technology

now browsing by tag

 
 

#hacking | Accel’s new India fund, Slowing growth of AePS & more, Technology News, ETtech

Source: National Cyber Security – Produced By Gregory Evans Accel’s new India fund What’s the news? Accel India, backer of leading technology startups such as Flipkart, Freshworks and Swiggy, has raised about $550 million for its sixth India fund, taking its assets under management to $1.5 billion. This makes Accel VI among the largest corpuses […] View full post on AmIHackerProof.com

#cybersecurity | hacker | ‘DIRT CLEAN’ -a technology rationalization approach for security controls

Source: National Cyber Security – Produced By Gregory Evans Security is a boardroom topic and not a hard sell these days. Not saying the job of the CISO has become easier, but certainly getting funding is less of a herculean task as it used to be 10 years ago. Everyday we get updates about breaches […] View full post on AmIHackerProof.com

#deepweb | Technology Might Save, or Doom, the 2020 Census

Source: National Cyber Security – Produced By Gregory Evans

Photo: More than 120,000 enumerators gathered data for the 1940 census.
For the 1940 census, more than 120,000 enumerators gathered and processed data. Eighty years later, the 2020 census will be the first to go online. AP/National Archives and Records Administration

The 2020 count will be the first census to go online, and it faces many threats, from cyberattacks and scam artists to security fears and undercount risks.

With the next census, for the first time ever, respondents will be able to fill out their questionnaires online. This marks a major transition for the count, which guides the apportionment of seats in Congress and the disbursement of hundreds of billions of dollars in federal funds. Giving Americans the option to fill out the 2020 census by laptop or smartphone means dragging Article 1, Section 2 of the U.S. Constitution into the 21st century. For better or for worse.


Worries over the looming census run beyond the typical concerns about underfunding and understaffing (although those are fraying nerves this time around also). Putting the census online opens a Pandora’s box of new risks, including meddling from hackers and scammers, and there’s evidence that vultures are already circling. While the first-ever online census introduces challenges for consumer protection and data security, the greatest threat to the census itself may be inequality—specifically, the digital divide.



“Asking people to fill out a form on their phone is quite different and complicated from asking people to use a social media app,” says Greta Byrum, co-director of the Digital Equity Laboratory at the New School.


Beware the census scams


First, the good news: An overwhelming majority of adults in America know about the census and plan to participate. The brand is strong, according to the Pew Research Center, despite the Trump administration’s failed effort to pin a divisive citizenship question onto the questionnaire. Yet its (quite literal) household-name status also makes it a high-value target for players intent on misleading people.


For example, in October, the Republican National Committee issued a mailer in Bozeman and other areas in Montana that represented itself as a “2019 congressional district census.” The document was really a disguised solicitation for President Donald Trump’s re-election campaign, leading officials in Montana to condemn the “imitation census” as misinformation.


Other census-lookalike forms are designed to lure people to sites where they might be asked for identifying personal information or financial records (even though the census doesn’t ask for these details). “We’ve already seen cases of fake mailers, where they ask people to go to some random URL,” Byrum says. She gives an example of a library patron in Canandaigua, New York, who brought a mimic mailer in to the local library to ask whether it was an official census form.



When the official 2020 census launches next April, the mailers that come to households will direct respondents to a web address and provide them with a unique identifying code. That opens a window for fraud: Bad actors might design convincing spoof sites that look like an official census portal, or they might zero in on (say) a wifi network created for census response by a neighborhood complete count committee. All the usual malware maladies that plague email could be tried against the census, and the same people who are vulnerable to those attacks—older people and those less familiar with online interactions—may be victimized. Other scammers pretend to be Census Bureau staffers and use analog methods of deceit to lure victims into handing over Social Security numbers and other identifying personal information over the phone or at the door. Organizations like AARP have been warning members how to better identify census fraud threats and imposters.


The U.S. Census Bureau’s 2020 data collection push itself could also be a target. When Australia launched its first online census in 2016, it was subject to a distributed denial of service attack that crashed the site, forcing authorities to take it down. Security experts have warned the Bureau that census data will be vulnerable both during transmission and at rest. Earlier this year, officials from the Government Accountability Office testified before the House that the Census Bureau had flagged more than 500 corrective actions to be taken during a cybersecurity risk assessment, nearly half of which were deemed high risk.


“The Census Bureau has been extremely guarded about how they’re building these systems,” Byrum says. “There was a long delay on procurement of these contracts because of the [federal government] shutdown [in 2018–19]. The Census Bureau is really far behind on building the IT systems.”


