WebProNews

Category: CybersecurityUpdate

CybersecurityUpdate

  • SAP Massively Going for Expansion Into Multi-Cloud World, Says CTO

    SAP Massively Going for Expansion Into Multi-Cloud World, Says CTO

    “We’re massively going for the expansion into this multi-cloud world,” says Björn Goerke, SAP CTO & President of the SAP Cloud Platform. “We strongly believe that the world will remain hybrid for a number of years and we’re going in that same direction with the SAP Cloud Platform.”

    Björn Goerke, SAP CTO & President SAP Cloud Platform, recently discussed the future of the SAP Cloud Platform in an interview with Ray Wang, the Founder & Chairman of Constellation Research:

    Massively Going for Expansion Into Multi-Cloud World

    We’re massively going for the expansion into this multi-cloud world. We strongly believe that hybrid clouds will play a major role in the coming years. If you also follow what the hyper scalars are doing, Amazon was the last one to announce an on-premises hybrid support model. We strongly believe that the world will remain hybrid for a number of years and we’re going in that same direction with the SAP Cloud Platform.

    We announced partnerships with IBM and ANSYS already and there will be more coming. We’re totally committed to the multi-cloud strategy driving the kind of choice for customers that they demand. But then what we’re more and more focusing on is business services and business capabilities. It’s about micro services as well. It’s really about business functionality that customers expect from SAP. We are an enterprise solutions company.

    It’s Really About No Code and Low Code Environments

    With our broad spectrum of 25 industries we support all the lines of business within a corporation from core finance to HR to procurement, you name it. We are focused on a high level of functionality that we can expose via APIs and micro services on a cloud platform to allow customers to quickly reassemble and orchestrate customer specific differentiating solutions.

    There is no other company out there in the market that has the opportunity to really deliver that on a broad scale worldwide to our corporate customers.

    That’s where we’re heading and that’s where we’re investing. We’re working on simplifying the consumption of all of this. It’s really about no code and low code environments. You need to be able to plug and play and not always force people to really go down into the trenches and start heavy coding.

    SAP Embedding Machine Learning Into Applications

    Beyond that machine learning is all over and on everybody’s mind. What we’re doing is making sure that we can embed machine learning capabilities deep into the application solutions. It can’t be that every customer needs to hire dozens and even hundreds of data scientists to figure these things out.

    The very unique opportunity that SAP has is to take our knowledge in business processes, take the large data sets we have with our customers, and bring machine learning right into the application for customers to consume out of the box.

    RPA is a big topic as well of course. We believe that 50 percent of ERP processes you can potentially automate to the largest part within the next few years. We are heavily investing in those areas as well.

    Focused on Security, Data Protection, and Privacy

    Especially if you think about the level of connectivity and companies opening up their corporate environments more and more, clouds being on everybody’s mind, and the whole idea to make access to information processes available to everybody in the company and in the larger ecosystem at any point in time from anywhere, of course, that raises the bar that security has to deliver. So it’s a top of mind topic for everybody.

    There are a lot of new challenges also from an architectural perspective with how these things are built and how you communicate, We have a long-standing history as an enterprise solution provider to know exactly what’s going on there. There’s security, there are data protection and privacy that companies have to comply with these days. I think we’re well positioned to serve our customers needs there.

    https://youtu.be/JwXU89MrdaA


  • Crypto Expert: Bitcoin is More of a Collectible

    Crypto Expert: Bitcoin is More of a Collectible

    The co-founder of crypto security firm BlaKFX says that Bitcoin was a great proof of concept and will be around for a long time, but it’s more of a collectible. “You need to have common liquidity pools,” says Kara Coppa, BlaKFX co-founder, and COO. “If you can’t move your money from fiat to crypto and move it into ecommerce to purchase something it’s really useless.”

    Kara Coppa, BlaKFX co-founder, and COO, discussed the cryptocurrency and her companies efforts to ensure its security in an interview on Fox Business:

    The Biggest Heist in World History

    We all thought Bitcoin was going crazy, but cybersecurity issues were a big problem this year. There was $1 billion lost in 2018, the biggest heist in world history, in humanity. There are a lot of issues with blockchain, it is a new technology. However, BlaKFX has uncovered many issues and we have 18 plus patents pending, lots of solutions to fix all those problems and make it secure.

    We are working with the governments right now, especially in Malta where Blockchain Island is. We are helping them to create cybersecurity regulations to ensure that there is no theft and to make sure that we can move forward with this as a currency in the future.

    As we see more asset-backed tokens, tokenizing highways, buildings, sports teams, and fractionalizing different types of assets to so that others can get involved, it can go mainstream but it has to be secure.

    Governments Coming on Board with Cryptocurrencies

    I think in 2019 we will see governments start to come on board and launch their own cyrptocurrencies. Dubai for example, by 2020, their initiative is to have their entrie government on blockchain.

    Once you do make it secure you don’t have to have it annonomous. You can have governments part of that bigger picture. When you bring in banks and governments into this cutting-edge technology it goes a long way. I think that is also another prediction for 2019, we will see a lot of alliances.

    We will see the government sector coming in together, different exchanges and cybersecurity companies coming together to make it a better, tighter technology.

    Bitcoin is More of a Collectible

    I think Bitcoin was a great proof of concept and I think it will be around for a long time, but it’s more of a collectible if you well. You need to have common liquidity pools. If you can’t move your money from fiat to crypto and move it into ecommerce to purchase something it’s really useless.

  • Democrats Created Fake Russian Twitter Bots to Influence Election

    Democrats Created Fake Russian Twitter Bots to Influence Election

    The New York Times reported that Democrats created fake Russian Twitter bots in a disinformation campaign, also known as fake news, in order to influence voters to influence the Senate election in Alabama.

    The campaign was reportedly funded by liberal billionaire Reid Hoffman and included the creation of more than a thousand Russian-language accounts that followed Republican Senate candidate Roy Moore’s Twitter account. This was picked up by major media outlets in order to fool the public into thinking the Russians supported Moore.

    Robert Siciliano, security expert and CEO of Safr.me, recently discussed the Democrat’s Russian disinformation campaign on Fox Business:

    Democrats Created Fake Russian Twitter Profiles

    What it seems like is a number of Twitter profiles were created looking like they were of Russian descent and they were following Roy Moore. Some in the media picked it up at the time. I believe it was USA Today and The Alabamian. They pointed it out and it made news designed to make Roy Moore look bad.

    It seems with the political climate that we are in right now that any relation with Russia is a bad one and if you are supported by the Russians you must be bad as well.

    Disinformation Campaign Via Fake Russian Twitter Bots

    Creating a Twitter bot is not too difficult to do. Anyone with a computer can make it happen. You can do a quick Google search of ‘how to create a Twitter bot’ and anyone can engage in that process.

    This methodology of thwarting a potential election can and will be used again in the future simply as a disinformation campaign. The disinformation that social media allows makes it very easy for this type of information to soil someone’s reputation.

