Supercomputers Recruited to Work on COVID-19 Research

A consortium forms to crunch data that might help researchers get a better understanding of the virus faster.

A convergence of technology resources is being put to work to find answers in the fight against COVID-19. The White House Office of Science and Technology Policy and the U.S. Department of Energy reached out to the technology sector, bringing together IBM and other supercomputing powerhouses to support research into the virus.

The combination of private industry, academic resources, and government entities thus far has assembled 16 supercomputer systems that boast some 775,000 CPU cores and 34,000 GPUs. That computing power is tasked with running huge calculations for molecular modeling, epidemiology, and bioinformatics in order to hasten the research time spent on the virus.

Spearheaded by IBM, the key partners in the COVID-19 High Performance Computing Consortium include Amazon Web Services, Google Cloud, Microsoft, Massachusetts Institute of Technology, Rensselaer Polytechnic Institute, NASA, and others. The consortium is accepting research proposals online, then matching researchers with computing resources that might best accelerate their efforts.

John Kolb, vice president, information services and technology and chief information officer at Rensselaer Polytechnic Institute (RPI), says high-performance computing is an area of expertise for the university. “We’re on our third-generation supercomputer, an IBM DCS system, that we put in place in November,” he says. “It’s the most powerful supercomputer for a private university in the country.”

Kolb says the supercomputer’s architecture is meant to move data in and out of memory very quickly in large quantities. That lets users take on data-intensive problems. “It’s also very well-suited for some of the machine learning and AI things our researchers are involved with,” he says.

The effort to fight COVID-19, Kolb says, may include a lot of modeling of very large data sets once they become available. “You can start to look at issues around the spread of the virus and mitigation of the spread,” he says. “There could be some drug repurposing and perhaps development of new therapeutic candidates.”

There may be opportunities for new materials to filter out the virus, Kolb says, or to create items that are in short supply now.

RPI uses the Summit supercomputer architecture system, which is the same system as some of the Department of Energy labs, he says. “It will be interesting to see if we can have runs here that scale up on Summit or do we have runs on Summit that we could take over.” Kolb believes most of the problems the consortium will deal with may be multivariant. For example, that could mean taking into account the number of people, density, the effectiveness of social distancing, and the capacity of hospitals. “We’re clearly trying to explore some things that may have some great promise, but there’s some great computing and science that need to come into play here,” Kolb says.

The greater emphasis in recent years on technology and compute in the public, private, and academic sectors may mean there can be more hands on deck to support research into the virus. “COVID-19 is going to see a fair amount of data analytics and the use of AI and machine learning tools to think through what are the most promising possibilities going forward,” Kolb says. “Across the country and world, we’re developing much more expertise in this area.”

IBM got involved in this fight believing it could coalesce a team around bringing computational capability to bear on investigating the virus, says Dave Turek, vice president of technical computing at IBM Cognitive Systems. “It was prompted by experiences IBM’s had applying computational biology, molecular dynamics, and material science to a variety of scientific problems,” he says.

Bringing scientific perspective and computing expertise together, Turek says, could create a set of resources that can be used broadly. It also gives researchers access to supercomputing they might not otherwise have, he says. “It a massive, massive amount of computing,” he says.

The way the consortium is established, other interested organizations can make their resources available as well, Turek says. “This is really a clearinghouse,” he says. “We have scientists and computer scientists sitting on review committees on proposals that are coming in to ensure the science is dedicated to the most appropriate platform to the task at hand.”

The momentum and application of technology such as supercomputers that was already underway could help narrow the time research efforts may take. “Even inside IBM, we did modeling on the evolutionary pathways of H1N1,” Turek says. “Those skills and experiences have been scaled up and leveraged over time”..[…] Read more »…..

 

How Small Businesses Can Protect Themselves from Cyberattacks

When most people think of cyberattacks, major data breaches at humongous companies like Equifax and Yahoo!, typically come to mind. This is perfectly understandable, as these are the attacks that impact the most people and always make headlines. But cybercriminals don’t limit their attacks to large companies–they also target countless small businesses every year. And in many cases, these attacks destroy businesses and livelihoods.

By Zack Schuler, Founder and CEO of NINJIO

There’s no reason to put it delicately: The state of cybersecurity in the world of small and medium-sized businesses (SMBs) is nothing short of alarming. Not only are SMBs relentlessly targeted by hackers, but they’re also woefully unprepared to defend themselves and unequipped to handle the aftermath. This is a status quo that has to change immediately–SMBs are the biggest engine of the U.S. economy and they’re at risk like never before.