Delays, budget uncertainties, and lapses in leadership have loomed over the census. While three full trials were planned to test all 50-odd new IT systems for the 2020 Census, the bureau scaled back its preparations to a single dress rehearsal in Rhode Island’s Providence County due to funding shortfalls. “When we went into the end-to-end pilot in Rhode Island in 2018, several of the systems were not completed yet. We haven’t seen them. They haven’t been tested in the field. They’re not going to be tested.”


New technology, and stubborn gaps


Even the system for ensuring that the census reaches hard-to-count households is brand new. For the 2010 census, the bureau hired about 160,000 temporary workers known as “listers” to canvas nearly every block in the nation and generate the agency’s master address file (part of a much larger temporary workforce). As a cost-saving mechanism, the Census Bureau scaled back the door-to-door canvassing operation for 2020. The agency is splitting this task into “in-field” and “in-office” efforts. The latter involves sophisticated data analysis techniques, including machine learning and satellite imaging, to generate a profile for places that have added addresses.



As a result, the Census Bureau is only physically canvassing a quarter of the blocks that the agency covered for the last census. During the single (and only) end-to-end trial conducted of the census, the in-office (digital) canvassing results differed from the in-field (analog) canvassing results for 61 percent of the blocks tested, according to a final internal report on the trial.


“If there’s an over-representation of folks who have internet at home, we don’t know that the nonresponse follow-up systems as it exists is going to be able to identify who has not been counted,” Byrum says. “We’re not sure there’s any corrective mechanism to identify or measure an undercount.”


There won’t be another dress rehearsal before Census Day (April 1, 2020). The 2018 practice run in Providence County did not exactly inspire confidence, according to James Diossa, the mayor of Central Falls, Rhode Island. Outreach was nonexistent. Worse still, Commerce Secretary Wilbur Ross announced the citizenship question in March 2018, midway through the test, adding to the confusion. “There was no information, no advertising, no discussions happening from the Census Bureau around this test trial run,” Diossa told CityLab earlier this year.



“Folks would rather not transmit their data through systems that they neither understand nor trust.”

Yet outreach is an enormous obstacle for the 2020 census, thanks to the deep divides in the ways that American reach and use the internet. In New York City, for example, more than 917,000 households lack access to broadband at home—29 percent of the city, per a July report on the census from the Office of the New York City Comptroller. This digital divide tracks neatly with existing borders that define marginalized populations, including race, class, and ethnicity. Nearly half of the homes in Borough Park, Kensington, and Ocean Parkway in Brooklyn lack broadband access at home, while on the Upper East Side that figure is just 15 percent.


Share of households in New York City without broadband internet access. This map strictly shows households that lack at-home broadband, so it excludes households with cellular data plans for phones or tablets. (NYC Office of the Comptroller)

Broadband access isn’t the only measure of the digital divide. Sticking with New York, about 38 percent of households without internet access at home pay for data on a mobile device. Smartphones may be ubiquitous among communities of color, particularly in low-income communities, but that isn’t a closing of the digital divide, says Maya Wiley, professor at the New School and founder and co-director of the Digital Equity Laboratory. “Try doing your homework on a mobile phone,” she says.


Counting on trust


Black and Hispanic adults, who are more likely to have unreliable access to the internet in the first place, also harbor greater doubts about the census, according to the research from Pew. And no wonder: The Trump administration took great pains to introduce a citizenship question as a way to give an edge to Republicans and non-Hispanic whites. While the effort to add the citizenship question failed, the distrust lingers, and putting the census online raises a whole new category of objection.



“Folks would rather not transmit their data through systems that they neither understand nor trust,” says Melva M. Miller, executive vice president for the Association for a Better New York, a nonprofit that has identified 2020 census outreach as a priority.


Maximizing New York City’s self-response rate is one of her association’s goals going into a census that could see the state as a whole lose billions of dollars in federal funds as well as one or more seats in Congress. Developing messaging to reach hard-to-count communities means coming up with the strategy that’s most likely to reach a trusted figure within a particular demographic, whether that’s a maternal head-of-household, religious leader, or social media platform. And the answer changes wherever you go.


“I was in a conference and sitting on a panel with a woman who is organizing in the state of Arkansas, and she mentioned that there’s been some hesitation among the minority community specifically in Arkansas around filling out the form online. Their preference was to complete the form over the phone,” Miller says. “In our focus groups [in New York], we saw the absolute opposite. Filling out the census over the phone was the least favorite option, even after enumerators knocking on individual doors.”


