Tag: cloud security

Categories
Press review Tech Magazine

AI, IBM Chips, and a Novel Cloud Security Concept: The Week in Tech News

Real news can be hard to pinpoint. From AI and chips to cloud security: filter out the noise with our selection of the top 3 tech news stories of the week.

In the world of IT, real news can easily get mixed with eye-catching headlines and promotional buzz. From AI and chips to cloud security: filter out the noise with our selection of the top 3 tech news stories of the week.

Full podcast episode:

🔊 Subscribe to the podcast

AI is everywhere

The AI hype is so strong we often forget that artificial intelligence is already an integral part of our everyday lives. 

Firstly, AI played a key role in the development of Covid-19 vaccines. But there are many other, less conspicuous ways we benefit from it directly. 

For example, from anti-spam email filters to fraud detection for your banking account, silent, tiny AI helpers accompany us throughout the day without us necessarily being aware. Whether it is by dimming our phone’s screen brightness or suggesting sentences we tend to use, low-level AI tools do exactly what the best kind of technology does: help out without being noticed. 

But not everything’s about the little things, other common applications have positive effects on our society, like smart city traffic management or energy grid optimisation. 

World Economic Forum 

IBM makes chip breakthrough

For all its innovation potential, the technology industry still has an over-reliance on the diminishing effects of the long/established Moore’s Law, by which the number of transistors in computer chips tends to double in number and halve in size every two years. 

Unfortunately, recent years have seen this rule of thumb falter, with chip manufacturers struggling to keep the good ratio going.  

Enter IBM. The company announced this week a significant breakthrough in the way computer processors can be effectively made. IBM created a 2nm chip it claims can boost performance by 45% over 7nm chips while cutting down energy consumption by 75%.

BBC

A scalable approach to cloud security

Making sure that evolving cloud environments remain protected against malware is becoming increasingly difficult in a world where multi-cloud is the new norm and a single weakness can compromise an entire network

As if human fallibility and the cloud’s sheer size were not enough, attackers are using increasingly sophisticated methods of bypassing traditional security measures and protocols.

Malware is often only valuable until its detected, as its signature can then be easily identified by the system. Yet, scanning an entire cloud ecosystem for irregularities still involves too much complexity and resources due to its sheer size. 

A research initiative by Microsoft’s, Projet Freta, proposes a novel approach: a cloud-centric in-memory scanning system that focuses on virtual machine instances to deliver scalable protection.

TechRepublic

Connect by Mindquest Newsletter

Check out more of our interviews from our podcast episodes.

Join our community and find your next job or expert in IT

Categories
Press review Tech Magazine

Weekly News Digest #7

IT News Digest

Into mystery movies? Beware of spoilers.

Opening scenes of a crime thriller.

The protagonist, a beat detective with a good amount of personal problems, examines the room where the murder took place. One by one, the film introduces the various characters in the story, and the question inevitably pops up into your head:

Who’s done it?

Well… Knives Out and Star Wars director Rian Johnson might have ruined the fun for all of us. According to the filmmaker, Apple doesn’t let bad guys use an iPhone on screen for branding purposes.

There you go. Now you can start ruling suspects out.

A week in retrospect

Speaking of crime…

A new study on cloud security published this week revealed that only 57% of all business-sensitive data stored in the cloud is protected by encryption. This is particularly worrisome considering that 47% of businesses report having suffered a breach or failed a security test in the past year.

Is your data at risk? This article might help you figure it out.

Stop pointing that at me.

The debate around the use of facial recognition to fight crime is heating up. In response to mounting criticism, London’s Metropolitan Police Commissioner Cressida Dick tried to calm down the public by highlighting the benefits of the technology.

There seems to be a general misunderstanding, as the system currently being employed in the UK doesn’t store the data it captures. It simply compares faces against a data base of known offenders, in real time.

The images we post on Facebook and Instagram do much more to endanger our biometric privacy, assures the Met’s chief.

Meanwhile, a global report from communications firm Edelman revealed that 60% of people feels tech is advancing too fast…

And, speaking of advances…

The MIT Technology Review has published its annual list of technological innovations poised to have a big impact on solving the world’s problems. Here are the contenders:

  • Unhackable internet
  • Hyper-personalized medicine
  • Digital money
  • Anti-aging drugs
  • AI-discovered molecules
  • Satellite mega-constellations
  • Quantum supremacy
  • Tiny AI
  • Differential privacy
  • Climate change attribution

Would you add or change anything?

