According to F5 data that tracks the 25 largest security breaches between 2000 and 2015, an astounding 72 percent of today’s attacks target identities and applications, not the network.
The changing face of IT security is seen in such factors of modern life as the pervasiveness of the Internet, the sheer abundance of mobile devices, the rise of social media, and dramatic shifts in web and cloud-based technology. The Internet of Things (IoT) adds another layer of complexity in which applications are at the core of this changing landscape. According to F5 data that tracks the 25 largest security breaches between 2000 and 2015, an astounding 72 percent of today’s attacks target identities and applications, not the network.
This is according to Simon McCullough, major channel account manager at F5, who says, “This shift has come about because data is what hackers are after, and the most direct pathway to data is through user credentials and applications. In this complex and vulnerable environment, applications and corresponding data can be anywhere and everywhere.
“The traditional network perimeter has dissolved in this online, interconnected world, and so, in an attack on applications, traditional network firewalls are not enough of a defence. However, according to F5 research (specifically, marketing sizing estimates aggregated from global research firms), 90 percent of today’s IT security budget is spent on perimeter solutions, leaving minimal budget on protecting user identities and applications, where 72% of today’s attacks take place .”
McCullough says that in this new, borderless security landscape, it’s important to know your company’s threat profile. He clarifies, “In this regard, you need to understand the likelihood of exploitation at all of your network’s entry points – users, applications, data centres, and network infrastructure – and the resulting impact if these entry points get hacked. Your threat profile is a key element in determining that likelihood. Could your business be a target because of such factors, for example, as its geographic profile, industry, systems, software, or data?”
McCullough offers the following 10 useful focus areas to consider in order to help businesses strengthen their security programmes and risk mitigation strategies.
1. Understand the enemy
Although hackers today include less-skilled novices who are out to cause malicious chaos, as well as those who are driven by social and political agendas, the majority of today’s hackers are cybercriminals who are motivated by money. Although they have a reputation for sophisticated methodology, in fact, many of their methods are actually relatively unsophisticated, and they tend to take the path of least resistance, going after easy targets.
2. Sort out your cybersecurity budget properly, including cyber insurance
As outlined previously, applications and user identities form around 72 percent of today’s IT attacks, yet this is not generally reflected in IT budget allocations. Spend your security budget in the right way, and ensure that you have cyber insurance as part of your budget. Data breaches will cost you money, and insurance here is as necessary as household insurance for a homeowner facing the aftermath of theft.
3. Train all employees to understand that security is everyone’s responsibility
Awareness training makes everyone more alert. Train your users to recognise and curtail factors such as spear phishing attempts and social engineering. Help them understand the importance of proper password management. Train developers in secure coding so that your web applications don’t have coding vulnerabilities.
4. Properly control access
· Remember that access is a privilege. Strictly manage what your user identities are authorised to access, so that when an identity is compromised, a threat actor doesn’t have unlimited access within the network.
· Manage your volume of user identities. Enable single sign-on to reduce the number of passwords that are stored insecurely or repeated across multiple critical systems.
· Implement multifactor authentication (MFA) for accessing your network and applications, because identities get compromised and MFA will help to protect data from being breached in the event of user credentials being compromised.
· Tighten up on username and password combinations: Don’t use weak or default combinations, and implement account lockouts after six failed login attempts. Also, implement stronger encryption methods on password databases.
5. Manage your vulnerabilities
· Have a scanning solution for every network, system, and software type; don’t limit yourself to externally facing IPs.
· Scan inside your network, and do black box and static code analysis of your apps. Layer your tools, because no single tool can universally find everything.
· Scan, test, and scan again. Have a continual testing process aligned to your development cycles and patch releases of your vendors.
· Implement a consolidated reporting platform that tracks all vulnerabilities by system and can produce valuable improvement metrics over time.
· Prioritise web application vulnerability management. You can get extremely good guidance from the OWASP (Open Web Application Security Project) Top 10, which describes today’s most critical web application security risks and how to mitigate specific types of attacks.
