Daily Tech Digest - February 24, 2017

The Future of Serverless Compute

Serverless compute, or Functions-as-a-Service (FaaS), is a more recent part of this massive change in how we consider ‘IT’. It is the natural evolution of our continuing desire to remove all baggage and infrastructural inventory from how we deliver applications to our customers. A huge number of applications we develop consist of many small pieces of behavior. Each of those are given a small input set and informational context, will do some work for a few 10s or 100s of milliseconds, and finally may respond with a result and/or update the world around them. This is the sweet spot of Serverless compute. We predict that many teams will embrace FaaS due to how easy, fast and cheap it makes deploying, managing and scaling the infrastructure necessary for this type of logic.


Go-to People Considered Harmful

Dependency issues in social systems can take a variety of forms. One that comes easily to mind is what is referred to as the “bus factor” – how badly the team is affected if a person is lost (e.g. hit by a bus). Roy Osherove’s post from today, “A Critical Chain of Bus Factors”, expands on this. ... A particularly nasty effect of relying on go-to people is that it’s self-reinforcing if not recognized and actively worked against. People get used to relying on the specialist (which is, admittedly, very effective right up until the bus arrives) and neglect learning to do for themselves. Osherove suggests several methods to mitigate these problems: pairing, teaching, rotating positions, etc. The key idea being, spreading the knowledge around.


How to harden MySQL security with a single command

Chances are, your data center depends upon a MySQL database server or two. If that is the case, you'll want to make sure your databases are set up with an eye to security.Thankfully, MySQL offers a handy command that goes a very long way to improve the security of your MySQL installation. This single command will: update the password plugin; set a password for the root account (if one already exists, you can opt to keep it or change it); remove root accounts that are accessible from outside the local host; remove anonymous-user accounts; and remove the test database and privileges that permit anyone to access databases with names that start with test_. Although the above tasks aren't overly complicated, they are easily overlooked and, if you have a lot of databases, can be time-consuming.


The Rise in SSL-based Threats

The majority of Internet traffic is now encrypted. With the advent of free SSL providers like Let’s Encrypt, the move to encryption has become easy and free. On any given day in the Zscaler cloud, more than half of the traffic that is inspected uses SSL. It is no surprise, then, that malicious actors have also been using the SSL protocol in their activities over the last several years. The increasing use of SSL creates problems for organizations that are unable to monitor SSL traffic, as they must rely on less-effective techniques like IP and domain blocking in an attempt to identify and block threats. In this report, we will outline trends we have seen in the use of SSL in the malware lifecycle and in adware distribution, based on a review of traffic on the Zscaler cloud from August 2016 through January 2017.


How Far Are We From ‘True’ Artificial Intelligence – And Do We Really Want To Go There?

The question has ethical implications, particularly if we bring the controversial topic of consciousness into the equation. From a scientific viewpoint, consciousness is a state that arises when a biological brain interprets the flood of sensory input streaming in from the world around it, leading, somehow, to the conclusion that it exists as an entity. It’s not well understood at all – but most of us can conceive how this massive flood of images and sounds is interpreted through a biological neuro-network which leads to “thoughts” – and among those thoughts are concepts of individual existence such as “I am a human”, “I exist” and “I am experiencing thoughts”. So, it’s only a small step of logic to assume that machines will one day – perhaps soon, given how broad the stream of data they are capable of ingesting and processing is becoming – in some way experience this phenomena, too.


Let’s Sell and Buy Fair: How Not Asking for a Discount Can Save You Money

If we stop asking to get something cheaper, you’ll eventually at some point be presented with the proper fair pricing. If we stop asking for discounts, we’ll settle the deal a lot faster, without days and weeks of delay and that ultimately saves money as well. The time for email ping pong and conference calls is nowhere listed. It’s not on a single bill. If you talked about a deal for weeks or months, you probably lost a lot of your money on the way and didn’t save anything at all. Your time is a currency as well. What comes now is a theory, and I don’t recommend it to any kind of operations. Yet, you might find it disruptive or at least intriguing. The counter conception to fight discount business culture is to put a price increase to every bit of interaction that unnaturally extended the required work to get to closure.


