It has become something of a cliché that data is a natural resource essential to running a business. It must be harnessed and turned into insights and competitive advantage.
Companies are certainly wise to adopt a data-driven approach, particularly now, when technologies like artificial intelligence, cloud and automation need a solid data strategy to work effectively.
But where to begin? Many organizations aren’t sure, especially because of the massive, ever-expanding quantity of data. By 2025, 463 exabytes of data will be created daily — equal to nearly 213 million DVDs, according to the World Economic Forum. Then, there is the needle-in-a-haystack task of finding the right data, which is scattered inside and outside the enterprise.
Companies need a strategy. Here are four considerations to keep in mind.
1. Invest in data-driven partnerships
Connect with analytics experts to create an industry-led augmented intelligence strategy. Partnerships, especially ones that integrate technology and industry expertise, increase access to talent and allow the creation of a culture of industry-led augmented intelligence.
The balance between human expertise and the power of machines is vital. When these elements come together, they can solve some of the most challenging business problems and transform experiences for employees and customers.
Genpact, a professional services firm based in New York, worked with a global medical company that had to manage such large volumes of disparate data that analyzing sales performance, competitor activity and customer behavior became extremely difficult. Analysts were spending more than 80% of their time extracting and cleaning data for reporting, leaving little time to turn this data into insights. They often had to rely on manual spreadsheets, which led to inaccuracies. Working together, we developed self-service analytics for our client’s commercial team so they can generate their own insights on day-to-day activities.
Among the many benefits realized, employee productivity has risen 98%.
Digital transformation benefits for organizational efficiency
2. Diagnose and improve outdated processes.
Create the foundation for a sustainable future of data-driven decisions.
Data-driven transformation isn’t simply applying digital technologies to obsolete processes. Those processes must be identified and transformed. For example, if the invoicing process at a global retailer is slow and cumbersome, some may suggest introducing automation technologies to increase speed and volume. More likely, there are issues within the process that need to be resolved before automation is applied. In this instance, automation would create more problems than it would solve.
One excellent way to uncover process inefficiencies is by process mining, which identifies problems in a process by using algorithms to analyze data from underlying systems. When applied correctly, it, essentially, creates a digital twin of operations, highlighting processes that are working well and ones that need improvement.
The balance between human expertise and the power of machines is vital.
But to achieve this level of insight, enterprises need augmented intelligence — in this case, applying human judgment to process mining.
One financial services company Genpact worked with wanted to reduce the time it took to approve business loans. The company wanted to identify where delays were happening, why and, ultimately, create an action plan to reduce approval time.
Through process mining, we created a digital twin that identified wait times and bottlenecks across the process, quantified reworks and exceptions, and identified the factors influencing approval times. With these insights, the company was able to take steps such as streamlining document gathering and aligning working hours that reduced approval time from 13 days to two days.
3. Harness the power of the cloud
Collate, process and analyze data at scale. Cloud technology underpins digital transformation by enabling the analysis of vast amounts of data. A solid strategy built around the cloud allows enterprises to gather and analyze external and third-party data along with internal data.
Once that is done, the organization’s capabilities can expand exponentially. The cloud can optimize data and analytics behind the scenes, creating powerful customer experiences such as the way Netflix, Amazon and Spotify adjust algorithms daily based on users’ preferences.
In addition, the cloud can help tackle many other kinds of big, difficult problems. For example, a healthcare solutions company needed streamlined oversight of finance and supply chain data to cut reporting time, standardize performance metrics and improve decision-making.
The company utilized a cloud-based data engagement platform harmonizing data across different systems. The outcome is a single dashboard that gives employees access to predictive and prescriptive finance and supply chain insights.
4. Apply industry-specific expertise
The efficient and ethical management of data is growing in importance, especially for enterprises in highly regulated industries like financial services. Companies realize they must address security, compliance and potential data biases.
This effort requires a concerted alignment across business functions. It means creating a clear strategy for data ensuring ethical usage and regulatory compliance.
For example, a financial services firm that needs to become risk compliant might implement data automation capabilities to improve its data management and reporting systems. These products efficiently standardize data taxonomy, spot potential errors and improve the quality of reports — all while reducing risk and overhead costs for the firm.
Taken together, these four digital transformation strategies connect processes, technology and talent. It’s precisely the kind of integration needed to harness data and transform any business.
