J2SECOPS WEEKLY NEWS: This week in the J2 CSC, CISO job hopping, the Cybersecurity talent shortage how to fix and Cybersecurity Now!

Recent visits and prospective customer engagments have raised a few alarm bells in terms of the actual state of Information Security (Cybersecurity) across industry within South Africa. While conducting CSC 20 Controls reviews the conversation invariably turns to what has been done to date and why things taking so long? What needs to be done to fix the identified gaps? This engagement is often a massively enlightening experience for all parties, with the cordial handshakes and nodding of heads in varying degrees of common reference.

Where the wheels tend to come off is when the rubber starts to meet the road, this is where the troubles start. All engagements without exception agrees that something has to be done and it needs to be prioritised, usually according to a set of controls, and then sometime down the line don’t understand why there is no management support and still not enough resources to support the agreed initiatives.

Security is so much more than just a control framework, with a set of best practices and activities to address gaps, that need to be plugged, security is so much more than compliance or an endless tick and bash exercise. Of course, an organizations Information Security (Cybersecurity) success is a direct result of the CISO (Chief Information Security Officer). An effective CISO can mean the difference between valuable business function and a state of perpetual firefighting.

Every organization today has to be prepared for the threat of cybersecurity attacks and their crippling effects and destruction from both the inside out and the outside in. Just look at the news stories that regularly arise from the most current breach or the loss of operations due to a breach and service disruption, like shadow IT, poor IT hygiene, account take over, end user negligence, password reuse and ransomware, or malware attack. As a result, organizations are sharing more of their operational budgets on cybersecurity in extremely reactive ways to fight these growing incidents. Many organizations face these challenges in developing their cybersecurity program: establishing a full security program is expensive and the talent to execute the program is hard to find and retain.

Unfortunately, many CISOs, myself included, have a relatively short shelf life and based on recent Industry research, the average CISO organizational lifespan is anything from 24 to 48 months, with many, not myself included, leaving much sooner. This begs the question: Why are CISO out always on the look-out for new opportunities so often? Let’s explore this in this week’s blog; and with this in mind, enjoy our roundup of stories for this week…


Why do CISOs job hop?

Aside from earning more money, CISOs pursue other opportunities when current employers minimize cybersecurity commitments and efforts.
ESG and the Information Systems Security Association (ISSA) sought to answer this question in a recent survey of 343 cybersecurity professionals and ISSA members.
Top 4 reasons why CISOs change jobs frequently

  • 38% of respondents say CISOs change jobs when they are offered higher compensation packages from other organizations. No surprise here, as CISOs are in high demand while the cybersecurity skills shortage has led to continuous salary inflation. Many CISOs are willing to jump ship when presented with an offer they can’t refuse.
  • 36% of respondents say CISOs change jobs when their current employer does not have a corporate culture that emphasizes cybersecurity. Given the job market for CISOs, don’t expect cybersecurity leaders to simply go through the motions if the corporation isn’t committed to the cause.
  • 34% of respondents say CISOs change jobs when the they are not active participants with executive management and the board of directors. CISOs are business managers who oversee a technology discipline. The data indicates that they will quickly fly the coop when they are treated as glorified system administrators.
  • 31% of respondents say CISOs change jobs when cybersecurity budgets are not commensurate with the organization’s size or industry. As hard as it is to believe in 2018, there are still plenty of organizations willing to nickel and dime the CISO and settle for “good enough” security. This isn’t a strategy for long-term CISO retention or strong cybersecurity for that matter.

Why do CISOs change jobs so frequently? |  Jon Oltsik


Cybersecurity Has a Serious Talent Shortage. How to Fix It

Businesses tend to look for people with traditional technology credentials — degrees in tech fields, for example. Security is truly everyone’s issue; with every aspect of personal and professional data at risk all the time. So why limit security positions to people with BTech and four-year computer science degrees, when we desperately need varied skills across so many different industries? Businesses should open up to applicants whose non-traditional backgrounds mean they could bring new ideas to the position and the challenge of improving cybersecurity.

Cybersecurity Has a Serious Talent Shortage. |  Marc van Zadelhoff


4 places to find cybersecurity talent in your own organization

Organizations are missing opportunities to cultivate inside talent who may lack experience but already know the business and have the fundamental skills to succeed in cybersecurity.

Companies are scrambling to fill cybersecurity positions. Some 41 percent of CIOs surveyed by recruiting firm Robert Half Technology say that cybersecurity skills are in the greatest demand in their organizations. The non-profit organization (ISC)2, which provides information security education and certifications, predicts a worldwide shortfall of 1.8 million cybersecurity workers by 2022, 20 percent more than was predicted in 2015.

