Metanav

Tag Archives | cybersecurity

Edging AI Into Our Lives

AI, artificial intelligence, edging, edging AI, online courses, data analysisWith the growth of the Internet of Things (IoT), artificial intelligence (AI) is already part of our daily lives. It’s a key component of our smartphones, our GPS systems, our personal digital assistants and more. Future growth depends on reducing latency and increasing bandwidth and privacy. That’s where edge computing comes in.

Coming to the Edge

Companies entrenched in AI, such as Google, Amazon and Apple, are working to make devices perform even faster and more securely with edge computing. Edge computing allows the work to be performed closer to where it’s created so that data can be analyzed in near real time. This reduces latency by eliminating the trip all the way to the cloud and back. Apple’s iPhone already does this, sending you from your cell phone store out into the world with a device equipped to recognize your face and voice without sending messages to the cloud and waiting for a reply.

For those who own an Amazon Echo device, you may not realize that your requests are resolved in the cloud. Amazon is rumored to be working on building AI chips for the Echo, which would allow Alexa to more quickly analyze information and get answers. Local processing done by Amazon will lead to quicker replies and increased privacy for the consumer.

One area in which edge computing is absolutely essential is in self-driving vehicles. For this technology to take off, local computing is a necessity. Your trip wouldn’t survive the latency of feeding all the numerous sensors of a self-driving vehicle to the cloud and back. Latency, privacy and bandwidth issues would be detrimental to this technology.

Security Concerns

Some argue that edge computing is more secure because it’s not traveling over a network. The less personal data that’s stored in a corporate data center or cloud environment, the less vulnerable that data is if one of those environments is compromised.

Others believe that edge devices themselves are more vulnerable. Apple offloads a majority of security concerns from the centralized cloud to user devices by doing encryption and storing biometric information on the device. Data encryption, access control and use of virtual private network tunneling are important elements in protecting edge computing systems.

Train Your Entire Workforce

Edge computing in the IoT is the key to growth for companies invested in AI. Get the foundational knowledge you need to take your organization to the next level with the Artificial Intelligence and Ethics in Design course program, a series of on-demand training courses for professionals working in engineering, IT, computer science and related fields across all industries. 

Resources

Butler, Brandon. (21 Sept 2017). What is edge computing and how it’s changing the network. Network World.

Miller, Paul. (7 May 2018). What is edge computing? The Verge.

Lynley, Matthew. (12 Feb 2018). Amazon may be developing AI chips for Alexa. TechCrunch.

Continue Reading 0

Cyber Security Questions Every Business Should Be Asking

Following several recent high-profile cyber attacks, it is more critical than ever for organizations to evaluate their cyber defenses and ask themselves a number of basic cyber security questions to assess their vulnerability.

Each year brings new technological developments that improve people’s lives. Unfortunately, these advances also mean new cyber security threats and more attack surfaces.

However, dwindling resources, slow budget growth, increasingly hostile threats, the evolution of the Internet of Things, and expanding ransomware are major reasons why it is becoming more difficult to keep up with the changing threat landscape. Such reasons highlight the need for renewed organizational attention to cyber security. Is your organization vulnerable to a breach or cyber attack? Here are some of the cyber security questions every business should be asking.

  • Are Your Employees Required to Have a Strong Password?
    Weak passwords are the cause of more than half of all data breaches, yet just 24% of small businesses enact policies requiring employees to have a strong password. It is critical to have a strict password policy in place to protect your network.
  • And… Are Your Employees Required to Change Their Passwords Regularly?
    Employees must be required to change their passwords regularly to protect data. Nearly 65 percent of businesses do not strictly enforce their password policy, despite having one in place.
  • Does Your Business Use Two-Factor Authentication, Where Possible?
    Wherever possible, you should add an additional layer of data security by enforcing two-factor authentication, such as SMS authentication.
  • Do Your Employees Use Their Personal Smartphones for Work Purposes?
    When personal phones and devices are used on the office network, the chances of malware attacks increase significantly. To prevent data theft, give your employees passcode-protected work phones.
  • Do You Back Up Your Files?
    Confidential files can become completely inaccessible following a cyber attack. Make sure to keep local backups of all critical files, as well as an offsite server.
  • Does Every Company Device Have Antivirus and Malware Software Installed?
    Make sure that the most up-to-date versions of antivirus and malware software are installed and running properly on all organizational devices.
  • Do You Limit the Number of Employees with Administrative Access to Only Those Who Need it?
    Administrative access rights should be assigned sparingly and given only to those employees who absolutely need it to conduct their jobs. Employees who are granted admin access must be trained and well-educated on security issues.
  • Do You Encrypt Databases and Customer Information?
    Without encryption, your organization’s sensitive data and customer information is accessible to hackers. To reduce the vulnerability of your data, take steps to ensure all your information is encrypted.
  • Are Your Employees Trained in Recognizing Phishing Emails?
    It can be particularly difficult for employees to identify phishing emails, which account for nearly half of all cyber attacks. It is crucial that every business train their employees to not respond to suspicious emails.

