Category Archives: Cloud Servers
The Property Management System (PMS) of the future is already here | By Max Starkov Hospitality Net – Hospitality Net
Today's Property Management System (PMS) is the hotel 's command center for rooms and F&B management, sales and catering, distribution, availability, pricing, reservations, guest interactions, issue resolution, housekeeping, reporting, billing, guest communications, etc. and is often described as "the central nervous system of the hotel operations."
The traditional, legacy PMS is an on-premises software platform with features and functionality ranging from barebones to rich and very complex. These legacy platforms have a number of serious disadvantages: a) too expensive to install, train staff and maintain, b) their "all-in-one solution approach" stifles innovation and prevent quick adoption of new functionality needed to meet new guest requirements or sudden changes in the market conditions, like the contactless experience from last year, and c) as closed systems they are reluctant to open up to third-party integrations, applications and solutions, depriving the property and its guests from some very innovative and much-needed applications and services.
I remember how a dear industry friend of mine, opening a boutique hotel in California, had to keep the server with the legacy PMS in his living room for many months while the hotel was still under construction.
What happens if your on-premises server hosting the PMS just dies? It has happened many times before. Or if there is a flooding or fire or burglary at the hotel? With the lax back-up protocols in our industry, most probably all of the guest and operational data would be lost.
Luckily for our industry, the future is already here in the form of a cloud PMS with Open API (application programming interface) integration platform, just on time in this most challenging era in our industry.
Both the legacy and cloud PMS platforms employ the PMS-centric hotel tech stack approach, but unlike its legacy PMS predecessor, the cloud PMS allows hoteliers to meet and exceed the needs of their guests in these trying times and brings many operational and cost-saving benefits for all hospitality stakeholders.
Some of the benefits of the cloud PMS are significant and timely:
Laura Calin, VP, Strategy Solutions Management at Oracle Hospitality, known worldwide for their OPERA PMS with over 40,000 installments, considers the following as the three main advantages of the OPERTA Cloud PMS over the legacy PMS:
Adam Harris, Founder and CEO at Cloudbeds, a cloud-first PMS with over 20,000 installments, believes the following are the three key advantages of the cloud PMS over the legacy PMS:
Ever since the emergence of the cloud-first PMS platforms like Cloudbeds and Mews, there has been a monumental shift in the PMS vendor community's mindset: from closed system mentality to cloud PMS with Open API mentality. At Oracle Hospitality, with the adoption of the Oracle's self-service cloud technology tools, the OPERA Cloud PMS with Open API has become the most important innovation strategy.
Richard Valtr, Founder at Mews, a cloud-native PMS with over 2,000 installments, summarized well this mentality shift at a recent webinar: "Technology has become a competitive advantage for many hoteliers and we have to enable them to stay competitive and succeed."
Ingo Dignas, Founder and CEO at Protel also commented: "The hotel customers have changed and they stopped expecting the PMS to be a complete system providing 100% of the functionality a hotel would need. They are looking for best-of-breed technologies, many of them offering niche, very agile applications and features. Only the cloud PMS allows APIs to such applications to be deployed fast and cheap."
The cloud PMS is the obvious winner in the post-crisis era
I believe over the next 5 years the adoption of cloud PMS solutions will explode and this will be the highest growth component of the hotel tech stack, followed by revenue management systems (RMS) and customer relationship management (CRM) solutions.
Why? Low costs, efficiencies, higher productivity and data security aside, in the near and mid-term a full-service 3-4-5-star hotel will need over 100 plus APIs with third-party tech applications and solutions to be able to function and meet the basic needs and wants of today's digitally-savvy travelers. These include mobile and contactless guest experience, mobile locks, issue resolution apps, guest messaging, virtual concierge, IoT devices and utility management, smart room technology, entertainment hubs, CRM programs, etc.
This type of connectivity is impossible or super expensive to achieve with a legacy PMS, which is hostile to any third-party interfaces by default. A cloud PMS with its Open API and integration hub instantly solves this problem. Good examples: The new Oracle Hospitality Integration Platform with 3,000 API capabilities, StayNTouch Integration Hub with 1,100 APIs; Protel Air PMS Marketplace - 1,000 APIs, Cloudbeds PMS - 300 APIs etc.
What would happen with the hundreds of thousand legacy PMS installments out there?
Rest assured, I asked the right people this pertinent and timely question: When does it make sense to switch from a legacy to a cloud PMS?
According to Laura Calin from Oracle Hospitality, switching from a legacy to a cloud PMS has occurred traditionally when a) on-premises hardware reaches end-of-life and warranties are expiring, or b) when a brand affiliation comes to an end and a replacement system is required.
Oracle Hospitality has sensed a major customer mindset shift in the last few years, which has been accentuated by the pandemic, accelerated by the need for data security and adherence to stricter government regulations around the globe, the need to access the PMS system from anywhere and any device, and increased demands for accelerated innovation. "Hotels should be thinking about what they want to achieve in the next 2-3 years and, if the legacy system is holding them back, it will be time to consider a move to the cloud to get ready for the recovery phase from the pandemic," continued Laura Calin.
Adam Harris from Cloudbeds is much more categorical about the need to transition to a cloud PMS: "When to do the switch to a cloud PMS? Yesterday! The pandemic has accelerated the use of customer facing technology. Travelers want to use their own devices for both convenience and safety. Contactless may be the latest buzzword but convenience is here to stay."
Conclusion
Let's face it: a legacy PMS is a legacy from the past, from the times when closed software systems ruled the world. Since then, everything has changed. Times have changed, hotel business have changed, hotel technology has advanced beyond belief, our guests and their wants and needs have changed, the property operational needs have changed.
There is no doubt in my mind that the cloud PMS with Open API facilitating connectivity to hundreds and thousands of smart, innovative and much sought-after applications and solutions is the clear winner today and tomorrow. The only question is when to switch? My advice? The sooner you switch, the more excellent the guest experiences you provide to today's super tech-savvy customers, the more you will know about their preferences, the better you can communicate with them, the more loyal customers you can win thus generating more repeat business, the more you can empower your employees, the more automation and operational efficiencies you can implement, the faster you can improve the bottom line and the sooner you can outshine the competition.