  • First, lower expectations
    Organizations have become overly ambitious in their job descriptions that profile the ideal candidate, Companies must open up their demands and engage the HR department and unplug some of the more strict requirements, such as [requiring] a degree in computer science or x number of years of information security experience, and tend to overlook people in the process of achieving qualifications.
  • Mid- and late- career employees
    Research firm Forrester sees a trend where large organizations are creating their own contingent labour pools using alumna or company retirees. Nike, for instance, has already adopted a self-sourcing model for temporary IT workers.
  • Women
    Women represent only 11 percent of the global information security workforce today, according to a global study by (ISC)2, and they represent a large and talented labour pool for cybersecurity positions. Women in cybersecurity today enter the profession with higher education levels than men. Half of women in the profession have master’s degree or higher, compared to 45 percent of men. Globally, 42 percent of the women have undergraduate degrees in computer and information sciences compared to 48 percent of men. Among Millennials, 52 percent of women younger than 29 have computer science undergraduate degrees. The study recommends that more professional support, sponsorships and mentorships are needed for women in security and risk management.
  • IT internships
    Most companies offer IT internships for soon-to-be university or college graduates, but interns with an interest in or aptitude for cybersecurity skills should be sought out early and courted. If a year down the road they’re not happy, you’re going to lose them.

4 places to find cybersecurity talent in your own organization | Stacy Collett


Why you need to focus on Cybersecurity Now!

Cyber security is the technologies and processes designed to protect networks, computers, programmes and data from attack, theft or damage. Personal information, intellectual property, big data and mergers & acquisitions information are common targets for cyber criminals.
Companies are strengthening their cyber security teams to enhance their capability to respond to the General Data Protection Regulations (GDPR). Companies are liable for any security breaches. Fines through the new regulation can be up to 4% of their annual turnover, if a company is found to not have sufficient active information security risk and contingency plans in place to protect the personal data with which they have been entrusted.

Cyber security a big focus for companies | Robert Walters\

Or you could outsource – Talk to us!

  • Hits: 188

J2SECOPS WEEKLY NEWS: This week in the J2 CSC, Data is breached again, now what? Your legal rights when your personal data gets leaked in South Africa, We can dream can’t we? and what we do in the shadows...

Every moment of every day, we remain connected to the digital world through multiple devices and the sharing of our transactional and personal information across multitudes of applications, connected networks, online businesses and all manners of service providers. Please take a moment and let that sink in, take a moment to think about the sheer volume of your personally identifiable information is actually outside of your control and where and how much might be analysed continuously by hordes of Bots, AI and good and evil Research Analyst types? What is known about you and your activities and what safeguards are followed throughout? Like your daily tracking of your banking payments and incomes, no-one I know is completely aware or recalls every time their digital persona such as Current Address, Physical location, Username, E-mail and associated passwords, ID numbers or payment mechanisms like PayPal, bitcoin or credit card details are accessed or used in order to secure a payment or verify access or authorisation to one of their many accounts. In the world that we find ourselves ,we are the digital subject of much digital foot printing and the digital trail in every activity we do. As we are the owners of this digital fingerprint, the question: for what purpose is this data collected, shared and used, and do we have solid understanding of this usage and most importantly have we provided ongoing consent based of this ongoing usage. Do you know what your recourse is if you feel violated or “knock on wood”, you are a victim or source of another massive data breach?

Insider threat visibility and detailed linkage to external threat detection and response is key – chat to us we can help; with this in mind, enjoy our roundup of stories for this week…


Your legal rights when your personal data gets leaked in South Africa

In a developing story iAfrikan.com will be updating us as new information and responses are available. they have already alerted South Africa's Hawks (cybercrime unit) as well as South Africa's Information Regulator on your behalf, if you are part of the breach.

In a recent article published on iAfrikan.com, another breach has occurred, this time South African traffic fines online payments website, ViewFines. In this breach, the personal records of 934,000 South African licensed drivers has been disclosed. Enter Troy Hunt, an Australian security consultant and founder of haveibeenpwned who worked with iAfrikan.com in researching the data leak, and has also been able to positively identify the leaked database as belonging to ViewFines.