People that predict tomorrow’s weather by looking at today’s are often right. Cloudy today? It’ll probably be cloudy tomorrow. The same is often true for cybersecurity threats. Looking back at 2021 it looks a lot like 2020: A lot of ransomware attacks.
So, when I was asked to write about the three most significant cyber-attacks of 2021, it was no real surprise that my thoughts turned to ransomware attacks.
But what made these three stand out from the other attacks this year, and from many we’ve seen before, were not the direct consequences for the targeted systems, or even the people in the organizations that were attacked, but the consequences for people far beyond those organizations.
The three I’ve chosen are:
The Conti ransomware attack on Ireland’s Health Service Executive
The REvil ransomware attack on Kaseya VSA
The Darkside ransomware attack on the USA’s Colonial Pipeline
Let me explain why I chose these three from the multitude of ransomware attacks we went through in 2021.
The human cost of a ransomware attack
On May 14, Ireland’s Health Service Executive (HSE) was paralyzed by a cyberattack which turned out to be Conti Ransomware. The attack forced the organization to shut down more than 80,000 affected endpoints and plunged it back into the age of pen and paper.
Our colleague, Mark Stockley interviewed a doctor working in one of the affected hospitals.
Because of the ransomware attack, the doctor had to put in hours of extra effort after his day’s work just to determine which of the next day’s appointments he would have to cancel for lack of information. And then he could expect to deal with those anguished, sometimes angry patients, when he told them their appointment cannot go ahead.
“Imagine the scenario,” he said. “Patients will wait literally two years to see us. After two years they get a call saying ‘I’m sorry I can’t see you and I have to reschedule you and I can’t say when, because of the ransomware’. They know it’s not my fault but they are upset and very annoyed.” The doctor’s understatement kicks in. “They teach us ways to speak to angry patients, but it’s not nice.”
Asked what he would say to the attackers if he could speak to them , he responded with:
“If your loved one was sick. Would you do this? If you had somebody you cared about, would you do this to them. That’s what I’d ask them.”
“I think they lost their humanity.”
Four months later, after drafting in the army to help restore its systems, and after cancelling tens of thousands of appointments, HSE was still not fully recovered.
The ultimate supply-chain attack
On July 2, a severe ransomware attack against the popular remote monitoring and management software tool Kaseya VSA forced Kaseya into offering this urgent advice to its customers: Shutdown VSA servers immediately.
Members of the REvil ransomware gang had managed to push out a malicious Kaseya VSA update that encrypted machines and networks running the highly privileged software. The impact of the attack was enormous. Kaseya VSA is one of the more popular remote monitoring and management tools used by Managed Service Providers (MSPs) to administer their customers’ systems. The MSPs that were hit by the attack saw not only their own systems encrypted, but also the systems of their customers too.
An attack on one organization quickly became an attack on thousands.
The attack hit at a painful point in time for the Dutch Institute for Vulnerability Disclosure (DIVD), a volunteer-run organization that found a remote code execution flaw in Kaseya VSA on April 1, 2021. It was working with Kaseya to patch the VSA vulnerabilities for months prior to the attack. It took Kaseya quite a lot of effort and time, and more and more expertise to get the right patch out—to get it tested, to get it through quality assurance. And then, disaster struck just before the patches went out.
Only rarely do companies allow us a look inside their organization while they are recovering from a ransomware attack. Many find it more convenient to keep a low profile or to be secretive. We went over the work that had to be done by a Dutch MSP to repair the damage done by this attack. Doing this provided us with some valuable insights.
And our colleague David Ruiz talked to Victor Gevers, chair of the DIVD, on an episode of Malwarebytes’ Lock and Code podcast, about the ransomware attack that his organization was racing to prevent.
Gevers’ damning verdict on the current state of software: “The quality of products that are online and are exposed to the Internet are not up to par for the current situation that we are in and this is going to screw us over in the long term.”
Vital infrastructure is called vital for a reason
On May 10 the FBI confirmed that the Colonial Pipeline had been attacked by Darkside ransomware. The pipeline exists to supply gasoline and other products across the southern and eastern United States. It is the largest of its kind in the US, reportedly transporting almost half of the fuel consumed by the east coast. The US government declared an emergency and brought in emergency powers to ensure people would still be supplied with fuel.
The attack spurred new rules for critical infrastructure that represent a tidal shift in how the Transportation Security Administration (TSA) has protected pipeline security in the country for more than a decade. But it also made clear that the federal government is no longer satisfied with private industry’s lagging cybersecurity protections. President Joe Biden signed an Executive Order to place new restrictions on software companies that sell their products to the federal government.