Article published originally as part of Max Starkovs The Tech Corner column in Hotels Magazine
Here is the original post:
The Property Management System (PMS) of the future is already here | By Max Starkov Hospitality Net - Hospitality Net
Microsoft, HPE Bringing AI, Edge, Cloud to Earth Orbit in Preparation for Mars Missions – EnterpriseAI
The International Space Station will soon get a delivery of powerful AI, edge and cloud computing tools from HPE and Microsoft Azure to expand technology experiments aimed at preparing NASA for launching future crewed exploratory missions to Mars.
The new equipment and software, including HPEs specialized, second-generation Spaceborne Computer-2 (SBC-2), will mark the first time that broad AI and edge computing capabilities will be available to researchers on the space station, Tom Keane, Microsofts vice president of Azure Global, wrote in a Feb. 11 post on the Azure blog.
The new hardware, software and services are scheduled for launch to the ISS at 12:36 p.m. on Feb. 20 aboard Northrop Grummans 15th(NG-15) Commercial Resupply Services cargo mission. The NG-15 missions launch from the Wallops Flight Facility at Wallops Island, Virginia, is contracted by NASA to bring needed supplies.
The new SBC-2 computer thats heading to the space station follows the original Spaceborne Computer-1 that was sent to the ISS in 2017 as part of a validation study to test it in the rigors of space aboard the orbiting laboratory. SBC-1 returned to earth in 2019 after completing its mission. Both Spaceborne Computer-1 and Spaceborne Computer-2 are sponsored by the ISS National Lab.
Dr. Mark Fernandez of HPE
SBC-2 will bring ISS researchers a wide range of new capabilities they did not have with the original Spaceborne machine from 2017 to 2019, Dr. Mark Fernandez, solution architect for converged edge systems at HPE and principal investigator for SBC-2 told EnterpriseAI. Technological advancements in AI, cloud and more will provide more possibilities in the new machine for ISS researchers, he said.
Hardware-wise, we're sending up the HPE Edgeline Converged EL4000 Edge system, which is purpose-engineered and built to operate on the edge and take advantage of AI and ML capabilities with its onboard Nvidia T4 GPUs, said Fernandez. These are enterprise-class, commercial off-the-shelf servers that go into data centers.
Featuring CPUs and GPUs
The Edgeline EL4000 servers will use Nvidia T4 GPUs for AI and machine learning, image processing, video processing and other tasks. Previously, the first SBC-1 used CPUs for those tasks. The latest SBC-2 will include CPUs and GPUs to allow for comparison performance experimentation in space.
The 1U boxes insert into standard data center 19-inch racks on the ISS. The racks are then inserted into lockers aboard the ISS to hold them securely. Also provided are an enterprise-class compute node, HPEs ProLiant DL360, for intense compute requirements, said Fernandez.
HPE's Spaceborne Compuer-2
For the second generation of the SBC, NASA asked HPE to send up twice the compute power of the original version, said Fernandez. So, we're sending up twice the number of servers. You'll see two lockers and each contains two servers.
One is a CPU-based Intel server for those that love Intel and traditional computing, and we'll have a GPU-based Edgeline server for those that are doing image processing, artificial intelligence, machine learning, etc., said Fernandez.
NASA asked for double the computing power in the SBC-2 so the agency can continue its work toward sending humans to Mars, he said. SBC-1 was a proof-of-concept device for 18 months and now the new SBC-2 will be tested to see how it reacts to two to three years in space to accommodate a mission to Mars, he added.
Azure in Space
The Azure cloud capabilities will be used with the machines to allow experiments with getting data back and forth from the ISS to Earth as quickly and efficiently as possible, said Fernandez. Such data transfers are done today using existing NASA technologies.
The ISS is only 220 miles up in Earth orbit, but the networking is circa-1980, said Fernandez. We have speeds of two megabits a second up and down to the ISS. I have 50 megabits a second in my home.
Increasing those speeds will be critical for Mars missions, he said.
Microsoft is enabling that, and they have aspirational plans to come up with some AI and machine learning that we'll look at, said Fernandez. One idea they will look at is running data on SBC-2 and then sending small amounts of data back to Earth, and then comparing that to bursting data to Azure and seeing what works faster.
We're sitting right on top of the same NASA network, but we're going to encode and compress messages back and forth in order to take the most advantage of that two megabytes per second, he said. I have a brilliant scientist who is going to run the same experiment on CPUs, on GPUs and in the cloud. And he will report back to the community, if you have this type of data, it's best if you process it this way because we are given those three options.
The experiments will begin after the equipment arrives at the ISS and following their installation and setup. Those tasks are expected to take some time to complete, including several days for the cargo mission to arrive at the space station. We've got three pre-canned experiments for three different users that we're going to hope to fire off right away, said Fernandez.
How Azure Views Its Mission Aboard the ISS
The crux of this work is about making the capabilities of Azure available toastronauts, space explorers andresearchers to learn and advance science and the use of the cloud to support their goals, a Microsoft spokesperson told EnterpriseAI. Through this project we will be able to continue to gain knowledge onhow wecanbest support thescience andresearch community, wherever they are, on and off the planet.
With SBC-2, Microsofts research and Azure space engineering teams are evaluating the potential of HPEs [space-based] state-of-the-art processing in conjunction with hyperscale Azure, alongside the development of advanced artificial intelligence (AI) and machine learning models to support new insights and research advancements, the spokesperson said.
That includes weather-modeling of dust storms to enable future modeling for Mars missions, plant and hydroponics analysis to support food growth and life sciences in space, and medical imaging experiments using an ultrasound on the ISS to support astronaut healthcare.Also being created is a platform for the development and testing of hybrid edge-cloud environments before contributing additional experiments to the ISS.
We are exploring the potential of empoweringexciting newexperiments thatleveragethe far-reaching potential of the cloudin conjunction with theHPE Edge capabilities, the spokesperson said. To date, researchershavehad tooften limitthe scope of theirstudytowhat computationalresources theyhadavailable to conduct their research.
