September 29, 2020
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
The rise of remote work can be unexpectedly liberating
Employees could become increasingly mercenary, no longer swayed by the strong social bonds and physical-world perks of the office of the past. For their part, employers could increasingly view their staffs as little more than interchangeable work units. As a manager, no matter how objective I think I may be, I would probably find it easier to fire an employee with whom I had little personal connection. That difficult conversation would be reduced to a few minutes on a screen, with no chance of running into the person later in the coffee room. All of this may sound dismal, but this change in employee psychology and loyalty may come with an unexpected liberation, encouraging workers to look beyond the workplace to build friendships and identity. In our previous office lives, some of us had access to free food, coffee rooms or other on-site perks. We might have enjoyed them, but they also helped keep us in the office for long hours. Likewise, the presence of co-workers and bosses made us more compliant, less likely to take a proper lunch hour or make the effort to attend a child’s school event. With our offices gone, our days have now opened up. Why not make that doctor’s appointment for 4 p.m.? Why not pick the kids up at day care rather than find a babysitter?
Hardware security: Emerging attacks and protection mechanisms
Every hardware device has firmware – a tempting attack vector for many hackers. And though the industry has been making advancements in firmware security solutions, many organizations are still challenged by it and don’t know how to adequately protect their systems and data, she says. She advises IT security specialists to be aware of firmware’s importance as an asset to their organization’s threat model, to make sure that the firmware on company devices is consistently updated, and to set up automated security validation tools that can scan for configuration anomalies within their platform and evaluate security-sensitive bits within their firmware. “Additionally, Confidential Computing has emerged as a key strategy for helping to secure data in use,” she noted. “It uses hardware memory protections to better isolate sensitive data payloads. This represents a fundamental shift in how computation is done at the hardware level and will change how vendors can structure their application programs.” Finally, the COVID-19 pandemic has somewhat disrupted the hardware supply chain and has brought to the fore another challenge.
Still not dead: The mainframe hangs on, sustained by Linux and hybrid cloud
Others say technologies such as machine learning and artificial intelligence will also drive future mainframe development. “Data insights help drive actionable and profitable results—-but the pool of data is growing at astronomical rates. That’s where AI can make a difference, especially when it’s on a mainframe. Consider the amount of data that resides on a mainframe for an organization in the banking, manufacturing, healthcare, or insurance sectors. You’d never be able to make sense of it all without AI,” said Deloitte’s Cobb. As an example, Cobb said core banking operations can do more than simply execute large volumes of transactions. “Banks need deep insights about customer needs, preferences, and intentions to compete effectively, along with speed and agility in sharing and acting on those insights. That’s easier said than done when data is constantly changing. Now if you can analyze data directly on the mainframe, you can get near real-time insights and action. That makes the mainframe an important participant in the AI/ML revolution,” Cobb said.The mainframe environment isn’t without challenges going forward.
How AI can transform finance departments to help Covid-19 recovery
The modern world has made company spending less centralised than ever before, with employees spending money across so many expense categories and using more payment methods than ever before. This growth in the volume of financial data leads to an increase in the risk of fraud and noncompliance. This is a risk few businesses can take, especially when cash flow needs to be conserved. A study by the Association of Certified Fraud Examiners (ACFE) found that the average organisation loses 5% of its annual revenue to internal fraud. During an economic downturn, this is simply unsustainable. Much of this is accidental, with employees often mistakenly duplicating expense claims or invoices. Businesses are only able to audit around 10% of expense reports manually, so much potential fraud goes undetected. AI provides a solution to this problem, enabling the auditing of every single spend report. It can predict patterns and detect any anomalies that appear in financial data. Covid-19 has made it more important than ever that businesses are identifying any fraudulent activity and preventing it. Invoice fraud is one example that has seen an increase during the pandemic.
Universal Health Services' IT Network Crippled
According to a post on Reddit by an individual who claims to work at a UHS facility in the Southeastern U.S., on Sunday at approximately 2 a.m., systems in the facility's emergency department "just began shutting down." The individual says: "I was sitting at my computer charting when all of this started. It was surreal and definitely seemed to propagate over the network. All machines in my department are Dell Win10 boxes." Anti-virus programs were disabled by the attack, and hard drives "just lit up with activity," the individual writes. "After one minute or so of this, the computers logged out and shutdown. When you try to power back on the computers they automatically just shut down. We have no access to anything computer based including old labs, EKGs, or radiology studies. We have no access to our PACS radiology system." Media outlet Bleeping Computer reports that an UHS insider says that during the incident, files were being renamed to include the .ryk extension. This extension is used by the Ryuk ransomware. Likewise, citing "people familiar with the incident," the Wall Street Journal reports that the attack did indeed involve ransomware.
The Shared Irresponsibility Model in the Cloud Is Putting You at Risk
The Shared Responsibility Model is pretty well understood now to mean: "If you configure, architect, or code it, you own the responsibility for doing that properly." While the relationship between the customer and the cloud is well understood, our experience working with software teams indicates the organization and architectural security responsibilities within organizations are not. And that is where the Shared Irresponsibility Model comes into play. When something goes wrong in the cloud — some form of security issue or incident —corporate management inevitably will come looking for the most senior person in the IT organization to blame. The IT organization and development teams might not have gone line by line through the various cloud providers' Shared Responsibility Models to entirely understand what is and isn't something they have to deal with. Developers are focused on developing and getting code running, typically with high rates of change. With the cloud, pushing code into production doesn't have many hurdles. The cloud provider is not responsible for an organization's own compliance, and, by default, it typically will not alert on misconfigurations that could introduce risk, either.
Read more here ...