A spokeswoman for the National Security Council explained at the time the importance of a requirement, that contractors would only gain access to federal systems on a “need-to-know” basis. Further, contractors would also have to notify government customers of any breach, bringing new transparency to the government about ongoing and increasingly frequent cybercrimes.
Ransom payments are the fuel that propels the digital extortion engine, and the recovery of the payment marked something of a turning point in the year. Ransomware attacks continued, but life became more uncomfortable for the gangs involved.
In August, we welcomed Lesley Carhart to the Lock and Code podcast to talk about critical infrastructure cybersecurity. Surprisingly, she managed to reassure us that while there are improvements to be made to critical infrastructure security, it’s not nearly as bad as some people think.
Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022.Learn more
It’s one of the biggest questions in cybersecurity of 2021, and it’s sure to remain on the minds of countless businesses into the next year, too: How do you prevent a software supply chain attack?
Such attacks have soared by 650% since mid-2020, due in large part to infiltration of open source software, according to a recent study by Sonatype.
But an even bigger driver of the question, of course, has been the unprecedented attack on SolarWinds and customers of its Orion network monitoring platform. In the attack, threat actors compromised the platform with malicious code that was then distributed as an update to thousands of customers, including numerous federal agencies.
Addressing supply chain attacks
The one-year anniversary of the attack’s discovery is on Monday, but the answer for how to stop the “next SolarWinds” attack doesn’t seem much clearer now than it did in the wake of the breach.
Perhaps because it’s the wrong question.
Peter Firstbrook, a research vice president and analyst at Gartner, has experience trying to answer this question because he’s been asked it a lot. However, in terms of preventing the impacts from a software supply chain attack, “the reality is, you can’t,” he said last month during Gartner’s Security & Risk Management Summit — Americas virtual conference.
While companies should perform their due diligence about what software to use, the chances of spotting a malicious implant in another vendor’s software are “extremely low,” Firstbrook said.
But that doesn’t mean there’s nothing to be done.
Zero-trust segmentation
While technology that offers guaranteed protection against the impacts of software supply chain breaches may never exist, solutions for zero-trust segmentation may be the next best thing, said James Turgal, a vice president at cybersecurity consulting firm Optiv.
Prior to Optiv, Turgal spent 22 years serving in the FBI, including as executive assistant director for the bureau’s Information and Technology Branch. There, he saw first-hand the types of cyber strategies that are most effective at disrupting attackers.
One of the biggest takeaways, Turgal said, is that the more difficult you can make it for attackers to transit through environments, the safer you’ll be. “I’ve interviewed these guys. Most of them are lazy as hell,” he said. “Making it more difficult for them to move across networks is really helpful.”
That’s where zero-trust segmentation comes in. The idea is to divide a company’s cloud and datacenter environments into different segments — all the way down to the level of workload — which can each be locked down with their own security controls. For a business, segmenting their architecture in this way — while also using zero-trust authentication that repeatedly verifies a user’s identity — can make it “more difficult for the bad guys to move through networks and move laterally,” Turgal said.
Reducing the blast radius
One fast-growing vendor that is entirely focused on solutions for zero-trust segmentation is Illumio, which achieved a $2.75 billion valuation in June in connection with its $225 million series F funding round.
Founded in 2013, Illumio offers segmentation solutions for both datacenter and cloud environments, with the addition of its cloud-native solution in October. The Sunnyvale, California-based company expects to reach “well north” of $100 million in annual recurring revenue this year, according to Illumio cofounder and CEO Andrew Rubin.
When it comes to segmentation, Illumio’s solutions were in fact successfully used by customers that were impacted by the SolarWinds compromise to protect against further damage from the attackers, Rubin said.
During the attack campaign, “we had customers that were running that [SolarWinds] infrastructure and used us to segment that problem off from the rest of their environment,” Rubin said in an interview with VentureBeat. “I can tell you that segmentation was an effective security control for reducing the blast radius of that problem.”
What Illumio offers with zero-trust segmentation is actually very similar in principle to the approach that’s been taken to slow the spread of COVID-19, he noted. “The fact is that if we can stop it from spreading, that is an unbelievably effective way to control the damage,” Rubin said. “We knew we couldn’t prevent the initial problem, because we already missed that. But we knew that we did have the ability to change how quickly and how pervasively it spread.”