Transforming companies must put cyber security front and center

When you hear the term ‘cyber security’, there’s a very good chance that, like many executives, you immediately think of one thing: an IT infrastructure challenge. Of course, a strong IT security infrastructure is a critical part of any cyber security program. However, it is not the only part. In a 2017 world, this traditional ‘defense-first’ mindset is too limited and can actually hinder your company’s long-term growth prospects. Indeed, there is another important element at play and that is the potential impact of cyber under-preparedness to your company’s future business growth. This is particularly true in a business environment in which so many companies are undertaking ambitious customer-focused transformation programs amid widespread technological disruption and competitive threats.


Embracing a Strategic Paradox

Creating solutions that meet conflicting needs can do more than resolve a political dilemma. Because they are built with Aeon’s unique blend of local and national capabilities in mind, the complexity of the solutions often deters imitation. The consensus solution, whether it involves designing stylish clothes for women living in a Japanese ski village or finding a way to turn a tiny available quantity of pears into a national product, tends to be one that can be executed well by Aeon but not easily copied by anyone else. Of course, resolving these conflicts requires ongoing work. Managing this built-in strategic paradox of pursuing both localization and nationwide standardization demands the continual attention of management.


Why government-driven digital transformation is a train wreck

This is basically the case with all of the major government-driven digital transformation initiatives around the world. Each is positioned as game changing and disruptive in terms of impact and immensely beneficial to the economy and citizens’ lives, but this has not been the case. What has happened to these once-noble initiatives is that all have been whipsawed by politics and politicians, and driven to failure by feckless bureaucrats and civil servants – with a number of contractors thrown in for good measure. This toxic mix of politics, fecklessness and incompetence has produced some major train wrecks in terms of cost-benefit analysis and positive societal impacts. The three most visible of these are in the UK, the US and Australia, and their fate is seen by many as a pre-cursor to others on the horizon.


Untangling an API-first Transformation at Scale.

Business capabilities represent the core, reusable building blocks that your business needs to support the business processes required to function. By defining your business capability taxonomy, you establish a shared language that can be used by all domains to describe the logical relationships in any given process. This serves as a stable, business-driven (not technology-driven) context in which to discuss solutions that, hopefully, remains relatively consistent over time. Is also provides a critical link between how the Business thinks about its investments and how Technology leverages them. In a small company, the set of capabilities is quite limited. Being highly resource constrained, you may build some core services that differentiate your business and leverage other service providers for generic things like messaging, identity, payments, etc.




Quote for the day:



"Be a yardstick of quality. Some people aren't used to an environment where excellence is expected." -- Steve Jobs

Posted by at No comments:
Labels: , , , , , , , , ,

Daily Tech Digest - February 23, 2017

Here's why self-driving cars may never really be self-driving

The issue with self-driving vehicles extends well beyond safety; it's also a legal one. As autonomous vehicles gain in popularity, liability questions about who is to blame when an autonomous car crashes are also growing. If an autonomous car crashes, who is at fault? The driver -- even though the car was driving itself? The manufacturer? The developer who created the autonomous software? "Supposed I write a piece of software and it has an inherent flaw. It starts causing injuries and property damage. Am I protected? The answer is: Unlikely," said Michael Overly, a partner and intellectual property lawyer with Foley & Lardner LLP. "People whose property was damaged or they were injured would sue for negligence."


2017 Predictions For AI, Big Data, IoT, Cybersecurity, And Jobs From Senior Tech Executives

The recent success of deep learning in tasks such as image recognition and machine translation has served as a catalyst for investments in and experimentation with AI and Bill Franks, Chief Analytics Officer, Teradata, predicts that “Deep learning will move out of the hype zone and into reality.” Says Franks, sounding a note of caution: “Deep learning is getting massive buzz recently. Unfortunately, many people are once again making the mistake of thinking that deep learning is a magic, cure-all bullet for all things analytics. ... While deep learning will be in place at a large number of companies in the coming year, the market will start to recognize where it really makes sense and where it does not. By better defining where deep learning plays, it will increase focus on the right areas and speed the delivery of value.”


Insecure Android apps put connected cars at risk

While compromising connected car apps might not directly enable theft, it could make it easier for would-be thieves. Most such apps, or the credentials they store, can be used to remotely unlock the vehicle and disable its alarm system. "Also, the risks should not be limited to mere car theft," the Kaspersky researchers said in a blog post. "Accessing the car and deliberate tampering with its elements may lead to road accidents, injuries, or death." While manufacturers are rushing to add smart features to cars that are meant to improve the experience for car owners, they tend to focus more on securing the back-end infrastructure and the communications channels. However, the Kaspersky researchers warn that client-side code, such as the accompanying mobile apps, should not be ignored as it's the easiest target for attackers and most likely the most vulnerable spot.