    There is an All-Out Assault Online Today

    There is an all-out assault online today. Anyone connected to the web and with a presence needs to monitor their online reputation and how it’s being manipulated in a number of different ways.


  • What Are the Security Risks of the Internet of Things?

    What Are the Security Risks of the Internet of Things?

    IBM Resilient CTO and security guru Bruce Schneier takes a look at the security risks of the Internet of Things in his latest video. He brings up an interesting and rather disconcerting point, IoT devices tend to do critical things like turn on and off power or drive your car, so preventing hacking is even more critical with IoT than typical computers.

    During the writing of this article, I noticed that Bruce Schneier and other cybersecurity experts at IBM are offering a free webinar today on the overall subject of cyber security that you might also be interested in:

    December 6, 2018, at 12:00 PM: The Resilient End of Year Review: The Top Cyber Security Trends in 2018 and Predictions for the Year Ahead

    Bruce Schneier, CTO at IBM Resilient and Special Advisor at IBM Security, provided an overview of the IoT security threat in a recent IBM video:

    What Are the Security Risks of the Internet of Things?

    IoT devices are just computers so all the threats that we’re used to from the computer world get transferred into any IoT device. In addition, they tend to be low cost, not well designed, built offshore, so they have more vulnerabilities. They tend to be deeply embedded in networks and organizations so they have a lot of access. They often control physical processes.

    They turn on and off the power, they drive your car, they’re medical devices, which means the effects of a hack can be much more dangerous. On the one hand, they’re exactly the same as computers. On the other hand, because of how they’re made and what they can do, they’re very different than computers.

    How Will IoT Security Evolve in the Coming Years?

    These are low-cost consumer devices in many cases and there’s not a lot of money or even market demand for security. I think two things will happen. I think there will be more security in some of the more expensive devices.

    Of the cheaper devices, there will be other things that you could purchase to go on your network that will monitor them. We don’t really have them yet but I think that’s where the future is going. We have to assume there’ll be lots of cheaply made insecure IoT devices in every network. How do we get security on top of that? 

    Click Here to Kill Everybody

    Schneier has a brand new book out that goes into the security risks of IoT in depth called, Click Here to Kill Everybody: Security and Survival in a Hyper-connected World.

    Here’s how Bruce Schneier describes the IoT threat: 

    Everything is a computer. Ovens are computers that make things hot; refrigerators are computers that keep things cold. These computers—from home thermostats to chemical plants—are all online. The Internet, once a virtual abstraction, can now sense and touch the physical world.

    As we open our lives to this future, often called the Internet of Things, we are beginning to see its enormous potential in ideas like driverless cars, smart cities, and personal agents equipped with their own behavioral algorithms. But every knife cuts two ways.

    All computers can be hacked. And Internet-connected computers are the most vulnerable. Forget data theft: cutting-edge digital attackers can now crash your car, your pacemaker, and the nation’s power grid.

  • General Says Chinese Hacking of IBM or the Air Force is Essentially the Same

    General Says Chinese Hacking of IBM or the Air Force is Essentially the Same

    The Trump administration on Thursday unsealed Federal criminal indictments against two Chinese nationals, accusing them of working for the Chinese government over the last 12 years to hack into computers and steal key technology from Western businesses and government agencies.

    Retired Maj. Gen. Robert Scales says that we are already starting to see the manifestation of this hacking in the weapons they are deploying as we speak. The General added that we should take a long hard look at Chinese students in our universities and those that are hired from China to work in our corporate structure.

    Maj. Gen. Robert Scales (Ret.) discussed the Chinese hacking of American businesses and government on Fox Business:

    Compared to the Chinese Russians are Crass Amateurs

    I’m glad this is finally coming out. The only thing we have talked about over the last two years about hacking has to do with the Russians interfering with our election. Let me just tell you something, compared to the Chinese the Russians are crass amateurs. They’re incompetent. The Chinese have this hacking institution that is so huge.

    What makes it effective are a couple of things. Number one, it’s much larger than the Russians. Number two, it’s tied to the People’s Liberation Army (PLA). Even though a lot of the hacking is focused on commercial information, the people who are running this are the military. Here’s the scary part, the hacking is occurring in this country as well as in China. A great many Chinese immigrants are working in many of these industries and are scooping up this information and sending it home.

    Seeing Manifestation of Hacking in Their Weapons

    Just think for a moment if the Chinese have managed to put a bug into a chip in one of our anti-ballistic missiles or perhaps in a radar in a ship offshore in the South China Sea. Let me tell you another thing those of us in the military have seen. We are already starting to see the manifestation of this hacking in the weapons they are deploying as we speak to include their cruise missiles and their drones.

    Also, if you look at their latest family of stealth aircraft, the J-20, it has a lot of the obvious characteristics with our F-22 and our F-35. They are so far advanced in their sophisticated hacking that they are already beginning to build military products and weapons to compete against us using our technology.

    Hacking IBM or the Air Force is Essentially the Same

    The Chinese leadership have said that the Chinese military and the technological slice of its corporate structure are to be at parity with the United States by 2030. There is no way by following a due-course process will the Chinese ever be able to achieve that without extensive and pervasive hacking of our technology. Both our civilian technology and our military technology.

    Because so much of the military today is dependent on corporate technology, particularly with micro circuitry, that you can no longer distinguish between the two. A piece of IBM technology is the same technology that is being put in military computers, our radar systems, and are early warning systems. Having a hacking program against IBM or a hacking program against the US Air Force, today they are essentially the same.

    We Should Take a Hard Look at Chinese in the US

    What Should the US do? First of all I would say fight back. We’re just as good at this as the Chinese are. We can hack and we are pretty darn good at it. How many young men and women do we have in Silicon Valley who could do this on a weekend? Hack back at the Chinese and do it in a very public manner so that it becomes a cyber war where either side could win. It can’t get any worse since the Chinese are going full throttle as we speak. The only thing they would be afraid of is for us to start stealing their technology instead of vice versa.

    The second thing I’d do is take a long hard look at Chinese students in our universities and those that are hired from China to work in our corporate structure. When I was in the army I visited China in 2000. I remember a Chinese general bragging to me that there were more PLA officers in American graduate schools than there were American officers in American graduate schools. I don’t think it has gotten any better in the last few years.

    The other thing is for the Chinese students and employees in this country. What the Chinese government does very skillfully is they hold their relatives, their wives, children, parents, and grandparents at risk if they don’t toe the line and comply with instructions from China.


  • Motorola Solutions CEO: We Want a Level Playing Field in China Where IP is Not Stolen

    Motorola Solutions CEO: We Want a Level Playing Field in China Where IP is Not Stolen

    Motorola Solutions CEO Greg Brown explains how China went from a great business opportunity in the mid-1980s to an intellectual property stealing concern following their acceptance into the WTO in 2001.

    Brown says that when China implemented the indigenous cellular standard PDT, that in essence if Motorola wanted to play there and continue to provide systems, they would have to offer up the IPR associated with that. Following that China became less and less attractive.