Categories
Cybersecurity Tech Magazine

Data security : Is your cloud data secure?

Data security: Is your cloud data secure?
How is your data security? Around 50% of all business data is already stored in the cloud, while 48% of this data can be considered sensitive in nature.

Digital transformation is well underway. An estimated 50% of all business data is already stored in the cloud; while 48% of this data can be considered sensitive in nature. These figures, which were reported on Monday in a global study by Thales and IDC, paint a promising future for the enterprise cloud industry. They also seem to signal growing confidence in the technology’s security and privacy capabilities. So, regarding data security, is your cloud data secure?

Data security: number and perception

The same survey revealed that only 57% of all cloud-stored sensitive data is protected by encryption, whereas 100% of respondents admit to having at least some unencrypted sensitive data in the cloud. One could think this constitutes further proof of the enterprise’s sense of data security. In reality, the number of respondents that feel their data is vulnerable to cyberthreats (86%) has increased considerably since last year’s report (67%). Furthermore, 47% of businesses report having been breached or failed a security test in the past year.  

There is thus a clear disconnect between the perceived levels of data security and the actual measures being put in place. Many decision-makers are not paying enough attention to their own danger alerts, and that is dangerous.

So — how can you tell if this happening in your organization? There are a few telltale signs.

Choosing the right multi-cloud partners

Achieving optimum levels of data protection is becoming increasingly difficult as more and more companies turn to different cloud providers to meet their various business needs. The vast majority of businesses (81%) report using more than one infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) vendor. Meanwhile, 72% of organisations state they use between 11 and 100 software-as-a-service (SaaS) applications — That’s a lot of potentially breachable data living in the cloud.

Data security: how to implement a proper strategy

These multi-cloud environments add a layer of complexity on top of the already complicated world of cybersecurity. In turn, survey respondents identify complexity as the top barrier to implementing a proper data security strategy.

To protect data integrity, organisations must leverage the appropriate set of tools across platforms and partner with those vendors offering solutions that fit within their ecosystem. Ideally, your various security tools and protocols should cover both on-premises and cloud-based data and be compatible with one another.  

If that’s not the case, it might be time to review your security architecture. Putting together the right team has also become essential for multi-cloud success. Consider hiring a cloud security specialist if you haven’t done so yet.

Data vs network security

Despite 83% of organisations planning to either maintain or increase their security spending in 2020, the portion of the security budget destined to data security remains marginal at 15.5%. Comparatively, companies spend much more on network security. This seems to be due to another important disconnect — that between the major perceived security threats and the reality behind most data breaches.  

While more than half of businesses are worried about cybercriminals, terrorists and corporate espionage; everyday issues that tend to pose greater challenges to data integrity are often less cause for concern. Just in the UK alone, 90% of data breaches experienced in 2019 originated from a human error. Employee communications, system misconfigurations and privileged users with access to sensitive resources are all potential risks that network security cannot mitigate.

Data security: accesses and permissions

A great focus on data security is, therefore, highly recommended. Re-examine and restrict your access protocols and permissions, encrypt greater amounts of data and make sure to store and safeguard the keys properly. Moreover, invest in data recovery and backup tools.

Also, do not rely too much on your providers to protect your data. Sure, the cloud is fundamentally a shared responsibility environment. However, there are many proactive measures that you can implement internally to safeguard this data.

Remember – if there is a breach, it will be the company’s reputation the one to take the biggest hit, not the provider’s.   

The threat of emerging tech

Although most experts do not see widespread quantum computing entering the scene until 15 or 20 years from now. The security risks this emerging technology represents are already in the minds of business leaders. Around 72%% of companies believe quantum computers will start disrupting their encryption efforts within 5 years.

Quantum computations can potentially decipher most cryptographic key systems used today. However, the technology is still in its infancy, and companies shouldn’t worry too much about its security implications just yet. But, if you’d like to start future-proofing your system, there are several vendors out there already working with quantum cryptography methods.

Categories
IT Decision-makers Tips & errors to avoid

5 experts to hire to strengthen an IT team

5 experts to hire to strengthen an IT team
We at Club Freelance have prepared a shortlist of experts to hire to and incorporate to strengthen an IT team if you haven’t done so yet.