The Scope of the Problem

Every year, cyberattacks cost small businesses an average of almost US$80,000, and losses can range up to US$1 million (according to a report by the Better Business Bureau). Meanwhile, a 2018 study by the Ponemon Institute found that more than two-thirds of SMBs reported that they had been targeted by a cyberattack within the preceding year. Substantial majorities of SMBs also agree that cyberattacks are becoming more targeted, severe, and sophisticated, but despite these facts, almost half of respondents say they have no understanding of how to protect against cyberattacks.


Key findings from the report
  • Every year cyberattacks cost small businesses an average of almost US$80,000, and losses can range up to US$1 million.
  • A survey reports 88 percent of small business owners felt their business was vulnerable to a cyberattack.
  • Almost two-thirds of small businesses fail to act following a cybersecurity incident.
  • 56 percent of SMBs say, defending mobile devices from cyberattacks is extremely challenging.
  • The top three attack vectors cited by SMBs are mobile devices, laptops, and cloud systems.
  • Just 16 percent of SMBs are “very confident in their cybersecurity readiness.”
  • 60 percent of SMBs lack a “cyberattack prevention plan.”

A recent survey by the U.S. Small Business Administration found that 88 percent of small business owners felt their business was vulnerable to a cyberattack. However, due to resource constraints, a lack of technical expertise, and the rapid pace of change in the cybersecurity world, they often feel helpless or ill-prepared to defend themselves against the vast range of cyberthreats they face.

In fact, a survey of more than 4,100 SMB cybersecurity professionals recently conducted by Forrester, found that almost two-thirds of small businesses fail to act following a cybersecurity incident. Even when the threat is right at their doorstep, many SMBs don’t know what to do.

The World is Changing for SMBs

There are many factors that contribute to the challenging cybersecurity situation for SMBs. First, digital operations are no longer optional for any company–even if your market is small and local, consumers are increasingly demanding the ability to do all their business online.

SMBs are changing the way they operate in the digital era. For example, a 2018 Cisco survey of SMBs found that the percentage of their networks that are on the cloud increased from 55 percent to 70 percent between 2014 and 2017. While almost 70 percent of SMBs say they’re making this transition for security reasons, an increased reliance on cloud-based services can also open up new vulnerabilities.

Meanwhile, other aspects of the digital transition have proved difficult for SMBs, 56 percent of which say, defending mobile devices from cyberattacks is extremely challenging. Ponemon reports that the top three cyberattack vectors cited by SMBs are mobile devices, laptops, and cloud systems.

The Ponemon report also discovered that issues such as a lack of money, out-of-date cybersecurity technologies, and insufficient personnel are all major obstacles cited by SMBs. But the main threat cited in the report is employee negligence, as phishing/social engineering attacks were reported more than any other, while negligent employees or contractors were cited as the top root cause of the data breaches.

How SMBs can Protect Themselves

According to the Forrester survey cited above, just 16 percent of SMBs are very confident in their cybersecurity readiness. Despite the fact that SMBs are increasingly concerned about cybersecurity, Forrester also found that almost half of them don’t have a clearly defined strategy for protecting themselves. This is a common theme in surveys of SMBs. A 2019 Keeper survey found that 60 percent of respondents lack a cyberattack prevention plan..[…] Read more »…..

This article first appeared in CISO MAG.

<Link to CISO MAG site: www.cisomag.com>

Engaging Young Women and Girls in STEM to Bridge the Cybersecurity Job Gap

As the proliferation of digital technologies continues, cybersecurity’s importance will only increase – there’s a direct correlation between our use of devices and the deployment of digital technologies and the need for improved security.

This increased need for cybersecurity translates directly to the need for cybersecurity-focused professionals, as numerous reports over the past few years have highlighted that several million positions will need to be filled in the not-too-distant future.

To more effectively bridge the cybersecurity job gap, we should look towards a particularly underrepresented group in STEM – young women and girls.

The Cybersecurity Pros of Tomorrow

Today’s youth are the most digital native generation in the history of humanity. However, despite this, younger individuals comprise one of the most vulnerable demographics of users due to their practices, such as having a tendency to be freer in terms of what they share about themselves with strangers, making them prime targets for criminals to attempt to exploit.