    Greg Brown, Motorola Solutions CEO, provided a great picture of how China has stolen intellectual property from Motorola and many other US companies who do business there in an interview on CNBC:

    For Years, China was Great

    Historically, you can even go back to 1972 when President Nixon first arrived in China, he spoke on a Motorola provided satellite phone following the Kissinger talks. You fast forward, and in 1986 Bob Galvin led a delegation there, and in ‘87 Motorola invested and had a manufacturing and R&D footprint. For years, China was great, and the Motorola story was great, and revenue boomed, investment boomed, and collaboration boomed. Then China joins the WTO and things pivot a little bit.

    To Do Business in China Motorola Had to Give Up IP

    The Chinese market matures and China moves toward indigenous standards. At the time there were cellular standards called CDMA, TDMA, that ultimately went to GSM. China had their own and they called it TDS CMEA. We in the US had WiFi. They had their own and it was called WAPI. In policing, China implemented an indigenous standard called PDT, police digital trunking, that in essence said Motorola if you want to play here and continue to provide systems, you have to offer up the IPR associated with that. China became less and less attractive.

    We had a lot of firsts historically. We had the first mobile phone with Chinese characters, and the first mobile phone with global positioning – GPS. At the time Motorola built the largest contiguous network in China. All that is great.

    Chinese Firms Huawei and Hytera Stole IP

    Historically, we had litigation with Huawei around trade secret violations. We sued them in 2010 and was settled in 2011. But as we sit here today we have a lawsuit ongoing right now with a Chinese company called Hytera. They’ve done three things; patent infringement, trade secret misappropriation, and copyright infringement. Pretty egregious, vast multi-year campaign. We’ve sued them in the Northern District Court of Illinois, Germany, where we won both cases by the way, Australia pending, and most importantly in the ITC where we just won a final determination that in fact Hytera took IPR and infringed our patents. So we are awaiting the implementation of an import ban in January.

    Need Level Playing Field in China Where IP is Not Stolen

    Recently, Australia has said they are concerned about Hytera 5G Gear. New Zealand has made that determination. In Britain, the U.K., just announced a few days ago, that they want to pull out  Huawei 4G out of their core. I get the high stakes and I get the two juggernauts (US vs China) competing. We are all for competition, robust, let the customer win, and everybody brings their best game to the party. But when it is not a level playing field and IPR is stolen, we just are saying compete on a fair and firm basis.

    Business in China a Fraction of What it Used to Be

    We’re still in China, but we don’t do manufacturing in China and we don’t do R&D. We have sales and sales support staff. It is an okay market for some of what we call our PCR equipment. We have collaboration with some local Chinese partners. But to dimensionalize it, like 15 years ago we were over $3 billion in revenue and 15,000 people, today we are about $170 million in revenue and 170 people. What we are is the Western leader and alternative in mission critical communications, command center software, video surveillance and analytics.

  • 50 Million Google+ Accounts Compromised in Latest Data Breach, Platform to Shut Down Earlier Than Planned

    50 Million Google+ Accounts Compromised in Latest Data Breach, Platform to Shut Down Earlier Than Planned

    The discovery of another privacy flaw has pushed Google to shut down Google+ much earlier than expected.

    Google announced on December 10 that it had discovered a security issue that potentially left more than 50 million accounts vulnerable in November. The revelation came shortly on the heels of a previous admission that a security lapse in March also affected thousands of users. Because of this, the company says Google+ will be shut down by April 2019.

    Google initially planned to sunset the platform by August 2019. The company made the announcement to close its Google+ network in October, after it admitted that an earlier breach affected 500,000 users.

    The latest bug was said to have been inadvertently created by a software patch that Google developed last month. It reportedly gave third-party apps access to account users’ profile data and exposed even information that wasn’t made public. It took the company six days to notice it and find a solution.

    In a blog post, Google’s Vice President of Product Management, David Thacker, shared that “No third party compromised our systems, and we have no evidence that the app developers that inadvertently had this access for six days were aware of it or misused it in any way.”

    However, the bug made it possible for apps where users willingly shared their Google+ data to also access their friends’ profile or those of people who shared data with them. Google gave assurances though that it did not expose any passwords, financial data, or other sensitive details that could be used in identity theft.

    The Alphabet-owned company had also suffered a security breach in March. That particular bug placed tens of thousands of users’ personal information at risk. The company waited half a year before it admitted to regulators and the public that there was a problem. The breach happened around the time Facebook was embroiled in the Cambridge Analytica controversy. Reports stated that Google delayed revealing the problem partly to avoid regulators from scrutinizing the company.

    The admission that there was another security issue couldn’t have come at a worse time for the company. Google’s CEO, Sundar Pichai, was set to appear before the House Judiciary Committee on December 11 to be grilled about the company’s data practices.

    Google+ will be shutting down all its APIs for developers within three months. However, the platform’s enterprise version will remain functional. Google also acknowledged on Monday that Google+ had a low number of users and that there were major obstacles to turning it into a successful product.

    [Featured image via Google]

  • Accenture NA CEO on Creative Ways to Fill Jobs for the Digital Transformation

    Accenture NA CEO on Creative Ways to Fill Jobs for the Digital Transformation

    The CEO of Accenture North America, Julie Sweet, says that they are still seeing a very continued big focus by companies on digital transformation. The problem is that there are not enough workers with the right skills. Sweet believes that the US should not only upskill current workers through training but should also pivot our educational system for the jobs that are going to be created in the future.

    Accenture just opened a new Innovation Hub in Seattle which will create 300 highly skilled technology jobs by the end of 2020 and expanding its U.S. apprenticeship program.  The apprenticeship program provides under-represented groups greater access to innovation-economy jobs.  Accenture’s national program will grow to more than 150 apprentices by the end of this year, building upon the success of the company’s apprenticeship programs in other cities, including Boston, Chicago, Columbus, Detroit, and San Antonio.

    “Our investment in Seattle ensures that we have the critical talent and capabilities to help our clients create, implement and scale solutions for the digital economy,” said Sweet. “We are an innovation-led company, committed to helping this important market continue to grow and flourish as a tech destination.”

    Accenture’s innovation hub in Seattle is part of a network of U.S. hubs including in Boston; Chicago; Columbus, Ohio; metro Detroit; Houston; New York; metro San Francisco and metro Washington, D.C.

    Julie Sweet, Accenture North America CEO, discussed the current digital transformation and the need for companies to be creative in filling the current 6 million job openings on CNBC:

    We Are Still Seeing a Big Focus on Digital Transformation

    Companies are spending more on cybersecurity every year and unfortunately, the breaches keep happening. We expect right now that this to be a very fruitful career for many people for a long time and we’re seeing it in our business also. We have a $2 billion business today, growing double digits. People being hired are everything from people out of high school or in two-year degrees to much more sophisticated people that are doing advanced threat intelligence.