Your legal rights when your personal data gets leaked in South Africa |  BusinessTech
South Africa's ViewFines suffered major data leak |  Tefo Mohapi


The Dream of A More Secure Organization

There’s no way of completely ridding your enterprise of all risk. This realization can be an effective motivation to take appropriate measures to dramatically reduce your chances of a leak.
Use this motivation to provide focus and direction and address your risky behaviours and areas of current incidents as priority that may buy you valuable credibility and organisational currency by integrating these recommendations into your security strategy, you just might be able to add a few more hours of peaceful sleep to your nightly routine. The key is to take proactive steps before it’s too late. Sleep Well.

  • Assume the Worst
    When it comes to storing credentials, assume that your user database will be accessed and copied by criminals. It’s better to go into this with your eyes wide open.
  • Store Credentials the Right Way
    Recommend all credentials be stored by your corporate and customer facing applications using a strong cryptographic hashing algorithm like bcrypt, Argon2 or scrypt. If you mandate this across the board, you will make potentially leaked credentials nearly useless to criminals. The computational requirement make it infeasible to crack these algorithms (today), therefore any of these hashed passwords that are stolen cannot easily be decrypted and used against your customers, limiting your overall liability.
  • Don’t Store Credentials the Wrong Way
    The worst way to store credentials is to use SHA1 or MD5, even with salts. Don’t be fooled by their commonality. They are easily cracked and your customers’ passwords will be revealed in plaintext. Once in plaintext, the criminals have free reign to use and sell them at will, opening up risk to both your organization and your customers.
  • Transform Bad to Good
    Do a thorough scan of your credential stores. If you find any that use SHA1 or MD5, begin to migrate users to one of the stronger hashing algorithms we mentioned earlier. It’s worth the exercise to ensure all of your organization’s credentials are being stored securely and cannot be cracked.
  • Enable Multi-Factor Authentication
    Multi-factor Authentication (MFA) adds another layer of security between your customers’ credentials and the criminals, often squeezing out the less sophisticated and more numerous criminals. While this extra step boosts protection, it could also be perceived as friction for users to log in. Therefore, incentivize customers to implement MFA.
  • Use An Exact Match Solution
    The majority of criminals looking to find vulnerable accounts are relatively inexperienced and make use of simple ATO techniques that can be easily recognized by a variety of solutions. The more sophisticated criminals, however, know how to bypass MFA and other detection solutions. To block both kinds of criminals, use an exact match solution that compares your customers’ passwords to a comprehensive and current database of compromised accounts to see if there’s a match. When there is a match, a password reset is automatically enforced.
  • Promote The Use of a Password Manager
    Take the hassle out of remembering multiple passwords by championing password managers. Password Managers are effective tools to reduce the threat of employees or customers reusing passwords. They make it much easier to select unique strong passwords for every account. While password managers greatly reduce the potential for ATO via password reuse, they should be implemented in conjunction with the other recommendations above.

What we do in the shadows - Dark Networks?

Not all dark web data is the same. There are three distinct communities of actors and special-access sites: low-tier underground forums, higher-tier dark web forums, and dark web markets. These three clusters line up with expert intuition of the dark web, appearing almost as if no other sensible organisation is feasible. Notable discovery of cross-posting between low-tier and higher-tier forums and the results of this Recorded Future research are directly reflected in their product and ontology. This new approach to categorization assists security teams in obtaining targeted, relevant dark web intelligence, facilitates their understanding of threats, and opens a window into the methods, tactics, and motivations of threat actors.

Dark networks : Social network analysis of dark web communities| Adrian Tirados

  • Hits: 457

J2SECOPS WEEKLY NEWS: This week in the J2 CSC, Natalie Says: “I Hate Stupid People!” Passwords are everywhere, why do we still use them? The Opportunity of Managed Security Services and POPIA vs. GDPR (My attempt at a take).

This past week, has been quite an interesting one, While reviewing our weekly Cyberthreat reports, what continues to strike me; again and again; is the infinite depths to which people will go to prove that there is no such thing a common sense and that Stupidity Reigns Supreme:

Case in point, unauthorised or personal cloud sharing services is a great way to ‘enable’ customer personal information with third parties to process claims, without any kind of limitation on the access, duration and whom the access is provisioned for; so here we go again, doing all the technical stuff preventing the scary hacker guys from destroying reputations only to undone by users that are trying to get their jobs done and being innovate in the process.

Visibility, awareness with positive behaviour nurturing, is the only way to keep out of this dangerous maelstrom, take it from me.

With this in mind, enjoy our roundup of stories for this week…

World Password Day?