Engaging young women and girls in cybersecurity-focused disciplines not only serves address this problem directly by helping educate them to enable them to protect themselves, but it also presents an opportunity to harness their experiences and unique perspectives to understand possible scenarios criminals are capitalizing on. It’s this diversity of thought that will help us as a means of deterring bad actors by anticipating their behavior and by placing individuals who have had relevant personal experiences with bad actors in positions to protect other individuals from future attacks.

Beyond this, women and young girls are predominantly attracted to disciplines that help people and our society.

By educating this demographic on how cyberattacks can cause harm, educators will be able to more effectively encourage young women and girls to envision themselves as protectors and enlist them to become cybersecurity superheroes.

By seeing the immediate impact they and their peers can have on the world and other individuals by using security technology, more young women girls will want to pursue careers in these areas – and, in turn, these individuals have the capacity to wind up as future advocates for additional diversity and inclusion in STEM, having had positive experiences in relevant fields themselves.

The Keys to Engagement

To better engage young women and girls in STEM to bridge the job gap in cybersecurity, educators should utilize the following strategies:

  • Find new and unique ways of connecting students to the larger societal issues they care about. More specifically, make a concerted effort to continuously stress the impact young women and girls can have on issues that they’re personally invested in by using and developing security-focused technologies.
  • Explore topics from students’ perspectives as opposed to introducing and approaching problems from a theoretical bottom-up approach, which can be confusing – this approach will enable educators to better engage students, resulting in a deeper understanding of technological concepts that might be otherwise hard to gras..[…] Read more »….

 

 

 

Meet Heather K. Margolis: Cloud Expert of the Month – March 2020

Cloud Girls is honored to have amazingly accomplished, professional women in tech as our members. We take every opportunity to showcase their expertise and accomplishments – promotions, speaking engagements, publications and more. Now, we are excited to shine a spotlight on one of our members each month.

Our March Cloud Expert of the Month is Heather K. Margolis.

Margolis is Founder and CEO of Spark Your Channel, creators of the Spark Your Channel through-channel marketing automation platform, and Founder and Chairperson of Channel Maven Consulting, a strategic channel marketing agency.

A self-proclaimed “recovering channel professional,” Margolis is passionate about enabling vendors to drive sales through their channel partners. She spent several years in channel programs and marketing for big-brand tech companies like EMC, EqualLogic and Dell before forming Channel Maven Consulting in March of 2009 to provide strategic channel marketing “to” and demand generation “with” IT and telecom channel organizations of all sizes.

Margolis has a master’s degree in business administration from Babson College in Wellesley, Mass. She grew up in Massachusetts and now lives in Boulder, Colo., with her husband and fellow entrepreneur Simeon, their two daughters and dog Zoe.

When did you join Cloud Girls and why?
I joined Cloud Girls in 2017 when I heard about the amazing group of women, the initiatives around mentorship and philanthropic goals.

What do you value about being a member of Cloud Girls?
I’m really thrilled with what I’ve learned and what we’ve accomplished as a group. The philanthropic aspect is incredibly important to me.

What is the biggest risk that you’ve taken?
Last year I saw a need in the marketing, did a ton of due diligence and then made a huge leap. I put my saving into it, took money from friends, colleagues and investors and started www.sparkyourchannel.com. Spark is a through-channel marketing automation tool that does things totally differently. No email, video/webinar/podcast personalization, and AI that deliver personalized content to the Partners on a set cadence.

What’s your favorite inspirational quote?
Quality isn’t job one, being totally F&$^)$g amazing is job one…[…] Read more »…..

 

With Enhanced Facial Recognition Technology Protections, the New Washington Privacy Act Would Be the Strongest U.S. Privacy Bill

As the United States federal government continues the slow process of hashing out a viable national privacy bill, state governments are creating and passing their own legislation. The state of Washington is close to passing one such bill, the Washington Privacy Act. This new bill is noteworthy due to the strength of its terms, which compare favorably to the California Consumer Privacy Act (CCPA). The Washington Privacy Act goes farther in certain areas, however; ability to control personal data, opt-out rights and requirements of explicit consent in the use of facial recognition technology.

How does the Washington privacy act stack up?