Fighting the hidden enemy: how can your organisation combat cybercrime?

Administrative frameworks, however, can achieve only so much. When it comes to improving cybersecurity, employees also have a vital role to play. Again, there are two sides to this coin. One concerns the human vulnerabilities associated with cybercrime. As efficient as a firm’s cyber strategy might be, one simple mistake from an employee can render these defences futile. ... At the same time, any internal threats must be treated with this same level of vigilance. As a significant number of cyberattacks reported by organisations are actually carried out from within the company, it is not unreasonable to claim that many of these breaches could have been avoided, had employees been able to recognise that their colleague was stealing valuable information. Again using education as a resource, firms can promote a culture of self-regulation which allows rogue workers to be identified and reported before their efforts are successful.


Reinforcement learning

Reinforcement learning copies a very simple principle from nature. The psychologist Edward Thorndike documented it more than 100 years ago. Thorndike placed cats inside boxes from which they could escape only by pressing a lever. ... Reinforcement learning works because researchers figured out how to get a computer to calculate the value that should be assigned to, say, each right or wrong turn that a rat might make on its way out of its maze. Each value is stored in a large table, and the computer updates all these values as it learns. For large and complicated tasks, this becomes computationally impractical. In recent years, however, deep learning has proved an extremely efficient way to recognize patterns in data, whether the data refers to the turns in a maze, the positions on a Go board, or the pixels shown on screen during a computer game.


Data-related jobs see huge growth in January hirings

Data processing/hosting/related services also had a healthy January, posting 1,200 new jobs. That segment had been adding an average of 233 per jobs per month on average in 2016. Commenting on this segment, Foote noted that employers need to scale to stay competitive. “When they dig their heels into a solution that works, be it in cloud, security, big data, mobile, or digital technology, they tend to add headcount because they know these people will be making contributions for a long time to come,” Foote said. ... “Ideally each new hire must have a measurable impact on the business: they can’t just be a cost item for them. What will drive new job creation in 2017 will be hiring in niche areas such as big data and analytics, information/cyber security, cloud computing, and certain areas of applications development and software engineering like DevOps and digital product development.”


A hard drive's LED light can be used to covertly leak data

The latest hack leverages the LED activity light for the hard disk drive, which can be found on many servers and desktop PCs and is used to indicate when memory is read or written. The researchers found that with malware, they could control the LED light to emit binary signals by flashing on and off. That flickering could send out a maximum of 4,000 bits per second, or enough to leak out passwords, encryption keys and files, according to their paper. It's likely no one would notice anything wrong. "The hard drive LED flickers frequently, and therefore the user won't be suspicious about changes in its activity,” said Mordechai Guri, who led the research, in a statement. To read the signals from the LED light, all that’s needed is a camera or an optical sensor to record the patterns.


A Sweeter Spot for the CDO?

First of all kudos for a correct use of the term Venn Diagram Second I agree that the role of CDO is one which touches on many different areas. In each of these, while as Bruno says, the CDO may not need to be an expert, a working knowledge would be advantageous. Third I wholeheartedly support the assertion that a CDO who focusses primarily on compliance will fail to get traction. It is only by blending compliance work with the leveraging of data for commercial advantage in which organizations will see value in what a CDO does. Finally, Bruno’s diagram put me in mind of the one I introduced in The Chief Data Officer “Sweet Spot”. In this article, the image I presented touched each of the principle points of a compass. My assertion was that the CDO needed to sit at the sweet spot between respectively Data Synthesis / Data Compliance and Business Expertise / Technical Expertise. At the end of this piece,


The March Of Financial Services Giants Into Bitcoin And Blockchain Startups In One Chart

It should be noted, though, that consortia are not included on the chart below. One such example is R3 CEV, which counts a bevy of banks and insurers including Credit Suisse, JPMorgan and Deutsche Bank collaborating to advance ledger solutions and standards that meet banking requirements. R3 has hit a few bumps of late, with Goldman Sachs and Santander – among others – leaving the consortium in favor of private blockchain investments. Among the financial services investors are insurance providers such as TransAmerica, New York Life, and Mitsui Sumitomo Insurance Group (MSIG); payments giants including Visa, MasterCard, and American Express; as well as banks like Mitsubishi UFJ Financial Group (MUFG), Citi, Santander, and Canadian Imperial Bank of Commerce (CIBC).


