May 29, 2021
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
TSA’s pipeline cybersecurity directive is just a first step experts say
This new regulation requires that designated pipeline security companies report cybersecurity incidents to the DHS's Cybersecurity and Infrastructure Security Agency (CISA) no later than 12 hours after a cybersecurity incident is identified. The TSA estimates that about 100 companies in the US would fall under the directive's mandates. Pipeline owners and operators must also designate a cybersecurity coordinator who is required to be available to TSA and CISA 24/7 to coordinate cybersecurity practices and address any incidents that arise. Finally, pipeline owners and operators must "review their current activities against TSA's recommendations for pipeline cybersecurity to assess cyber risks, identify any gaps, develop remediation measures, and report the results to TSA and CISA." Although not appearing anywhere in the directive, pipeline companies that fail to meet the security requirements would be subject to financial fines, starting at $7,000 per day, government officials say. ... In its press release announcing the directive, the TSA said "it is also considering follow-on mandatory measures that will further support the pipeline industry in enhancing its cybersecurity and that strengthen the public-private partnership so critical to the cybersecurity of our homeland."
The Limits to Blockchain Scalability
There are two ways to try to scale a blockchain: fundamental technical improvements, and simply increasing the parameters. ... Unfortunately, there are many subtle reasons why this approach is fundamentally flawed. Computers running blockchain nodes cannot spend 100% of CPU power validating the chain; they need a large safety margin to resist unexpected DoS attacks, they need spare capacity for tasks like processing transactions in the mempool, and you don't want running a node on a computer to make that computer unusable for any other applications at the same time. Bandwidth similarly has overhead: a 10 MB/s connection does NOT mean you can have a 10 megabyte block every second! A 1-5 megabyte block every 12 seconds, maybe. And it is the same with storage. Increasing hardware requirements for running a node and limiting node-running to specialized actors is not a solution. For a blockchain to be decentralized, it's crucially important for regular users to be able to run a node, and to have a culture where running nodes is a common activity.
Telcos back Artificial Intelligence, Internet of Things for 5G in India
The drivers that may trigger IoT applications, according to him, include low cost of storage and computing data on the cloud platform, emerging edge computing trends, falling costs of data, sensors, devices, and availability of mobile app development platforms. Following the Covid-19 pandemic, IoT is expected to drive significant transformation in the healthcare sector. "Hospital drug and waste management, robotic surgery, real-time health monitoring and diagnostics via IoT will stand to witness increased adoption." Bharti Airtel is working with the Swedish gear maker Ericsson on aerial drones for security and surveillance purposes, and dropping of relief material in emergency situations. Billionaire Mukesh Ambani-owned Reliance Jio together with Korean Samsung Networks has been working on virtual classrooms, and previously demonstrated high-definition content streaming. Kochhar feels that bringing futuristic technologies such as AR and VR to classrooms may redefine education and skilling of students. "AR and VR require higher bandwidth, lower latency and network resiliency. ..."
Implementing a digital transformation at industrial companies
Before pursuing digital opportunities, leaders must first develop and align on a digital vision for their organization, looking at both the overall digital strategy and value proposition for their companies. They should begin by assessing their capabilities, estimating the resources required, and contemplating potential partnerships that could help them achieve their goals. Other practical issues include the feasibility of the proposed initiatives and their potential value. The basic question underlying all strategic plans is this: How can digital help us transform core business processes or generate new opportunities? When developing the road map, industrial companies should consider the strategic implications for the incumbent business, including disruptions to any offline distribution channels as digital sales grow. Companies should also address the inevitable channel conflicts in the strategic road map by acknowledging the risks, evaluating the potential impact, and creating a path forward to mitigate any issues. For instance, companies should determine what roles they expect the distributors to play with the new digital channels. Some may decide to eliminate distributors and conduct all business through e-commerce while others may keep offline and online channels.
Can You Build a Machine Learning Model to Monitor Another Model?
Can you train a machine learning model to predict your model’s mistakes? Nothing stops you from trying. But chances are, you are better off without it. We’ve seen this idea suggested more than once. It sounds reasonable on the surface. Machine learning models make mistakes. Let us take these mistakes and train another model to predict the missteps of the first one! Sort of a “trust detector,” based on learnings from how our model did in the past. ... In regression problems, sometimes you can build a “watchdog” model. This happens when your original model optimizes the prediction error, taking into account its sign. If the second “watchdog” model is predicting an absolute error instead, it might get something more out of the dataset. But here is a thing: if it works, this does not tell that the model is “wrong” or how to correct it. Instead, it is an indirect way to evaluate the uncertainty of data inputs. (Here is a whole paper that explores this in detail). In practice, this returns us to the same alternative solution. Instead of training the second model, let’s check if the input data belongs to the same distributions!
4 robotic process automation project fails to avoid
Many organizations select "low-hanging-fruit" RPA initiatives without a true analysis of their workflows and how those affect other processes. Most businesses are stumped by a deceptively simple question: Which are the right processes for automation? Determining where to start with your RPA program is critical to success. Using advanced process mining and discovery tools to do a thorough analysis of your business processes will give you a "digital twin" of how they currently work and let you know which are best suited for digital transformation. ... RPA on its own cannot understand unstructured documents, so you need AI-enabled bots with content intelligence. In this way, bots can carry out tasks such as reading a document; categorizing, routing, extracting, and validating data from it; and doing other tasks related to understanding and processing unstructured content. Using content intelligence with RPA can speed your processes and ready your organization to add more experiential opportunities to engage with customers via interactive mobile apps, cognitive virtual assistants that combine voice and conversational AI, and chatbots.
Read more here ...