Is your organization prepared to handle a cyber attack? Are you looking for ways to strengthen your organization’s cyber security? IEEE offers both cyber security and ethical hacking training to help organizations prepare. Learn more about organization pricing and request a quote here.

References:

Bose, Shubhomita. (2017, August 28). 11 Cyber Security Questions Every Small Business Should AskSmall Business Trends.

Gillin, Paul. (2017, January 30). Two-Factor Authentication: A Little Goes a Long WayIBM Security Intelligence.

IEEE Cybersecurity Vulnerability Navigator, 2017.

Lindros, Kim. (2016, September 7). A Small Business Guide to Computer EncryptionBusiness News Daily.

Continue Reading 0

CES 2018: News To Know About

CES 2018 Updates from IEEEThe Consumer Electronics Show (CES) is the annual place to be for technology professionals, experts, and enthusiasts. There are literally hundreds of new product launches, and sometimes it’s hard to cut through all the clutter to find out what’s actually worth knowing about.

Of the technological solutions for home and business that this year’s event spawned, here’s what piqued our interest the most:

  • Cable industry behemoth, Comcast, put a major stake in the Internet of Things (IoT) ground by unveiling its new “Works with Xfinity” smart-home IoT platform. Keen on keeping existing customers due to simple inertia, tech experts and casual observers alike will wait and see how the company provides controls for hundreds of devices to Xfinity Internet customers at no extra cost—a key promise of this new offering. (Variety)
  • It’s worth noting that CES had an IoT device for everything. Even pets. (Wall Street Journal)
  • Nvidia was busy announcing a plethora of new stuff at this year’s expo, much of it centered around self-driving cars. In a partnership with Uber, its autonomous vehicle computing platforms will power the ride sharing company’s self-driving vehicles. Nvidia Xavier was also under consideration for a “Best of CES” Engadget award. (TechCrunchIGN; Engadget)
  • Self-driving cars might have gotten the lion’s share attention, but did you see the self-driving luggage from Travelmate? (Economic Times)
  • The big impact of artificial intelligence and machine learning in the enterprise is in cybersecurity, and especially in securing data center networks. Serena VM, provider of IT cyber capabilities, brought Fortune 500 cyber security to small offices with its virtual managed box for organizations that have remote or brand offices. (@SerenaVMUS)
  • Over in Eureka Park, which Leigh Christie, Director, Isobar NowLab Americas deemed “the best place for innovation at CES,” we learned how crucial low latency will be for virtual reality and augmented reality. (MediaPost)

And did you catch the IEEE booth at CES? Check out our show coverage on IEEE Transmitter!

What has been the most fascinating news or product announcement you’ve come across since CES started? Share with us in the comments below!

Continue Reading 0

GDPR will Help Enhance Cyber Security

GDPR cyber securityOn May 25, 2018, the EU General Data Protection Regulations (GDPR) go into effect. This broadly-reaching set of regulations related to how personal data is collected, processed, and stored, is causing fundamental shifts in the way organizations approach personal data. And rightly so: the fines for non-compliance are significant, at 4% of annual global turnover or €20 Million (whichever is greater). GDPR cyber security will greatly impact internet of things (IoT) device developers, as these devices typically collect and transmit a great deal of personal data. It will no longer be acceptable to create IoT devices with weak security measures, as the manufacturers themselves may be held liable for data breaches caused by poor design.