Amid cyberattacks, ISPs try to clean up the internet

Even when ISPs send warning messages to users, what then? Not every PC user knows how to resolve a malware infection, Clayton said. For ISPs, it can also be a matter of cost. “Of course we want to see ISPs helping, but they are in a competitive market,” he said. “They are trying to cut their costs wherever they can, and talking to customers and passing on a message is not a cheap thing to do.” In addition, ISPs can’t identify every malicious cyberattack. Most hacking attacks masquerade as normal traffic and even ISP detection methods can occasionally generate errors, Clayton said. “If you have a 99 percent detection rate, in an academic paper, that sounds fantastic,” he said. “But that basically means one out of 100 times, you’ll be plain wrong.”


Quote for the day:



"If you don't make it easy for people to do the right thing, you're wasting money on security awareness." -- Angela Sasse
Posted by at No comments:
Labels: , , , , , , , , , , ,

Daily Tech Digest - February 22, 2017

Wilders' Security Officer Held for Suspected Data Leak

The revelations came three weeks before the Netherlands holds a parliamentary election. Wilders' party is riding high in the polls, although mainstream parties have said they will not form a coalition with him if he wins the popular vote because of his hard-line anti-Islam stance. His manifesto includes closing Dutch borders to all migrants from Muslim nations, banning the Quran and shutting all mosques in the Netherlands. In an indication the government is taking the alleged leaks seriously, the Dutch prime minister and the minister for security and justice on Wednesday visited the heavily-guarded wing of Parliament that houses Wilders' party offices. Rutte declined to say if he had met Wilders or to discuss the nature of his visit. Wilders later tweeted that the security breach "is a serious case that fortunately is also being taken seriously by the Cabinet."


How a College Kid Made His Honda Civic Self-Driving for $700

A Neo is built from a OnePlus 3 smartphone equipped with Comma’s now-free Openpilot software, a circuit board that connects the device to the car’s electronics, and a 3-D-printed case. Jorgenson got the case printed by an online service and soldered the board together himself. He first put his life in the device’s hands in late January after an evening college class. “It was dark on the interstate, and I tested it by myself because I figured if anything went wrong I didn’t want anybody else in the car,” says Jorgenson. “It worked phenomenally.” Subsequent tests revealed that the Neo would inexplicably pull to the right sometimes, but a software update released by Comma quickly fixed that. Now fully working, the system is similar in capabilities to the initial version of Tesla’s AutoPilot


Is user generated content fuelling data fatigue?

Perhaps the real value in user generated content comes from how brands themselves are harnessing it. It offers a mine of information to inform the business but, with ever-growing volumes, it also carries a huge risk – have brands simply become data rich, insight poor? If companies can’t grapple with high volumes, they could lose out on important trends or actually arrive at misleading or inaccurate assumptions. As brands engage across social, mobile, in-store and elsewhere, they are having to connect insights across channels in new and more innovative ways. Those that can break the customer journey down into granular segments can gain greater intelligence about customer behaviours as well the business.


Financial cyberthreats in 2016

For the first time in 2016, the detection of phishing pages which mimicked legitimate banking services took first place in the overall chart – as criminals sought to trick their victims into believing they were looking at genuine banking content or entering their details into real banking systems. ... It’s clear that financial cybercriminals are increasingly on the look-out for new ways to exploit users and extract money from them. Owners of Android-based devices should be extremely cautious when surfing the web – especially if they have financial applications installed. But caution is advised for everyone. As predators become more persistent and as their methods grow more convincing, corporate users and home users alike – whatever type of device they use – need to be aware of the dangers and understand how to protect themselves from this ever-evolving cyberthreat landscape.


Software development genetics, part 1: DevOps, lean, agile

Formal adoption of agile methodologies include new-age terms such as the Scrum methodology. Facilitated by the scrum master and involving software "ninjas," the practices are gaining increasing numbers of adherents. These terms infer an enlightened hybrid philosophy that is gathering followers and driving innovation and increased quality. These methodologies are also changing the environment in which software is developed. As more businesses are virtualizing and lifting applications to the cloud, so too the functions of software development are moving from a shop floor mentality of physically present resources to that of geographically distributed talent. As Ashley Speagle points out in CIO, “Collaboration-centric strategies are now at the heart of modern IT departments, breaking down formerly rigidly defined siloes and creating responsive, communicative teams.”


