This document discusses issues with the current cybersecurity landscape and proposes alternative approaches. It notes that while organizations try to comply with regulations by checking boxes, breaches continue to occur regularly. It criticizes the proliferation of new compliance requirements, frameworks, and vendors that benefit from this system rather than improving security. The document suggests prioritizing communication, cooperation, understanding contexts, and focusing on prevention over reaction to improve the situation.
Voting Systems - ISSA Chicago Presentation 2020Chris Roberts
This document discusses issues with voting machine security and election integrity in the United States. It notes that major voting machine companies like ES&S, Dominion, and Hart still rely on outdated and insecure technology, with vulnerabilities like easy-to-guess default passwords and hundreds of thousands of lines of insecure source code. The document also outlines other security problems like a lack of paper audits trails and patching, as well as corruption within the voting machine industry. Overall, it argues that the current electronic voting systems in the US are insecure and cannot guarantee fair and accurate elections.
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
This particular presentation covers, at a high level, our national cybersecurity initiative. The content targets prospective high school students and delves into areas of computer science, information systems, and policy.
The document discusses various risks facing organizations with a web presence and provides recommendations to address those risks. It identifies issues such as security vulnerabilities, privacy concerns, social media risks, and analytics inaccuracies. It recommends that organizations conduct security audits, monitor their websites for hackability, disclose any required information, and stay aware of their site's performance, uptime, and what search engines are indexing about them.
Red vs. Blue Why we’ve been getting it wrong for 25 yearsEC-Council
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Given at the BugCrowd conference in January 2019, this was the first time for doing this deck.:
For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated.
Rapid fire talk going through a number of topics that we'd pre-selected...one slide on the question, 1-2 slides on an answer....
Much goodness, for reference, here's the subjects:
Planes: Lets go from myth to reality in a couple of slides, including updates since 2015
Transportation in general, cars, trucks, trains and ships….
Why can we still do this?
What’s not changed?
The technology, reactive, static vs. predictive
The humans, why do we ignore them?
Why this needs to change…what does the future hold?
Why DO we stare into the abyss, why do we continue to deny it
Hacking humans, molecular
Hacking humans, consciousness
Why DO we need to fix and HOW do we fix it?
Fix the human
Fix the basics
Intelligent systems working collaboratively with us
Augmented intelligence, the science of giving us the edge.
Collaborate
This document discusses protecting personal cybersecurity for high-value targets such as politicians, celebrities, and business executives. It outlines common hacking motivations like money, identity theft, and espionage. High-value targets are more susceptible due to greater amounts of public information and broader networks. The document then gives examples of how personal email and financial accounts could be compromised through malicious emails and website hacking. Finally, it provides a top ten list of cybersecurity best practices like using encryption, updating software, backing up data, and practicing good password hygiene to help prevent attacks.
We focus on Invisible Interfaces and their influence on digital experiences. With the advent of 5G creating the foundation for the increased adoption of ‘invisibility’ in our interaction with technology – we’ll discuss what this could mean for the UX and CX industry.
Voting Systems - ISSA Chicago Presentation 2020Chris Roberts
This document discusses issues with voting machine security and election integrity in the United States. It notes that major voting machine companies like ES&S, Dominion, and Hart still rely on outdated and insecure technology, with vulnerabilities like easy-to-guess default passwords and hundreds of thousands of lines of insecure source code. The document also outlines other security problems like a lack of paper audits trails and patching, as well as corruption within the voting machine industry. Overall, it argues that the current electronic voting systems in the US are insecure and cannot guarantee fair and accurate elections.
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
This particular presentation covers, at a high level, our national cybersecurity initiative. The content targets prospective high school students and delves into areas of computer science, information systems, and policy.
The document discusses various risks facing organizations with a web presence and provides recommendations to address those risks. It identifies issues such as security vulnerabilities, privacy concerns, social media risks, and analytics inaccuracies. It recommends that organizations conduct security audits, monitor their websites for hackability, disclose any required information, and stay aware of their site's performance, uptime, and what search engines are indexing about them.
Red vs. Blue Why we’ve been getting it wrong for 25 yearsEC-Council
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Given at the BugCrowd conference in January 2019, this was the first time for doing this deck.:
For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated.
Rapid fire talk going through a number of topics that we'd pre-selected...one slide on the question, 1-2 slides on an answer....
Much goodness, for reference, here's the subjects:
Planes: Lets go from myth to reality in a couple of slides, including updates since 2015
Transportation in general, cars, trucks, trains and ships….
Why can we still do this?
What’s not changed?
The technology, reactive, static vs. predictive
The humans, why do we ignore them?