Using bursting capabilities with Azure will add to future capabilities, according to Microsoft. Bursting down to the cloud provides access to more computation/resources than can be hosted in the ISS, while leveraging SBC-2s power and proximityat the edge, the spokesperson said. We are excitedto empower others, even in space,tobeable to leveragethe power ofMicrosoftAzure-making it possible forastronauts, space explorers, andresearchers to thinkbig astheytackle theirtoughestquestions.
Related
Products and Solutions to Internet Security and Privacy – TFOT – The Future of Things
Photo bycottonbrofromPexels
Internet security and data security has become less protected due to the varying data retention laws. People looking to maintain their online privacy are opting for online services to ensure their data is secured. There are various services offered such as VPN, antivirus, password manager services, and email protection. There are several providers are in the market and it is important to get these services from trusted providers. Websites likePrivacy Sharksoffer reviews on the top and best providers for anything to do with online security.
A virtual private network is a means of ensuring that ones mobile, computer or laptop is secured. It works by protecting the users identity and allowing them to roam the internet freely. VPN tricks the device to believe it is in another location and encrypting the users internet activity hence allowing them to access geo-restricted content. People who use devices to work at home require protection from hackers and cyber threats. Some users use these services to keep their information away from their internet provider or the state government. Most people use VPN to ensure online anonymity and online privacy. It helps to keep the users location data untraceable by showing a different region.
Internet browsing through unsecured networks exposes ones private information to the public. Public Wi-Fi networks make passwords and data accessed by a browser vulnerable to access by unauthorized persons. VPN keeps the online activity and IP address private by scrambling data sent over a public network. Search history from someones online activity and web surfing can be accessed by various people and used to locate the user. This is why people get targeted ads and pages as per their search content. Service providers and web browsers can access someones information anytime without a VPN. The best VPN services should be able to provide privacy and anonymity by hiding the IP address, protect user private information from the public, and allow one to access and watch their favourite shows at whatever location they are when traveling.
Antivirus software is installed on user devices to protect them from known internet threats such as viruses and malware. The software should be frequently updated to ensure that it remains effective since it can also harm the device. A universal antivirus is best preferred for information security since cyber threats that involved a maliciously cooked code may fail to be detected by some antivirus programs. Some antivirus software has the capability of running predictive analysis and are also equipped with artificial intelligence and can therefore detect any malicious software depending on what it does to the users device. Users should be keen when selecting the type of antivirus software to install. The weaknesses and strengths of the software should be identified before settling on an antivirus company. An antivirus with frequent scanning and updates helps ensure the users cybersecurity hygiene is taken care of and that they are free from threats.
Email security ensures that a users email communication and accounts are safe from unauthorized access, loss, or compromised by other persons. Email threats include malware, spam, deceptive messages that confuse users to expose sensitive information, hyperlinked malware, and phishing attacks. Email security is essential for both individual and business email accounts. Enterprise and company valuable data should be protected from cyberthreats. There are several ways in which one can secure their email and information. Some of them include strong passwords, secure logins and encryption, email encryption, data scanners, and data protection solutions to protect sensitive information. For companies, it is key to train employees and make them aware of the various types of threats around them. Avoiding risky behaviours such as opening emails and clicking unverified links should also be avoided since malware can cause massive destruction when installed on a device. Email attackers have skills and methods of luring the user to believe that they are supposed to share with them certain information. It is important to select the best email security services to ensure the security of data and private information in personal emails, business emails, or company emails.
Password managers help maintain online security and privacy by offering services that enable users to create strong and unique passwords that are not easy to guess or recreate. It is advisable to avoid repeating and reusing passwords and for most people, it is a challenge to remember every one of them. Password managers also ensure that the generated password is stored in a safe and encrypted location and the user needs to remember only one major password to access the others. the user has to decide on what place they prefer their password saved in. The passwords can be saved on their personal computer, in the cloud, or on someone else server.
Device stored passwords are hard to be accessed by hackers since they will need advanced tools and keyloggers to access the passwords. The user has control over the password access and security. However, when the device is lost, all the passwords can be compromised especially if the device is stolen by someone targeting the user. Cloud storage of passwords makes them easily accessible to the user as well as synchronizes all the passwords on several other devices through cloud servers. The passwords saved on cloud servers can also be recovered when forgotten by the user or in the case of a stolen device. The only threat of saving passwords on the cloud is that they can be breached hence do not provide total security to user data.
Conclusion
Internet security requires the use of various technologies and products to ensure data and information safe from unauthorized personnel and cyber-attack. There are several solutions and products to choose from and they all have different pros and cons on the devices and to the user. It is key to select the right product and package that serves the purpose of ensuring that the device is free from any type of online insecurity. Various sophisticated threats are surrounding online users especially for companies or persons who strive to protect sensitive and private information from target groups.
Other Posts You Will Enjoy
Visit link:
Products and Solutions to Internet Security and Privacy - TFOT - The Future of Things
Microsoft said the number of web shells has doubled since last year – ZDNet
Image: Microsoft
Microsoft says the number of malicious web shells installed on web servers has almost doubled since its last count, last year in August 2020.
In a blog post yesterday, the Redmond company said it detected roughly140,000 web shells per month between August 2020 and January 2021, up from the77,000 averageit reported last year.
The number has increased as a result of a shift in how hackers view web shells. Once considered a tool for script kiddies defacing websites and the go-to tool of DDoS botnet operators, web shells are now part of the arsenal of ransomware gangs and nation-state hackers alike and are crucial tools used in complex intrusions.
Two of the reasons they have become so popular is their versatility and access they provide to hacked servers.
Web shells, which are nothing more than simple scripts, can be written in almost any programming language that runs on a web server such as PHP, ASP, JSP, or JS and such, can be easily hidden inside a website's source code. This makes detecting them a difficult operation, which often involves a manual analysis from a human operator.
In addition, web shells provide hackers with a simple way to execute commands on a hacked server via a graphical or command-line interface, providing attackers with a simple way to escalate attacks.
As the corporate IT space has moved towards hybrid cloud environments, the number of companies running web servers has increased over the past few years, and, in many cases, public-facing servers often have direct connections to internal networks.
As Microsoft's stats have shown, attackers appear to have figured out this change in the makeup of corporate IT networks as well, and have amped up their attacks on public-facing systems.
Web shells now play a crucial role in their attacks, providing a way to control the hacked server and then orchestrate a pivot to a target's internal network.