    What we are seeing is still a very continued big focus on digital transformation. Companies are saying there’s a lot going on in the market, there’s a lot of disruption and we’ve got to find the ways to cut costs in order to invest to become a digital business. If you think about it, half the Fortune 500 in the year 2000 no longer exists today and so the real way to succeed is to become a continuous innovator. They either merged or they went out of business. The key to innovation is accessibility and it’s no longer Silicon Valley, it’s around the world.

    Lots of Tech Job Opportunities for Those Without 4-Year Degrees

    There are also a lot of opportunities now for two-year degrees. In fact, we now have an apprenticeship program where we have a 150 professional apprentices with two years or high school degrees working in tech jobs. We’ll have 300 next year and we see that as a real opportunity for the US to do mid-career reskilling and to close the skills gap as well as bring people who’ve been left behind.

    It can be a mistake to go for a four-year degree for some people. I would go back to a parents advice to their children in terms of what are the kinds of jobs that are going to be created and what are your interests?

    Accenture North America CEO Julie Sweet earlier this year elaborated on what the country should do to find workers skilled in digital, cloud, and security:

    There Aren’t Enough Workers with the Right Skills

    It’s not so much that there aren’t enough workers, it’s that there aren’t enough workers with the right skills. If you look at unemployment today there are about 6 million jobs open and there are about 6 million people looking for jobs. They don’t have the right skills.

    One of the things we’ve been focused on at Accenture is reskilling our own workforce as we have pivoted our business to where our clients need to go which is around digital, cloud, and security. There’s been a lot of industry discussion about the need to invest and really both upskill our current workers and pivot our educational system for the jobs that are going to be created in the future.

  • Conservatives See Facebook War Room As War on Them

    Conservatives See Facebook War Room As War on Them

    Facebook has created a War Room ahead of the midterm election that is filled with data scientists and specialists trying to stop the spread of what it considers fake news. However, conservatives on YouTube see this as really an attempt to stop the spread of conservative thought.

    Calling it the “Department of Censorship” would have been a bit too embarrassing,” one commenter said. Another called it, “Facebook’s “Get Democrats elected in the mid-terms” campaign HQ and a warm-up for their much larger “Get a Democrat in the White House 2020” campaign.”

    Perhaps reinforcing this perception of bias is that the War Room is lead by former Obama Administration appointee, Nathaniel Gleicher, who is now Head of Cybersecurity Policy at Facebook.

    Here are some other comments from people concerned about Facebook bias against conservatives and also those who just don’t like the idea of censorship:

    “They are only blocking conservatives.”

    “They call it patrolling. I simply call it selective censoring.”

    “DNC extension war room😔”

    “This is scary. We must have a better way to screen fake news.”

    “To be clear: had HRC won in 2016, none of this would be happening.”

    “USA learning tricks from Chinese.”

    Others are concerned that Facebook’s entire advertising model motivates polarization. “The advertising business model creates the wrong incentives for Facebook,” says Roger McNamee in a discussion on Bloomberg. “Essentially, it forces them to use highly addictive technology and to basically push people to increasingly extreme positions, so polarization is good for their business. Anger and fear are good for their business.”

    Facebook is confident that the War Room will be effective in stopping election manipulation, especially by foreign actors. Nathaniel Gleicher, Nathaniel Gleicher, Head of Cybersecurity Policy at Facebook and Samidh Chakrabarti, Facebook’s Head of Civic Engagement discussed the War Room in a recent interview:

    Nathaniel Gleicher – Head of Cybersecurity Policy at Facebook:

    In order to manipulate public debate, first, you have to understand the culture you are targeting. There’s always going to be more people inside a country that understand that than outside.

    We are talking volume. The interference that comes from overseas can be particularly pernicious because there you have a public State that’s looking to influence or manipulate or mettle in another country’s public debate.

    Part of what we’ve tried to do, particularly as we need to move very quickly is pushing as much of the decision making to the teams as possible, but obviously, there’s an escalation chain available so that when we need to move something up to Mark (Zuckerberg) or Sheryl (Sandberg) we can do it quickly.

    I think our goal and our responsibility is to ensure that we are helping democracy more than we are hurting it. We are ready. That doesn’t mean that there aren’t going to be challenges. When you have malicious actors like this there are always efforts, there are always going to be unexpected threats.

    Samidh Chakrabarti – Facebook Head of Civic Engagement:

    Right now we have experts from across the company. Data scientists are looking at dashboards and seeing for example if there is any kind of spike in content that could be related to voter suppression to prevent any of it from going viral.

    Our investments in machine learning have actually allowed us to block fake accounts usually at the moment of creation.

  • CareerBuilder CEO Says Technology is Driving Jobs Growth

    CareerBuilder CEO Says Technology is Driving Jobs Growth

    The release of today’s Jobs Report shows the lowest unemployment in the US since 1969 and CareerBuilder is now predicting that an additional 8,310,003 jobs will be created over the next 5 years. CareerBuilder CEO Irina Novoselsky says that technology is driving that growth, whether the job is a technology-oriented job or a traditional manufacturing job, technology skills are now required.

    Irina Novoselsky, CEO of CareerBuilder recently discussed how technology is driving jobs growth on Fox Business:

    Technology is Driving Jobs Growth

    Technology is driving a lot of that growth. You are seeing it in two ways, both on new industries that are emerging such as AI, robotics, cybersecurity, as you would expect, and the high wage earners are seeing a lot of that growth in jobs like nursing and software development.

    We are also seeing a lot of growth on the low wage in industries that are really the American fabric such as manufacturing. What’s really driving some of the conversations around that is the technology aspect and the skill deficit that’s happening as part of that.

    The top is growing, the bottom is growing, and really the middle is stuck in a dilemma where they have to get more skillset if they are going to get there. They are either going to go up or they are going to be left behind.

    70 Percent of Jobs Have a Major Technical Component

    Employers are saying that 70 percent of their jobs have a major technical component, including in manufacturing. A machinist today has a big technical aspect to their job, more than even a few years ago. Consumers and employees are left looking at how do they upscale and career path in non-traditional ways?

    The four-year education model is really difficult for them, it’s budget constraint, time constraint, so they are looking for unique opportunities to get that education and that skillset and in non-traditional ways.

    Employers Have Turned to Training Internally

    One of the things employers are doing is creating that competency skill training internally. What’s happening is that there are not enough of the skilled employees to recruit. One of the largest things employers are dealing with is open roles for a very long period of time and they are maneuvering this talent deficit by taking it on themselves.

    One of the things that we are doing is no longer mandating a 4-year college degree for some of our roles. We are taking on the onus to bring in the people and train them ourselves. It’s a great opportunity for middle wage earners to start upscale and career pathing, learning the technology skill sets to move up or they are going to be left behind.

  • Microsoft VP on How Microsoft Competes with Amazon for Cloud Business

    Microsoft VP on How Microsoft Competes with Amazon for Cloud Business

    Microsoft is competing with Amazon for the enterprise cloud by focusing on being more than just a technology provider. Julia White, Microsoft’s Corporate Vice President of Azure Marketing, says that they are “helping companies with their transformation and not just being a technology vendor or a cloud vendor for them.”