In many ways, he said, the cybersecurity industry “is now appreciating the value of that storyline by saying, ‘We’re going to stop a lot of things — but we can’t stop everything. So let’s try and do a really good job of controlling the blast radius when they occur.’”
VentureBeat
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.
Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
up-to-date information on the subjects of interest to you
our newsletters
gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
Kudos to Tonga’s ccTLD, the US Supreme Court, and others…
Infosec headlines are typically dominated by data breaches, cyber-attacks, vulnerabilities, and other threats or incidents where human error often has a part to play.
The Daily Swig has decided to redress the balance by spotlighting some positive news stories highlighting commendable actions by cybersecurity professionals and organizations, developers and open source maintainers, and even journalists and judges.
(We haven’t included any ground-breaking security research that came out during 2021 – we’ll leave that to Portswigger researcher James Kettle’s forthcoming annual roundup of top web hacking techniques, a follow-up to the 2020 round-up.)
First website dedicated to revealing vulnerabilities in malware
Founder John Page told The Daily Swig that the repository might be “useful for incident response teams to eradicate a malware without touching the machine”, and “may eventually pit a malware vs. malware situation, who knows.”
Similarly, Abuse.ch unveiled a platform for sharing and requesting indicators of compromise (IoCs) associated with various malware strains in March.
SolarWinds blow away US government cybersecurity complacency
The SolarWinds attack that hit federal agencies and blue chip companies alike at the end of 2020 served as a wake-up call for the White House.
An Executive Order signed by newly elected President Biden in May set the tone for a busy year on the cybersecurity front.
“The administration is making good steps insofar as bringing it to light, starting initiatives, hiring a new CISA director, and getting a conversation started with various other nation states about what we’re going to do about this,” Aaron Portnoy, principal scientist at attack surface management specialists Randori, told The Daily Swig in July.
Infosec experts have long criticised a chilling effect the CFAA’s ambiguity over what constitutes good-faith hacking has had on security research.
The ruling should reassure the likes of the civic-minded journalist who was threatened with legal action by Missouri governor Mike Parson – to widespread ridicule – after he responsibly reported a severe vulnerability in a state government website.
Nevertheless, many think the law, which dates back to 1986, should be replaced altogether.
There were three new categories – ‘Insecure Design’, ‘Software and Data Integrity Failures’, and a designation for ‘Server-Side Request Forgery (SSRF)’ attacks – along with name changes for several other categories.
The revamp reflects the software industry’s “‘shift left’ towards putting more focus on secure design and architecture as well as threat modeling,” Tom Eston, practice director of application security at Bishop Fox, told The Daily Swig.
Launched in 2010, the plugin automatically switched web connections from HTTP to HTTPS, if the latter was available, and accrued more than two million users in the absence of similar, in-built functionality in popular browsers.
The open source extension will go into ‘maintenance mode’ in 2022 amid widespread HTTPS adoption, and after Google and Firefox’s enforcement of HTTPS by default made the plugin mostly redundant.
Google offers defensive shield against surveillance
October saw Google use some of its vast resources to protect journalists, elected officials, and human rights activists from surveillance, persecution, and imprisonment.
The tech giant partnered with human rights and pro-democracy organizations to distribute free physical security keys to more than 10,000 vulnerable individuals at high risk of being targeted by nation-state backed hackers under its Advanced Protection Program (APP).
Record bug bounty payout demonstrates value for money
A record bug bounty payout in October starkly demonstrated the worthwhile return on investment that can come from crowdsourced security.
For all that the $2 million paid out by blockchain tech company Polygon to ethical hacker Gerhard Wagner for a ‘double spend’ vulnerability was an eye-watering sum, this figure should be compared against the losses potentially averted.
The flaw effectively meant an attacker could increase their cryptocurrency withdrawals by a factor of up to 233, with $3.8 million potentially turning into $850 million for instance.
A severe, longstanding vulnerability in the OWASP ModSecurity Core Rule Set (CRS) was a “bang on the ear” for the project’s maintainers when it was discovered, OWASP CRS co-lead Christian Folini told The Daily Swig in November.
Now patched, the critical, complete rule set bypass prompted the ModSec team to implement new practices, guidelines, and a bug bounty program to further secure the technology.
To his credit, Folini took the blame for inadvertently introducing two bugs after his team took over the dormant project in 2016, and resolved to “look at it as a chance for growth and development”.