These types of attacks are exactly what the US National Security Agency warned about in April 2020 when it publisheda list of 25 vulnerabilitiesthat were often used to install web shells.
The NSA report didn't just warn about web shells used on public-facing systems but also about their use inside internal networks, where they're used as proxies to jump to non-public-facing systems.
Microsoft urges companies to re-prioritize their approach to dealing with web shells, which are slowly becoming one of today's biggest security threat. As ways to keep networks secure, the OS maker recommends a few basic actions:
Read more from the original source:
Microsoft said the number of web shells has doubled since last year - ZDNet
Ways to keep the organization’s cloud costs under control – YourStory
Cloud costs can prove to be a tricky if not monitored carefully. This makes it important for organisations to reduce their overall cloud costs. All these techniques and strategies can be implemented quickly and can help users tremendously with their cloud costs.
But before finding out how you can reduce your organisation's cloud costs, let's take a brief look at cloud computing services.
Cloud services are specialised IT services offered to companies to reduce their burden and ease their workflow. Maintaining IT infrastructure within a company can be expensive due to the high costs involved in purchasing and maintaining these servers. Usually, an entire department is needed to run these big server rooms, which is why companies prefer to outsource these services.
The number of organisations using cloud services has gone up exponentially. According to studies, the average use of cloud services in an organisation has gone up from 5 percent to 30 percent in just a few years, and it's set to increase even more.
The increase in usage of cloud services can greatly burden a companys finances. But these five ways can help an organisation can reduce its cloud services costs and keep them under control.
The first and foremost step is to understand the need for cloud services in your organization. For that, IT professionals must be brought into the picture and asked how the company can benefit from using cloud services. Going back to the whiteboard and understanding your needs will allow you to assess the extent to which you require the services.
Do you need to improve your workflow or strengthen security? Or do you need to increase flexibility or facilitate work distribution among team members? Do you need private cloud services or public cloud services? Do you need SaaS (software as a service), IaaS (infrastructure as a service), or PaaS (platform as a service)?
Answers to these questions will improve your understanding of cloud services, which translates into better budgeted and managed services.
After gaining a better understanding of your organisation's cloud needs, budgeting your service expenses is the next important step. It's imperative to strike a balance between how your need and spending capacity. Understanding what licence you are going for is critical. Will per-user or overall usage benefit your organisation more in terms of cost reduction and better workflow? Companies are continually spending more on cloud services. It is not a bad thing necessarily, but something organisations might want to watch out for.
But organisations should ensure room for flexibility while preparing this budget because any impetuous decision can hamper usage. The bottom line: assess the needs and strike a balance.
Cloud management platforms help you in creating visibility of cloud service usage. An organisation that is aware of the usage of its cloud services will be able to better utilise the services.
Keeping a tab on departmental usage can help the organisation to implement cost cutting where needed. This will not only uncover loopholes in allocation and capacity, but will also provide the organisation with any data-saving method that's already in place. Investing in cloud management platforms is therefore an important tool. These platforms give accurate information about your use of these services and can help you to optimise the same.
Managing the usage of services is often the most overlooked part, but is an essential factor in increasing or reducing costs.
Staff should understand the usage of cloud services because they are the users. Mistakes made by employees when accessing services result in increased costs, which burden the organisation's overall finances. It's simple: if you want to achieve lower costs, educate your employees about the usage of these services.
While opting for cloud services, larger organisations use a mixture of services to keep the costs down. They understand their needs diligently and invest in services that are most cost-effective and beneficial.
For some, a single cloud service may do the trick, but these are not necessarily cost-effective. The right cloud services depend on your organisation's needs and capacity. Also, it is beneficial to integrate your cloud services with your systems to facilitate ease of use and data transfer.
Often a network architect is hired in a company to help in decision making on where the company should invest in. It is the job of the network architect to devise a cost-efficient strategy for the organisation and oversee the working of these services.
Cloud computing is the future. Efficient usage of these services can unlock a lot of opportunities, but managing them well is essential for your growth.
(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)
Read the rest here:
Ways to keep the organization's cloud costs under control - YourStory
Microsoft Warns Web Shell Attacks That Maliciously Harness Servers Increased Dramatically In 2020 – Hot Hardware
As long as computers have been around, there have been hackers who have progressively improved and become sneakier at exploiting them. Last year, Microsoft used Microsoft 365 Defender data to find that web shell attacks, which are simple yet effective pieces of malicious code embedded into a web server, are rising. This year, they found that trend not only continued, it accelerated: every month from August 2020 to January 2021. Web shells, as Microsoft describes, are just a small piece of malicious code, that allows attackers to run commands on servers to steal data or use the server as launch pad for other activities like credential theft, lateral movement, deployment of additional payloads, or hands-on-keyboard activity. If any vulnerability crops up on a web server, a malicious actor could take advantage of it to get a web shell on the box. While the simple answer would just be scanning through code to find things like web shells, the task is actually incredibly difficult. The code can blend in with everything else and only be 15 or fewer lines, even down to 5 or fewer lines depending on what is needed by the attacker.As these sorts of attacks are easy to make and hard to detect, the number of them has subsequently increased. Alarmingly, in a year-over-year comparison, Microsoft saw nearly double the monthly average of web shell encounters as seen in 2019 to 2020, shown in the chart below. To help defend against these attacks, Microsoft Defender for Endpoint uses a combination of durable protections that prevent web shell installation and behavior-based detections that identify related malicious activity. In laymans speak, Microsoft Defender For Endpoint can detect malicious behavior by analyzing processes and other things happening on a device with behavior inspection. While Microsoft Defender is nice, it cannot be the only line of defense, however. People who maintain web servers need to harden them against web shells by, as listed by Microsoft, keeping up to date on vulnerabilities and remediation practices, segmenting perimeter networks, turn on antivirus protection, and other good security practices.
Ultimately, even if you do not know what all of this is, it should be slightly concerning to know that attackers are out there and only ramping up operations. If you are an IT admin, it is time to batten down the hatches as the oncoming storm of hackers will only strengthen, and it is a matter of when not if.
Fifth-generation cyberattacks are here. How can the IT industry adapt? – World Economic Forum
Cyberattacks are continuing to grow in sophistication and scale.