    Microsoft Corporate VP of Azure Marketing, Julia White, discussed Microsoft’s approach to the cloud and how they compare to Amazon in a recent interview which you can view below:

    Microsoft Helping Companies in their Transformation to the Cloud

    Azure works for companies because of our understanding of the enterprise and things like building hybrid, understanding that technology running across data centers, across the Edge, and in the public cloud and building that from the very beginning.

    It’s also about our partnerships, these aren’t just customers, like Volkswagen, Coca-Cola, and Chevron. We are really partnering deeply with them with them helping them with their transformation and not just being a technology vendor or a cloud vendor for them. I think that those are some of the important reasons customers are choosing Azure.

    How Can Microsoft Compete with Amazon?

    Certainly, Amazon has been around longer but they have much more of a technology provider approach. We go in and talk to customers and engage with them in a long-term strategy. This isn’t just about selling them technology or using our cloud. How are you changing your business? What does it look like to have a connected car platform? What does it mean using AI for shell and finding better drilling processes?

    It’s much more of a partnership on the business side and not just the technology. We have so much history in working with enterprise customers for over 40 years so we have a different point of view that we can bring to those customer engagements.

    The Cloud is a $4 Trillion Market

    I don’t see Google a lot in our customer engagements. I think Amazon certainly had the first come market leadership position, but I don’t see the other vendors coming up very much. The cloud pie is so big, it’s almost unlimited total opportunity.

    The cloud is about a $4 trillion market if you took what is being run on-premise today and where it’s going to the cloud. I’m not so worried about the other competition, rather what are we doing with customers to take advantage of that and really help them embrace that? It is an interesting time at this moment when there is effectively no threshold for growth.

    AI is an Enablement of Humans

    We spend a lot of time around AI ethics and AI for good and the approach we have had from the beginning is that AI is an enablement of humans and we should be using it in those ways. That is our investment, that is our focus, and that is how we are engaged with that technology.

    It’s also important in playing our part in this industry as to how we shape this moving forward. It’s super important we do our part, but also bring the industry together on this.

    Microsoft Cloud Security is World Class

    One of the reasons I’m passionate about the cloud with our customers is because we are best set up to deal with this type of adversary (Russian election interference). We spend a billion dollars a year on cybersecurity across our cloud. We have 3,500 security engineers and that’s all they do. That is their lifeblood. Compared to any organization, even a large commercial well-funded organization, doesn’t have that kind of resource to be able to keep up with the threats.

    It’s not people in basements trying to embarrass executives anymore, it is these nation-state threats. That’s why we invest at the level we do and that’s why I’m so passionate about getting our customers to take advantage of cloud-based security because it’s just better. Ultimately, security is a data game of who has better data and who has better insight.

    Across all of Microsoft, we have signal coming from our billion Windows endpoints, or email system, the largest commercial email system, and the largest directory system. That gives us unique insight to understand what is good and bad intent.

  • Rapid7 CEO: We Have Not Designed Our Technology Ecosystem to be 100% Secure

    Rapid7 CEO: We Have Not Designed Our Technology Ecosystem to be 100% Secure

    The recent massive data breach at Facebook have brought to focus that if one of largest technology companies in the world can have their data compromised then any company, regardless of the security measures they may have in place is also vulnerable. This included sectors such as healthcare, banking, and transportation.

    The CEO of Rapid7, a company which offers vulnerability management solutions, says that cybercriminals have recently realized that data is money and that vulnerabilities are happening because of our speed of innovation. This is compounded because almost all companies are in essence becoming software companies. 

    Corey Thomas, Rapid7 President and CEO, discussed the challenges of cybersecurity on CNBC this morning:

    Cybersecurity Attacks Affecting the Fundamentals of Business

    What we’re finding is that more and more things are actually causing people to really understand that cybersecurity attacks are going to affect the fundamentals of the business. I think with Facebook, it was the additional layer of so much turmoil and scrutiny already that it’s just another sign that it’s going to be troubling days ahead.

    I was surprised by the recent breach in some ways because of how seriously Facebook takes security. On the other hand, when you look at the details of the breach it was completely understandable. They have lots of technologists, they’re moving fast, and the compromise itself and the vulnerability itself was the interplay of a whole bunch of different errors that actually went wrong at the same time.

    We Have Not Designed Our Technology Ecosystem to be 100% Secure

    One way to think about it is that we have not designed our technology ecosystem to be a 100 percent sure and secure. We value speed and one of the reasons that so many companies are successful is because they’re fast at building technology that all of us love and adopt and use. The side effect of that, unfortunately, is that speed comes at a cost.

    Speed of Innovation Raises Security Risks

    I don’t know if we’ll be able to put the speed of innovation genie back in the box. I do think we’re going to have to raise standards and I think there are lots of fundamental things that people can and should be doing.

    What actually scares me more are not the Facebook’s of the world, because I think Facebook and many companies have good security. It’s the fact that our entire economy is becoming more digital and frankly most of the companies that are starting to actually turn their services into technologies that are digitally connected are just not as sophisticated with security as a company like Facebook.

    Almost Every Company is Becoming a Software Company

    If you look at healthcare and the transportation ecosystem we’re connecting more and more aspects of our lives and we’re turning them into compute. You have a bunch of companies in the software industry which just ten years ago used to be an industry of relatively few names in the overall ecosystem.

    If you look toward the next ten years, almost every company is becoming a software company in some way.

    Cybercriminals Have Recently Realized that Data is Money

    Banks have been focused on security for longer because they’ve been the targets of fraud people have always gone after the money. You can argue that it’s a relatively recent focus area to realize that data’s money. That’s something that the internet companies realized 10 plus years ago and criminals have now realized that in the last five years, so that’s a change.

    The other aspect of it is banks do innovate less. If you look at one of the biggest disruptions that are coming along now is the in the financial services sector and in the consumer financial services sector. I would argue that banks are having the other outcropping of that because they innovated a slower pace typically they are now being disrupted.

  • Cyber Attacks on Small Businesses are on the Rise, Here’s How to Stay Safe

    Cyber Attacks on Small Businesses are on the Rise, Here’s How to Stay Safe

    While recent data breaches on large enterprises like Home Depot, Target, and Yahoo made headlines worldwide, a 2016 report by cybersecurity firm Symantec revealed that 43 percent of cybercrimes actually target small businesses. What’s more alarming is that the number of attacks on small business has been trending upward every year since 2011. It’s easier to target small companies because many of their owners are not educated about the risks or don’t implement adequate safeguards to protect themselves.

    However, a data breach can damage your company’s reputation and revenue. It can even put you out of business altogether. In fact, a reported 60 percent of small businesses fold within six months of a cyber attack. The need to protect yourself and your customers cannot be overstated.

    Here are five safety measures your small business can implement to fend off cyber attacks:

    1. Install the right software and keep it updated.

    Good anti-virus, spyware and/or malware prevention software is your initial line of defense. Invest in a reliable one and keep it updated regularly. As a business owner, you should never ignore an update, no matter how busy you are. The older versions of a software or system are what hackers often work on.