Every First Thursday of May is World Password Day. Mark Burnett, Security researcher, whom first encouraged people to have a “password day,” where they’d update important passwords in his 2005 book Perfect Passwords. Inspired by this, Intel Security built upon this idea and to declare the first Thursday in May World Password Day in May 2013.
Password Day is meant to create awareness of the need for good password security.

Fast Forward to Last week when twitter decided to upstage all by notifying all 300 million twitter users to change passwords after the plaintext password debacle.

Twitter CTO: “We didn’t have to” tell users about the password debacle |  Fast Company


Opportunity for Managed Services: InfoSec

Trying to implement a security program that focusses purely on controls, invariably, fails. Focus purely given to point solutions like firewalls and antivirus just aren’t enough to protect a company from a devastating hack. While it’s usually the big companies that make the headlines, the reality is every organization is a target, regardless of size. In fact, cyber-attacks are on the rise for small and midsize businesses, which is logical since most lack the essential security resources or controls necessary to mitigate risk - in fact, 61% of data breach victims were small & mid-size companies in 2016 (2017 Verizon Data Breach Report). The most disturbing fact is that the majority of small businesses that are breached are forced to close their doors within six months later (US National Cyber Security Alliance).

We have been in consultation with many industry players and the most common issues that customers face are:

  1. Where and How to Start
  2. What to Fix First and why
  3. Insufficient personal
  4. Insufficient budget
  5. Lack of understanding how to defend against cyber-attacks
  6. Insufficient enabling security technologies
  7. Lack of in-house expertise

Opportunity for Managed Services: InfoSec | Mke Lapeters
The Need for Greater Focus on the Cybersecurity Challenges Facing Small and Midsize Businesses | Commissioner Luis A. Aguilar


POPIA and GDPR (My attempt and Take)

Recently a good friend of mine and a customer asked me to give advice on whether they were on the right track in terms of POPIA and GDPR; this is the long version response I had for them:

As Regulations continue to change, there are principles; that you should adopt as you may or may not be a listed Company, some are but not limited to:
Follow the KING adopt the KING Code of Practice III / IV, look and understand the Laws of the land of South Africa; e.g. POPIA, The Electronic Communications and Transactions Act and the Consumer Protection Act etc. etc. etc.

For Example: Section 19 of POPIA places an obligation on a responsible party to secure the integrity and confidentiality of personal information in its possession or under its control by taking appropriate, reasonable technical and organisational measures to prevent loss, damage to, or unauthorised destruction of; and unlawful access to, personal information.

To comply with this obligation, the responsible party must take reasonable measures to:

Identify all reasonably foreseeable internal and external risks to personal information under its control;

  • establish and maintain appropriate safeguards against the risks identified;
  • regularly verify that the safeguards are effectively implemented; and
  • ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards.

In a nutshell GDPR vs. POPIA:

The good news is that the GDPR and POPIA are simply different flavours of data protection laws. They are actually quite similar to each other. Obviously, when South African enacted POPIA, South Africa did not know what the GDPR would look like. The concern was that the GDPR would be radically different from POPIA and it would mean that Parliament would need to change POPIA significantly.
The GDPR is more an update to data protection law, rather than a complete overhaul. There is much debate whether this is a good thing and whether the GDPR protects data privacy in the world we live in.

But for those who have already done much to comply with POPIA, it is good news. You won’t need to start again. But you will need to tweak what you have been doing. And in some cases, the GDPR will even help you by providing answers to questions we have been asking.

Follow these principles and you should be fine:

EXECUTIVE AWARENESS

GDPR/POPIA affects your business. It’s not simply a security issue. If your organization wants to keep up with global competitors and do business with EU citizens this is everyone’s issue. You have to get your entire executive team and the board on the same page, and in order to mitigate and continuously manage this, you need to name a Data Protection Officer (DPO).

PRIVACY OFFICE

Once you have the executive team on board—with funding and full commitment—it’s time to organize your privacy office. This should really be a full network; your entire organization should be looped in and everyone should be accurately updated on regulations and rules. Your DPO needs to align a privacy counsel and program manager to help roll out GDPR/POPIA compliance all the way from the CEO to sales and marketing and support to IT ops, and so forth.

MAP PROTECTED DATA

Everyone’s on board? Great. Now it’s time to take a look at what personally identifiable information (PII) is collected and why. Where is it stored and how is it classified? Take an in-depth audit now. Is PII transferred across borders? Why and who is it shared with?