A side-by-side analysis provided by the Future of Privacy Forum compares the Washington Privacy Act’s terms to both the CCPA and the European Union’s General Data Protection Regulation (GDPR). Though the protections are not at the same overall level of the GDPR’s terms, the bill is a step forward relative to the CCPA in a number of areas.

One of the main highlights is the way in which the Washington Privacy Act handles facial recognition technology. The bill has provisions directly addressing biometric facial recognition data, something that the CCPA entirely lacks and the GDPR only addresses through indirect measures. The key feature is a requirement of explicit, opt-in consent in order for private companies to collect and use facial recognition data. Businesses that collect such data would also be subject to special handling rules and would be subject to third-party auditing.

The terms of the Washington Privacy Act are limited to non-government entities that conduct business in the state. This definition would include non-profit agencies, a group that is not subject to the CCPA’s terms. As with the CCPA, the Washington Privacy Act has revenue and customer count cutoffs that would make it applicable only to medium-to-large businesses. The bill applies to companies with information on over 100,000 consumers in any given year, or those with information on at least 25,000 consumers that derive over 50% of their annual revenue from the sale of personal data.

The bill also improves consumer visibility and access to data. The CCPA includes rights to access, delete and port data from one service to another, but the Washington Privacy Act adds the right to make corrections. Washington residents would also have improved opt-in and opt-out rights with any company that processes personal data; the ability to fully opt out of targeted advertising and profiling, and opt-in policies covering the collection of sensitive categories of personal information.

Other provisions unique to the Washington Privacy Act (among extant examples of US state law) include a category of “high risk activities” (e.g. medical and financial data) that would trigger a special assessment, data minimization and purpose limitation requirements, and a duty to avoid secondary use.

Will the bill pass?

The bill has cleared the first step in the state legislature, passing out of the Senate Ways & Means Committee. It now goes before the state Senate and House.

The Senate is favorable to the bill, but there is some question as to its ability to clear the House given that a very similar bill suffered a narrow defeat last year. The resistance in 2019 mostly came from privacy rights groups, such as the state’s branch of the ACLU; the stronger terms in the more recent bill are in no small part due to those concerns. One of the main issues expressed by these groups was a lack of provision for regulating facial recognition technology, something that lawmakers went out of their way to address in this second attempt. The bill would thus appear to have a good chance of passing this time.

The importance of facial recognition technology regulation

The Washington Privacy Act dovetails with a broader movement to limit the implementation of facial recognition technology in public places in the US.

At the federal level, the House Oversight and Reform Committee announced that it is working on facial recognition technology regulations that will debut in coming months. There is considerable bipartisan support for these sorts of regulations after a series of hearings in 2019 established the potential dangers of letting both the private sector and law enforcement agencies have a free hand with the technology. This follows an announcement by the EU that there may be a five-year moratorium on the deployment of facial recognition technology by any government agency as safety measures are studied and implemented..[…] Read more »

 

Connecting To Secure Wireless Networks In Windows 10

Introduction

Though they offer undeniable benefits of mobility, cost and convenience, wireless networks are less desirable from a security perspective. There is always a risk that signals can get intercepted as they traverse through the open air.

Unsecured or “open” wireless networks, like those found in public cafes and airports, offer cybercriminals an easy launching pad for attacks. Sensitive data can be compromised in many different ways on unsecured wireless networks through the use of malware, snooping or man-in-the-middle tactics.

Given a choice, it is always preferable to restrict your connectivity on Windows 10 devices to fully secured wireless networks. Such networks use various wireless security protocols to encrypt the connections and, more importantly, restrict access to authorized individuals and their devices.

Take a closer look at Windows 10

Take a closer look at Windows with this course covering everything Windows related. This skills course covers:

⇒ Your Windows Toolset
⇒ Windows 10 Task Manager
⇒ Information and Configuration Tools
⇒ And more topics related to windows 10

 

Different types of wireless security protocols

There are four main types of wireless security protocols currently in existence: WEP, WPA, WPA2 and WPA3. Their evolution was the result of incremental upgrades to wireless network security over the last 22 years pioneered by the Wi-Fi Alliance.

Though primitive implementations of wireless data technology date back to the 1970s, Wi-Fi as we know it (the 802.11 protocol) first came about in 1997. The earliest Wi-Fi security protocol was also unveiled the same year.