The good news for consumers is that organizations must take the cyber security of personal data into account as part of their efforts to comply with GDPR cyber security requirements. Data privacy and data security, long considered separate things, are becoming intertwined thanks to these new regulations. Andrew Burt, Chief Privacy Officer and Legal Engineer of Immuta, states, “2018 will prove that cyber security without privacy is a thing of the past.” (Forbes) Article 32 of GDPR provides specific guidance related to data security and breach notification. Among other things, data controllers and processors are advised to include:

  • The pseudonymisation and encryption of personal data.
  • The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
  • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
  • A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. (Heimes)

It is advisable for organizations to begin now to make data privacy a part of their operational GDPR cyber security strategy. No matter where your organization falls within the process, from creating devices that collect and transmit personal data, to collecting personal data, to processing or storing data locally, on the edge, or in the cloud, the cyber security of personal data is a pressing concern. Hackers regularly target this type of information, and news stories about large data breaches are becoming commonplace. Every organization that falls within range of the EU GDPR requirements must reevaluate their cyber security strategy.

Does your organization need to begin implementing a cyber security strategy? Start with the IEEE online course program Cyber Security for Today’s Environment.

 

References

Olivi, G. (2017, Nov 24). Cybersecurity and GDPR: Where We are Heading. DLA Piper Privacy Matters.

Press, G. (2017, Nov 26). 60 Cybersecurity Predictions for 2017. Forbes.

Heimes, R. (2016, Jan 6). Top 10 Operational Impacts of the GDPR: Part 1 – Data Security and Breach Notification. IAPP.

 

Continue Reading 2

Is Your Smart Device Spying On You?

Is your smart device spying on you?A regulatory agency in Germany just announced a ban on children’s smartwatches. This illustrates a growing concern among regulators and consumers alike regarding the privacy implications of smart devices. Is your smart device spying on you?

In the example of the smartwatch ban in Germany, the devices in question contain a remote listening capability. According to the regulators, this means the device counts as a spying device under German law. Worse yet, some smartwatches were found to transmit and store data without encryption. Parents could listen, unnoticed, to their child’s classroom, for example. But so could others who hack the device. Parents in Germany are being urged to destroy the smartwatches.

Concerns about smart device spying are not limited to Germany, however. According to a recent Deloitte survey, 40% of consumers are concerned that smart home devices reveal too much about their daily lives. After all, cameras and microphones within these devices can be hacked, and they are often found in the most intimate areas of the home, listening in on every conversation. While cheap devices that have been rushed to market may be more susceptible to hacking than larger brands, 60% of consumers in the survey felt that they had little or no information at all about the privacy of these devices. Smart device spying is a real and growing concern.

And it’s not just about listening to private conversations. These devices can also be controlled remotely by hackers to coordinate large distributed denial of service (DDoS) attacks on sites around the world, all without the device owner’s knowledge. Privacy cannot be taken for granted, and device manufacturers must make the security of devices a primary element in the design.

However consumers of these devices have a role to play as well. Here are some ways that consumers can protect their smart devices:

  • When available, enable two-step authentication that requires physical access to the device in order to log in.
  • Ensure your internet connection is secure.
  • Install software updates issued by your device manufacturer immediately.
  • Change device passwords frequently.

Smart devices can be remarkably convenient for consumers, but the security of those devices cannot be ignored. Device manufacturers certainly have a role to play, ensuring privacy by design. However consumers must also do their part to make sure that their devices can’t be hacked. This is the only way to ensure that the benefits of smart devices outweigh the risks.

Want to learn more about cyber security, and how it related to not just smart devices, but other areas too? Explore the IEEE online course program Cyber Security Tools for Today’s Environment.

 

References

Griffin, A. (18 Nov, 2017). Low-Quality Devices Could Be Damaging the Idea of the Internet of ThingsIndependent.

Wakefield, J. (17 Nov, 2017). Germany Bans Childrens’ Smartwatches. BBC. 

Tung, L. (20 Nov, 2017). Is Germany Right to Tell Parents to Destroy Kids’ Smartwatches Over Snooping Fears? ZDNet. 