Beyond your department’s immediate needs, it is important that you keep in mind the mid- and long-term needs of your company. As your organization’s IT leader, you must ensure that you’re building a team capable of staying aligned with the technology and business trends that are most likely to emerge in the following years. That means not only promoting continuous education among your already existing team, but also looking for new talent that will bring in those skills and ways of thinking that will future-proof it. It’s often hard to identify the right candidate or profile in all the clutter, so we at Club Freelance have prepared a shortlist of experts to hire to and incorporate to strengthen an IT team if you haven’t done so yet.

The top 5 experts to hire to strengthen an IT team

A business-savvy data scientist

First of the experts to hire to strengthen an IT team: the data scientist. It’s no secret that a solid data strategy is one of the key components of any respectable CIO’s digital transformation plan. Organisations all over the globe are ramping up their efforts to leverage their data in deeper, more impactful ways, from business intelligence to predictive and prescriptive analytics.

It is no surprise, then, that the data scientist role was in the top 5 of LinkedIn’s latest emerging jobs study. According to the company, data scientist jobs have experienced a 37% hiring growth over the past three years.

The key skills you should look for when hiring a good data scientist include machine learning, data science, Python, R and Apache Spark. However, as data analysis and predictive analytics are increasingly being incorporated into the decision-making process of companies, there is a growing need for data scientists themselves to understand the business.

A business-savvy data scientist eliminates the need for a middleman to translate data insights into business advice and transformation. Furthermore, as someone who can see both sides of the story, they can use data in more efficient and business-critical ways.

If you don’t have such a profile in your team, consider adding it.   

Also read our article: HR Managers: How to Assess the Technical Skills of IT Candidates

A true AI specialist

Often, data scientists are the ones taking over AI and machine learning duties within IT departments. Or at least being one of the main components of the AI team. That’s fine. A data scientist can, of course, become an expert in Ai through training and experience, but it’s not always the case. A true AI expert goes a bit further than the traditional data scientist, having mastered skills such as deep learning and natural language processing.

According to the same LinkedIn report, the AI specialist role has experienced a 74% hiring growth in the last 4 years. That is because hiring a true expert in AI can result in great benefits across several departments and processes within the organisation. AI can optimize operations, help with cybersecurity, come up with valuable customer insights and help you communicate better with your stakeholders by eliminating the lower levels of customer service. But it can do much more. If you have yet to explore this area, we recommend that you do.

A cloud cybersecurity expert

For some time, IT leaders were after all-terrain cybersecurity experts that understood the company’s whole IT ecosystem and could deal with a wide array of cyber threats and vulnerabilities. As the digital environment has grown more complex and cyber-attacks more sophisticated, that figure is no longer the ideal gatekeeper. As it happens with everything else in our economy, specialization is key.

With more and more companies moving their business-critical operations to the cloud ­­ —and with hybrid, public and private cloud models becoming more intertwined— attacks via cloud infrastructure are poised to hit a new high this year. Therefore, it is of vital importance that you look into hiring a cybersecurity expert that is exclusively dedicated to protecting your cloud real estate.

Also read ou discover our interview: Cybersecurity Career Tips From a Ballerina Turned Pentester

A DevOps engineer

A DevOps engineer is a team addition you should consider if you’re looking to optimize and speed up the software development lifecycle. With a silo-breaking mentality, DevOps engineers work to get different IT teams and processes integrated and create a workflow that’s beneficial for everybody.

They achieve so by using their deep understanding of automation tools to develop digital pipelines comprising all stages in the production cycle — From concept and testing to deployment and monitoring.

Their wholistic mindset also makes them great evangelists of DevOps philosophy across your whole team. Greater awareness of process integration and collaboration across teams can only be beneficial for everyone in the longer run.  

Interested in DevOps profiles? Read about this expert’s DevOps career story.

An RPA automation engineer

Not to be confused with the kind of automation implemented by a DevOps specialist, RPA automation deals with processes internal to the IT team, like ticket generation, and to the overall company. An RPA expert can be of tremendous help anywhere where time-consuming, repetitive tasks can be automated.

Think of all the time you could save across your organization by hiring an automation engineer that would lighten your employee’s workload so that they could dedicate themselves to more productive tasks. Definitely worth it.

Categories
Cybersecurity Tech Magazine

What to expect from cybersecurity in 2020

What to expect from cybersecurity in 2020
One thing’s clear about what will happen with online threats in 2020: cybersecurity is not getting any easier. What to expect from cybersecurity in 2020?

One thing’s clear about what will happen with online threats in 2020: cybersecurity is not getting any easier. The good news is that it’s the early months of the year and all predictions are in, so there’s still some time to get ready. What to expect from cybersecurity in 2020?