OPERATIONAL IMPLEMENTATION

It’s time to build and customize your company’s processes and Incident Response Process (which has to happen within 72 hours under GDPR/POPIA will probably align to this). Your DPO should also assess your third party vendor risks at this time. Be thorough.

AWARENESS AND TRAINING (REPEAT)

Build new specifics into your new-hire training, but don’t forget about ongoing technical training for senior staff. Make annual security training mandatory and brief your executive leadership on new GDPR/POPIA readiness.

Continuous compliance, detailed mapping and auditing of the “why” and “how” of your customer’s PII and data, and setting up a strong privacy team with a Data Protection Officer who knows the importance of getting buy-in from the board will keep your company compliant.

Talk to us we can help!

  • Hits: 297

J2SECOPS WEEKLY NEWS: This week in the J2 CSC, Weak Hash; and again what’s with the weak Passwords, Social Engineering and Business buy-in.

As a big fan of the HBO series “Silicon Valley” I have enjoyed the antics this past season whereby Richard Hendricks, CEO of fictional start-up Pied Piper, and his band of misfits worked tirelessly to bring about their take on a new kind of internet, PiperNet, to market. As the product itself is fictitious, Pied Pipers website appears real, and in a twist of life imitating art; a number of players are making progress making this futuristic internet, one that is decentralized so users don’t have to rely on intermediaries like Microsoft, Amazon, Google or Facebook.

Solid (derived from "social linked data"), Holochain, Blockstack, the InterPlanetary File System, MaidSafe and Storj are some of the real-life Pied Pipers working on such a decentralized future of the internet.

Watch this space folks; and with all of this in mind, enjoy our roundup of stories for this week…


Weak hashing leads to Police phone tracking firm being hacked

Securus, which tracks phones for police, was using the MD5 algorithm to hash stored passwords.

After breaching Securus, an unnamed hacker gave Motherboard a spreadsheet titled "Police" that included 2,800 "usernames, email addresses, phone numbers, and hashed passwords and security questions of Securus users," spanning 2011-2018, the report said. Data on Securus staff members was present in the sheet, along with data on law enforcement and government users from cities including Minneapolis, Phoenix, and Indianapolis.

Police phone tracking firm hacked, passwords leaked thanks to weak hashing |  Conner Forrest


Social Engineering your next job using Open Source INTelligence (OSINT)

Many years ago, before the internet existed, a person would use the local newspaper to perform a job search. The usual protocols were often followed, including the sending of a resume, an introductory phone call (if the recipient liked the resume), and then a subsequent job interview. Back then, a job candidate was always advised to “learn something about the company” to which they applied. This was good advice, particularly when the interviewer would inevitably ask the candidate “do you have any questions for me”.

Gather Your OSINT Before the Interview for Your InfoSec Stint | Bob Covello


IT, Security and Buy-in from Business, how do you get it?

The past week or so, I have been reviewing a number of strategies for large enterprises and my take on the state of security risk management is dire, especially when it comes to ratio of Security or even IT to total staff.

The “right” ratio of IT staff to users varies widely, depending on the type of business, the industry’s reliance on technology, etc., and for the most part, if you are looking to find out how many total IT staff your company needs, you can find decent data to start with.

The task becomes a lot harder, however, when you start looking for staffing ratios for information security staff.

You could also look at budgets - consider total cost for all of IT compared to total cost overall - numbers I have researched indicate that your IT spending should be 6-15% of the total spend.

The above numbers are probably already useless, and they apply to all of IT. So how about InfoSec?

Should there be 1 security person per 4 IT? 1 per 10?

Should there be 1% security of total cost?

Much depends on the daily security operations performed by IT. Alternatively if your IT department  manages patching, vulnerability scanning, system hardening, incident management, ticketing and Log retention then maybe only 1 security person for the first 100 employees makes sense, and then add 1 more atop that and scale up to 3-4 for the first 1000.

The ratio should reduce once you get above 300-400 employees, and justifying the scaling of InfoSec in a linear manner with number of employees is virtually an impossibility, and as the number of endpoints goes up, the number of servers does not increase at the same rate after your first 100 employees.

Certainly, my recommended range of 1.5 per 100 to 8.5 per 100 of IT staff. Interestingly, the budget ratios cover a similar spread, just moved slightly higher: 3% to 11% of IT budget.is based on a combination of much research and pondering and more research and mostly past experience;

I think the decision comes down to risk. If you can express to management the risks of something not being done with the desired scope consistently over time, and you can justify that this is not possible with current staffing levels, then it becomes a risk appetite choice for management - they will need to accept the risks and if they cannot, then you should be allowed to hire right then and there.

