Today Kaazing announced DisasterAWARE ENTERPRISE™, a real-time risk and disaster preparedness platform for businesses across industry globally. I was honored to get a sneak peek by the Kaazing team (led by CEO Bob Miller) and learn more about how this supports and better prepares businesses. A disaster can mean downtime, loss of revenue, shipping delays, destroying of inventory, risk and loss of employees, and more. It is imperative that companies plan and prepare and have the right tools in place with real-time alerting and information that can be integrated with existing operational systems to not just react but to know in advance and have a strategic plan in place no matter where their assets are. While I sat through the audio/video conference I took a few notes that I believe were important to point out about DisasterAWARE ENTERPRISE:
Kaazing is targeting companies in insurance Companies, large supply chain companies (MNCs), logistics companies, and those large corporations who have remote offices. Although Kazzing believes this platform and its disaster planning resources are industry agnostic, "Even more noteworthy, DisasterAWARE Enterprise is industry agnostic. It can be vertically integrated into the supply chain and logistics, and is well suited to protect a multitude of industries including travel, insurance, education, healthcare, utilities, finance, airports, mining, ports, retail, and other global enterprises," stated in the press release.
Data remains in silos in a digital environment and there is no real incentive to share it. This results in the hoarding of consumer data which emanates from Google, Facebook, Alibaba, and Baidu. Presently, artificial intelligence (AI) platforms give power to those few organizations that process a bulk of data. With sensors embedded in connected cars and devices across the IoT, there is the exponential rise in consumer data generated by these devices and stored in databases. A race has begun to get this data, which puts questions on privacy.
A blockchain is a decentralized, public digital ledger that keeps track of cryptocurrency transactions in a chronological order. Blockchains are considered disruptive to the financial world because no one person or body has complete control over the transactions. As a result, many consider this a more honest substitute for physical financial institutions like banks.
The blockchain technology protocol was first constructed by Satoshi Nakamoto. This technology works on the principle of transparency and the intent to distribute information to all parties concerned.
In this blockchain network, blocks of information are created for transactions which can be altered by anyone who has access to the blocks.
This technology protocol is now being used in the field of Artificial Intelligence. It allows AI engineers to create blocks of AI is open to other blocks of AI and work in tandem. While the technology itself is abstract right now, its potential could be parallel to that of the World Wide Web when it first started.
Blockchain allows users to share information and complete anonymous transactions. This technology is gaining hype. Blockchain offers an open, shared, decentralized data layer with data access to all stakeholders. These stakeholders include entities like city governments who use this technology to evaluate traffic patterns, car manufacturers who enhance driving experience, app developers who solve queries in real time, and healthcare providers who deliver personalized services on the basis of demographic profiles and usage patterns.
While blockchain has been trending only recently, most AI-savvy organizations have jumped into Blockchains to get consistency in their analytics. Professionals are curious to know what makes Blockchains so special, and therefore, enroll in an AI certification course to understand it.
The integration of Blockchain into AI
Not many people know the difference between artificial intelligence and machine learning. Despite this ambiguity, a lot is known and written about these two fields. The same, however, cannot be said for Blockchain. Surprisingly little is known about this field. Let’s understand the nature of Blockchain.
Most predictions and patterns are more accurate as compared to the knowledge mining that AI performs which uses incomplete, missing data most times. Moreover, between Blockchain and AI, the fallible human elements are eliminated.
Working examples explain its seamless potential
Here are the examples of real use cases that point out what Blockchain and AI can do together.
Similarly, it can monitor the migration of people, groups, and the percentage of terrorist health issues depending on those movements. As AI gets this information, predictions become faster that help government agencies make better decisions regarding immigration policies and health concerns.
Important Blockchains benefits
The main concern of Artificial Intelligence is with understanding the hidden patterns in Big Data resulting in autonomous machines whereas Blockchains have the primary concern with accurate records management, security, and relevance. Data sharing is the first benefit of Blockchain for AI.