Public libraries are likely to be the front line in census outreach: That’s where many people who don’t have home access to the internet go to get online. And as trusted arbiters of information across many different communities, librarians have been preparing for the 2020 census for at least two years, according to Larra Clark, deputy director for policy at the Public Library Association (part of the American Library Association). In fact, librarians are already doing some heavy lifting for the 2020 count: They’re helping library users apply for and train for jobs with the Census Bureau, processes that have migrated online with this census.



“Every time we see a government activity move online, whether it’s only online or partly online, every single time we see an impact on our public libraries,” Clark says. “So much about the census is about what public libraries do every day ensuring people have a safe and effective online experience.”



Librarians, faith leaders, and other standard bearers have their work cut out for them. For the 2020 census to succeed, they’ll have to help communities across the country bridge the gulfs of digital illiteracy and lack of accessibility. Success assumes that the government’s untested census technologies hold up to attacks from pirates, hackers, and foreign governments. And if everything works—well, we’ll never know, really. The Census Bureau isn’t conducting a control trial to see how the online census measures up to past efforts.


“If we have a census where a large percentage of the population don’t have faith in the results,”Byrum says, “then we’re in a very poor position when it comes to how we make those decisions or how we litigate going forward regarding these very important issues.”

About the Author

Source link
——————————————————————————————————

The post #deepweb | <p> Technology Might Save, or Doom, the 2020 Census <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Does #Cyber Security Really Need #Machine Learning #Technology?

Source: National Cyber Security – Produced By Gregory Evans

Amidst the escalating number of high-profile hacks and cyber attacks, organizations are now embracing various forms of artificial intelligence (AI) – including machine learning technology and neural networks – as a new cyber security defense mechanism. At a time when human skills and competencies appear to be overmatched, the thinking goes, machines have a nearly infinite ability to analyze threats and then respond to them in real-time.

Is machine learning really the silver bullet?
However, putting one’s faith in the ability of machines to defend entire organizations from hacker attacks and other forms of security intrusions ignores one basic fact: cyber security is an arms race, and the same weapons that are available to one side will soon be available to the other side. Put another way, the same machine learning technologies being embraced by the world’s top corporations and data scientists will soon be co-opted or adopted by the world’s top hackers.

Moreover, there is still quite a bit of work to be done before any machine learning cyber defense is fully robust. Right now, machine learning excels at certain tasks, but still needs significant human intervention to excel at others. For example, machines are extremely good at “classification,” which enables them to label and describe different types of hacker attacks. As a result, machines can differentiate between spoofing attacks, phishing attacks and other types of network intrusions.

The idea here is simple: just show a machine many different examples of hacker attacks, and they will eventually learn how to classify them very efficiently. The more raw data and data points you show machines (think of all this data as “training data”), the faster they will learn. In many ways, it is similar to the machine learning techniques used for image recognition tools – show a machine enough photos of a dog, and it will eventually be able to pick out a dog in any photo you show it.

Thus, it’s easy to see an obvious implication for machine learning and cyber security: machines can help security teams isolate the most pressing threats facing an organization and then optimize the defenses for those threats. For example, if an organization is facing a hundred different potential threats, a machine can easily sort and classify all of those threats, enabling humans to focus only on the most mission-critical of these.

The use cases of machine learning in cyber security
One of the most obvious ways to apply machine learning in cyber security involves the creation of stronger spam filters. For many organizations, a constant security threat is the ability of hackers to get inside the organization simply by sending spam emails filled with all kinds of malware. Once an employee clicks on a bad link or opens a bad attachment that makes it past conventional spam filters, it may be possible for malware to spread throughout an organization’s network.

Thus, you can immediately see why adopting machine learning for email security makes so much sense – it can provide a first layer of defense against these spam emails laden with malware. If you frame email as a “classification” problem, then machines can play an important role in sifting out the “good” emails from the “bad” emails. You simply show a machine many, many different examples of “bad” emails as well as many, many different examples of “good” emails, and it will eventually become 99.9% efficient in sorting them out (or so one common myth about machine learning goes).

Another common use case for machine learning in cyber security involves spotting irregular activity within an organization’s network traffic. For example, an unexpected surge of network activity might signal some sort of looming cyber attack (such as a DDOS attack). Or, activity in the accounts of certain employees that is out of the norm might indicate that one or more of these accounts have been compromised. Again, it matters how you frame the problem for machines: organizations must be able to show them what “normal” looks like, so that they will then be able to spot any irregular deviations from the normal state of network affairs.

