area of data mining and streaming analytics, dealing with this issue through the technique of singular value decomposition was examined in research first published in 2002.


Why and How to Test Logging

We should not spend time testing the logging subsystem itself, such as log4net, log4j, etc.; we should assume that the mechanics of logging (writing to disk, rotating log files, flushing buffers, etc.) are already handled. Instead, we should concentrate on ensuring three separate but related things ... Of course, by checking for these things, we exercise the logging subsystem and implicitly test that too. By addressing logging as a testable system component, we also tend to reduce the ‘time-to-detect’ for problems, increase team engagement, enhance collaboration, and increase software operability. We need to define a set of event type IDs that correspond to useful and interesting actions or execution points in our software. Exactly how many of these IDs you use depends on your software


The Top Reason Digital Transformations Fail

Despite awareness of the importance of digital technology and business models, we continue to see that most leaders don’t know how to lead a digital transformation. Many work to enable others in their organizations, but this often results disjointed, independent, tactical initiatives, which are costly and go nowhere, creating bad blood inside and outside the organization. To be successful, digital platforms need to be unified across the organization, spanning every division, product, service and supplier. Doing this takes real leadership and board support. That doesn’t mean that it always looks the same, though. If you look at how big players are approaching digital transformation, you can see different approaches playing out.


Apollo Hospitals uses big data analytics to control Hospital Acquired Infections

The process involved understanding the various infection patterns that affect an inpatient. Since this is a multi- clinical disciplinary activity, such a project entails the involvement of the microbiologists, lab teams, doctors from various clinical specialties and pharmacologist. “These stakeholders play a key role in promoting appropriate practice for prevention of such infections. So we wanted to equip these multiple stakeholders with powerful big data analytics to enhance their ability to define both preventive as well as prescriptive treatment patterns and ensure that the patient’s well-being is maintained,” states Sivaramakrishnan. The hospital took all the diagnostics results, patient conditions, other relevant clinical information and created analytics models out of it.


Experts share their cybersecurity horror stories

Cybersecurity experts warn that large-scale, coordinated cyber-strikes targeted at essential infrastructure, like last week's Dyn DDoS attack, could cost the economy billions of dollars in lost productivity and potentially harm individuals. ... When companies are attacked, TechRepublic ordinarily advises them to follow damage-mitigation best practices. In the spirit of Halloween, however, let your fears run wild with these hacking horror stories. ... Car hacking has been demonstrated. Shutting down power to a hospital can threaten lives. Network-connected healthcare devices can be misused. IoT is a new frontier with new risks - the things we're putting on the internet range from convenience devices for comfort and lighting to life-sustaining devices like pacemakers and other medical implants.


The Internet of Things Industry Failed Us

The most frustrating part of the recent DDoS attack is that IoT manufacturers only needed to look at 30 years of consumer technology to see the proverbial writing on the wall. And if they couldn't do that, they could have heeded the warnings spouted by security researchers (corporate and hobbyist hacker alike). These people have told anyone who would listen how putting billions more devices on the Internet without careful consideration of how they will be used is a bad idea. In 2014, Dan Geer opened the Black Hat conference by saying that the IoT is already upon us and could lead to trouble.


Important Tips for Updating Your Breach Response Plan

The "set it and forget it" approach may be great for a thermostat, but breach response plans should never be left on autopilot. Modern hackers are often highly educated with extensive experience and top-notch skills. Furthermore, many hackers work for their governments or corporations, giving them access to the latest technologies. Hackers have become increasingly adept at finding vulnerabilities that they can exploit, the Heartbleed vulnerability being just one example. Given that payouts are huge, cyber-criminals are extremely persistent at finding a way into secure networks. With the growing threat level, increasing regulations, evolving technologies and changing motives, it has become increasingly important to update breach response plans frequently.


Actionable Agile Tools

Do you often hear things like “That is a typical (insert person's name here) job” or “only (insert person's name here) knows about (insert subsystem or component name here)”? This is an all too common issue in IT companies, and is a seriously dangerous situation to be in. Especially in the modern age where people do not stay at companies for long durations of time anymore. All companies know this and all talk about how they need to start doing something about it. But very few ever actually do until that person finally announces that they are leaving, then they need to make do with a brief handover period and muddle through without them until the next person becomes an expert in that area and we repeat this process all over again.



Quote for the day:


"Present solutions. Minimize waste. Engage willingly." -- S. Chris Edmonds