As AI is associated with data, Blockchain becomes a gateway that leads to secure data transfer over the internet. A lot of processing time is what it saves between the points where the data is evolved and evaluated. Self-operating devices have autonomous nature, therefore, needs secure inter-device communication, one of the other problems that Blockchains can solve.
Moreover, Blockchains ensure that the data authentication on which AI models depend. The nature of machine learning models is “Trash In, Trash Out” - if there is any compromise over data used to develop the model, then the model results won’t be beneficial.
Blockchain technology delivers relevant data that has been checked by various people prior to its movement into a block. It cannot be changed and is available publicly. It is highly relevant than data that is delivered on unproven platforms with embedded errors.
Blockchain offers a trustworthy information source to retailers, governments, businesses, financial institutions, non-profits, health and educational organizations, scientific researchers thus enabling informed decision making.
AT&T wins in IoT, T-Mobile wins in Subscriber Gains, Sprint seeing Turnaroud, Verizon Holding Steady Leadership
Q4 2017 and End of Year Assessment of the “Top 4 Mobile Carriers”
AT&T adds 6.7M connections in 2017 including IoT, while T-Mobile reigns in Subscriber Adds
All four carriers have finished up their earnings calls, and Compass Intelligence just completed the final assessment of Q4 2017 and the entire 2017 analysis. In addition, Compass Intelligence evaluated the comparisons to previous quarters and year ending 2016 to 2017 in terms of improvements and declines. We do this each quarter to understand the subscriber and share changes, as well as evaluate the key trends taking place in the wireless industry for both consumer and B2B. We have been tracking the quarterly metrics since 2007. Some metrics are our own internal modeling and estimates, as the market does not report in all categories. A snapshot of Q4 2017 is below.
Compass Intelligence compared last quarter’s results to this quarter to show which metrics showed improvement over others (denoted by + or -).
Below are additional thoughts and insights based on the quarter and annual performance:
As shown above, overall the industry added an estimated 12.9M connections in 2017 compared to 21.5M connections in 2016, which represents a 3.1% change from 2016. While Verizon ended the year with the most connections at 144.4M connections, T-Mobile lead overall retail subscriber adds for the year, adding over 4.4M subscribers in 2017. AT&T’s growth was primarily driven by IoT connections, adding an estimated 7.4M connected device connections in 2017 (2M more than adds in 2016). Sprint had its own success story returning to positive net adds for the year, adding 488K in Q4 alone.
For access to our B2B market research and tracking services, click here.
Today marks an important time for women across the world as we celebrate International Women's Day during a time when brave women are speaking out about gender parity, coming together to fight against past assault issues, and focusing on lifting each other up in a supportive, empowered, and celebrated fashion. Being in the tech world all my life, I have experienced a host of issues with gender disparity in the workplace, and that was a major driver for me to start and run my own business. But today we celebrate women around the world as they pave the way for the younger generation to focus on STEM education, data science, coding, and technology. We celebrate those women making such a strong impact in the IoT sector, being visionaries and futurists in connecting, digitizing, and transforming companies across the globe. Below are a few of my favorite quotes from 4 females in the IoT and Emerging Tech Sectors...please help me celebrate women in tech on this special day!
GM IoT Solutions at Amazon Web Services
"I think we haven't seen [the growth of ambient intelligence] because of this ecosystem problem of how do we then distribute that additive value, how can we distribute that back to the vendors?" - Light Reading
President, Global Channel, OEM and IOT Solutions at Dell EMC
"We have to figure out how to evolve our training to address those solution sets that we've chosen as the starting point. IoT (Internet of Things) is the most obvious and glaring in my mind. That is such a sausage-making exercise right now for any type of solution to be put in place." - CRN.com
CEO NIO U.S
"Learning means ... sitting down with other people from different domains. Learning means discovering things, learning means reading things, learning means exposing yourself, pushing yourself [to do things] that you know people will tell you you can't do." - CNBC.com
"It’s similarly plausible that while the US and China produce technologies quickest, the first truly considered, ethically-sound and beneficial implementations could come from the European power sector." - Gigabit Magazine
Written By Stephanie Atkinson, CEO of Compass Intelligence
Enterprise Threat Modeling Provides the Needed Real-Time, Dynamic Perspective
by Archie Agarwal, CISSP
CEO & Founder
ThreatModeler Software, Inc
Cyber attacks and the associated risks are considered the number one concern by business leaders in advanced economies around the world. Leaders also perceive risks associated with cyber attacks as being the most likely risks to intensify in 2018. The identified attempts of attackers to locate and compromise system vulnerabilities rose a staggering 82% through the last half of 2017 alone, and the trending increase in new, advanced threats shows no signs of abatement. New exploit kits readily available on the dark web such as Sundown, RIG, and Neutrino allow even armature attackers to automate vulnerability searches, use advanced technologies to conceal the harvest of information, distribute ransomware or other malware payloads, or push persistent means to lure unsuspecting or unwary internet users.