Could smartphones replace datacenters? These Finnish researchers think so

In other words, while your phone sits idle on your office desk, it could be helping to compute weather forecasts, earthquake warnings, or solve encryption challenges. But first the mobile cloud computing platform needs to be built. Currently the researchers are testing their approach using nine Samsung Galaxy S4 phones and a LG Smart TV for predefined tasks. The preliminary results show that this configuration is more than enough to equal the computing power of a single server. "We have nine smartphones computing in parallel and one server computing the same thing, and we can achieve the same speed," Lagerspetz says. "[But] if you want to beat a cluster of machines at Amazon, you might need 10 times the number of phones, so 90 phones. If you're working in a big organization and you have a lot of employees, you just put our app on their phones and you're ready."


How The DOT Discovered Its Network Was Compromised By Shadow IT

The shadow IT revelations and the associated security concerns led McKinney to launch a project to rearchitect the DOT's network, an effort that, while still ongoing, has been introducing more centralized controls and clearer segmentation to cordon off the systems of various administrations within the department. The experience also compelled his office to change the internal processes for introducing new equipment to the network, including a policy directive putting the various DoT administrations on notice that the days of ad hoc, unsecured and unmanaged network expansion were over. "We also at that point put out policy memos and told the entire department that there will be no adding equipment to the network without going through a formal change-management process," he says. "We had one, but people had been ignoring it."


Redfin CTO says machine learning needs human help

Any company that expects its employees to stand behind the product of an automated system needs to let them manually edit the results, Frey said. What’s not clear is which set of insights -- the machine's or the agent's -- actually led to better outcomes. In the case of Listings Matchmaker, Frey said users didn’t seem to click on one set of recommendations over another, but she didn’t know if the company had data about which recommendations resulted in a purchase. The more important difference is that agents used the feature more once they were able to recommend particular homes, she said. Frey’s comments were echoed by Alphabet Executive Chairman and former Google CEO Eric Schmidt during an on-stage interview at the RSA security conference in San Francisco last week. He said humans must remain in the loop of machine learning systems.


The Overlooked Corporate Data Breach

Executives haven’t ignored the issue. According to researchers, 30 percent of CEOs surveyed said cybersecurity is their top risk over the next three years, more so than risk from regulation or disruptive technology. CEOs have cybersecurity in their line of sight for sure. But the report describes attacks that lead to the compromise of corporate data as “beneath the covers” attacks that rarely land in the news or become the topic of public debate. Further, 72 percent of CEOs surveyed for the report admitted that they are not prepared for a cyberattack. According to analysts, part of the issue is that, when a corporate cybersecurity event occurs, the event under investigation often involves market-sensitive, proprietary information that cannot be released to the public. That fact also limits the ability for corporates to discuss the cyberevent with their peers.


The Future of Java in the Enterprise - InfoQ’s Opinion

We continue to see Java SE as in good health, and it remains one of the most widely adopted languages for enterprise computing. Java 9 is expected to ship this summer, and includes both Jigsaw and the JShell REPL. Work on Java 10 is already underway. Given this, we believe that Java remains a great choice for building large-scale enterprise applications, particularly where they are expected to remain in production for some time. In terms of alternative JVM languages we continue to see interest in both Scala and Clojure, but reader interest in Scala suggests the language may have reached an adoption peak; we can trace a small drop in Scala interest amongst readers around the time Java 8 shipped with support for lambda functions. Our instinct on this is that it hasn’t yet “crossed the chasm” in Moore’s parlance, and therefore still sits in the early adopter stage.


Quote for the day:


“A real entrepreneur is somebody who has no safety net underneath them.” -- Henry Kravis

Posted by at No comments:
Labels: , , , , , , , , , , ,

Daily Tech Digest - February 21, 2017

Why Google And Apple Will Rule Mixed Reality

Computer-generated objects appear to attach or interact with real-world objects. This can range from simple applications, such as the Sphero BB8 toy robot smartphone app, to complex systems, including Hololens, Magic Leap and others. The most thrilling mixed reality experience involves real-time, 3D mapping of the environment, which enables virtual objects to interact with surfaces and objects in the real world. For example, a computer-generated creature that can stand on a table -- or hide behind it. Here's the challenge: 3D-mapping capability is compute-intensive, meaning it is expensive, power-hungry and heat-generating. So is the real-time rendering of 3D objects. With the richest mixed-reality experience, you need both 3D mapping and image rendering. As a result, products like Hololens and Magic Leap require heavy, bulky headsets and cost a lot of money.


