Coronavirus is a Cyber Threat

March 17, 2020 – With more cases of coronavirus popping up each day, countries are taking immediate measures to contain the virus through quarantine. Organizations and schools are now asking their employees and students to begin working from home – however, organizations that leverage enterprise VPNs and RDP to secure their network won’t have that protection anymore. In order to safely work from home here are some tips to protect you and your organization from malicious cyber-attacks.

  • Use a secure VPN
    • A virtual private network allows companies to connect to the internet securely with each other. Messages are encrypted when VPN is used. VPN’s are also affordable when compared to circuits and leased lines. Consider a VPN device for your employees, or for yourself. A popular option that most individuals use is the mudi privacy router which is priced at $199.00.
  • Keep an eye out for the sites that track cookies
    • Some cookies may store some information that you might not want stored – especially information relating to your company like saved login credentials. Use incognito mode and make sure you are logged out of your accounts.
  • Always use website with HTTPS
    • Following a secure Hypertext Transfer Protocol (HTTP) is never a bad option. All safe and current websites use it. If websites aren’t HTTPS, it is a sign your information is not safe.
  • Phishing
    • Phishing can take many forms. Some ways to look out for suspicious emails are unoriginal greetings, suspicious links included in the emails, if they are being persistent on getting personal information from you.

These are just the tips of the iceberg. Many hackers and cybercriminals are going to use this tough time to exploit people and companies – delivering malware, stealing private information, and more. Being cyber secure and cyber ready is important for not only people who are telecommuting, but for everyone as well.

 

Artificial Intelligence Today

Advancements in technology are driven by a number of factors that greatly impact the way businesses approach both the market and their own company decisions. Staying in the loop of what is going on in the now relating to artificial intelligence can put your business in a position ahead of your competitors. If your business is implementing different forms of artificial intelligence, understanding the benefits and risks is important. 

One of the main problems that can arise with AI is making it possible to align the goals we have with the actual artificial intelligence’s goals. The objectives that we give different types of artificial intelligence can be translated as overly ambitious when they perform. An example given by Mark Tegmark is “If you ask an obedient intelligent car to take you to the airport as fast as possible, it might get you there chased by helicopters and covered in vomit, doing not what you wanted by literally what you asked for.” Many of us have seen similar situations in which the AI we deal with on daily basis gives us what we asked for but also something we did not want. 

The benefits of AI currently seem to be more appealing to those who use narrow AI daily. AI can help adapt new revolutionary technologies and attack worldwide problems like poverty. Designing artificial intelligence that is meant to accomplish solutions to such things will take time and extreme cognitive task and can be much broader than human intelligence. Benefits can also be on a smaller scale, for example society has witnessed the capabilities of AI and continues to see progressions of applying it in many aspects of their lives. 

 

CyberSecurity and Implementing it Successfully

Cybersecurity is the care for networks, programs, and systems from theft and attacks. Overall, the care for Cybersecurity becomes more difficult and easier overtime due to different advances in technology. Going more in depth of the care for cybersecurity, it is a shared management between IT and Business. Though many seem to see it as a responsibility for IT,. Not many from in the business side of it know their own responsibilities and how to properly use the tools of cybersecurity. 

An article written by Bobby Singh, Cybersecurity Success: A shared Responsibility Model Between Business and IT, discusses the structure of management of cybersecurity between both parties. When most cybersecurity fails occur, it’s due to not knowing responsibilities. For example, “In order to get traction, responsibilities must be clearly stated and cast into corporate policies supported by defined business processes and audited for compliance”(Singh). Both parties, Business and IT are both responsible for cybersecurity. Knowing certain rules and responsibilities can prevent a conflict in the future, for example: 