Two-thirds of enterprises report the evolving threat landscape tops their list of business risks, yet only 20% of survey respondents are highly confident that their organization can manage and mitigate these risks.
At issue is more than the cost and reputational harm of a data breach. At worst a data breach presents a $50 million liability to a company with more than $1 billion in revenue – a material matter for the annual report, but nothing that cannot be overcome by a mature enterprise in 12 to 18 months. Equifax shares, for example, fell 34% in value immediately following their September 2017 announcement of a massive data breach, resulting in a loss of market value of almost $5.5 billion. However, in just five months shares in Equifax are trading 23% higher, and the company’s market value has rebounded by 43%.
This is not to say, as some have suggested, that it may not be worthwhile to recognize security events between reporting periods. On the contrary, the ability of large organizations to bounce back after a data breach is indicative only of the resiliency and resources that went into making a large enterprise. Furthermore, a breach of confidential consumer information, while potentially resulting in material reputational damage to the breached organization and substantial collateral damage collectively for the individuals connected with the breached information, is not the most significant cyber risk faced by businesses.
The bulk of a company’s value today – 80% or more – is derived from intangible assets. For companies on the S&P 500, intangible assets contribute up to 90% of market value. The point is, while public outrage, media attention, and hard-hitting regulations like the soon-to-be-enforced GDPR focus attention on the beaches of customer information, there is much more at stake. The loss of proprietary intellectual property, pre-published financials, or internal communiqués to a competitor through cyber espionage, even if eventually detected and legally defended, can materially harm a company or jeopardize its status as a going concern. Despite what is at stake, nearly three-quarters of organizations are “cyber novices,” having neither the strategy nor the execution to mitigate the risk of a potential or realized cyber-attack.
Interestingly, though, even if an organization is ranked among the elite 11% “cyber-experts,” they are just as likely to report a security incident as novice-level organizations. Apparently, attackers armed with automated exploit kits are not easily deterred by the number of guards at the gate or the defensive technology that may be in place. Increased spending alone on security technologies does not produce a more secure cyber environment.
In response, many business leaders, most notably from within the cyber insurance industry, are calling for better quantification of organizations’ cyber-exposure. The challenge, however, with which insurance providers and their customers struggle, is that quantifying cyber risk is fundamentally different from quantifying other types of risks.
Unlike traditional risk-assessment environments, an organization’s cyber environment is dynamic. Data moves to and fro throughout the office, even around the world, on a regular basis. The data is continuously changing, increasing, and being used to create new data. New applications are continually introduced. Cloud-based deployment environments expand and contract on demand. The number of IoT and mobile devices connected to the organization’s IT system continuously increases and often adds unowned and uncontrolled attack surface exposure. Moreover, organizations are increasingly bringing online industrial control and other cyber-physical systems to digitally operate everything from manufacturing plant equipment to office air conditioners. Executives and insurers cannot quantify an organization’s cyber-exposure unless and until they understand their threat portfolio and attacker population across the entire cyber ecosystem.