Why this needs to change…what does the future hold?
Why DO we stare into the abyss, why do we continue to deny it
Hacking humans, molecular
Hacking humans, consciousness
Why DO we need to fix and HOW do we fix it?
Fix the human
Fix the basics
Intelligent systems working collaboratively with us
Augmented intelligence, the science of giving us the edge.
Collaborate
This document discusses protecting personal cybersecurity for high-value targets such as politicians, celebrities, and business executives. It outlines common hacking motivations like money, identity theft, and espionage. High-value targets are more susceptible due to greater amounts of public information and broader networks. The document then gives examples of how personal email and financial accounts could be compromised through malicious emails and website hacking. Finally, it provides a top ten list of cybersecurity best practices like using encryption, updating software, backing up data, and practicing good password hygiene to help prevent attacks.
We focus on Invisible Interfaces and their influence on digital experiences. With the advent of 5G creating the foundation for the increased adoption of ‘invisibility’ in our interaction with technology – we’ll discuss what this could mean for the UX and CX industry.
Zoomer Show Presentation_October 31-2015David Cooper
This document advertises Tech123 Ltd, a company that provides in-home technology tutoring for seniors. It outlines that many seniors only know the basics of their technology and often rely on family for help. Tech123 aims to empower seniors by teaching them skills like online banking, video chatting, and social media. Their advisors are trained professionals and mature adults recruited from colleges and associations. Advisors provide personalized tutoring sessions in clients' homes to teach technology usage and leave written guides. Clients can pay by credit card or cheque. The goal is for seniors to feel comfortable with their technology and stay connected.
This document discusses how technology affects us and how we use it. It provides information on using online templates, tracking success, iCloud advantages and disadvantages, computer safety rules, malware, internet etiquette, and profiles. Technology impacts us in many ways and we must use it carefully. The conclusion reiterates that technology affects our lives daily but we need to be mindful in our usage.
Cyber security is defending people, data, systems, programs, networks and mobiles from digital attacks. The document discusses why cyber security is important for both personal and business reasons. Cybercrime resulted in $1.5 trillion in revenues in 2018 according to FBI stats. For businesses, cyber attacks can result in costs from business interruption, loss of reputation, non-compliance penalties and changing privacy laws. Both businesses and individuals are encouraged to practice cyber safety by using protection solutions, avoiding clicking on suspicious links, and regularly changing passwords.
This talk was done at OGGCamp 2013 and the theme was to discuss that balance between how security is not advancing as fast as the criminal.
I also talk about the security supply chain and also bring in evidence from 'The Beat' and 'echoSEC' and how location tags may harm your presence online.
This document discusses privacy issues related to libraries. It begins by distinguishing between security problems that inadvertently violate privacy and legal uses of information that can still violate privacy. It explores definitions of privacy, why privacy matters for intellectual freedom and concerns over vulnerable individuals. The document examines how freedom to read relates to privacy historically and today. It reviews potential privacy laws and policies, why privacy problems occur, and known privacy issues regarding public records, reidentification, email, commercial privacy violations on the web and examples related to Facebook, ebooks, Amazon and social media buttons.
Cybercrime and the Developer: How to Start Defending Against the Darker Side...Steve Poole
JavaOne 2016 Talk
In the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviors you must change) to create a more secure Java application for the cloud. The world of the cybercriminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
Ethics in Data Science and Machine LearningHJ van Veen
Introduction and overview on ethics in data science and machine learning, variations and examples of algorithmic bias, and a call-to-action for self-regulation. Given by Thierry Silbermann as part of the Sao Paulo Machine Learning Meetup, theme: "Ethics".
https://www.linkedin.com/in/thierrysilbermann
https://twitter.com/silbermannt
https://github.com/thierry-silbermann
The document discusses the impacts of technology on youth. It begins by noting how technology has integrated into youth lifestyle and how Indian youth are fast adopters of digital technology. It then discusses both benefits and adverse effects of technology on youth under headings like e-learning, entertainment, social networking, and health issues. The document also touches on concepts like internet addiction, plagiarism, lack of communication skills, and instant gratification due to technology overuse among youth.
Chimps and Jelly: Thoughts on influencing colleagues and clientsWorkplace Trends
Presentation by Iain Smith of Network for Skills at Workplace Trends Planning for People Conference on October 11th 2016. More info: http://www.mem-events.com/news-were-tweeting-workplace-trends-live-here!-88
Integrity AI and Geospatial Keynote 2023Ed Morrissey
StL TechWeek keynote presentation given by Ed Morrissey of Integrity Web Consulting covering exponential growth and generational technophobia as concerns with AI and Geospatial.