People Don’t Buy IoT, They Buy a Solution to a Problem

Everywhere we turn there seems to be a new “connected this” or “smart that”. Many applications are novel, but not very useful. I can think of many silly examples, and I’m sure you can too. So here’s my point: The fact that we can connect any device to the Internet doesn’t mean we should. And if we’re not careful, we can fall into the trap of having technology looking for a problem, instead of starting with a problem and looking for the best way to solve it. This is Product Management 101. It’s a shame the useless products get most of the airtime, because there are many applications today that are solving important problems—in healthcare, manufacturing, transportation, energy, and more. So this is a call to action for all you IoT Product Managers: Leverage IoT only if it provides more value to your customer or your company.


Emotional Intelligence Has 12 Elements. Which Do You Need to Work On?

There are many models of emotional intelligence, each with its own set of abilities; they are often lumped together as “EQ” in the popular vernacular. We prefer “EI,” which we define as comprising four domains: self-awareness, self-management, social awareness, and relationship management. Nested within each domain are twelve EI competencies, learned and learnable capabilities that allow outstanding performance at work or as a leader (see the image below). These include areas in which Esther is clearly strong: empathy, positive outlook, and self-control. But they also include crucial abilities such as achievement, influence, conflict management, teamwork and inspirational leadership. These skills require just as much engagement with emotions as the first set, and should be just as much a part of any aspiring leader’s development priorities.


Big data privacy is a bigger issue than you think

Don't feel so compelled by transparency that you give away your strategic secrets. After all, you are in business—a very competitive business. If you give away too much information, your competitive value is eroded. You must find a way to be transparent, while keeping the secret sauce behind the firewall. Here's how. Your IT leadership team should launch proactive communication campaigns, which could include PR, speaking, social media, and outreach programs—the more the better. Explain more about what you can do than how you do it. At a minimum, it's your responsibility to let people know what you know about them and what you're capable of doing with your analytics. For instance, if location analytics allows to you know where they are and where they're likely to go next, then let users know you have this technology.



ESET looks to deepen enterprise penetration with new threat intelligence service

The ESET data feeds are typically integrated into existing SIEM [Security Information and Event Management] systems, which allow reports from multiple sources to be reviewed at once in real time. “Integrating this with a SIEM means the customer can quickly see it and address issues,” Reed stated. “Their security teams are provided with actionable information.” This use case does require that the customer is large enough to have a security team monitoring the data and making decisions. However, because ESET Threat Intelligence does not need to be deployed in a network infrastructure in order to run, ESET expects that another use case of the service will be prospects testing the efficiency of ESET if they are considering replacing their legacy endpoint security vendor.


Virtual Singapore Looks Just Like Singapore IRL—But With More Data

This technology is the latest and most sophisticated attempt to create an all-seeing “urban dashboard.” Rio’s operations center, complete with banks of screens that resemble NASA Mission Control, tracks transit, weather, utilities, and more. Los Angeles’s Bureau of Engineering has Navigate LA, which includes GIS maps overlaid with more than 20 layers of data, from property data to geotechnical information. Technology companies like IBM (which powers the Rio effort), Siemens, and Cisco—provide “Smart City” data-tracking software for several other metropolises. But none are as holistic, intuitive, or three dimensional as this. “It really opens up a window onto how all these systems impact each other,” Rocker says.


Blockchain and the "Internet of Value"

During a speech at the Stanford Graduate School of Business the co-founder and ex-CEO of Ripple Labs - Chris Larsen very well puts forward the idea of "Internet of Value" - a network of networks for moving value. Larsen says, “Just as you can’t have fire without fuel, oxygen, and heat, you can’t have effective globalization without interoperability in goods, data, and money. They all have to work together.” As we have the internet to move data, or the global logistics network to move goods, IoV will be a dedicated global network to move value (money and other digital assets) in a safe, efficient and inexpensive manner. To understand this more closely let us take the example of payments. The existing process of international wire transfer requires co-ordination and series of resource-intensive steps between participating banks, clearing houses, and the central banks.