Quick-fire fixes
With the time between vulnerability disclosure and in-the-wild exploitation narrowing to a matter of days or even hours, credit is due to the vendors, maintainers, and end users who quickly released or applied patches throughout 2021.
This includes Tonic, the registrar for Tonga’s country code top-level domain (ccTLD), which in December patched in under 24 hours a critical vulnerability in their website that opened the door to potential attacks against.to domains operated by Google, Amazon, and many others.
Well done also to the maintainers of ubiquitous Java logging library Apache Log4j for rushing out a patch against the potentially ruinous Log4Shell vulnerability in Dacember, and, for its transparency in communicating high severity security vulnerabilities, VMWare.
A commendation is also warranted for two eagle-eyed Irish citizens who denied scammers a golden phishing opportunity in July after spotting a typo in the URL for Ireland’s new Covid-19 recovery certificate portal and registering the correctly spelled domain.
Hackers tend to get a bad reputation online because some people who have good hacking skills end up using them in bad ways — stealing people’s personal information like credit cards or even stealing someone’s identity.
However, there are some groups of hackers who use their skills for good like the infamous hacktivist group ‘Anonymous,’ who are known for their cyberattacks against malicious governments or bodies.
But one less well-known example of good-deed hackers is an organization called Trace Labs.
‘Trace Labs’ volunteers to help find missing people using hacking skills.
“Trace Labs is a nonprofit organization whose mission is to accelerate the family reunification of missing persons while training members in the trade craft of open source intelligence (OSINT),” reads their ‘Who We Are’ page.
Robert Sell is the founder of Trace Labs and has a background in search and rescue and is a computer security professional.
RELATED: Jeffrey Epstein’s Black Book Can Be Used In Ghislaine Maxwell’s Trial — Details Of What May Be Inside
“I get to see all the people that go missing and as I was paying attention to that, I noticed that there’s a lot of people that go missing that we never look for,” he said during a short documentary by Freethink. “I always wondered, ‘who’s looking for those people if I’m not?’ Sometimes it’s nobody.”
Trace Labs was a blending of his passions. Sell uses his skills to find little details about a person’s online activity and using them to deduce information about their possible location.
“When you go to a typical security conference,” Sell explains, “There are so many different things you can do — you can learn how to hack a car, how to hack a voting machine — whatever you want to do is there, yet that effort is wasted and away because it’s not used for anything else.”
Sell believes that hacking should, aside from cyber security, be used for something good and something that can help people.
“What we do is we take all that effort and put it into something that’s actually going to benefit society,” he added. “We’re addressing all those people that go missing that nobody’s looking for right now.”
RELATED: How Publicity From Gabby Petito’s Case Led To The Discovery Of 7 Other Missing People
Trace Labs attracts volunteer by organising search events.
He organizes events like “Capture the Flag” that will get everyone’s foot in the door — awarding people with points that they can use to spend on prizes in order to work them up toward the OSINT Search Parties that will help find missing persons.
But it goes much more outside of that. With a community of over 10,000 members strong, the real goal is to give people the tools they need to be able to help on their own without necessarily needing to be part of the Trace Lab events.
Trace Labs has run 35 search party events and has assisted in over 320 cases with law enforcement officials and also seeks to raise awareness of the missing persons issue.
Subscribe to our newsletter.
Hey You! Want more of YourTango’s best articles, seriously addictive horoscopes and top expert advice? Sign up to get our free daily newsletter!
“Contestants will come in and they say, ‘wait a minute, are these real missing people?’” explains Sell. “And you can see their mind change, where it’s like ‘Wow, we’re actually changing people’s lives.”
He admits that what they’ve done is gameified a very serious issue, but emphasizes that this was likely the only possible way to “push the envelope” and get people involved in finding these missing persons.
Related Stories From YourTango:
With the nationally recognized case of Gabby Petito and Brian Laundrie months behind us, more and more people have been pushing for initiatives that can help find these missing persons or preventative measures that will stop people from going missing in the first place.
“Anywhere I can push that envelope and allow us to do better, I feel pretty good about that,” Sell adds. “So hopefully, this inspires people to do that.”
RELATED: Missing Texas Girl Found In Foreign Country With Father After He Accused His Ex’s Partner Of Sexual Abuse
More for You on YourTango:
Isaac Serna-Diez is a writer who focuses on entertainment and news, social justice, and politics. Follow him on Twitter here.