This document provides an overview of a workshop on building digital communication skills. It introduces the facilitator, Alex Wills, and their background and qualifications. It outlines some of the key topics that will be covered, including online safety, cyberbullying, digital footprints and online reputation. It discusses establishing group agreements like confidentiality. It also presents some statistics about teen technology use and risks online. The workshop aims to help participants improve their digital communication, safety and responsibility.
The document discusses getting started with social media transparency. It recommends establishing measurable goals and committing to the process before beginning. It also emphasizes the importance of having quality content and breaking down communication silos. The document provides various tools for scheduling, tracking, and measuring social media engagement and impact over time.
IAC21: Shedding Light on Dark Patterns.pdfNoreen Whysel
You’ve been there before. You thought you could trust someone with a secret. You thought it would be safe, but found out later that they blabbed to everyone. Or maybe they didn’t share it, but the way they used it felt manipulative. You gave more than you got and it didn’t feel fair. But now that it’s out there, do you even have control anymore?
Ok. Now imagine that person was your supermarket. Or your bank. Or your boss.
“When it comes to the future, there are three kinds of people: those who let it happen, those who make it happen, and those who wonder what happened.”
-- John M. Richardson, Jr.
The rate of change that both customers and businesses have to deal with today, is nothing short of phenomenal. Now imagine the world that the children of today and your customers of tomorrow are going to grow up in…
Delving into the Net Generation and the Next Net Generation, this keynote is a trip into the future, through the eyes of the children that will grow up in it. Part inspiring, part scary - Future Kids Future Customers is an in-depth examination of how our culture will become affected by the technology around us and the social and market changes it is causing. It will make you re-look at your business model, re-examine your customer service strategy, re-invent your products and re-convene your strategy team.
The future waits for no one. Better to be prepared.
Presentation created for students about the concept of Digital Citizenship. This presentation also explores scenarios related to digital citizenship which effect students.
Jax london2016 cybercrime-and-the-developerSteve Poole
In the emerging world of DevOps and the Cloud, most developers are trying to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resiliency and scaling to an application. Still, one critical item consistently overlooked is security.
The world of the Cyber Criminal is closer than you realize. Watch a real man-in-the-middle demonstration and learn just how simple it can be for others to steal your secrets. In this talk you’ll learn about other practical examples of how you can inadvertently leave the doors open and what you can do to keep your system secure. In the end, security is everyone’s concern and this talk will teach you a few of simple actions you can take (and some behaviours you must change) to create a more secure application in the Cloud.
Basic Security for Digital Companies - #MarketersUnbound (2014)Justin Bull
Speaking about how to go about taking security seriously in a digital company. Be it from scratch, or fixing a legacy codebase, learn from Canada Revenue Agency's Heartbleed mess-up and advice from a white-hat hacker.
This document discusses various topics related to technology including advantages and disadvantages of cloud computing, the importance of charts, what plagiarism and malware are, netiquette guidelines, and reasons to use social networks. It also includes sections on online templates, a profile page discussing interests, and sources used in the report. The overall report aims to inform the reader about different technologies they may or may not have known about previously.
Openbar Leuven // Ethics in technology - Laurens Somers Openbar
At Monkeyshot, we ask ourselves where exactly the athical boundaries lie in our ever more digitalised society. Which information do we share, and with whom? Which things do we better keep to ourselves instead of sharing them? To what extent do we allow technology in our lives? In a fun, interactive session, we try to find an answer to all these questions. You will be able to vote, debate and share ideas. Let us know in which (digital) society you would like to live!
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Zoomer Show Presentation_October 31-2015David Cooper
This document advertises Tech123 Ltd, a company that provides in-home technology tutoring for seniors. It outlines that many seniors only know the basics of their technology and often rely on family for help. Tech123 aims to empower seniors by teaching them skills like online banking, video chatting, and social media. Their advisors are trained professionals and mature adults recruited from colleges and associations. Advisors provide personalized tutoring sessions in clients' homes to teach technology usage and leave written guides. Clients can pay by credit card or cheque. The goal is for seniors to feel comfortable with their technology and stay connected.
This document discusses how technology affects us and how we use it. It provides information on using online templates, tracking success, iCloud advantages and disadvantages, computer safety rules, malware, internet etiquette, and profiles. Technology impacts us in many ways and we must use it carefully. The conclusion reiterates that technology affects our lives daily but we need to be mindful in our usage.
Cyber security is defending people, data, systems, programs, networks and mobiles from digital attacks. The document discusses why cyber security is important for both personal and business reasons. Cybercrime resulted in $1.5 trillion in revenues in 2018 according to FBI stats. For businesses, cyber attacks can result in costs from business interruption, loss of reputation, non-compliance penalties and changing privacy laws. Both businesses and individuals are encouraged to practice cyber safety by using protection solutions, avoiding clicking on suspicious links, and regularly changing passwords.