· Automate web application vulnerability management. Allow Web Application Firewalls (WAF) to patch a vulnerability automatically. A WAF requires routine attention by an experienced engineer. Many organisations are opting for managed WAF services versus hiring in-house expertise.
· Patch everything monthly, including desktops, laptops and servers, and especially if you are running Windows. Don’t skip important patches, as they will ultimately be required later in a queue chain of dependencies.
· Keep it updated: Don’t allow end-of-life software or hardware in your network.
· Force updates to Adobe Flash, Oracle’s Java, and don’t allow old versions of Internet browsers to run on company computer assets.
6. Ensure you have the required visibility
You can’t manage what you can’t see. It’s particularly important to make sure you have the visibility you need into your critical data. It’s important to properly architect, implement and continually manage intrusion detection/ prevention systems (IDS/ IPS), Security Information Event Managers (SIEM), data loss prevention (DLP) systems, and others. These systems need to have access to all parts of your network, systems, data, and data centres, and encrypted and non-encrypted traffic. Pay special attention to visibility within new virtualisation software.
7. Consider embracing the dark side… at least briefly
If you have an application that could cause significant harm to your business if it were compromised, it’s worth hiring an engineer to try to hack it. If hiring a hacker doesn’t sit comfortably, implement a public bounty programme.
8. Use the experts to help you
Compliance and incident response are two key areas for using the guidance of experts.
· Security as a service is a great option for effectively managing high-risk controls that require immediate response by highly skilled engineers.
· Test the effectiveness of your controls and control operators. Don’t let poorly designed controls or inadequate operators become the culprit.
· Get help in the event of a breach. Get the professional experience you need after a breach so that they can make the important decisions that could have a material impact on the outcome of the incident.
9. Have a DDoS strategy
The DDoS attack landscape has shifted rapidly. No longer are complex, expensive attacks launched only at high-value targets. Today’s reality includes bots with plug-and-play attacks that criminals can rent at low cost, as well as IoT botnets that are easy to make and capable of launching terabyte-per-second attacks. Having a DDoS plan is critical.
10. Tell the ‘big shots’ about the likelihood and effect of a breach
Communicate the possibility and subsequent effect of a breach to your board of directors, senior management and others who need to be in the know. They need to be armed with this information rather than being hit with the reality of a breach that they never imagined. Properly done, this should also support your budget requests.
Anton Jacobsz, managing director at Networks Unlimited, a value-added distributor of F5 in Africa, concludes, “Few organisations today have the internal resources required to fight cyber threats on their own. They need intelligence from outside sources, and this is where the Networks Unlimited partnership with F5 can help. F5 was founded 20 years ago and understands applications and the network at the deepest levels. Together with its threat research and intelligence team, F5 Labs, the company works to provide the security community with threat intelligence about current cyber threats and future trends to help them stay abreast of the security landscape.”
Now IBM’s Watson joins IoT revolution in agriculture
Global expansion of the Watson Decision Platform taps into AI, weather and IoT data to boost production
IBM has announced the global expansion of Watson Decision Platform for Agriculture, with AI technology tailored for new crops and specific regions to help feed a growing population. For the first time, IBM is providing a global agriculture solution that combines predictive technology with data from The Weather Company, an IBM Business, and IoT data to help give farmers around the world greater insights about planning, ploughing, planting, spraying and harvesting.
By 2050, the world will need to feed two billion more people without an increase in arable land . IBM is combining power weather data – including historical, current and forecast data and weather prediction models from The Weather Company – with crop models to help improve yield forecast accuracy, generate value, and increase both farm production and profitability.
Roric Paulman, owner/operator of Paulman Farms in Southwest Nebraska, said: “As a farmer, the wild card is always weather. IBM overlays weather details with my own data and historical information to help me apply, verify, and make decisions. For example, our farm is in a highly restricted water basin, so the ability to better anticipate rain not only saves me money but also helps me save precious natural resources.”