  • “Allocating Funding And Resources For Risk Treatment Plans”
    • The business must decide whether it wants/ needs to invest in new advancements for securing their systems. 
  • “Document Processes, Applications and Data Classification”
    • Usually, IT has a good understanding of this topic, but business personnel should have some knowledge of this to inform clients.
  • “Assign Asset and Data Owners”
    • This is a very important and complex topic that needs lots of responsibility. Business personnel, specifically business leaders, should take the responsibility of assigning assets and data owners.
  • “Develop Business Continuity Planning And Define Recovery Objectives”
    • A back up plan is very important to have just in case all goes wrong and how to prevent it from happening again. IT and Business work hand in hand on this topic. Business decides plan while, IT implements it.
  • “Participate In Training and Awareness Events”.
    • The business manager and their staff should be well informed of cybersecurity and ways to prevent conflicts from arising. Attending trainings and events can help inform everyone of the topic.
  • “Coordinate Planning and Budgeting With Information Security”
    • Overall, reevaluating the security solutions and whether it was effective or not is important. Both IT and the business can go over the successes and downfalls of the security solutions and plan. 

In the long run, stating, defining, and assigning responsibilities can assist in successful security. Cybersecurity exists to protect businesses. Due to this, more business personnel should take this into account and learn how to protect the systems. IT are representatives of the business. Together, they can prevent conflicts occurring and overall having successful security for networks, programs, and systems. 

References

Singh, Bobby. “Cybersecurity Success: A Shared Responsibility Model Between Business And IT.” Forbes, Forbes Magazine, 21 Feb. 2020, www.forbes.com/sites/forbestechcouncil/2020/02/21/cybersecurity-success-a-shared-responsibility-model-between-business-and-it/#16c99c0dc03b.

Challenges of Transitioning from Traditional Project Management to Agile

Over the past decade, technology has been growing at a rapid and innovative pace within the business world. With this in mind, companies have been trying to put out releases with new features of their products as fast and efficiently as possible in order to stay competitive within this market, which, in turn, encouraged companies to transition into utilizing Agile project management. Similarly with any transition within the company, transitioning from traditional or waterfall project management to Agile will be a learning curve that will result in some challenges.

Whether your company is currently in the transition period between traditional project management and Agile or if your company is proposing to make the transition, we want to help you get better prepared in making your transition smooth and efficient by providing expert knowledge on the challenges of this transition.

From our experience with companies transitioning from traditional project management to Agile, here are five common challenges that were identified:

  • Resisting to change and adaptation
    • Not all team members are open to change, especially in the case of being comfortable with how the current processes are. If the current processes work well, why change? In order to stay competitive within the market, it is important to find ways to provide quality product releases in the fastest, most efficient way possible. Whether it is changing a process or revamping a product, it is important for you and your team to stay open-minded for change. 
  • Insufficient training
    • To acclimate their team members with Agile project management, companies typically enroll their team members in Agile-certified classroom courses. However, some companies think that attending the courses is sufficient enough for the team to understand how to implement Agile methodology within their projects. This is not true. In order to provide proper experience and comfort with Agile methodology, it is important for companies to engage their employees in additional workshops, practices, and trainings. Hands-on practical experience is more effective compared to just attending classroom lectures.
  • Inexperienced Scrum Masters
    • In order to prevent significant changes in resource allocations, most companies put their project managers in training to become a Scrum Master instead. According to The Scrum Guide, the Scrum Master should be the subject matter expert and team coach for all things Scrum. If the Scrum Master has as little experience as their team, however, it could pose issues in implementing Scrum since everyone is new to the methodology. The Scrum Master may not be knowledgeable enough to determine if there are gaps or issues in the team’s actions towards the Agile processes.
  • Communication issues
    • Compared to traditional project management, Agile project management provides more structured communication with their sprint events, which include  sprint planning, daily standups, sprint review and demo, and sprint retrospective. In addition, Agile teams typically use software, such as JIRA, Azure DevOps, and Confluence to gather their project information, such as release plans and backlogs. With the transition into the new communication structure and software use, communication issues may occur since the team’s usual methods of communication may not be feasible within an Agile environment.  
  • Lack of customer involvement
    • In order to provide better customer satisfaction, Agile encourages more frequent customer involvement in identifying the requirements and priorities that the team will focus on. Since this will be a significant change in communication frequency between the customer and the project team, the customer may not be receptive to the change due to their expected increased involvement. This could cause possible decision delays and dissatisfaction if the customer is not as frequently involved as they should be.

