August 26, 2021

August 26, 2021

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access

On the spectrum between passwords and biometrics lies the possession factor – most commonly the mobile phone. That's how SMS OTP and authenticator apps came about, but these come with fraud risk, usability issues, and are no longer the best solution. The simpler, stronger solution to verification has been with us all along – using the strong security of the SIM card that is in every mobile phone. Mobile networks authenticate customers all the time to allow calls and data. The SIM card uses advanced cryptographic security, and is an established form of real-time verification that doesn't need any separate apps or hardware tokens. However, the real magic of SIM-based authentication is that it requires no user action. It's there already. Now, APIs by tru.ID open up SIM-based network authentication for developers to build frictionless, yet secure verification experiences. Any concerns over privacy are alleviated by the fact that tru.ID does not process personally identifiable information between the network and the APIs. It's purely a URL-based lookup.


Cognitive AI meet IoT: A Match Made in Heaven

The progressive trends of Mobile edge computing and Cloudlets are diffusing edge-based intelligence in connected and more controlled enterprise systems. However, within the diversity of pervasive cyber-physical ecosystems, the autonomy of the discrete edge nodes would require gain in operational intelligence with minimum supervision. The emerging innovation in cognitive computational intelligence is revealing a great potential to introduce a contemporary soft computing-based algorithm, architectural rethinking, and progressive system design of the next generation of IoT systems. The cognitive IoT Systems crush the strong partition between the silos and interdependencies of software and hardware subsystems. The flexibility of the edge-native AI component is flexible enough to recognize the changes in the physical environment and dynamically adjust the analytical outcomes in real-time. As a result, the interaction between human-machine or machine to machine becomes more dynamic, interoperable, and contextual to the time and scope of any operation.


How the pandemic delivered the future of corporate cybersecurity faster

At some point it becomes untenable and inefficient to manage all these separate solutions. That point gets closer every day as teams have to deal with the complexities and identity management challenges of remote work. Siloed solutions also mean IT staff must monitor several different consoles and may not connect the dots when incidents are flagged on separate platforms. They also require complex and costly integration projects to get the functionality needed. And even then, they’ll likely still require manual oversight. Moving toward all-in-one security solutions can help replicate the sense of cohesion that once existed in on-premises network security along with new efficiencies. All-in-one solutions can share data across the different components, leading to better and more efficient function. And by adding new modules instead of products when new tools are needs, you eliminate the expense and complications of integration. Companies and individuals have already gotten used to paying for things like data, cloud storage and web hosting based on how much they use them.


OnePercent ransomware group hits companies via IceID banking Trojan

The OnePercent group's ransom note directs victims to a website hosted on the Tor anonymity network where they can see the ransom amount and contact the attackers via a live chat feature. The note also includes a Bitcoin address where the ransom must be paid. If victims do not pay or contact the attackers within one week, the group attempts to contact them via phone calls and emails sent from ProtonMail addresses. "The actors will persistently demand to speak with a victim company’s designated negotiator or otherwise threaten to publish the stolen data," the FBI said. "When a victim company does not respond, the actors send subsequent threats to publish the victim company’s stolen data via the same ProtonMail email address." The extortion has different levels. If the victim does not agree to pay the ransom quickly, the group threatens to release a portion of the data publicly and if the ransom is not paid even after this, the attackers threaten to sell the data to the REvil/Sodinokibi group to be auctioned off. Aside from the REvil connection, OnePercent might have been tied to other ransomware-as-a-service (RaaS) operations in the past too.


Why Agile Transformations Fail In The Corporate Environment

One key reason an Agile transformation will fail is when all the focus is concentrated in just one of the three circles above. It is imperative that we consider these three circles like a Venn diagram and regularly monitor our operating presence. Ideally, we want to operate in all three circles, but it is hard to find balance. Suppose we are working in the mindset and framework circles and trying to build a perfect product with perfect architecture. Spending too much time making things perfect, we are likely to miss the market window, or run into financial difficulties. Similarly, if we operate in the mindset and business agility circles, for example, it could be great for the short term to get a prototype to market quickly, but we will be drowning in technical debt in the long run. Or, imagine that we operate in the framework and business agility circle to build a perfect hotel for our customers — we could miss the fact that they really need a bed-and-breakfast, not a hotel, by not considering the mindset circle. All three perspectives are essential, so to maximize the efficiencies, we need to keep finding the balance.


How the tech sector can provide opportunities and address skills gaps in young people

After all, as far as technology is concerned, none of us are beyond the need for further training and development. The McKinsey Global Institute has recently suggested that as many as 357 million people will need to acquire new skills in the next decade due to the predicted rise of artificial intelligence and automation – skills that few, even in tech-adjacent industries, currently possess. Keeping this kind of projection firmly in mind helps us to remember that the acquisition of new and essential skills is an ongoing process for everyone. As such, employers should not discount those potential candidates who don’t necessarily come from a tech-heavy background. With robust on-the-job training processes and a supportive, inclusive approach towards IT talent, young workers who perhaps missed out on IT fundamentals at school or who chose to focus, for example, on humanities-based university courses can absolutely receive the same attention and prospects as those from a tech-heavy background. A recent government report on aspects of the skills gap has already uncovered an uplifting trend in this direction, with 57% of employers confident that they can find resources to train their employees.

Read more here ...

要查看或添加评论,请登录

Kannan Subbiah的更多文章

  • March 20, 2025

    March 20, 2025

    Agentic AI — What CFOs need to know Agentic AI takes efficiency to the next level as it builds on existing AI platforms…

  • March 19, 2025

    March 19, 2025

    How AI is Becoming More Human-Like With Emotional Intelligence The concept of humanizing AI is designing systems that…

  • March 17, 2025

    March 17, 2025

    Inching towards AGI: How reasoning and deep research are expanding AI from statistical prediction to structured…

  • March 16, 2025

    March 16, 2025

    What Do You Get When You Hire a Ransomware Negotiator? Despite calls from law enforcement agencies and some lawmakers…

  • March 15, 2025

    March 15, 2025

    Guardians of AIoT: Protecting Smart Devices from Data Poisoning Machine learning algorithms rely on datasets to…

    1 条评论
  • March 14, 2025

    March 14, 2025

    The Maturing State of Infrastructure as Code in 2025 The progression from cloud-specific frameworks to declarative…

  • March 13, 2025

    March 13, 2025

    Becoming an AI-First Organization: What CIOs Must Get Right "The three pillars of an AI-first organization are data…

  • March 12, 2025

    March 12, 2025

    Rethinking Firewall and Proxy Management for Enterprise Agility Firewall and proxy management follows a simple rule:…

  • March 11, 2025

    March 11, 2025

    This new AI benchmark measures how much models lie Scheming, deception, and alignment faking, when an AI model…

  • March 10, 2025

    March 10, 2025

    The Reality of Platform Engineering vs. Common Misconceptions In theory, the definition of platform engineering is…

社区洞察

其他会员也浏览了