    Minimize the risk by making sure your antivirus software and operating system are up-to-date. Once you’ve been notified of an update, designate a time of the week to install it into your data system.

    A lot of small business owners also make the mistake of just buying whatever data security software was recommended to them without understanding it or using it properly. To choose the right software, you’ll need to assess the type of data you’re protecting and how it will be stored. Is the information you’re protecting sensitive or neutral? How many people will have access to the information and for how long do you intend to store it? Data security is not one size fits all.

    2. Invest in a secure network.

    Select a dedicated and secure server that only your company and employees use. It might mean shelling out more money upfront, but your network is guaranteed to be secure from external attacks. This will significantly reduce the risk of your customers’ information being hacked. You should also make sure that your data is always backed up. A second copy will lessen the devastation of a malware attack.

    3. Implement extensive security protocols.

    Use every safety protocol and security strategy to protect data while still keeping it usable. Implement steps like multi-factor authentication and data encryption. Make sure you develop strong passwords to prevent hackers from cracking your code. Experts say passwords should be around 13 to 15 characters and should not be a word. Instead, go with random symbols, letters, and numbers. Investing in good encryption software is another way to protect your customers’ personal data.

    4. Educate your team and train them to follow best practices.

    Most of the time, a data breach is caused by an employee’s negligence or complacency. This was what happened in the Target hack. It’s also something you see all the time in brick-and-mortar stores. Computers are left open and available or passwords scribbled on post-its for everyone to see.

    Root cause of a data breach infographic

    Make sure you take the time to educate your staff on security technology and train them to understand and follow best practices for preventing a security breach. Cybercriminals use ploys that look legitimate so employees should know what to look for. You should also have a memo or a list of best security practices to follow, like changing passwords regularly or being careful when using personal devices at work.

    5. Secure sensitive documents.

    Make it a habit to safeguard important documents even if you no longer need them. Instead of just throwing customer files and documents in the trash, take the extra step of shredding them. It’s also a good idea not to store your clients’ credit card information. After all, there’s no need for you to do so and they can’t be stolen from you if you never collected them in the first place.

    These security measures might look like a lot of work, but it is all worth it. After all, it’s better to err on the side of caution instead of losing customers or your reputation because of a data breach. 

    [Featured image via Pixabay]

  • Cybersecurity is Rapidly Changing

    Cybersecurity is Rapidly Changing

    “We cannot control our adversary,” says Rick McElroy, Security Strategist for CarbonBlack, a leading next-generation cybersecurity firm. “Although we can choose to control them once in our environment. We have little to no control over when the “big attack” happens. For too long I think we have focused so hard on finding the adversary that our internal threat intelligence has suffered as a result”. Sharing threat intelligence has gotten easier. Vendors have done a ton to allow teams to cultivate and exchange threat intel and while there is always more work we have abandoned the one thing we have a hope of controlling. The home field advantage.”

    Editor Note: CarbonBlack is offering a free webinar on why companies are moving toward next-generation security here:

    Free Webinar: Why Companies are Replacing AV with Advanced Endpoint Protection

    McElroy adds, “I have heard major CISOs sit in a room and say “asset management is impossible, so why try?” How is this what a leader would say? Yes, this thing we do isn’t easy but giving up is a sure fire way to never achieve a strategic goal.”

    “It’s time we bring this to all defenders, not just customers of a certain organization. Carbon Black is on a mission to make the world safe from cyber attacks. To achieve this mission, we need every one of us sharing and helping quiet the noise. We need application developers and threat hunters on the same page. We need to unite as a community.”

    Traditional AV is Falling Short

    Just about every enterprise company is feverishly working on implementing next-generation solutions to protect against internet threats. The primary reason is that traditional AV software is no longer effective enough:

    First, let’s look at why traditional AV is falling short against the cyber-attacks organizations face today. Traditional AV technologies still rely on a signature-based approach that can only identify known threats. Attackers can run circles around this approach by making small tweaks to their malware in between signature updates; this allows them to operate with impunity while organizations scramble to deploy new updates.

    In short, traditional AV leaves organizations one step behind the attacker. Making matters worse, a signature-based approach cannot detect modern attacks that do not write files to disk (so-called file-less attacks) or techniques that use trusted system tools like PowerShell to perform malicious actions. In order to combat the shortcomings of traditional AV, organizations must ensure that they have AV technology that takes a proactive approach to cybersecurity. – Dan Larson, Vice President Product Marketing at CrowdStrike via Security Ledger.

    The Security Fight Has Escalated

    “Nearly 20 years ago, viruses such as the Melissa virus and Love Bug worm were causing millions of dollars’ worth of damage, hijacking email servers, corrupting corporate and government documents, and forcing systems to shut down,” stated Martin Borrett, IBM Distinguished Engineer and CTO IBM Security Europe. “Today, cybercrime is a global plague that will cost the world economy $6 trillion annually by 2021, according to Cybersecurity Ventures.”

    Borrett added, “As cybercriminals, nation-state attackers and hacktivist groups have become more sophisticated, the security industry has grown up to defend our national security as well as the vital interests of businesses and consumers. Gradually, the battle between attackers and defenders has become something akin to an arms race: New types of attacks lead to new defenses to block them. Security innovations become outdated as soon as attackers find ways around them. Meanwhile, cyberattackers continue to rely on social engineering tricks that are hard to defend against.”

    New Cybersecurity Approaches Are Clearly Needed

    According to Dr. Kirk Borne, Principal Data Scientist at Booz Allen, what’s needed is for companies to modernize their current cybersecurity defenses:

    For modern cybersecurity operations to be effective, it’s necessary for organizations to monitor diverse data streams to identify strong activity signals. This includes monitoring network traffic data to find well-known patterns of common adversary activities, such as data exfiltration or beaconing. While these detection techniques are critical to cybersecurity operations, it is imperative to leverage such signals to predict future activities. Further capabilities could even be created to modify the behavior of the actor (or analyst) to the benefit of the organization and mission. This could include systems on networks that are trained to autonomously take action, such as blocking access to resources or redirecting traffic, based on a predicted behavior.

    Modern attackers are too agile and creative for organizations to rely on passive descriptive analytics or reactive diagnostics techniques for protection. Rather, building an ability to forecast future outcomes through predictive analytics that utilize prior knowledge of events, particularly the precursor signals evident before an attack, are proactive measures. – Dr. Kirk Borne via a recent post on O’Reilly Media.

  • Gmail’s ‘Confidential Mode’ May Expose Users to Phishing Scams, Raises Red Flags at DHS

    Gmail’s ‘Confidential Mode’ May Expose Users to Phishing Scams, Raises Red Flags at DHS

    A new Google Mail feature has caused the Department of Homeland Security (DHS) to raise concerns about users’ privacy and security. According to reports, Gmail’s new “Confidential Mode” can be used to instigate scams like phishing.

    In April, Google revamped Gmail’s look. Along with a sleek, new user interface, the company also introduced several new features, including auto-generated smart replies, the capacity to put a message on snooze and the Confidential Mode.

    However, the new Confidential Mode reportedly raised some red flags at the DHS prompting it to issue an alert regarding the “potential emerging threat…for nefarious activity” the new feature could introduce.

    Gmail’s Confidential Mode apparently allows the user to control how their emails can be viewed and shared. For instance, the recipient of the email won’t be able to print or forward it. Users can also set an “expiration date” so that their email will self-destruct or automatically delete itself from the recipient’s inbox. There are also other layers of protection that can be utilized, like a text message code.

    While the features provided for a Confidential email seem fool-proof, it can actually open up a can of security worms. This is because non-Gmail users who receive a Confidential email will be asked to click on a link to access it. Scammers can take advantage of this process to create and send out fake confidential emails. Once the non-Gmail users click on the link, they can be tricked into giving out their private information. This is known as phishing.

    A DHS spokesperson confirmed that they have already reached out to Google “to inform them of intelligence relevant to their services and to partner to improve our mutual interests in cybersecurity.”

    Meanwhile, Brooks Hocog, a spokesman for Google, reassured users about the company’s commitment to protecting their users’ security. He stated that Google has already developed “machine learning” algorithms that can detect phishing scams, downplaying the issue.

  • Firefox Moves Closer to Password-Free Browsers

    Firefox Moves Closer to Password-Free Browsers

    On Wednesday, Mozilla released its Firefox 60 browser, moving a step closer to password-free login for several websites. Equipped with WebAuthn, this new standard in authentication technology does away with several passwords to reduce phishing attacks.

    The World Wide Web Consortium (W3C) and FIDO Alliance jointly developed WebAuthn, which has been years in the making. It is a secure login standard that relies on physical authentication devices, such as biometrics and USB tokens, instead of passwords to grant website access. That’s because reliance on passwords has been identified as one of the “weakest links” in web security.

    Passwords have been the de facto method of logging in anywhere on the Internet. However, it gets problematic when login credentials are re-used on multiple websites. And even with combinations of characters, uppercase and numbers, passwords often do not provide sufficient cybersecurity. Using phishing scams, criminals have resorted to creating fake websites to weasel out login details and personal information from unsuspecting users.

    Tech experts pointed out that passwords will still be relevant, and a post-password future is still far from happening. Fortunately, WebAuthn is a nudge towards making sites more secure and resistant to data breaches and password theft.

    Physical authentication keys are nothing new as numerous tech firms with the need for tight cybersecurity already have their own drivers in place. The type of authentication is currently implemented on Google and Facebook and allows easy login through a YubiKey token. As an open-source code with commonly available libraries, WebAuthn lets other developers implement password-free logins across the web.   

    Although Mozilla is the first to come out with the WebAuthn support, Google and Microsoft will add the function to their updated flagship browsers in the coming months. The move is expected to be an improvement to web authentication, compared to prior attempts. Moreover, WebAuthn is capable of supporting older authentication hardware so early adopters don’t have to go back to square one.

  • 5 Slackbots to Improve Your Business Operations in 2018

    5 Slackbots to Improve Your Business Operations in 2018

    Slack has become one of the most widely used team collaboration tools on the market due in large part to its flexibility. More than just a messaging platform, Slack offers a variety of customizable tools and apps to its over six million daily active users, two million of which are paid.  Among the tools that make Slack flexible and easy to use are chatbots.

    Called Slackbots, these chatbot assistants are integrated into Slack conversations. And contrary to what their name suggests, these bots do not slack off. They are designed to sort through messages, monitor assigned tasks, track performance, and even integrate with your email to monitor urgent correspondence, all within the platform. Virtual assistants like Slackbots efficiently handle tedious and time-consuming work, allowing you and your team to focus more on revenue-generating activities.

    Whether it’s for productivity, marketing or anything else, there is a Slackbot for just about every business need. Here are some that can make a difference in your daily operations in 2018.  

    1. BusyBot

    Related image

    Busybot is a productivity-focused Slackbot that manages tasks for everyone on the team. Users can ask the bot to schedule meetings, assign tasks, and set automated reminders for deadlines—all based in your Slack conversations. With this bot, you don’t need separate software for project management and communication. You also have the option to monitor all assignments on the Busybot website to ensure you stay on track.

    2. Astrobot

    Related image

    Another productivity-geared bot, Astrobot manages your email in the comforts of your chat environment. Astrobot is known for its email app and which seamlessly integrates with the Slack platform. Its powerful AI flags high priority messages and sorts them into a separate inbox for easy access. You can also respond to these important emails directly on Slack without switching back to your inbox. Send quick messages by using the slash command/email. Take actions on emails, such as unsubscribe from mailing lists, move emails from specific senders, and empty trash or junk mail by typing ‘Zap.’

    3. Workbot

    Image result for workbot

    Workbot by Workato is a bot that executes approval workflows – from social media posts to sales estimates and budgets – within the Slack platform. You don’t need another software or spreadsheet to keep track of approvals and rejections. This bot also has integrations with platforms like Workday, Zendesk, and JIRA, among others to quickly resolve issues within Slack. You can communicate with multiple teams across your company. This seamless experience reduces time for resolution and response, thus improving customer experience.

    4. Statsbot

    Related image

    Performance metrics is important to every business owner, and Statsbot offers this data conveniently. Its integration with Google Analytics, Salesforce, SQL, Mixpanel, and other platforms allows you to get insights, such as performance summary. This bot analyzes raw data from various sources to deliver reports for easier understanding, right from Slack. It also alerts you of any unusual spikes on your metrics. Thanks to its machine learning features, Statsbot can generate data about customers and their buying patterns. Marketing teams can then tweak their strategies based on available information.  

    5. Dbot by Demisto

    Image result for Dbot by Demisto

    Sharing makes Slack a great collaborative tool. However, it’s difficult to know which shared content is safe or malicious and the last thing you want is a cyber attack. Demisto’s DBot is a Slackbot that scans every URL, file, and IP address shared on the platform. Its multiple security threat feeds and malware analysis engines to protect and warn Slack users real-time. The bot is updated with the latest cybersecurity threats and provides detailed reports for security analysts. And if it notices any suspicious activity, it will notify your team immediately.

    There are numerous Slackbots in the market and some might seem repetitive in their offerings. No single bot can handle your specific needs since every business is different. Try several bots to find the right match in automating some of your tasks. Doing so allows you to prioritize in improving your bottomline and save on expenses.

  • Amazon Web Services Now has a Tool for Managing ‘Secrets’

    Amazon Web Services Now has a Tool for Managing ‘Secrets’

    Even companies have secrets that must never be revealed to outsiders. These include passwords,  API keys and other credentials that could spell trouble and even cost the company money if they fall into the wrong hands.

    In this age where data breaches are a fact of life, securing company data has become even more important since businesses are now moving their systems into the cloud. In response to this need, cloud computing giant Amazon Web Services (AWS) just launched a slew of services that provide businesses with easy-to-use tools to help them secure their cloud data.

    One of these new services is the appropriately named Secrets Manager, which can be used by companies to store very important information such as passwords. AWS’s new offering is timely considering the latest round or reports saying that improperly stored passwords on the platform had been compromised by cyber attacks.

    “You never, ever again have to put a secret in your code,” Amazon CTO Werner Vogels assured audiences during the AWS Summit. Vogels added that the service “allows us to build systems that are way more secure than we could ever do in the past.”

    The Secrets Manager tool is not  AWS’s first tool geared toward enhancing cybersecurity for its clients. The company previously introduced a simpler security system which was capable of storing encryption keys and worked with dedicated hardware modules.

    This time, however, the brand new AWS Secrets Manager has a broader use. Aside from storing passwords, the tool can also be used for storing database login data as well as keys to application programming interfaces for other services.

    Along with Secrets Manager, AWS also launched the Firewall Manager. It gives clients centralized control over security policies across their entire organization and can also be used for control over multiple accounts and applications. The tool makes it easier for clients’ security teams to spot non-compliant applications and resolve issues in minutes.

    The recent tools are well-timed to address the security concerns clients might have raised in light of the recent incidents of data breaches in the cloud service. In October 2017, Accenture’s data stored by AWS was leaked and over 40,000 passwords were compromised. The Australian Broadcasting Corporation also experienced a data leak which included login information in November of last year.

    Of course, the new AWS tool isn’t free. The company charges 40 cents per secret per month as well as 5 cents per 10,000 programmatic requests.

    [Feature image via AWS website]

  • Google’s Project Zero Team Exposes Microsoft Edge Bug

    Google’s Project Zero Team Exposes Microsoft Edge Bug

    Microsoft has been pretty aggressive in marketing its Edge browser and even launched two commercials earlier this year specifically pointing out its advantages over rival Chrome. After being silent for a while, it appears that Google finally counterattacked by disclosing Edge’s security flaw.

    Google’s Project Zero, which found the vulnerability last November, h released the technical details of their discovery. Due to the existence of the flaw, it is theoretically possible for hackers to bypass Edge’s security features and insert their own malicious code into their target’s computer. While indeed a possibility, it must be noted there has been no reported instance of the problem being successfully taken advantage of by hackers so far.

    Google’s policy gives companies 90 days after its discovery to fix any security flaw before announcing its findings. Since the discovery was made back in November and Microsoft has yet to roll out a patch to address the problem, the Project Zero team decided to make the issue public.

    Apparently, Microsoft is still working on a fix for Edge’s security issue. In a response to Google’s disclosure, Microsoft announced plans to release a patch by mid-March.

    “The fix is more complex than initially anticipated, and it is very likely that we will not be able to meet the February release deadline due to these memory management issues. The team is positive that this will be ready to ship on March 13th.” 

    Microsoft has been trying its best to cut into Google Chrome’s nearly 60 percent worldwide browser market share. Early this year, it released two ads touting the advantages of the Edge browser over its rival.

    In one of the ads, Microsoft boldly claimed that Edge was 48 percent faster than Chrome. In another ad, the company tried to convince internet users that Edge was also more secure, blocking 18 percent more phishing attacks than Chrome.

  • Apple & Cisco Team Up to Offer Cybersecurity Insurance

    Apple & Cisco Team Up to Offer Cybersecurity Insurance

    Apple and Cisco are forging a new path in their partnership. The two companies announced on Monday that they are working with insurance company Allianz and Aon, a premier risk evaluator, to assist their customers in having the best cyber protection around.

    The goal of this new endeavor is to provide businesses a practical way to deal with cybersecurity risks caused by malware and ransomware. And what better way to do this than by integrating the best in cyber insurance and security technology, the most secure devices, and the premier experts in cybersecurity domain.

    It should be emphasized that Apple and Cisco are not directly selling insurance, but their deal with Allianz and Aon will ensure that businesses can avail of improved conditions in their cyber insurance coverage. This could mean lower, or even zero, deductibles. But for a business to avail of such a package, it has to be using specific Apple hardware and Cisco’s Ransomware Defense platform.

    Allianz reportedly found that that the two companies’ products can provide businesses with a “superior level of security.” Apple has confidently pointed out that the amalgamation of its software, services, and hardware in its iOS devices ensure that it has some of the most secure products on the market. Meanwhile, Cisco boasts of a platform that can block malicious internet websites. It also has email security and endpoint protection.

    On Aon’s part, its cybersecurity experts will assess the current security environment of its prospective clients and make recommendations on how to shore up their cyber defenses. And in case businesses who participate in this deal are attacked by malware, they will have access to Aon and Cisco’s Incident Response teams.

    This is not the first time that Apple and Cisco partnered up. The two companies worked together in 2015 when Cisco enhanced its software and networking gear for iOS devices and apps. This led to a number of optimizations for iOS 10 that gave iPad and iPhone users a smoother time on Cisco apps.

  • Trump Administration Contemplates State-Run 5G Network

    Trump Administration Contemplates State-Run 5G Network

    The Trump administration is said to be planning on developing a secure 5G network that could be placed under federal control. The idea, which reportedly came about due to concerns about competitions and cybersecurity threats from China, was immediately met with backlash from the FCC and the wireless industry.

    Axios reported over the weekend that National Security Council officials released a memo stating the United States requires a centralized 5G network system in the next three years. The memo further outlined that the best choice would be for the government to finance and build the infrastructure before renting to telecommunication companies like AT&T, T-Mobile, and Verizon.

    Officials from the White House have told Axios and Recode that the memo Axios reported on was an old and out of date one. However, two anonymous administration officials claimed that discussions about the proposed 5G network were still in the early stages.

    The current administration is known for being concerned about the security and economic threats posed by superpower China. The Asian giant has been aggressive in its development of 5G and it seems the Trump government is wary that China might spy on American citizens and businesses.

    The idea of an administration controlling the country’s next-generation wireless system is unheard of, and the pushback from the Federal Communications Commission (FCC) was equally surprising, considering its chairman was an appointee of the president.

    FCC Chairman Ajit Pai quickly issued a statement opposing the “proposal for the federal government to build and operate a nationwide 5G network.” He further described the proposed endeavor as “a costly and counterproductive distraction from the policies we need to help the United States win the 5G future.”

    Pai also suggested that the government should instead “push spectrum” into the marketplace and put up regulations that would encourage private companies to develop and implement the next-gen system.

    A group comprised of telecom industry’s leaders like AT&T and Verizon also opposed the plan and said on Monday that a competitive marketplace is the way to ensure the country remains as a trailblazer in 5G technology.

    5G technology is expected to provide even faster speeds and almost unlimited Internet capacity when compared to the previous iterations of the wireless technology. It’s also essential for the further development of new technologies like the Internet of Things (IoT), self-driving cars, and virtual reality. AT&T and Verizon already finalized plans to introduce 5G service in limited sectors in 2018.