The coronavirus pandemic has increased the attack surface for cybercriminals, leading to a possible cyber-pandemic.
Healthcare is one industry that has been particularly exposed.
If you look back at early 2020 "new year predictions", you will find nowhere a reference to an unprecedented global pandemic that will shut down, in many ways, the way we live and begin a new normal.
But it happened. And with the new normal came "new everything".
With the rapid shift to more cloud servers, the popularity of network-connected smartphones, in addition to the shift to remote work, organizations had to quickly adapt their security measures to make sure they are secured at all times, from any remote places they might connect from. This has now become the new security perimeter.
The new landscape has generated a surge of sophisticated fifth-generation cyberattacks. As organizations adapted to remote work, and all its digital implications, cyber-criminals seized the global crisis to launch a series of large-scale cyber exploits.
Cyberattacks have reached a new level of sophistication, ranging from international espionage to massive breaches of personal information to large-scale internet disruption.
Advanced weapons-grade hacking tools have been leaked, allowing attackers to move fast and infect large numbers of businesses and entities across huge swaths of geographic regions. Large-scale, multi-vector mega-attacks have sparked a need for integrated and unified security structures.
Most businesses are still in the world of second- or third-generation security, which only protects against viruses, application attacks and payload delivery. Networks, virtualized data centres, cloud environments and mobile devices are all left exposed. To ensure a cybersecure organization, businesses must evolve to fifth-generation security: advanced threat prevention that uniformly prevents attacks on a businesss entire IT infrastructure.
Just as we thought 2020 could not have brought any more bad news or cybercrime advancements, along came the SolarWinds incident, which swiftly qualified for the title of the most significant attack of the year: sophisticated, multi-vector attacks with clear characteristics of a cyber pandemic, where the malicious activity is spread within the organization in a manner of seconds. This was a manifestation of fifth-generation cyber-attack.
The scope of the incident became clearer several days later when Microsoft, FireEye, SolarWinds, and the US government all admitted they suffered an attack made possible by a hack to SolarWinds, a common IT-management software. Further investigation revealed that the attackers added a backdoor, called Sunburst, to a component of the SolarWinds system, which was then distributed to its customers via an automatic software update. That granted remote access to multiple high-profile organizations making it one of the most successful supply-chain attacks ever observed.
Several aspects of the SolarWinds supply-chain attack make it unprecedented in the ever-evolving cyber-landscape. Its scope was uniquely broad, with an estimated 18,000 SolarWinds customers affected, including most Fortune 500 firms.
COVID-19 forced organizations to set aside their existing business and strategic plans, and quickly pivot to delivering secure remote connectivity at massive scale for their workforces. Security teams also had to deal with escalating threats to their new cloud deployments, as hackers sought to take advantage of the pandemics disruption: 71% of security professionals reported an increase in cyber-threats since lockdowns started.
As COVID-19 continues to dominate headlines in 2021, news of vaccine developments or new national restrictions will continue to be used in phishing campaigns, as they have been through 2020. The pharma companies that developed vaccines will also continue to be targeted by malicious attacks from criminals or nation states looking to exploit the situation.
Recent Check Point research shows that healthcare is currently the most targeted industry in the US, with a 71% increase in attacks compared to September. The chart below shows the sharp increase of healthcare-sector attacks compared to the global increase; since November, there has been an increase of over 45% in the amount of attacks in the sector, double the global increase in amount of attacks over the same time period (22%).
Healthcare sector cyberattacks in 2020
Image: Check Point
As the coronavirus spread worldwide, the social distancing policies enacted due to the COVID-19 pandemic shifted a substantial portion of businesses from corporate offices to employees home offices. Network admins had to rapidly adjust to the requirements of working remotely and implement remote-access platforms within their organizations. Unfortunately, these often resulted in misconfigurations and vulnerable connections, allowing attackers to leverage these flaws to access corporate information.
As a result, the first half of 2020 saw an increase in attacks against remote access technologies such as RDP (Remote Desktop Protocol, developed by Microsoft to provide an interface for remote connection) and VPN. The following chart displays the increase in attacks exploiting vulnerabilities in remote connection products.
Attacks targetting remote connection vulnerabilities
Image: Check Point
Schools and universities have pivoted to large-scale use of e-learning platforms, so perhaps its no surprise that the sector experienced a 30% increase in weekly cyberattacks during the month of August, in the run-up to the start of new semesters. Attacks launched by these digital class clowns will continue to disrupt remote-learning activities over the coming year, if and when the pandemic spread will peak.
With this new world, comes a new opportunity to redefine the role of cybersecurity and ensure every organization is stepping up the fifth generation of security. Below are three guiding principles:
As weve learned, vaccination is far better than treatment. The same applies to your cybersecurity. Real time prevention of attacks, before they infiltrate, places your organization in a better position to defend against the next cyber-pandemic.
2. Consolidation and visibility
Solutions applied in individual areas of attack will probably leave you with security gaps, fragmented visibility, complex management and limited options to scale. Consolidated security architecture will guarantee you the security effectiveness needed to prevent sophisticated cyberattack. Unified management and risk visibility fill out your security posture.
Next-generation technologies such as AI, ubiquitous connectivity and quantum computing have the potential to generate new risks for the world, and at this stage, their full impact is not well understood.
There is an urgent need for collective action, policy intervention and improved accountability for government and business in order to avert a potential cyber pandemic.
The Forum's Centre for Cybersecurity launched the Future Series: Cybercrime 2025 initiative to identify what approaches are required to manage cyber risks in the face of the major technology trends taking place in the near future.
Find out more on how the Forum is leading over 150 global experts from business, government and research institutions, and how to get involved, in our impact story.
3. Keep your threat intelligence up to date
To prevent zero-day attacks, organizations first need incisive, real-time threat intelligence that provides up-to-minute information on the newest attack vectors and hacking techniques. Threat intelligence must cover all attack surfaces including cloud, mobile, network, endpoint and IoT.