Machine learning, cyber security and the enterprise
To get cyber security executives thinking more deeply on the matter (without delving too deeply into the complex data science behind machine learning), the technology research firm Gartner has proposed a PPDR model, which corresponds to the various uses of machine learning for cyber security within the enterprise:

Prediction
Prevention
Detection
Response
In short, with machine learning technology, organizations will be able to predict the occurrence of future attacks, prevent these attacks, detect potential threats, and respond appropriately. With the right machine learning algorithms, say experts, it might be possible to shield even the largest and most vulnerable organizations from cyber attacks. In the big data era, when organizations must grapple with so much data, it’s easy to see why they are turning to machines.

With that in mind, Amazon is leading the way with an application of machine learning for the cloud. At the beginning of 2017, Amazon acquired a machine learning startup, harvest.ai, for just under $20 million. The goal of the acquisition was to be able to use machine learning to search for, find and analyze changes in user behavior, key business systems and apps, in order to stop targeted attacks before any data can be stolen or compromised.

Then, in November 2017, the company’s cloud business, Amazon Web Services (AWS), unveiled a new cyber security offering based on machine learning called Amazon Guard Duty. The allure of the new offering is easy to grasp: companies with a lot of data in the cloud are especially vulnerable to hackers, and they are easy “sells” for any company that is able to promise that their cloud offerings will be safe from attack. Already, big-name companies like GE and Netflix have signed on as customers of Amazon’s new machine learning-based offering.

Clearly, there is a tremendous amount of potential for machine learning and cyber security within the enterprise. Some industry experts have estimated that, in the period from 2015-2020, companies will spend a combined $655 billion on cyber security. Other estimates have been even more aggressive, suggesting that the total could be closer to $1 trillion.

If companies are spending so much money on cyber security, though, they will want to be certain that new solutions featuring machine learning actually work. In order for machine learning to live up to the hype, it will need to offer a fully robust security solution that covers every potential vulnerability for a company – including the network itself, all endpoints (including all mobile devices), all applications and all users. That’s a tough order to fill, but plenty of organizations are now betting that machines will be up to the task.

The post Does #Cyber Security Really Need #Machine Learning #Technology? appeared first on National Cyber Security .

View full post on National Cyber Security

International #Summit on #Telecommunications,#Cloud #computing and #Wireless #Technology

General Cybersecurity Conference

 August 23 – 28, 2018 | Outram Rd, Singapore

Cybersecurity Conference Description

Telecommunications 2018 is a leading forum for Business professionals, Scientists, Professor, Directors of companies, Delegates, Industrialists, Researchers and Students in the field of Telecommunication & Wireless to exchange information on their latest research progress and with a theme “Emerging Innovation in communication and wireless technology for connecting the world” to cover almost all aspects and fields of Telecommunications, Cloud computing and Wireless Technology.

Importance and Scope

International Summit on Telecommunications, Cloud computing and Wireless Technology is organizing an outstanding Scientific Exhibition/Program and anticipates the world’s leading specialists involved in Telecommunications, Cloud computing and Wireless Technology . Your organization will benefit with excellent exposure to the leaders in Wireless and Telecommunication. You can update your knowledge about current situation of Telecommunication &Wireless Technology and receive name recognition at this 2-day event. Telecommunications 2018 is an exciting opportunity to showcase the new technology. World-renowned speakers, the most recent techniques, tactics, and the newest updates in Telecommunications, Cloud computing and Wireless Technology fields are hallmarks of this conference.

advertisement:

The post International #Summit on #Telecommunications,#Cloud #computing and #Wireless #Technology appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The 4th International Conference on Engineering and Information Technology

General Cybersecurity Conference

 August 7 – 9, 2018 | Taipei, Taiwan

Cybersecurity Conference Description

International Conference on Engineering and Information Technology (ICEIT) is an international platform for researchers, scholars and practitioners to discuss interdisciplinary research and practices in the fields of Biomass & Bioenergy, Biomedical Engineering, Engineering Management, Construction Technology, Multimedia Technology, Electrical Machines and Adjustable Speed Drives and a lot more.

advertisement:

The post The 4th International Conference on Engineering and Information Technology appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

International Conference of Reliable Information and Communication Technology (IRICT)

General Cybersecurity Conference

 July 23 – 24, 2018 | Kuala Lumpur, Malaysia

Cybersecurity Conference Description 

The conference will be held in Hotel Bangi-Putrajaya, Kuala Lumpur, Malaysia, on July 23-24, 2018 and Organized by the Yemeni Scientists Research Group (YSRG) in collaboration with the Information Service Systems and Innovation Research Group (ISSIRG) in Universiti Teknologi Malaysia (UTM), Faculty of Computer and Mathematical Sciences in Universiti Teknologi MARA (UiTM), Information Systems Department in Universiti Teknologi Petronas (UTP), Information Systems Department & Data Science Research Group in Taibah University (Kingdom of Saudi Arabia) and School of Science & Technology in Nottingham Trent (UK). IRICT 2018 is a forum for the presentation of technological advances and research results in the fields of ICT.