WEP — Wired Equivalent Privacy

As the first generation of wireless network security, WEP has been outdated for almost two decades. Due to the simplistic nature of the RC4 Encryption Algorithm used in WEP, hackers could easily crack its security encryption using basic network analysis tools like AirCrack, AirSnort and Kismet.

When it comes to WPE and Windows 10, the protocol is no longer supported by default due to its deprecated status. This has been the case since at least Windows 7. You can still use the protocol while creating a new network on Windows 10; it’s just not at all recommended.

WPA — Wi-Fi Protected Access

Due to the discovery of numerous security vulnerabilities within the Cyclic Redundancy Check (CRC) used in WEP authentication, WPA was developed as a new standard in 2003. Instead of CRC, the new system used Temporal Key Integrity Protocol (TKIP).

TKIP-based WPA was considered more robust, as it used unique encryption keys for each data packet sent across the network. This results in more complex codes that can take longer to decrypt and hack.

But the system was far from secure, as it still employed the RC4 encryption used by its predecessor. WPA served largely as a stopgap measure for the Wi-Fi Alliance as it was developing a stronger, more secure Wi-Fi security standard. WPA was quickly replaced by WPA2 in 2006.

WPA2 — AES

Until the announcement of WPA3 in 2018, WPA2 was the most advanced form of wireless security. Two major things set it apart from its predecessor: the mandatory usage of Advanced Encryption Standard (AES) algorithms and the replacement of TKIP with Counter Cipher Mode with Block Chaining Message Authentication Code Protocol (CCMP).

While CCMP is a superior protocol with vastly improved security compared to other protocols, WPA2 is still vulnerable to brute-force attacks and rainbow table attacks which use vast databases of precomputed hash strings (rainbow tables).

Both WPA and WPA2 provide two separate authentication variants: Personal for individual and home use and Enterprise for use in an office context. In the former, there is just one single authentication key. In Enterprise, the system administrator can set multiple authentication keys for different users.

Connecting to a WPA or WPA2 network is a fairly straightforward process in Windows 10. The system automatically detects all available wireless networks in the vicinity. The user simply has to select the network from the list and provide the security key (Wi-Fi password) when prompted.

To check your current security protocol, go to the Taskbar and click the Wi-Fi Connection icon. Go to the Wi-Fi details found in Properties. Security Type is displayed prominently there.

WPA3 — The future

The next generation of wireless security is yet to reach widespread implementation. It aims to reduce the reliance on user-set passwords for security, which is a thing in WPA2 — the system is only secure if you use a 16-digit complex password.

In WPA3, this is no longer a necessity, as it uses a new protocol for key exchange called Simultaneous Authentication of Equals. As it reduces the reliance on hash string databases, attackers have to directly interact with the router/access point to crack the password.

Even if the security key is compromised, the protocol does not allow access to historic data transmitted through the network. WPA3 is also expected to make public or open wireless networks even more secure.

Different ways to connect to secure wireless networks

In Windows 10, users have multiple choices when it comes to connecting their PCs to a nearby secure Wi-Fi network. At least four options exist, with varying levels of convenience and complexity. They include:

Taskbar

The most straightforward option is using the taskbar. The wireless icon is usually located in the right corner. Clicking it displays a list of available connections. Select the appropriate network and provide the authentication key to connect.

Settings

Another option is to use the Network & Security page in the Settings menu. Head to the Wi-Fi section, select “Manage known networks” and opt for “Add a new network.” Provide the network name and select the appropriate security type. Input the security key (Wi-Fi password) and save the settings to connect..[…] Read more »….

 

Don’t Just Rely On Data Privacy Laws to Protect Information

Data privacy laws are evolving to allow individuals the opportunity to understand the types of data that companies are collecting about them and to provide ways to access or delete the data. The goals of data privacy law are to give some control of the data back to the individual, and to provide a transparent view on the collecting and safeguarding of that data.

Prior to the GDPR and CCPA, it was difficult to understand what was being collected and how it was being used. Was the website selling your information to other companies? Who knows, but chances are they were. We’ve all heard the line: “If it’s free, then you’re the product.” Also, paying for a service is no guarantee that your information is not being sold. Data privacy laws attempt to address these problems by requiring companies to obtain affirmative consent from individuals, explain what is being collected and define the purpose for its use.