Cakebread, C. (15 Nov, 2017). Consumers are Holding Off on Buying Smart-Home Gadgets Thanks to Security and Privacy Fears. Business Insider. 

Continue Reading 0

Managing IoT on the Edge

edge computing internet of things (IoT)As Internet of Things (IoT) devices proliferate, so does the data that they produce. As more and more data is produced, organizations are finding it to be a costly endeavor to send, process, and store all of this data in the cloud. In fact, some organizations don’t even have the connectivity within their infrastructure to send large amounts of data to the cloud. (Anderson, 2017) Reliance on cloud computing alone also slows down device performance, as bandwidth constraints constrict how much data can be sent and received. Cloud computing alone cannot efficiently handle the IoT. This is why edge computing is becoming a critical factor in IoT deployments.

Edge computing moves data processing from the cloud to hardware on the “edge” of the network. By keeping the data processing local, latency is minimized, which is critical for deployments where real-time processing and time-sensitive decisions are mission critical. Artificial intelligence can help parse data and trigger local actions, such as scheduling maintenance with a facility that has the necessary parts, or deciding when a safety alert needs to be sent. Monitoring, diagnostics, performance optimization, and predictive maintenance are all functions that benefit from an edge computing solution.

In addition to reduced latency, there’s another key benefit to edge computing. It is estimated that the cost of a combined edge and cloud infrastructure is 1/3 of the cost of a cloud-only solution. (Gaunt, 2017) Most of this cost savings is realized through the reduction of bandwidth requirements and computing resources.

Of course, when moving to the edge, security is a critical factor. Cyber security must be deployed in both hardware and software to protect an organization’s data and hardware. As the cyber security of Internet of Things devices continues to develop, it is essential that IoT device manufacturers take into account the fact that some processing will occur on the edge, and build in security measures, including the ability to install updates as needed. Yet the edge may even be more secure than the cloud, as it is by its very nature decentralized. It is more complex for a cyber attacker to hack the decentralized edge, than the more centralized cloud.

Edge computing offers exciting opportunities for IoT development, and the intelligent processing of data that these devices produce. Investment of infrastructure to support the edge will continue, and should yield strong returns for organizations, both financially, as well as through better use of data.

To learn more about the Internet of Things, check out our online course program IEEE Guide to the Internet of Things.

 

References

Gaunt, T. (20 Nov, 2017). Pushing IoT to the Edge. Networks Asia. 

Anderson, J. (17 Nov, 2017). Managing IoT with Edge Computing. Network Computing.

Figueredo, K. (15 Nov, 2017). Edge Computing and AI: From Theory to Implementation. IoT Agenda.

Continue Reading 0

Cyber Security Talent Shortage: How to Solve It

Solving Cyber Security Talent ShortageA recent report from Cybersecurity Ventures and Herjavec Group predicts that there will be 3.5 million unfilled cyber security jobs by 2021. (Forrest, 2017) While cyber security job openings continue to grow, there simply aren’t enough people who have the skills to do these jobs. This puts us all at risk, as cyber criminals become increasingly sophisticated and Internet of Things (IoT) devices proliferate. The need for security professionals is fast reaching a crisis point, and it is necessary for us to consider how to solve the cyber security talent shortage.

The diversity of the cyber security workforce is one area for focus. Currently, women make up only 11% of the cyber security workforce. Blacks, Hispanics, and Asians represent less than 12% of the cyber security workforce. This number needs to increase in order to meet the growing need for cyber security professionals, and to eliminate the cyber security talent shortage. In order for this to happen, a diverse group of young people must be encouraged to pursue STEM careers from a young age. (Eide, 2017) Girl Scouts of the USA has recently released a cyber security badge, which is one way to get girls interested. IEEE and Cricket Media, Inc. have also just announced a partnership called TryEngineering Together to encourage 3rd – 5th graders in under-resourced areas to consider STEM careers in the future.

Now is also an excellent time for those that wish to enter or re-enter the workforce to consider cyber security as a career choice. In order to address the cyber security talent shortage, many people will need to consider cyber security training in order to meet the growing needs of the field. IEEE, for example, offers training in both Cyber Security and Ethical Hacking, to help people gain the foundational skills they need to enter this growing market.