See the rest here:
Fifth-generation cyberattacks are here. How can the IT industry adapt? - World Economic Forum
FogHorn and IBM to Collaborate on Edge-to-Hybrid Cloud Solutions – ARC Viewpoints
FogHorn announced plans to collaborate with IBM. The common goal is to provide an open and secured next-generation hybrid cloud platform with advanced, edge-powered artificial intelligence (AI) and closed-loop system control capabilities. By bringing together edge and cloud capabilities, FogHorn and IBM plan to help customers rapidly deploy, process, store, analyze and train critical data from edge to cloud and enhance business processes.
FogHorn Lightning Edge AI offerings, which deliver low latency for onsite data processing and real-time AI, analytics and machine learning capabilities, combined with IBM Edge Application Manager, which runs on Red Hat OpenShift, will be designed to automate the deployment of edge AI applications to available enterprise edge compute. The solution is being engineered to run and manage workloads on virtually any edge endpoint, including devices, clusters and servers, gateways and machines supporting RHEL and other Linux operating systems, with Red Hat OpenShift, and Podman and other Docker runtimes. This gives organizations the choice and flexibility to extend their operations from any public or private cloud to any edge server or asset, and is planned to allow for a single system of record in the enterprise that is enriched with quality data and insights to be acted on with intelligent automation.
FogHorns offerings can also be integrated with IBM Maximo Application Suite to optimize the performance of physical assets and accelerate transformation of maintenance, monitoring and reliability options, powered by Lightning Edge AI Platform.
Read more:
FogHorn and IBM to Collaborate on Edge-to-Hybrid Cloud Solutions - ARC Viewpoints
Global High Availability Server Market (2021 to 2026) – Growth, Trends, COVID-19 Impact, and Forecasts – Yahoo Finance
TipRanks
Were well into the first quarter of 2021 now, and its a good time to take stock of whats behind us, and how it will impact what lies ahead. Goldman Sachs strategist Jan Hatzius believes that we are on an upward trajectory, with better times ahead. Hatzius sees the developed economies expanding as the corona crisis recedes. For the US, particularly, he is impressed by the very substantial fiscal support implies in the latest COVID relief package. Even with that, however, Hatzius believes that Q4 was a weaker period, and we are still not quite out of it. Hes putting Q1 growth at 5%, and says that were going to see further expansion concentrated in the spring, and an acceleration to 10% growth rate in Q2. And by accelerations, Hatzius means that investors should expect Q2 GDP in the neighborhood of 6.6%. Hatzius credits that forecast to the ongoing vaccination programs, and the continued development of COVID vaccines. The Moderna and Pfizer vaccines are already in production and circulation. Hatzius says, in relation to these programs, That fact that we are developing more options and that governments around the world are going to have more options to choose between different vaccines [means] production is likely to ramp up in pretty sharply in incoming months Its definitely a major reason for our optimistic growth forecast. In addition to Hatzius' look at the macro situation, analysts from Goldman Sachs have also been diving into specific stocks. Using TipRanks' database, we identified two stocks that the firm predicts will show solid growth in 2021. The rest of the Street also backs both tickers, with each sporting a Strong Buy consensus rating. Stellantis (STLA) Weve talked before about the Detroit automakers, and rightly so -- they are major players on the US economic scene. But the US hasnt got a monopoly on the automotive sector, as proven by Netherlands-based Stellantis. This international conglomerate is the result of a merger between Frances Groupe PSA and the Italian-American Fiat-Chrysler. The deal was a 50-50 all stock agreement, and Stellantis boasts a market cap exceeding $50 billion, and a portfolio of near-legendary nameplates, including Alpha Romeo, Dodge Ram, Jeep, and Maserati. The deal that formed Stellantis, now the worlds fourth largest automotive manufacturer, took 16 months to accomplish, after it was first announced in October 2019. Now that it is reality the merger was completed in January of this year the combined entity promises cost savings of nearly 5 billion euros in the operations of both Fiat-Chrysler and PSA. These savings look to be realized through greater efficiency, and not through plant closures and cutbacks. Stellantis is new in the markets, and the STLA ticker has supplanted Fiat-Chryslers FCAU on New York Stock Exchange, giving the new company a storied history. The companys share value has nearly tripled since its low point, reached last March during the corona recession, and has stayed strong since the merger was completed. Goldman Sachs analyst George Galliers is upbeat on Stellantis future, writing, We see four drivers which, in our view, will enable Stellantis to deliver. 1) PSA and FCAs product portfolios in Europe cover similar segment sizes at similar price points 2) Incremental economies of scale can potentially have a material impact on both companies... 3) Both companies are at a relatively nascent stage [in] electric vehicle programs. The merger will prevent duplication and deliver synergies. 4) Finally, we see some opportunities around central staffing where existing functions can likely be consolidated... In line with this outlook, Galliers rates STLA a Buy and his $22 price target indicates room for 37% growth in the year ahead. (To watch Galliers track record, click here) Overall, this merger has generated plenty of buzz, and on Wall Street there is broad agreement that the combined company will generate returns. STLA has a Strong Buy consensus rating, based on a unanimous 7 buy-side reviews. The stock is priced at $16.04, and the average target of $21.59 is congruent with Galliers, suggesting a 34.5% one-year upside potential. (See STLA stock analysis on TipRanks) NRG Energy (NRG) From automotive, we move to the energy sector. NRG is a $10 billion utility provider, with dual head offices in Texas and New Jersey. The company provides electricity to more than 3 million customers in 10 states plus DC, and boasts a over 23,000 MW was generating capacity, making it one of North Americas largest power utilities. NRGs production includes coal, oil, and nuclear power plants, plus wind and solar farms. In its most recent quarterly report, for 3Q20, NRG showed $2.8 billion in total revenues, along with $1.02 EPS. While down year-over-year, this was still more than enough to maintain the companys strong and reliable dividend payment f 32.5 cents per common share. This annualizes to $1.30 per common share, and gives a yield of 3.1%. Analyst Michael Lapides, in his coverage of this stock for Goldman Sachs, rates NRG a Buy. His $57 price target suggest an upside of 36% from current levels. (To watch Lapides track record, click here) Noting the recent acquisition of Direct Energy, Lapides says he expects the company to deleverage itself in the near-term. After NRGs acquisition of Direct Energy, one of the larger electricity and natural gas competitive retailers in the US, we view NRGs business as somewhat transformed. The integrated business model owning wholesale merchant power generation that supplies electricity that gets used to serve customers supplied by NRGs competitive retail arm reduces exposure to merchant power markets and commodity prices, while increasing FCF potential," Lapides wrote The analyst summed up, "We view 2021, from a capital allocation perspective, as a deleveraging year, but with NRG creating almost $2bn/year in FCF, we see a pick up in share buybacks as well as 8% dividend growth ahead in 2022-23." Were looking at another stock here with a Strong Buy analyst consensus rating. This one based on a 3 to 1 split between Buy and Hold reviews. NRG is trading for $41.84 and its $52.75 average price target suggests a 26% upside from that level on the one-year time frame. (See NRG stock analysis on TipRanks) To find good ideas for stocks trading at attractive valuations, visit TipRanks Best Stocks to Buy, a newly launched tool that unites all of TipRanks equity insights. Disclaimer: The opinions expressed in this article are solely those of the featured analysts. The content is intended to be used for informational purposes only. It is very important to do your own analysis before making any investment.