This all sounds great and is a step in the right direction, but there are a lot of challenges for both individuals and companies. Various polls put the number of password protected accounts per person anywhere from 25 to 90. It would take a very concerned person to understand and track their personal information across these accounts. Companies need to understand the various data privacy laws that apply and develop internal frameworks to comply and protect the data. Even if both parties are playing fair, this is a difficult challenge.

For US-based companies, here is a non-exhaustive list of data privacy regulations that may apply:

  • US Privacy Act of 1974 – Applies to government agencies but provides a good foundation for companies to follow.
  • HIPAA (Health Insurance Portability and Accountability Act) – Created to protect health information.
  • COPPA (Children’s Online Privacy Protection Rule) – Created to protect information on children under 13.
  • GLBA (The Gramm-Leach-Bliley Act) – Requires financial institutions to document what information is shared and how it is protected.
  • CCPA (California Consumer Privacy Act) – In effect January 2020 to protect information of California citizens.
  • GDPR (General Data Protection Regulation) – An EU law that has global reach.
  • State laws – Each state may have their own privacy laws with slight variations.

On top of that, the data privacy laws can be interpreted in different ways, overlap each other and contradict each other. Like security frameworks and controls, privacy laws should be viewed as the minimum baseline to protect personal data. Individuals and companies should take a commonsense approach to data protection to fill the gaps that exist in data privacy laws. They should understand what data is being collected, what is its purpose and if it is necessary to have at all. The best way to protect data is to not have it at all. If it does not exist, then it cannot be lost. This will provide focus to the residual data and what needs to be done to safeguard it.

Here are some best practices on what firms as well as individuals can do to safeguard privacy.

  • If you collect it, protect it. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access. Reduce the amount of data collected to only what is needed to provide the service. Use role-based access control (RBAC) to limit access to the data. Always encrypt the data at rest and in transit. Create a robust backup strategy and test it to ensure the integrity and availability of the data.
  • Be open and honest about how you collect, use and share personal information. Think about how the individuals may expect their data to be used, and design settings to protect their information by default. Simply explain what is being collected in an understandable way and why it is needed. Allow individuals to Opt In to providing information and view what is currently stored about them.
  • Build trust by doing what you say you will do.  Communicate clearly and concisely to the public what privacy means to your organization and the steps you take to achieve and maintain privacy. This should be done with a public privacy policy that is easy to access and understand. The policy should be kept up to date as privacy laws and internal procedures evolve..[…] Read more »….

Brace Yourself for the New Intelligence of Things Revolution

The Consumer Technology Association Vice President of research Steve Koenig announced a new trend that is emerging in consumer technology called the Intelligence of Things. The CTA vice president made these remarks during the Consumer Electronics Show (CES 2020) in Las Vegas.

These are smart devices that are able to anticipate human needs and are at the core of smart cities’ infrastructure. The CTA vice president said the Internet of Things (IoT) will be out of fashion in 2020 giving way to the Intelligence of Things technology. This technology is a result of injecting artificial intelligence into connected devices thus enabling their capacity to act autonomously.

Proof of concept for Intelligence of Things

Connected Intelligence concept is already applied in various fields. In agriculture, farmers use drones to identify crops suffering from diseases as well as monitor water usage by identifying areas that need watering. Once identified, automated water systems can target these areas independently. In addition, farmers are using automated harvesters in collecting produce from farms.  The use of the Intelligence of Things technology in agriculture, therefore, leads to higher yields and reduced expenses. Furthermore, data from these devices are used in predicting the future of farming such as the weather and disease outbreaks.

Another example is the Japanese company Groove X which has developed the Lovot companionship robot that can recognize its owner’s need for cuddles through facial recognition. Similarly, the French cosmetic company L’Oreal has its AI-powered Perso that can create customized makeup formulas for the users.

Deployment of the new IoT

Various companies are currently experimenting on Intelligence of Things in various fields such as transportation, health, and robotics.  The market will be awash with these solutions on reaching maturity after successful testing. This will make such items a crucial part of life for the urban communities, whose population is expected to reach over 60%. Commercial deployments will be particularly common in autonomous transportation around the cities. For example, Ford has already made plans for deploying the autonomous fleet by 2021.

Artificial intelligence and 5G

Artificial intelligence and 5G will be the foundation for the Intelligence of Things technology. Unlike 4G whose main reason for the growth is the consumers’ demand, 5G growth will be powered by enterprise demand. Innovations that resemble those from science fiction movies will be possible in the near future. Companies are already building 5G networks parallel to the 4G networks in preparation for the transition.