Most importantly, we must remove the stigma that states that computing is a male-only field. It is critical for the well-being of our networks, our devices, and our personal information that this cyber security talent shortage be addressed…and solved…before it become insurmountable.

Click here to view Cyber Security courses from IEEE.

 

Resources

Eide, N. (Oct 2017).  How the Cybersecurity Industry Can Close the Growing Skills Gap. CIO Dive.

Forrest, C. (Oct 2017). Shark Tank’s Herjavec tells how to get one of 3.5M cybersecurity jobs that will be open by 2021TechRepublic.

Continue Reading 0

Should the Government Regulate IoT Devices?

Should the government regulate IoT devices?As security concerns rise about Internet of Things (IoT) devices, so does the debate about the necessity of government regulations. Should the government regulate IoT? Many Internet of Things devices on the market today have little to no security built in, which can compromise the privacy and even personal security of consumers.

Many consumers today are not (yet) clamoring for more regulation. A lot of them do not realize that their smart devices may be compromising their privacy in significant ways. Yet there is a growing concern from those in government and industry that something must be done. The question is, however, whether more secure devices will arise through government regulations imposed by governments that are often hacked themselves, or by the Internet of Things industry itself.

Should the government regulate IoT?

Proponents of government regulations see the following benefits to having the government regulate IoT devices:

  • Standards applied to every device that help to protect the security of consumers
  • Requirements for patches that take new security concerns into account

Opponents take a different view. Should the government regulate IoT devices, they are concerned about:

  • Regulation and bureaucracy stifling innovation
  • Expensive regulations eliminating smaller companies, reducing consumer choice and competition
  • The government lacks the expertise to effectively regulate these devices

What are lawmakers doing today?

Several countries are already proposing regulations related to this issue. For example, in Australia, lawmakers have proposed a certification for IoT devices with requirements such as:

  • Changeable, non-guessable, non-default passwords
  • Not to expose ports to the wider internet
  • Software updates to fix known vulnerabilities

In the United States, lawmakers are working on a bill related to devices purchased by the federal government that includes requirements such as:

  • Devices must be patchable, rely on industry standard protocols, and be built without hard-coded passwords and known security vulnerabilities
  • Alternative network-level security requirements for devices with limited data processing and software functionality
  • Cybersecurity coordinated vulnerability disclosure policies will be required of all contractors that provide connected devices to the U.S. Government

It is essential that Internet of Things devices become more secure in order to protect consumers, governments, and organizations alike, while complying with international data privacy regulations. Whether that is done through government regulation or industry self-regulation remains to be seen. Likely it will be a combination of both. As consumers and organizations alike become more aware of the security risks of IoT devices, the market demand for more secure devices will grow, increasing the supply in a market-driven economy. Likely we will see the government regulate IoT devices, while the market demand increases.

What do you think?

Should governments regulate Internet of Things devices? Or can the industry self-regulate? Please share your thoughts in the comments.

And if you’d like to learn more about the Internet of Things, check out our newest course program: IEEE Guide to the Internet of Things.

 

References:

List, J. (2017, 16 Oct). Aussies Propose Crackdown on Insecure IoT Devices. Hackaday.

Corsec. (2017, 27 Sept). IoT Security Facing Government Regulation. Corsec blog.

Thierer, A. and O’Sullivan, A. (2017, 12 June). Leave the Internet of Things Alone. US News & World Report.

Thomson, I. (2017, 15 Feb). You Know IoT Security is Bad when Libertarians Call for Strict RegulationsThe Register.

Continue Reading 0

Corporate Hacking: Are You a Target?

Corporate Hacking: Are you at risk?Corporate hacking stories are a staple of the news. Whether a small business or large international corporation, if you use the internet to do business, you are susceptible to having your network hacked, customers compromised, and your reputation ruined.  How can you protect yourself from being a target of corporate hacking? Sometimes it is just about being proactive, and thinking smart.