New crop models include corn, wheat, soy, cotton, sorghum, barley, sugar cane and potato, with more coming soon. These models will now be available in the Africa, U.S. Canada, Mexico, and Brazil, as well as new markets across Europe and Australia.
Kristen Lauria, general manager of Watson Media and Weather Solutions at IBM, said: “These days farmers don’t just farm food, they also cultivate data – from drones flying over fields to smart irrigation systems, and IoT sensors affixed to combines, seeders, sprayers and other equipment. Most of the time, this data is left on the vine — never analysed or used to derive insights. Watson Decision Platform for Agriculture aims to change that by offering tools and solutions to help growers make more informed decisions about their crops.”
The average farm generates an estimated 500,000 data points per day, which will grow to 4 million data points by 2036 . Applying AI and analysis to aggregated field, machine and environmental data can help improve shared insights between growers and enterprises across the agriculture ecosystem. With a better view of the fields, growers can see what’s working on certain farms and share best practices with other farmers. The platform assesses data in an electronic field record to identify and communicate crop management patterns and insights. Enterprise businesses such as food companies, grain processors, or produce distributors can then work with farmers to leverage those insights. It helps track crop yield as well as the environmental, weather and plant biologic conditions that go into a good or bad yield, such as irrigation management, pest and disease risk analysis and cohort analysis for comparing similar subsets of fields.
The result isn’t just more productive farmers. Watson Decision Platform for Agriculture could help a livestock company eliminate a certain mold or fungus from feed supply grains or help identify the best crop irrigation practices for farmers to use in drought-stricken areas like California. It could help deliver the perfect French fry for a fast food chain that needs longer – not fatter – potatoes from its network of growers. Or it could help a beer distributor produce a more affordable premium beer by growing higher quality barley that meets the standard required to become malting barley.
Watson Decision Platform for Agriculture is built on IBM PAIRS Geoscope from IBM Research, which quickly processes massive, complex geospatial and time-based datasets collected by satellites, drones, aerial flights, millions of IoT sensors and weather models. It crunches large, complex data and creates insights quickly and easily so farmers and food companies can focus on growing crops for global communities.
IBM and The Weather Company help the agriculture industry find value in weather insights. IBM Research collaborates with start up Hello Tractor to integrate The Weather Company data, remote sensing data (e.g., satellite), and IoT data from tractors. IBM also works with crop nutrition leader Yara to include hyperlocal weather forecasts in its digital platform for real-time recommendations, tailored to specific fields or crops. IBM acquired The Weather Company in 2016 and has since been helping clients better understand and mitigate the cost of weather on their businesses. The global expansion of Watson Decision Platform for Agriculture is the latest innovation in IBM’s efforts to make weather a more predictable business consideration. Also just announced, Weather Signals is a new AI-based tool that merges The Weather Company data with a company’s own operations data to reveal how minor fluctuations in weather affects business.
The combination of rich weather forecast data from The Weather Company and IBM’s AI and Cloud technologies is designed to provide a unique capability, which is being leveraged by agriculture, energy and utility companies, airlines, retailers and many others to make informed business decisions.
 The UN Department of Economic and Social Affairs, “World Population Prospects: The 2017 Revision”
 Business Insider Intelligence, 2016 report: https://www.businessinsider.com/internet-of-things-smart-agriculture-2016-10
What if Amazon used AI to take on factories?
By ANTONY BOURNE, IFS Global Industry Director for Manufacturing
Amazon recently announced record profits of $3.03bn, breaking its own record for the third consecutive time. However, Amazon appears to be at a crossroads as to where it heads next. Beyond pouring additional energy into Amazon Prime, many have wondered whether the company may decide to enter an entirely new sector such as manufacturing to drive future growth, after all, it seems a logical step for the company with its finger in so many pies.