5G will form the core of any usable new IoT platform because of the massive amounts of data transfer involved. For example, streaming a virtual reality scenario during a remote surgery session requires the transmission of massive amounts of data. Success in 5G capability will, therefore, spur the success in other areas of IoT technology.

Categories of Intelligence of Things

The new IoT Intelligence of Things technology falls into the categories of either Massive IoT or Critical IoT. Massive IoT contains little data but connects many devices and endpoints. On the contrary, Critical IoT connects fewer devices but with massive data. Because the defining factor in Intelligence of Things is data, the latter will find many commercial applications in critical areas such as remote surgery, industrial robotics, and virtual reality.

Emerging tech trends

AI will become embedded in almost everything creating an AI and Everything scenario. Intelligence of Things will inspire devices such as smart ovens that can prepare food correctly and robotic companions that can detect their users’ moods.

Augment Reality (AR), Virtual Reality (VR), and Cross Reality (XR) will be other trends to watch in the connected intelligence revolution. Most AR devices are now capable of providing room-scale experiences…[…] Read more »

 

Low-Code Player Grabs RPA for Automation

Low-code platform vendor Appian is looking to provide a single platform for automation, AI and low code with a new RPA acquisition.

The year 2019 marked a big one for consolidation among data, analytics, and related vendor companies as the industry reorganized for the cloud and big vendors staked their competitive positions. Now in early 2020, an acquisition in an adjacent technology may be signaling further changes ahead for another hot technology in the enterprise.

Low-code development platform vendor Appian has acquired startup Novayre Solutions SL, developer of the Jidoka robotic process automation platform. In announcing the deal, Appian said that it now makes the company a “one-stop shop for automation, with best-in-class solutions for workflow, AI, and RPA.”

That’s something that many vendors and enterprise companies are pursuing. RPA and artificial intelligence are technologies that organizations often will want to put together to automate tedious repetitive tasks. Indeed, analyst firm Gartner named hyperautomation as one of the top 10 strategic technology trends for 2020, saying that the No. 1 use case for artificial intelligence is automation. Putting AI together with RPA can streamline operations and make organizations more efficient. It’s another step toward achieving the digital transformation that all organizations are pursuing.

Appian’s plans for the acquisition are very much along these lines. The company said that it plans to unify low-code development and RPA into one comprehensive automation platform that enables “the orchestration of all three agents of modern work — humans, bots, and artificial intelligence.”

But the acquisition won’t exclude technologies from other RPA vendors. Appian said the platform will deliver RPA governance for the enterprise that will enable management of robotic workforces from the major RPA vendors including Blue Prism and UIPath. That includes monitoring, scheduling and reporting. The service will be available on the Appian cloud.

“Appian’s goal is to be a one-stop shop for Digital Process Automation (DPA) and RPA, and to build out a more complete Intelligent Automation (IA) platform, an increasing  need, as enterprises begin to scale automation initiatives,” wrote Forrester principal analyst and VP Craig Le Clair in a blog post.

Forrester defines digital process automation as dealing more with larger processes while RPA deals more with single tasks.

“RPA remains at the very center of many of these,” Le Clair wrote. “Appian is less likely to go head to head with the top RPA platforms but will look first to add RPA to their existing customers or find opportunities where DPA and RPA are both valuable.”

Le Clair also noted that for Appian, this is a technology acquisition. Jidoka’s architecture is Java-based and runs on Linux, plus it is containerized and cloud-native…[…] Read more »…..

 

The History of Security and the Fight to Protect Ourselves

While almost everyone in modern industry has heard and thought about cyberattacks, breaches, data compromises and defenses, cyber warfare pre-dates the modern computing era. As far back as 1976, when I started my first job in astrodynamics working on Air Force satellites, security was an important consideration–decades before the Internet and our powerful computing devices.

By Michael Miora, SVP & CISO, Korn Ferry

The security story I want to share begins in the late 1970s. As a young UC Berkeley graduate, my attention was on mathematics and getting a job! I never imagined that I would focus on security for the next few decades. I never envisioned myself as a critical decision maker, whose actions would affect the course and success of a multi-billion-dollar, global enterprise.

Understanding this security story will help us all be better at identifying what needs to be protected and how we need to define and design our protections.