Advanced analytics, Big Data to Blockchain driving disruption in banking sector; here’s how

Blockchain, or the distributed ledger in general, has been touted as one of the biggest disruptive technologies of recent times. While 20% of bankers feel that the event is one to two years away, another 40% think it could take twice as long. In any case, banks have got busy developing a range of use cases, especially in the areas of payments and remittances, trade and supply chain finance, digital identity management, smart contracts, document security, loan syndication and treasury management. Although it has slid from its top spot in the list of disruptive technologies, mobility, along with wearables, is still a force to reckon with. ... The smartphone’s native capabilities—camera, mobile apps, and touch screen—make it extremely suitable for biometric authentication, and customers are more than happy to adopt.


The many faces of grep

The grep command – likely one of the first ten commands that every Unix user comes to know and love – is not just a nice tool for finding a word or phrase in a file or command output. It can take on some vastly different personalities that allow you to more cleverly find the data that you are looking for and has more flexibility than many of its users have discovered. Historically provided as separate binaries, the different “flavors” of grep are now provided through a number of key command options that change how grep interprets the pattern that you provide for your search. To easily switch from one mode of searching to another, the different grep commands could be set up as aliases such as these:


Mitigating the Increasing Risks of an Insecure Internet of Things

Improving the resilience of the Internet and cyberphysical infrastructure in the face of insecure IoT devices will require a combination of technical and regulatory mechanisms. Engineers and regulators will need to work together to improve security and privacy of the Internet of Things. Engineers must continue to advance the state of the art in technologies ranging from lightweight encryption to statistical network anomaly detection to help reduce risk; similarly, engineers must design the network to improve resilience in the face of the increased risk of attack. On the other hand, realizing these advances in deployment will require the appropriate alignment of incentives, so that the parties that introduce risks are more aligned with those who bear the costs of the resulting attacks.


Quote for the day:


"The best strategy can do is shorten ur odds of success. If u are certain about ur strategy, u are dangerously delusional.” -- @RogerLMartin

Posted by at No comments:
Labels: , , , , , , , , , , , ,

Daily Tech Digest - February 20, 2017

How to organize an enterprise cybersecurity team effectively

An organization's cybersecurity team needs to manage and perform the right functions. So what's the best way to determine those functions? Carnegie Mellon University's well-respected Software Engineering Institute has created a framework that proposes structuring a cybersecurity team around four key functions. ... A framework that is based on an approach developed by security expert Mike Rothman is likely more realistic and pragmatic for many organizations. In this framework, an organization's cybersecurity team has an individual (e.g., a CSO) who has overall responsibility for implementing an organization's cybersecurity program, and who is the team's coordination point. This person is responsible for ensuring compliance with security policies and communicating cybersecurity program results to senior management.


6 ways IoT will change project management

Despite the more collaborative approach in projects that Agile development offers, IT still goes off to code and test most new apps on its own. When the apps are ready for staging or final end user review, the end users get plugged back in. This won't work with IoT projects, because IoT is so integrally linked into company operations that the software and hardware can't be separated from its actual operating environment. For instance, if an IoT robot is being used in a distribution center to pick and pack items from shelves, the software, the communications, the data collection and the operation of the robot in its warehouse environment have to be tested on the floor. It is not enough to finish the IT part of the project and just insert the technology. IT and operations have to work hand in hand on IoT 100% of the time, for the entire duration of the project.


Why Tech Should Get Involved in Regulating IoT Security

What’s needed is a sense of collective responsibility that involves vendors, government, and even consumers. “The moment that consumers know their fridge can spoil their own food but might also be attacking the neighbor’s fridge, they might say, I want to be a responsible actor. Most civilians want to be responsible actors,” Kolkman said. Earlier this month, Schneier proposed on his blog that a new government agency is required because existing agencies are not equipped to cope with the fluid nature of the Internet. During RSA, Schneier made a Skype appearance at the Linux Foundation’s Open Source Leadership Summit in Lake Tahoe, California, where he repeated that call for a new agency. “My worry is the alternatives are not viable any longer. Government is going to get involved regardless,” he told that audience.


Sustainable Development Through Bitcoin

The origins of bitcoin lie in code and cryptography. In its early adoption, it has attracted the attention of bona fide entrepreneurs operating in a gray regulatory area prone to over-reaction, plus speculators and criminals. In the space of eight years, bitcoin (and its underlying protocol) has grown to the extent that central banks around the world and large financial institutions have begun to take serious notice. This is good. Still, while its ecosystem is growing, many of its use cases are still hypothetical or untested, and some advocates are prone to wishful thinking. A few betray a whiff of technological fundamentalism. Meanwhile, the Sustainable Development Goals arose in 2015 after sustained political debate and empirical evidence on what has and has not worked to improve the lot of people and planet. Their number and complexity is an admission that the world we live in is interdependent. Long-term fixes in one location can have positive effects elsewhere.