Here are five strategies to defend against corporate hacking:

  • First, Think Passwords: Are yours strong and unique? Do you change them often? Usually, a hacker steals passwords. By regularly changing yours, you make it harder for hackers to use stolen data. If the hacker doesn’t have access to stolen passwords, they will try combinations of easily guessable alternatives.   There are ways to make cracking your passwords more difficult, including using spaces and characters in your password and increasing the length. And whenever possible, use Two-Factor Authentication, which adds another layer of security. (2017, Symantec)
  • Second, Look at web URLs:   Your information is not encrypted if you do not see an “s” after the “http.”  Encryption is necessary for any business, especially when financial transactions, credit card information, or other critical data is shared.
  • Third, Software Updates:   Keep abreast of the updates pushed out by software providers.  They are created to counter software flaws.  Updates, also known as patches, are developed and pushed to users for upload.  It is important to keep up with the updates in order to stay ahead of malicious hackers who could use the flaws to hijack your system.
  • Fourth, Encrypt, Encrypt, Encrypt:  Use road blocks to make it difficult for your corporate information to be collected and shared.  Encrypting data is key to this process. Learn more about how to encrypt files in this post from Lifehacker.
  • Fifth, Employ White Hat Hackers:   Sometime you need to have someone on the inside working to find the cracks in your armor.  Employing cyber security specialists, or training your existing employees in ethical hacking techniques, can wind up saving your company money in the long run. After all, cyber attacks can be incredibly expensive. Finding and patching the vulnerabilities yourself costs a lot less.

These are just a few of the many steps your company can take to make doing business more secure in the digital age and help build a defense against corporate hacking.   One last tip: education.  Stay ahead of trends by constantly educating your employees on best practices.

Why not learn more about cyber security and ethical hacking?

Check out the IEEE online course programs: Cyber Security for Today’s Environment and Hacking Your Company: Ethical Solutions to Defeat Cyber Attacks. These courses provide you and your employees with the foundation you need to put a sensible cyber security strategy in place for your organization.

 

Resources

Nixon, Sam. (2017, September 8). Are you an easy hacking target? Cybersecurity tips for small business. The Guardian.

Symantec. (2017). How to Choose a Secure Password. Norton Security Center.

Continue Reading 0

Tips for Cyber Security Awareness Month

Are you #CyberAware? Cyber Security Awareness MonthAre you #CyberAware? October is Cyber Security Awareness Month. It’s a great time to review the online security practices you use at home, as well as at school or at work. When we all work together to prevent cyber attack, the internet as a whole can get safer.

Individuals can protect their computers and networks by following some of these simple tips:

  • Apply patches and updates as soon as they are available. Sure, it can be annoying to continually run updates on your computer. But take a lesson from the massive WannaCry attack. It took advantage of a system vulnerability in the Windows operating system. Updating Windows prevented the attack. Yet many outdated computers were affected for lack of an upgrade. (2017, Saito)
  • Never click on links that seem suspicious. Sometimes the email may be from someone you know. But if it doesn’t feel right, it probably isn’t. When in doubt, reach out to the person who sent you the link another way to make sure the link is legitimate before clicking.
  • Practice good password hygiene. Make sure your passwords are long, use a combination of symbols and letters, and are changed frequently.

In addition to the above tips, businesses should also keep in mind the NIST Security Framework. This framework includes:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

Learn more about the framework, and how to apply each of these steps for your business, at StaySafeOnline, powered by the National Cyber Security Alliance.

Everyone needs to do their part to prevent cyber attacks, and Cyber Security Awareness Month is a great time to start. The number one key is to educate yourself on the tricks cyber criminals use, so you can defend against these attacks.

Ready to learn more about cyber security, or even considering a cyber security or ethical hacking career? Check out the IEEE online course programs: Cyber Security for Today’s Environment and Hacking Your Company: Ethical Solutions to Defeat Cyber Attacks. These courses will give you a solid foundation in the basics of cyber security to prepare you to defend your company’s network from cyber attack.

How do you defend against cyber attack? Please share your tips in the comments below.

 

References

Saito, W. (2017, May 18). 9 Ways to Stay Safe from Cyber Attacks.  World Economic Forum.

Stay Safe Online powered by the National Cyber Security Alliance. (2017) https://staysafeonline.org/

Continue Reading 0