And so, we went on a quest through the vastness of cyberspace in search of the best and finest predictions out there. Then we added our own expertise to the mix. The result is a shortlist of considerations we suggest you keep in mind when designing or implementing your cybersecurity strategy for the year ahead.

On history and its annoying tendency to repeat itself

Remember WannaCry? The National Health Service surely does after almost £100m in losses and the cancellation of 19.000 appointments. But the NHS was not alone. Around 230,000 computers in over 150 countries were infected in a matter of hours, leading to an estimated $4 billion in total losses. The culprit? An NSA-devised exploit of Windows’ EternalBlue vulnerability, for which Microsoft released a patch shortly after the liability was made public.

The problem with software updates, however, is that not everybody installs them. Furthermore, some users cannot even install the patch since they’re running older software versions that are no longer offered support — Rings a bell?

Microsoft’s Windows 7 service cut is bound to follow the same path. Sure — the company is extending its support to businesses until 2023, so those running business-critical applications that only work on the old OS should be fine. But, that’s only if they are willing and able to pay. Add those who can’t to the forgetful types who won’t be upgrading out of plain carelessness, and you have 2017 all over again.

Be ready for the very real possibility of a massive attack that infects unpatched users and spreads laterally from one organization to another, from one country to the next. It only takes one sloppy third party for disaster to unfold.    

Dark clouds on the horizon

As everyone and their mother moves their infrastructure and business-critical workloads to the cloud, the potential for a massive data breach affecting all the nodes in the network is skyrocketing.

Perhaps the strike comes from a company or cloud provider that didn’t carry out due diligence and didn’t effectively protect their data during transmission, storage or processing. Or, maybe, as Kaspersky Lab suggests, attackers will leverage the cloud themselves to increase the frequency of their attacks until one breaks through.

What is obvious at this point, is that you should tread very carefully when navigating the multi-cloud ecosystem. Make sure all the involved stakeholders understand the extent of your cloud ramifications. Hire a robust security team. Partner with the right providers.   

Cybersecurity in 2020: The advent of 5G

The more connections in a network, the greater the benefit for those who manage to break into it.  As Forescout points out, enterprise 5G adoption is expected to reach critical mass in 2020. The sheer number of connected devices and the amounts of data they hold should be attractive enough for attackers to try to exploit the vulnerabilities of cellular networks.

If you’re betting big on IoT and 5G, make sure your team is prepared for, or at least aware of, these vulnerabilities and is monitoring for potential attacks. The industry as a whole will need to reevaluate 5G security post-deployment, but, in the meantime, response time is key.

Oh, my — AI

Here’s some good and bad news.

The good news first: AI and Machine Learning will be instrumental in helping cybersecurity experts detect attacks and protect data and infrastructure. The benefits are more than evident. Security tools and protocols that can learn and have increased autonomy are great allies for defending your virtual castle. According to Capgemini, 63% of organizations will have AI-based solutions in place by the end of 2020. Most of these applications will have a security focus.  

The bad news? Hackers can do that too. Expect AI-powered hackbots coming to your neighbourhood very soon. Certainly, an eerie thought to entertain.  

Corrupting the root

In the art of sabotage, simplicity is key. Why bother trying to compromise the finished product when you can alter one of its key components right at the factory line? As Enterprise SpA CTO Pierluigi Paganini notes, supply chain attacks are only going to increase with time. Although they still pose a relatively low threat, it can’t hurt to be a bit more cautious with the vetting of third-party suppliers.

Cybersecurity in 2020: Final reflections on the fallibility of the human mind

We often focus solely on the might of technology, its great potential for good and evil. The truth is that people have been duping each other since ancient times. As many of the biggest cyberattacks of the past years remind us, it is usually a human error that starts it all.

An employee that inadvertently exposes vital information. Someone clicking on a link that their boss allegedly sent them. An infected thumb drive. A computer that wasn’t updated.

The human element is a decisive factor in the world of cybersecurity. Organisations need to implement better security training for their employees, as well as improved data hygiene and BYOD policies.

The scary part, however, is that, no matter how many precautions you take, someone can still be tricked – or paid — into letting in the attackers. Kasperky alerts of these perils. As the costs of breaking into a network raise due to improved security, hackers are going to increasingly target employees ­— whether it is through phishing attacks and very convincing deepfake calls, or by paying them money or extorting them.      

Read our article: How the Covid-19 Pandemic is Accelerating the hybridisation of Careers in Tech & IT