Breaking big data into business sense

Even contextually analysed data can’t do any good if it’s not being properly utilised. And when it comes to getting the most out of your data, it’s all about how you see it. Whatever big data analytics tool companies deploy should use data visualisation technology to help decision makers identify patterns. For example, a CIO might benefit from a dashboard that shows the number of unsatisfied customers over a period of time and lets them review the areas of the highest customer dissatisfaction. Visually representing these issues, with options to drill deeper into each graph, will help the CIO fully understand the situation, even at a glance. To completely enable visualisation in an analytics tool, users should be able to create graphs and dashboards in real time by dragging and dropping customised and out-of-the-box data fields. They should be able to combine multiple reports into a single, live dashboard, eliminating the need for multiple tabs and simplifying analysis.


IoT And Privacy: Turning Pitfalls Into Benefits

Companies can find themselves at risk if they haven't taken the appropriate steps to protect consumer interests, especially if they end up having a data breach where consumer information is exposed or stolen. Litigation can be costly and result in settlements that require micromanagement of the business, and no one wants that.  "Then you are under the spotlight," she said. Concerns are growing as more high-profile startup companies offer devices and then stop supporting them due to an acquisition or the business closing down. When creating a privacy policy, organizations need to look at the entire life cycle of the device, from creation to updates to end of support. To get you started in the right direction with your privacy, security, and IoT policies, Hutnik promises she will offer a very focused session that helps people identify "key low hanging fruit that they should know but don't know.


Business Process Compromise: The Biggest Cyber Threat You’ve Never Heard Of

Application control can lock down access to mission critical systems to ensure nothing is altered. And file integrity monitoring (FIM) will be able to spot any signs of unusual activity inside your network which could indicate an attempt to compromise key processes. Intrusion prevention is important in preventing lateral movement as attackers look to move around, gathering information as they go. And advanced machine learning capabilities can be a useful aid to detecting malware designed to evade traditional filters. The key here is to spot any incursion or attempt to modify systems before the bad guys have time to do any real damage. With dwell time regularly averaging over 100 days, we need to get better at this.


Not investing in employees’ mental health is bad business

This isn’t about not hiring millennials and just hiring older workers. It’s about the fact that as older workers retire, there is a growing need to increase employee care and provide for the mental health of the employees coming in. If you don’t want to do that these younger employees will increasingly underperform and become problems that will significantly reduce the firm’s ability to compete. In the end, these young employees are our sons and daughters, they are our legacy, and they will be the ones who assure the work we did lasts into the future. Not investing in them isn’t just bad business, it is stupid management and fixing that should be a far higher priority than it is. The fact that similar problems exist at the top of the company is also an irony that shouldn’t be lost on any board of directors.


How To Develop An Internet Of Things Strategy

It all begins with a landscape analysis. You need to thoroughly understand your industry and competitors — strengths, weaknesses, opportunities and threats (SWOT). This will help you see the megatrends and forces at play in your market. "Creating a landscape analysis and value chain of your industry is a very important thing to do," Rossman tells CIO.com. "Studying the market: What are they saying about IoT in your industry? Truly understanding what is your worst customer moment: Where do customers get frustrated? What data or what event improves that customer experience? What's the sensor or IoT opportunity that provides that data?" ... The next step, Rossman says, is to create a value-chain analysis and profit-pool analysis of your industry. It should be a broad view of the industry, don't give in to tunnel-vision with a narrow view of your current business.


Tata Motors and Microsoft India Collaborate to Provide Connected Cars

Tata Motors will continuously develop and launch new connected services and applications that make it easier for people to stay connected to work, entertainment and social networks, with greater safety & security as well as services to maximize better use of newly found in-car free time. In addition, Tata Motors’ recently launched ring-fenced vertical, TAMO, will act as an open platform to foster innovation through a startup ecosystem and develop vehicles with on-the-go connectivity. In its first phase, the advanced offerings will incorporate technologies such as cloud computing, analytics, geo-spatial & mapping and increased human-machine interface, creating a new benchmark in the industry for connected vehicles. TAMO will provide a digital eco-system, which will be leveraged by Tata Motors to support the mainstream business in the future.


Quote for the day:


"One of the best things you can do in your pursuit of growth is to systematize it." -- @alexgoldfayn

Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)