In order to prevent and alleviate these challenges, gradually empowering and educating the company on Agile processes will allow them to have time to get more comfortable with the change. Encouraging feedback on the processes and engaging your team in retrospectives will provide an understanding of the team’s comfort with the methodology. In addition, promoting the perspective of innovation within the company culture will encourage open-mindedness and teamwork towards company growth and market competitiveness.

Cyber Security 101

Internet and technology are advancing. The number of new users enveloped in this interconnecting realm has increased to more than 366 million users. Daily internet users are growing at a fast rate of 11 users per second – which is about 1 million new users daily. With the intense rate that global connectivity is growing, risk against internet users is growing as well. In 2018, there were 46,752 victims of cybercrimes such as phishing, vishing, smishing, pharming, and

e-mail compromise. In order to combat this, the FBI established the IC3 (Internet Crime Complaint Center) in 2000. Since their foundation, the IC3 has received 4,415,870 reported complaints and a total loss of $7.45 Billion. Often, the target demographic for these cyber scams are elderly over the age of 60, however, as scammers are constantly evolving – no one is safe.

If you scour the internet, there will be hundreds of articles talking about cyber security and ways to combat it. We’ve taken the most commonly found tips and condensed them into a three-point cybersecurity “hack”:

1. You are as strong as your weakest link

Wireless printers, smart locks, smart speakers, security cameras, and end user devices can be tapped into. Researchers at the University of Michigan and Japan’s University of Electro-Communications encoded a light that is able to communicate with Alexa hundreds of feet away. Anyone with the motivation and the funds could easily attack a smart speaker from outside the house. In order to protect your home and your family, make sure to perform these critical steps:

  • Make sure that all of your user devices are password protected
    • Rule of thumb: passwords should be a minimum of 14 characters – a mix of lowercase, uppercase, numbers, and symbols
    • Fun fact: In Apple computers, spaces count as a character in passwords
    • Change your password regularly – at least once a year 
  • Always update your security patches
    • It helps address vulnerabilities your computer may have 
  • Use anti-malware and anti-virus protection
    • It’s a strong belief that Mac computers block malware from coming in, but there are hackers that specialize in creating viruses for Mac Operating Systems (OS)

2. You can get hacked using public Wi-Fi

Every network connection you use – whether business owned, government operated, or airport owned – is a risky one. Many cybercrooks exploit public networks to invade end user devices. Here are some precautions when using public Wi-Fi:

  • Public Wi-Fi is not always your friend
    • Public Wi-Fi that lets you log on without a password probably isn’t the most secure option
    • Public Wi-Fi that has a generic name such as “Airport Free Wi-Fi” is most likely a trap set by a scammer
  • Use public Wi-Fi scarcely
    • Avoid trusting public Wi-Fi to do banking, purchasing, e-mail, or checking social media

3. Secure your data

Data security should be a top priority for everyone. There is nothing more damaging than having your personal information stolen, leaked, and used for someone else’s personal gain. Some techniques to protect data are:

  • Encrypting your data 
    • If you’re unsure of what is it – or wonder if you do it enough – you probably should do it
  • Two factor authentication
    • Two is better than one
  • Anti-malware and antivirus solutions
  • Data access privileges and identity management
    • Know who should have the appropriate access to the resources they need

These cybersecurity tips are just the tip of the iceberg. Hackers are advancing faster than technology and are becoming more dangerous as cities – and people – are adapting to the high-tech lifestyle. Educating yourself – and others – about the dark dangers of the web could potentially save your (ass)ets.