With a background in mathematics, I opted to study Satellite Orbit Calculation and Manipulation during my first job. However, my attention was quickly captured by the need to protect the information assets of the 70s against our adversary, the then-Soviet Union.

Today, it is obvious that we need to encrypt the large amount of data coming from satellites and going to ground-based receivers. In the 1970s though, such encryption and protection was beyond the capabilities of the small and low-powered satellite computers. Therefore, we needed to solve this problem using innovations that would use the capabilities we had at our disposal.

Scientists in the early satellite industry designed a process of commutation and de-commutation of data; this was an accidental security design. By having each bit of a downstream represent specific information known only to the receiving equipment, we had a de facto secret required to understand the data.

The Major Transformation

In November 1988, we experienced the first major, though ostensibly unintentional, attack on the ARPANET, the predecessor to the Internet. It was the “The Morris Worm,” which exploited known vulnerabilities very similar to those that still plague us today, including weak passwords, lack of filtering, and trusting outside networks without controls.

At the time, I was working for a major defense contractor that was affected by this worm. We formed a rudimentary team to study the attack and plan how to respond to the future attacks we already knew were going to come. Today, we call this a Security Incident Response Plan!

By the end of the eighties, I gathered all the experiences that I gained from my satellite and defense work to launch InfoSec Labs, one of the pioneering security consulting firms that focused on helping major financial, healthcare, and manufacturing companies protect themselves. I thereby entered an environment where my advice needed to be presented and then sold to clients as reasonable and justifiable actions. We all know how difficult it is to convince top management to spend money on intangible rewards and returns. It was challenging but rewarding to provide advice, help implement that advice, and then witness the result.

We built InfoSec Labs from the ground up without external funding because the Venture Capital firms had not yet fully grasped the importance of security or the role it would play in the coming years.

The Holy Grail: Anti-Virus

“I Love You!” Sound familiar? For those who were using email and Microsoft Word in 2000, you probably know the impact of this virus. This was one of the first major and wildly successful attacks in the history of computing, with far reaching effects that dwarfed the Morris Worm. It was very innovative because it was the first use of embedded macros in a trusted program, perverted to malicious use, and it embodied all the “features” of our modern viruses.

It was at this time that I was approached by some well-established security companies. The reputation of my company and my team attracted their attention, and my firm eventually was acquired by Rainbow Technologies, a major, publicly traded security company.

There were already anti-virus programs and systems available, but this helped spur quicker and more widespread implementation of these protections across industries and companies worldwide. The evolution of anti-virus quickened and increased in its sophistication. So did the attackers.

Over the coming years, there were many and varied attacks, ever increasing in their sophistication. Even last year, in 2018, we saw new forms of attacks that recognized the improving protections and worked to circumvent them. Some of those used normal-looking software that launched and encrypted systems (“ransomware”). Others used stealth methods that did not use files to attack and take over systems; still others used other advanced techniques.

Today the original anti-virus has transformed into anti-malware and Endpoint Detection and Response (EDR) which include sophistication unimaginable even a few years ago, with storage of data and interactions requiring terabytes of storage. Cloud strategies along with global regulations and compliance requirements have made us smarter and caused us to work harder. We all know that compliance does not drive security, but smart security achieves compliance and protects us against the attackers.

Are We There Yet?

In 2017 and 2018, every U.S. voter was compromised. Every Hong Kong voter was compromised. Over the past two years, every U.S. adult has had their credentials and credit information compromised (300 million last year). The European Banking Commission has mandated that all banking compromises in EU be reported to them immediately. Twenty-five percent of all Australian companies were compromised last year.

The attackers work just as hard as we do, sometimes with significantly greater flexibility and resources. Often, these resources and protections are provided by nation states that provide immunity from capture and prosecution. It is our job to coordinate better with each other, to share information and to jointly find newer and better ways to protect ourselves. Let’s not be bashful in telling our vendors what we want and suggesting collaboration and cooperation among competitors and complementary products.

I do that with some success. Though the vendors don’t always follow the advice, their attention shifts to include that thinking.

The Goal of Availability

There is a creative tension between meeting security requirements and achieving business goals. Security is not just technical security; it means working securely and with recognition of required operational security considerations. Business goals require a significant dedication to customer service, translated to keeping systems and applications up and running nearly all the time…[…] Read more »…..

This article first appeared in CISO MAG.

<Link to CISO MAG site: www.cisomag.com>