Or you could just outsource - Talk to us we can help!

  • Hits: 263

J2SECOPS WEEKLY NEWS:

This week in the J2 CSC, What can be worse than a false sense of security? Bad Hygiene, the Zuckerbot Privacy Malfunction Protocol and Precision Agriculture.

What a week we have had, and as a scholar and a humble consumer of wisdom and knowledge some days I become a bit overwhelmed by the sheer scale of destruction that I observe on a daily basis. Which brings me back to the now infamous quote by Robert Oppenheimer, after he witnessed the first detonation of a nuclear weapon during the Trinity nuclear tests on July 16, 1945. He was famously quoted from the sacred Hindu text the Bhagavat-Gita: “Now I am become Death, the destroyer of worlds”. It is, perhaps, the most well-known line from the Bhagavad-Gita, and to my mind also the most misunderstood.

From my very humble and limited understanding; Krishna is stating that you have to simply do your duty as a warrior. Considering the two pole opposites, Peace and War. Within peace time you wouldn't have to do this, but when you are at war you have to. In the larger scheme of things, we are at War (under assault) and have been for quite some time; We are witnessing destruction on a massive scale and have a choice to make: either be on the side-lines or get into the fight! So within Destruction there is renewal, Information Security and Cybersecurity / Defence, whatever you want to call it, for the most part has failed, and the logical conclusion is to break it down (Destroy) and start again, reset you prejudices so that the renewal can begin!

With this in mind, enjoy our roundup of stories for this week…


What is Worse than security?

What are account takeovers (ATOs) and why do we care? How can you decipher between fact or fiction? With Security Vendors and Service Partners promising solutions. Getting it right matters. So here they are, plain and simple, so you can make the best decisions for your company, employees and customers, the six most popular ATO approaches on the market and reasons why ATOs are successful even with them in place.

  1. Multi-Factor Authentication
    Usability -
    It’s about how many people would we drive out if we force them to use additional security.
  2. Password Managers
    Password Reuse -
    It doesn’t take a mathematician to figure out that passwords are widely re-used among multiple sites and applications and guess your current version of your password.
  3. 90-Day Password Rotations
    Password Compromise -
    Frequent password changes only inconvenience attackers, probably not enough to offset the inconvenience to users.
  4. Behavior or Heuristics-Based Solutions
    Compromised Detection -
    Detection of Compromised accounts and action upon the compromise without delay.
  5. Deep & Dark Web Scanners, Crawlers and Scrapers
    For Our Eyes Only -
    Scanners, therefore, only pick up redacted samples of what threat actors use to advertise their products publicly.
  6. Corporate Policy
    General Policy Statements expected to solve Specific Requirements -
    Implementing policies, it becomes clear that threat lurk between the lines for companies to monitor their employees’ exposure due to password reuse between personal and employee accounts.

Six Reasons for a False Sense of Security - ATOs SpyCloud


To err is Human to make the same mistakes is just bad Hygiene


My frustration has no bounds while questing to update home routers, trying to find the right firmware is probably the major reason my hair is not a thick and lush as it once was, so without delay, here are the five commonly-forgotten security best practices.

The Biggest “Small” Personal Digital Security Mistakes | Lesley Carhart, Full Spectrum Cyber-Warrior Princess (hacks4pancakes)


The Zuckerbot Malfunction Protocol and WhatsApp with privacy at Facebook?


With the ongoing Zuckerbot privacy malfunctions, the co-founder of WhatsApp, Jan Koum, is leaving Facebook; and trust me this is a loss of one of the strongest advocates for privacy inside Facebook.
Apparently this is due to the ongoing Rock'em Sock'em Robots Clash within the parent company over WhatApp’s strategy and Facebook’s attempts to use its personal data and weaken its encryption.

WhatsApp co-founder to quit in loss of privacy advocate at Facebook | David Ingram


Precision Agriculture and AI

While looking at emerging application of the Digital Transformation Paradigm, I found this really interesting perspective and though you might enjoy this huge opportunity in a cause that is very close to my heart: “Food Waste”.
As human populations increase, utilizing every centimetre of arable land and conserving resources is paramount to meet demand and for sustainable agriculture systems and as automation isn’t new to the agriculture industry, the use of drones to make farm production more precise is still in its infancy.

Why Precision Agriculture Will Change How Food Is Produced | Jennifer Kite-Powell

  • Hits: 249
Copyright © 2018 J2 Software