Go here to see the original:
Global High Availability Server Market (2021 to 2026) - Growth, Trends, COVID-19 Impact, and Forecasts - Yahoo Finance
From High-Speed Pursuit to High-Speed Connection: Emerging Technology in Law Enforcement – HSToday
A world of artificial intelligence and augmented reality provides criminals an avenue to avoid detection by law enforcement and continue an unlawful lifestyle. A lack of essential technical skills, artificial intelligence, and augmented reality capabilities within law enforcement will provide an advantage to criminals within cyber and physical environments. Local, state, and federal law enforcement agencies that solely focus on brick-and-mortar crimes, or crimes committed in the physical sense, will diminish their usefulness within the next decade.
As technology evolves so does crime, and the question is whether state and local police lack capabilities to safely prevent and mitigate crime within their communities. Cold cases, forensic bias, and human error will be history within the next decade. The emergence of 5G connectivity will enable artificial intelligence and augmented reality to enhance law enforcement interaction with their respective community, consequentially resolving crime with evidence-based tactics at unprecedented speed.
First, it is crucial to recognize that police will require technical skills to resolve issues and solve crimes as law enforcement agencies strive to understand malicious cyber activity and the effects on citizens. Identity theft, financial crimes, unlawful access to personal and business software and web-based platforms, and confidential information leakage are only a few of the many cybercriminals targets. Federal law enforcement does not have the capacity or capabilities to prevent nor prohibit cyber criminality at the local level. Therefore, it is the responsibility of a chief of police and staff to ensure police are trained and remain ready in the cyber realm.
Facial recognition technology, also known as FRT, compares multiple images to match a humans face, confirming the identity of a suspect or victim (Service, 2020). Law enforcement agencies need this capability to eliminate errors in human bias and witness manipulation. The images are pulled from a database of mugshots, body camera images, social media photos, and other public information sources within legal capacity (Service, 2020). The storage of biometrics poses security concerns for the server and data privacy, which will be addressed later.
Augmented reality, if used correctly, keeps the officer, residents, and local patrons safe. For example, officers arriving at a patrol scene can utilize AR glasses to obtain information regarding previous criminal history in the area, scan license plates, and even find exits to a building in pursuit of a suspect (Mirkow&Gelles, 2020). Additionally, an officer can identify whether a person has an immediate health condition that needs attention, preparing the officer to perform life-saving procedures with advised medical equipment (Mirkow&Gelles, 2020).
Evidence-based policing is arguably the most revolutionary technology for law enforcement. The technology can provide real-time advisory to law enforcement agencies, giving researchers and computer programmers access to the most significant outcome of different tactics (Mirkow & Gelles, 2020). The theory proves vital at the local and federal levels, including drug raids, border patrol, and even domestic violence disputes (Mirkow & Gelles, 2020). Not only will this capability increase efficiency in crime-solving, but it will also provide an accurate account of the crime with sufficient resolution.
While many technologies await law enforcement utilization, three key opportunities lie in bringing innovative technology into law enforcement. Quality risk management, effective crime prevention, and fostering a positive community-police relationship create a holistic approach to building an effective and accountable police force while preventing and solving criminal activity promptly.
Analysis
Quality Risk Management
According to the Department of Justice (2018), the use of force and pursuit operations rank as the highest-risk activities in law enforcement. Incorporating technology in risk management can minimize physical harm to citizens and officers and property damage by removing human error and potentially extreme lethality. The data collected from technology can also be used in a court of law to determine guilt or innocence. For example, a pursuit operation incorporating an unarmed drone and thermal imaging will assist law enforcement in tracking a suspect regardless of the time of day. Additionally, facial recognition technology with accurate data management can confirm whether the right person is in custody.
The use of force is a controversial and sensitive topic and promotes strain between the police force and the local community. While there is no technology to eliminate human bias, automated tools help reduce the risk of bias during traffic and routine police stops. Emerging technology, such as artificial intelligence, machine learning, and augmented reality, provides evidence-based policing, which provides analytical hypotheses on the location and linkage of suspects with advanced forensic techniques in a fraction of the time it takes for detectives to conclude a solution (Mirkow & Gelles, 2020). The analysis also provides police a buffer between unconscious bias and their duty to the community in crime prevention (Mirkow & Gelles, 2020).
Cloud storage and edge computing can provide real-time data to police patrols to identify whether a vehicle or the driver has previous law violations or warrants without pulling the vehicle over and obtaining identification, an emerging tool known as the Fog-to-Cloud System (Rejiba, Masip-Bruin, Jurnet, Marin-Tordera, & Ren, 2018). A mobile server connected to a secured cloud database providing real-time information on a vehicle and its driver reduces potentially dangerous interaction between citizens and police and reduces the number of resources and amount of time in traffic stops.
Effective Crime Prevention
Over 8 million tips to help locate missing children are provided to a team of approximately 25 people (Mirkow & Gelles, 2020). Sifting and analyzing this information could take decades to find these children, and in most cases that will be too late. Deploying artificial intelligence to analyze this data can exponentially reduce time spent and potentially locate the child to reunite them with their families and hold the perpetrators accountable (Mirkow & Gelles, 2020). Technology such as closed-circuit television, or CCTV, provides a live feed to police stations, which provides first-hand information in place of physical police presence (Mirkow & Gelles, 2020). This technology is implemented in numerous locations globally and already proves a powerful tool in crime prevention. CCTV assisted Indian law enforcement to find nearly 3,000 missing persons in just four days (Mirkow & Gelles, 2020).