The conference will bring together leading researchers, engineers and scientists in the domain of interest from around the world. We warmly welcome previous and prospected authors to submit your new research papers to IRICT 2018, and share the valuable experiences with the scientists and scholars around the world.

advertisement:

The post International Conference of Reliable Information and Communication Technology (IRICT) appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Senior Manager, Information Technology (IT)

FiscalNote – Washington, DC

About the Position We’re looking for an individual to manage the continued development, implementation, and maintenance of FiscalNote’s internal network. Overseeing hardware and software procurement and management, internal security, and helpdesk support, this individual will plan for and execute our internal information technology strategy for our growing business across multiple geographies (currently including DC, NYC, Baton Rouge, and Seoul). S/he will ensure FiscalNoters work on a maximal performing network with the optimal equipment to tackle their core functions.

You Have – Functioned as an admin on Mobile Device Management software (ideally Meraki MDM) – Built some type of office network infrastructure and/or were deep in the weeds of managing one – Managed and implemented anti-virus and Data Loss Prevention (DLP) – Implemented security protocols and performed relevant internal trainings – Configured workstation and laptop operating systems with extensive experience with Apple devices – Worked with modern VoIP and A/V technologies – Managed issue tracking systems (preferably JIRA) and directly worked to troubleshoot employee issues – Built an extensive knowledge of enterprise cloud services (G-Suite preferred) – Leveraged your strong planning and organizational skills on a day-to-day basis – Developed mastery of networking principles, protocols, and documentation as well as a deep knowledge of security principles and best practices

You Will – Strategically evaluate, implement, and monitor our secure internal network – Prepare and manage the budget for information technology operations – Implement appropriate security and disaster recovery policies, and ensure relevant adherence – Evaluate and ensure ease of use around corporate communication systems, particularly VOIP and all A/V equipment – Monitor, triage, and respond to individual technical issues, as well as corporate networking issues – Manage FiscalNote’s G-Suite instance by ensuring proper account configurations for organizational units, setting up offboarding/data transfer procedures, managing mobile access of email, reviewing and strengthening permissions, etc. – Oversee deployment and management of company hardware

You Are Motivated. Detail oriented. Curious. Excited to help accelerate a rapidly growing organization’s ever-increasing need for advanced technological management and security, you delight in both getting your hands dirty to solve problems, while picking up new technologies and skillsets on the fly. You despise leaving issues unaddressed and are the type of person that will go to the moon and back to ensure loose ends are tied. Always with an eye to scaling systems, you recognize when a robust, systemic fix is better than a temporary band-aid, but you don’t hesitate to quickly triage when time is of the essence. You believe there’s always opportunity for cost and efficiency savings — understanding that shortsighted decision making can significantly curtail a company’s ability to scale. A reliable team member, you’ve got experience across software and hardware issues, and are ready to be directly responsible for an organization’s growing IT needs.

advertisement:

The post Senior Manager, Information Technology (IT) appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

International Workshop on Defense Technology and Security (DTS)

General Cybersecurity Conference

 July 2 – 5, 2018 | Melbourne, Australia

Cybersecurity Conference Description

DTS 2018, International Workshop on Defense Technology and Security, will be held at the Monash University, Melbourne, Australia, July 2-5, 2018. (It is organized as a workshop of the 18th International Conference on Computational Science and Its Applications (ICCSA 2018))

This workshop aims to be the premier forum for the presentation of the state of the art research work in defense technology and security areas related to the theory, policy, law, technical development, applications and experiences.

advertisement:

The post International Workshop on Defense Technology and Security (DTS) appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Engineering Manager, Information Technology

Source: National Cyber Security – Produced By Gregory Evans

USAA1, – Plano, TX

Purpose of Job We are seeking a talented Engineering Manager, Information Technology for our Plano, TX facility. 

IT Managers are engaged in all phases of the software development lifecycle which include; gathering and analyzing user/business system requirements, responding to outages and creating application system models.

Read More….

The post Engineering Manager, Information Technology appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures