Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Top Stories

 

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

By Byron V. Acohido

Basic research, also called pure research, is aimed at advancing scientific theories unfettered by commercial interests.

Related: The case for infusing ethics into Artifical Intelligence.

Basic research is the foundational theorizing and testing scientists pursue in order to advance their understanding of a phenomenon in the natural world, and, increasingly, in the digital realm. NTT Research opened its doors in Silicon Valley in July 2019 to help nurture basic research in three subject areas that happen to be at the core of digital transformation: quantum physics, medical informatics and cryptography.

Backed by Japanese telecom giant NTT Group, this new facility instantly jumped into the vanguard of basic research already underway that will eventually enable the routine use of quantum computers, which, in turn, will open the door to things like driverless cars and Star Trekkian medical treatments.

Along the way, of course, cybersecurity must get addressed. Ongoing basic research in advanced cryptography concepts is pivotal to putting the brakes on widening cyber risks and ultimately arriving at a level of privacy and security that makes sense.

I had a lively discussion about all of this with NTT Research’s Kazuhiro Gomi, president and chief executive officer, and Kei Karasawa, vice president of strategy. These senior executives wholeheartedly support the concept of basic research. Yet at the same time, they’re also charged with keeping an eye on the eventual “productization” of all this rarefied research. For a full drill down on this conversation, please give the accompanying podcast a listen. Here are a few key takeaways:

‘Big dreams’

Lots of big companies sponsor basic research; it’s how progress gets made. An estimated 60% of research and development in scientific and technical fields is carried out by private industry, with academic institutions and government accounting for 20% and 10%, respectively, according to the Organization for Economic Cooperation and Development.

NTT Group, for instance, typically spends more than $3.6 billion annually for … more

Comment | Read | March 17th, 2021 | For consumers | For technologists | My Take | New Tech | Podcasts | Privacy | Steps forward | Top Stories

GUEST ESSAY: How and why ‘pen testing’ will continue to play a key role in cybersecurity

By Dakota Staples

When we look at society today, we can see that we are moving further and further ahead with technology. Numerous advancements are being made at an extremely fast pace with no sign of slowing down. In fact, there is evidence that technology grows exponentially fast. Since we are quickly putting out large technologies, security risks always come with this.

Related: Integrating ‘pen tests’ into firewalls

Even large companies are not immune to this. Microsoft has had several security vulnerabilities including Zero Logon. Penetration tests are one way of mitigating the security risks that arise and make sure that we are not endangering users, their data, and the trust they inherently place in technology.

Penetration tests can be defined as the testing of a system to find security flaws in it. There are three main types of penetrations-black box, grey box, and white box which infosec institute defines. Each have various different goals and tasks.

Pen test types

Black box testing is taking the stance of an outside hacker who has prior or inside knowledge of the system. This type of test determines what is exploitable from outside the system and if the attacker is able to gain access to the system being tested.

Grey box testing is the next level of knowledge of a system. They would have access to the internal mechanisms of a system and maybe some privileges. This allows for testing of internal structures while still simulating an outsider threat who obtained internal access.

Comment | Read | March 15th, 2021 | Best Practices | For technologists | Guest Blog Post | Top Stories

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

By Byron V. Acohido

Like a couple of WWE arch rivals, Apple’s Tim Cook and Facebook’s Mark Zuckerberg have squared off against each other in a donnybrook over consumer privacy.

Cook initially body slammed Zuckerberg — when Apple issued new privacy policies aimed at giving U.S. consumers a smidgen more control over their personal data while online.

Related: Raising kids who care about their privacy

Zuckerberg then dropped kicked Cook by taking out full-page newspaper ads painting Apple’s social responsibility flexing as bad for business; he then hammered Cook with a pop-up ad campaign designed to undermine Apple’s new privacy policies.

But wait. Here’s Cook rising from the mat to bash Z-Man at the Brussels’ International Privacy Day, labeling his tormentor as an obsessive exploiter who ought to be stopped from so greedily exploiting consumers’ digital footprints for his personal gain.

This colorful chapter in the history of technology and society isn’t just breezing by unnoticed. A recent survey of some 2,000 U.S. iPhone and iPad users, conducted by SellCell.com, a phone and tech trade-in website, shows American consumers are tuned in and beginning to recognize what’s at stake.

Fully 72 percent of those polled by SellCell said they were aware of new privacy changes in recent Apple software updates, not just in a cursory manner, but with a high level of understanding; some 42 percent said they understood the privacy improvements extremely well or at least very well, while 21 percent said they understood them moderately well.

Another telling finding: some 65 percent of respondents indicated they were extremely or very concerned about websites and mobile apps that proactively track their online behaviors, while only 14 percent said they were not at all concerned.

Comment | Read | March 8th, 2021 | Best Practices | For consumers | For technologists | My Take | Privacy | Top Stories

GUEST ESSAY: Everyone should grasp these facts about cyber threats that plague digital commerce

By Ashley Lukehart

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Related: Companies must bear a broad security burden.

As a business owner, you must be aware of the implications of different types of malware on your company’s bottom line, and what steps you can take to protect your company from future attacks.

This article will walk you through the various types of malware, how to identify and prevent a malware attack, and how to mitigate the risks.

What is Malware  

Malware, a combination of the terms ‘malicious’ and ‘software,’ includes all malicious programs that intend to exploit computer devices or entire network infrastructures to extract victim’s data, disrupt business operations, or simply, cause chaos.

There’s no definitive method or technique that defines malware; any program that harms the computer or system owners and benefits the perpetrators is malware.

Comment | Read | February 28th, 2021 | For consumers | For technologists | Guest Blog Post | Top Stories

SHARED INTEL: Forrester poll – security decision makers report breaches escalated as Covid 19 spread

By Byron V. Acohido

Human suffering and economic losses weren’t the only two things that escalated with the spread of Covid 19 last year.

Related: Can ‘SASE’ help companies secure connectivity?

Network breaches also increased steadily and dramatically month-to-month in 2020. This development is delineated in a recent report from technology research firm Forrester.

In its summary report – The State of Network Security, 2020 To 2021—Forrester combined findings derived from several surveys the firm conducted during the course of last year; Forrester polled security decision makers in organizations across North America and Europe.

The overarching takeaway: more organizations were breached, more often, in 2020 that 2019; some 58% of security decision-makers in North America and Europe reported dealing with at least one breach in 2020 as compared to 48% in 2019.

Notably, the number of organizations that said they were breached more than three times in the 12-month period was up significantly, as well.

Both external and internal cyber assaults were pervasive. Attacks routinely routed through through employees, contractors and vendors; in short, folks granted access for legitimate reasons in order to participate in cloud-based commerce.

Some 40% of respondents who experienced a breach due to an internal incident said it was due to intentional abuse of access rights from current or former employees; 38% said it was from accidental or inadvertent misuse by employees; and 22% said it was a combination of both.

Comment | Read | February 23rd, 2021 | For technologists | Privacy | Q & A | Top Stories

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

By Ellen Sabin

Cybersecurity training has steadily gained traction in corporate settings over the past decade, and rightfully so.

In response to continuing waves of data breaches and network disruptions, companies have made a concerted effort and poured substantial resources into promoting data security awareness among employees, suppliers and clients. Safeguarding data in workplace settings gets plenty of attention.

Related: Mock attack help schools prepare for hackers

However, the sudden and drastic shift to work-from-home and schooling-from-home settings has changed the ball game. The line between personal and professional use of digital tools and services, which was blurry even before the global pandemic, has now been obliterated by Covid-19.

Moving forward, companies can no longer afford to focus awareness training on just employees, partners and clients. It has become strategically important for them to promote best security practices in home settings, including the training of children.

Bringing smart habits into homes and minds is good for kids, good for parents, and, it turns out, good for businesses, too.

We’re all connected

Consider that kids are constantly connected on the internet with online games, streaming devices, virtual schooling, and zoom play dates. Adults increasingly are working from home, and usually on networks they share with their children. Mistakes online by one family member can lead to compromises in a household’s network, placing computers, personal data, and perhaps even work-related content at risk.

Cyber criminals have increased attacks as they see these opportunities. Companies must take this into account and consider extending employee training to also promote security and privacy habits among all family

One Comment | Read | February 15th, 2021 | Best Practices | For consumers | For technologists | Guest Blog Post | Steps forward | Top Stories

GUEST ESSAY: HIPAA’s new ‘Safe Harbor’ rules promote security at healthcare firms under seige

By Riyan N. Alam

The Health Insurance Portability and Accountability Act — HIPAA — has undergone some massive changes in the past few years to minimize the burden of healthcare entities.

Related: Hackers relentless target healthcare providers

Despite these efforts, covered-entities and business associates continue to find HIPAA to be overwhelming and extensive, to say the least.

Cyberattacks against healthcare entities rose 45 percent between November 2020 and January 2021, according to Check Point . Meanwhile, the healthcare sector accounted for 79 percent of all reported data breaches during the first 10 months of 2020, a study by Fortified Health Security tells us.

At last, some good news has surfaced that encourages healthcare providers to implement the best security practices and meet HIPAA requirements. Amidst all of the turmoil, President Donald Trump officially signed H.R. 7898, known as the HIPAA Safe Harbor Bill, into law on January 5, 2021.

It is a new sign of relief for entities that could do very little against unavoidable and highly sophisticated cyberattacks. This bill is one of many recent industry efforts aimed at improving cybersecurity. The legislation amends the HITECH Act to require the Department of Health and Human Services (HHS) to reward organizations that follow the best cybersecurity practices for meeting HIPAA requirements.

Comment | Read | February 8th, 2021 | For consumers | For technologists | Guest Blog Post | Privacy | Steps forward | Top Stories

« Newer Articles
Older Articles »