This talk was done at OGGCamp 2013 and the theme was to discuss that balance between how security is not advancing as fast as the criminal.
I also talk about the security supply chain and also bring in evidence from 'The Beat' and 'echoSEC' and how location tags may harm your presence online.
This document discusses privacy issues related to libraries. It begins by distinguishing between security problems that inadvertently violate privacy and legal uses of information that can still violate privacy. It explores definitions of privacy, why privacy matters for intellectual freedom and concerns over vulnerable individuals. The document examines how freedom to read relates to privacy historically and today. It reviews potential privacy laws and policies, why privacy problems occur, and known privacy issues regarding public records, reidentification, email, commercial privacy violations on the web and examples related to Facebook, ebooks, Amazon and social media buttons.
Cybercrime and the Developer: How to Start Defending Against the Darker Side...Steve Poole
JavaOne 2016 Talk
In the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviors you must change) to create a more secure Java application for the cloud. The world of the cybercriminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
Ethics in Data Science and Machine LearningHJ van Veen
Introduction and overview on ethics in data science and machine learning, variations and examples of algorithmic bias, and a call-to-action for self-regulation. Given by Thierry Silbermann as part of the Sao Paulo Machine Learning Meetup, theme: "Ethics".
https://www.linkedin.com/in/thierrysilbermann
https://twitter.com/silbermannt
https://github.com/thierry-silbermann
The document discusses the impacts of technology on youth. It begins by noting how technology has integrated into youth lifestyle and how Indian youth are fast adopters of digital technology. It then discusses both benefits and adverse effects of technology on youth under headings like e-learning, entertainment, social networking, and health issues. The document also touches on concepts like internet addiction, plagiarism, lack of communication skills, and instant gratification due to technology overuse among youth.
Chimps and Jelly: Thoughts on influencing colleagues and clientsWorkplace Trends
Presentation by Iain Smith of Network for Skills at Workplace Trends Planning for People Conference on October 11th 2016. More info: http://www.mem-events.com/news-were-tweeting-workplace-trends-live-here!-88
Integrity AI and Geospatial Keynote 2023Ed Morrissey
StL TechWeek keynote presentation given by Ed Morrissey of Integrity Web Consulting covering exponential growth and generational technophobia as concerns with AI and Geospatial.
This document provides an overview of a workshop on building digital communication skills. It introduces the facilitator, Alex Wills, and their background and qualifications. It outlines some of the key topics that will be covered, including online safety, cyberbullying, digital footprints and online reputation. It discusses establishing group agreements like confidentiality. It also presents some statistics about teen technology use and risks online. The workshop aims to help participants improve their digital communication, safety and responsibility.
The document discusses getting started with social media transparency. It recommends establishing measurable goals and committing to the process before beginning. It also emphasizes the importance of having quality content and breaking down communication silos. The document provides various tools for scheduling, tracking, and measuring social media engagement and impact over time.
IAC21: Shedding Light on Dark Patterns.pdfNoreen Whysel
You’ve been there before. You thought you could trust someone with a secret. You thought it would be safe, but found out later that they blabbed to everyone. Or maybe they didn’t share it, but the way they used it felt manipulative. You gave more than you got and it didn’t feel fair. But now that it’s out there, do you even have control anymore?
Ok. Now imagine that person was your supermarket. Or your bank. Or your boss.
“When it comes to the future, there are three kinds of people: those who let it happen, those who make it happen, and those who wonder what happened.”
-- John M. Richardson, Jr.
The rate of change that both customers and businesses have to deal with today, is nothing short of phenomenal. Now imagine the world that the children of today and your customers of tomorrow are going to grow up in…
Delving into the Net Generation and the Next Net Generation, this keynote is a trip into the future, through the eyes of the children that will grow up in it. Part inspiring, part scary - Future Kids Future Customers is an in-depth examination of how our culture will become affected by the technology around us and the social and market changes it is causing. It will make you re-look at your business model, re-examine your customer service strategy, re-invent your products and re-convene your strategy team.
The future waits for no one. Better to be prepared.
Presentation created for students about the concept of Digital Citizenship. This presentation also explores scenarios related to digital citizenship which effect students.
Jax london2016 cybercrime-and-the-developerSteve Poole
In the emerging world of DevOps and the Cloud, most developers are trying to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resiliency and scaling to an application. Still, one critical item consistently overlooked is security.