At this point, it is unclear whether Amazon would truly ‘get its hands dirty’ by manufacturing its own products on a grand scale. But what if it did? It’s worth exploring this reality. What if Amazon did decide to move into manufacturing, a sector dominated by traditional firms and one that is yet to see an explosive tech rival enter? After all, many similarly positioned tech giants have stuck to providing data analytics services or consulting to these firms rather than genuinely engaging with and analysing manufacturing techniques directly.
If Amazon did factories
If Amazon decided to take a step into manufacturing, it is likely that they could use the Echo range as a template of what AI can achieve. In recent years,Amazon gained expertise on the way to designing its Echo home speaker range that features Alexa, an artificial intelligence and IoT-based digital assistant.Amazon could replicate a similar form with the deployment of AI and Industrial IoT (IIoT) to create an autonomously-run smart manufacturing plant. Such a plant could feature IIoT sensors to enable the machinery to be run remotely and self-aware; managing external inputs and outputs such as supply deliveries and the shipping of finished goods. Just-in-time logistics would remove the need for warehousing while other machines could be placed in charge of maintenance using AI and remote access. Through this, Amazon could radically reduce the need for human labour and interaction in manufacturing as the use of AI, IIoT and data analytics will leave only the human role for monitoring and strategic evaluation. Amazon has been using autonomous robots in their logistics and distribution centres since 2017. As demonstrated with the Echo range, this technology is available now, with the full capabilities of Blockchain and 5G soon to be realised and allowing an exponentially-increased amount of data to be received, processed and communicated.
Manufacturing with knowledge
Theorising what Amazon’s manufacturing debut would look like provides a stark learning opportunity for traditional manufacturers. After all, wheneverAmazon has entered the fray in other traditional industries such as retail and logistics, the sector has never remained the same again. The key takeaway for manufacturers is that now is the time to start leveraging the sort of technologies and approaches to data management that Amazon is already doing in its current operations. When thinking about how to implement AI and new technologies in existing environments, specific end-business goals and targets must be considered, or else the end result will fail to live up to the most optimistic of expectations. As with any target and goal, the more targeted your objectives, the more competitive and transformative your results. Once specific targets and deliverables have been considered, the resources and methods of implementation must also be considered. As Amazon did with early automation of their distribution and logistics centres, manufacturers need to implement change gradually and be focused on achieving small and incremental results that will generate wider momentum and the appetite to lead more expansive changes.
In implementing newer technologies, manufacturers need to bear in mind two fundamental aspects of implementation: software and hardware solutions. Enterprise Resource Planning (ERP) software, which is increasingly bolstered by AI, will enable manufacturers to leverage the data from connected IoT devices, sensors, and automated systems from the factory floor and the wider business. ERP software will be the key to making strategic decisions and executing routine operational tasks more efficiently. This will allow manufacturers to keep on top of trends and deliver real-time forecasting and spot any potential problems before they impact the wider business.
As for the hardware, stock management drones and sensor-embedded hardware will be the eyes through which manufacturers view the impact emerging technologies bring to their operations. Unlike manual stock audits and counting, drones with AI capabilities can monitor stock intelligently around production so that operations are not disrupted or halted. Manufacturers will be able to see what is working, what is going wrong, and where there is potential for further improvement and change.
Knowledge for manufacturing
For many traditional manufacturers, they may see Amazon as a looming threat, and smart-factory technologies such as AI and Robotic Process Automation (RPA) as a far off utopia. However, 2019 presents a perfect opportunity for manufacturers themselves to really determine how the tech giants and emerging technologies will affect the industry. Technologies such as AI and IoT are available today; and the full benefits of these technologies will only deepen as they are implemented alongside the maturing of other emerging technologies such as 5G and Blockchain in the next 3-5 years. Manufacturers need to analyse the needs which these technologies can address and produce a proper plan on how to gradually implement these technologies to address specific targets and deliverables. AI-based software and hardware solutions will fundamentally revolutionise manufacturing, yet for 2019, manufacturers just have to be willing to make the first steps in modernisation.