Police-Community Relationship
Law enforcement and community relations are a sensitive topic in the 21st century. While there are historical aspects to consider, a way forward requires implementing augmented reality, or AR, to train, assess, and employ police officers research on adult learning theory suggests that hands-on, problem-solving learning approaches foster skills and knowledge that translate back into behavior change (Office of Community Oriented Policing Services, 2018). Statistics have also shown that de-escalation exercises and tactics training significantly reduced the amount of injury and death of police officers and citizens over the past decade (Office of Community Oriented Policing Services, 2018), consequently reducing strained fear relationships within the local community. Augmented reality goggles provide hands-on training with real-world scenarios without exhausting police officers already strained resources in a fraction of the time. The AR toolkit can provide various scenarios, including cultural sensitivity, psychological crisis, and even pursuit operations.
Organizational Challenges
While emerging technology is advantageous to law enforcement, technical and organizational challenges arise with implementation. The first challenge is the technical expertise required to maintain databases and networks of innovative technology. The resources and personnel necessary to maintain such technology consist of a financial budget that some precincts and cities may not afford without government assistance. Secondly, law enforcement will require an in-depth defense of database and network access. Cybersecurity professionals can provide training, access and authentication protocols, and advisory to law enforcement and local government leadership on why and how to protect the infrastructure from common and unprecedented malicious activity. The protection of cloud data is crucial in law enforcement as the justice system relies on the information, leaving little to no room for error in data misconfiguration, privacy breaches, and ransomware.
Cybersecurity Requirements
Privacy
As mentioned before, the duty of the police requires preventing crime and protecting citizens from crime. Privacy and confidentiality breaches brought to public attention by brute force remain among the top cybersecurity threats in the United States. Shortly after the EU passed the General Data Protection Regulation (GDPR), the CEOs of Apple and Microsoft called on the U.S. to pass new privacy laws (Burt, 2019). The technologies mentioned above, facial recognition and augmented reality, retrieve and save sensitive data. Therefore, the security measure must be implemented through the development and deployment phase of police technology to prevent leaks. Considerations in information security are containerized applications, restricted access, and zero-trust security architecture (NIST, 2020).
Data Integrity
As previously mentioned, sensitive data stored in physical or cloud servers pose a higher risk of manipulation, theft, and breaches. If law enforcement and the justice system rely on data to identify, confirm, and prosecute suspects or identify victims, data securitys vitality is critical to operations. Disruption, distortion, and denial of data are the ultimate threats to police investigations and prosecution (Belani, 2020). A robust cloud security strategy can mitigate threats. Furthermore, an emergency response plan and the backup server can eliminate disruption in operations (Belani, 2020).
Artificial Intelligence
Artificial intelligence, employed lawfully, can and will increase productivity and security. Machine learning, a derivative of artificial intelligence, studies the networks packet traffic, detecting malicious packets intrusion. In conjunction with machine learning, AI can build reports and analysis for law enforcement within minutes, reducing the number of staff hours necessary to account for accurate data and analysis. AI/ML can pose a risk to security, as malicious actors utilize this technology to access networks (Belani, 2020). For example, sophisticated criminals can use machine learning to access law enforcement data and manipulate a potential suspects supporting crime violation evidence or remove a victims identity.
References
Belani, G. (2020).5 Cybersecurity Threats to Be Aware of in 2020. Retrieved from IEEE Computer Society : https://www.computer.org/publications/tech-news/trends/5-cybersecurity-threats-to-be-aware-of-in-2020
Burt, C. (2018, September 5).Malware Targeting Biometric Security and Strong Authentication Observed in Brazil Bank Attack . Retrieved from BiometricUpdate :https://www.biometricupdate.com/201809/malware-targeting-biometric-security-and-strong-authentication-observed-in-brazil-bank-attacks
Copple, C., & Copple, J. (2018).Risk Management in Law Enforcement: Discussions on Identifying and Mitigating Risk for Officers, Departments and the Public. Washington DC: Office of Community Oriented Policing Services. Retrieved from https://cops.usdoj.gov/RIC/Publications/cops-w0865-pub.pdf
Mirkow, A., & Gelles, M. (2020).Deloitte. Retrieved from The Future of Policing :https://www2.deloitte.com/us/en/pages/public-sector/articles/future-of-policing-and-law-enforcement-technology-innovations.html
NIST. (2020).SP 800-207 (Second Draft) Zero Trust Architecture.doi:10.6028/NIST.SP.800-207
Office of Community Oriented Policing Services. (2018).Risk Management in Law Enforcement.Department of Justice , Washington DC . Retrieved fromhttps://cops.usdoj.gov/RIC/Publications/cops-w0865-pub.pdf
Rejiba , Z., Masip-Bruin, X., Jurnet, A., Marin-Tordera , E., & Ren, G.-J. (2018). F2C-Aware: Enabling Discovery in Wi-Fi Powered Fog-to-Cloud (F2C) Systems.2018 6th IEEEInternation Conference on Mobile CLoud Computing, Services, and Engineering (MobileCloud)(pp. 113-116). Bamberg: IEEE. doi:10.1109/MobileCloud.2018.00025
Service, T. N. (2020, September 25).Congressional Research Service Report: Facial Recognition Technology & Law Enforcement: Select Constitutional Considerations..Retrieved from Targeted News Service :https://advance-lexis-com.proxy.library.georgetown.edu/document/?pdmfid=1516831&crid=1dd17cda-596d-4235-aa9a-67fc8a26e065&pddocfullpath=%2Fshared%2Fdocument%2Fnews%2Furn%3AcontentItem%3A60XN-HD91-JC11-13K6-00000-00&pdcontentcomponentid=299219&pdteaserkey=
(Visited 219 times, 109 visits today)
Here is the original post:
From High-Speed Pursuit to High-Speed Connection: Emerging Technology in Law Enforcement - HSToday