Security practitioners have attempted to understand the threats and attack patterns relevant to new applications through threat mapping for almost two decades. Threat mapping provides generalized understanding based on data flow diagrams of how individual assets can be attacked through the application being analyzed. Because it tends to be a slow, resource-intensive activity, however, the scope of what an organization can realistically investigate with threat mapping is annually limited to a few critical and high-risk applications in isolation – barely scratching the even the tip of an enterprise’s digital ecosystem. The result is that organizations can only attempt quantification of their cyber risk exposure based on static framework audits and analysis of cyber event histories. Doing so is about as expedient as navigating your commute to work while only looking in your rearview mirror. The mirror has its necessary function, but you need to be forward-looking to quantify and manage risk effectively.
Organizations need to develop a comprehensive, rigorous, structured set of security policies and processes that drive security end-to-end – before the incident or breach happens. The only way to achieve this within a dynamic environment is with enterprise threat modeling. Enterprise threat modeling analyzes the overall security risk posture across the full IT ecosystem – including the highly complex, multi-phased attack paths employed by today’s APT actors. Whereas threat mapping scratches the tip of the IT security iceberg, enterprise threat modeling allows organizational stakeholders to collaboratively hold the iceberg in their hands and view it from multiple perspectives. Enterprise threat modeling provides the “big picture,” in real-time, of the organization’s dynamic security posture. Automated enterprise threat modeling does for executives and security leaders what looking out the front window does for commuters on their way to work – to see what is coming, to quantify the risks, and to take the appropriate action before an event occurs.
About the Author
Anurag “Archie" Agarwal, CISSP, is the Founder & CEO of ThreatModeler Software, chief technical architect of ThreatModeler™, and the principal author of the VAST (Visual, Agile, and Simple Threat modeling) methodology. Archie has more than 20 years of real-world experience in threat and risk analysis and has been instrumental in the successful implementation of secure software development processes at a number of Fortune 1000 companies, thereby minimizing their exposure to cyber threats and improving their ability to mitigate risks. Before founding ThreatModeler Software in 2010, he was the Director of Education Services at WhiteHat Security.
Security Starts with ThreatModeler™ - the Industry's #1 Automated Threat Modeling Platform.
ThreatModeler™ is an innovative enterprise threat modeling platform that helps organizations fully integrate security into their SDLC and realize sustainable ROI on their security resources. The centralized threat framework automatically and seamlessly integrates security within existing agile and DevOps workflows. By identifying and mitigating potential security threats early in the SDLC – prior to implementing SAST and DAST, ThreatModeler™ simplifies efforts associated with developing secure applications. ThreatModeler™ then empowers enterprise IT organizations to map their unique secure requirements and policies directly into their enterprise cyber ecosystem – providing real-time situational awareness about their current threat portfolio and risk conditions.
ThreatModeler was specifically identify by Gartner in their Hype Cycle for Application Security, 2017, for automating “security requirements definition, risk assessment, and threat modeling,” with SDLC integration, which “can dynamically highlight potential security ramifications of functional requirements.”
ThreatModeler was awarded 1st place Winner of the Cybersecurity Excellence Award, 2017 and 2018, in the category of threat modeling product.
ThreatModeler was awarded Winner of the Cybersecurity Excellence Award, 2017 and 2018, in the category of threat modeling product.
Senior Director of Marketing
ThreatModeler Software, Inc
101 Hudson St
Jersey City, NJ 07302
 Drzik, John. “Cyber Risk is a Growing Problem. So how can we prepare?” World Economic Forum: New York. January 17, 2018.
 “Threat Landscape Report Q4 2017.” FortInet, Inc: Sunnyvale. February 2018.
 “By the Numbers: Global Cyber Risk Perception Survey.” Marsh LLC: New York. February 2018.
 Kvochko, Elena and Rajiv Pant. “Why Data Breaches Don’t Hurt Stock Prices.” Harvard Business Review. Harvard Business Publishing: Brighton. March 31, 2015.
 Skroupa, Christopher P. “How Intangible Assets are Affecting Company Value in the Stock Market.” Forbes. Forbes Media: Jersey City. November 1, 2017.
Welcome to the Compass Intelligence blog, where we cover hot topics in the industry, comment on latest news, and share recent research!