The world of the Cyber Criminal is closer than you realize. Watch a real man-in-the-middle demonstration and learn just how simple it can be for others to steal your secrets. In this talk you’ll learn about other practical examples of how you can inadvertently leave the doors open and what you can do to keep your system secure. In the end, security is everyone’s concern and this talk will teach you a few of simple actions you can take (and some behaviours you must change) to create a more secure application in the Cloud.
Basic Security for Digital Companies - #MarketersUnbound (2014)Justin Bull
Speaking about how to go about taking security seriously in a digital company. Be it from scratch, or fixing a legacy codebase, learn from Canada Revenue Agency's Heartbleed mess-up and advice from a white-hat hacker.
This document discusses various topics related to technology including advantages and disadvantages of cloud computing, the importance of charts, what plagiarism and malware are, netiquette guidelines, and reasons to use social networks. It also includes sections on online templates, a profile page discussing interests, and sources used in the report. The overall report aims to inform the reader about different technologies they may or may not have known about previously.
Openbar Leuven // Ethics in technology - Laurens Somers Openbar
At Monkeyshot, we ask ourselves where exactly the athical boundaries lie in our ever more digitalised society. Which information do we share, and with whom? Which things do we better keep to ourselves instead of sharing them? To what extent do we allow technology in our lives? In a fun, interactive session, we try to find an answer to all these questions. You will be able to vote, debate and share ideas. Let us know in which (digital) society you would like to live!
Similar to 2022 - Killer Bunny - TPRA Conference.pptx (20)
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
3. Who’s The Hairy Thing?
Geek &
Dr. Dark
Web
Researcher Hacker
Dad
Chris.roberts@boomsupersonic.co
m
@Sidragon1 (LinkedIn AND Twitter)
Boom
Supersonic
4. Agenda
• Pat on the back?
• Y’all got a nice tick in the box...
• Why THIS talk?
• Isn’t everything ok?
• Audits
• Breeding like rabbits
• Choice
• Choice IS good, too much choice corrupts
• You
• The authorities...
• The businesses
• Passing the cost along
• So, what next?
• ...
6. You Ticked The Boxes...
You have a security posture
You integrate your teams
You have digital cybersurveillance
You‘ve passed audits
You’ve done your awareness training
You have a trustworthy system
You use encryption
You have good security folks..
26. I MEAN Booming!!
• The global average mean time to identify a data breach is 197 days.
• The mean time to recover from a data breach is around 70 days.
• 76% of organizations were targeted by a phishing attack in the past 12 months.
• 75% companies say a data breach has caused a material disruption to business
processes.
• The global average cost of a breach is around $4m.
• We are losing an average of 22.5 million records a DAY.
• Statistically you now have a 33% chance of being breached in the next 24 months.
• USA is still the most popular target, 57% of breaches, 97% of the data...
67. Reality!
• It takes 1 minute to convince you to hand me your email…
• It takes 1 free offer to get your phone number…
• It takes 1 time to get you to click an email…
• It takes 1 connection with your Bluetooth or wireless…
• It takes 1 guess to work out you re-use your passwords…
• It takes 1 minute with your unattended electronics…
• It takes 1 connection on your social media networks…
YET…
• It takes 7-20 times to get through to you about awareness
69. Communication: Take time to exchange ideas with
each other…
Cooperation: Independent goals, with an aim to share
data
Coordination: ALL rowing in same direction for once…
Collaboration: The whole is greater than the sum of its
parts
86. Assets, what do you have?
Assets, where are they?
Who’s got access to them, and why?
What DO they do, what is their purpose?
What’s on them?
Which ones do you need to care about?
87. When NOT What if…
“…million-to-one
chances… crop up nine
times out of ten.”
88. Closing
“I know you won't believe me, but the highest
form of Human Excellence is to question
oneself and others.”
89. Feeling left out?
Feeling helpless?
Feeling like you want in?
THEN TALK WITH PEOPLE..
Anyone around you!
Everyone close to you!
ALL the people...
90. “We may have all come on different ships, but we’re in the
same boat now”
Martin LutherKing, Jr.
Good Morning, thank you for having me, and welcome to a slightly different approach to explaining what IS going on in the industry AND world around us all. You ARE going to have a LOT of people talk with you about ALL sorts of issues from maritime, to smart weapons, to EMP’s and how the world is basically wanting to take us down....
HOWEVER
FIRST we have to solve OUR OWN problems, the fact that WE are doing a piss poor job of looking after ourselves AND each other... THE Fight within....
This isn’t going to be nice; it’ll be blunt, informative and should make you think about things the next time you go near a keyboard...
Moby Dick:
Because MOST of the security industry is chasing “around” 31,000 larger enterprise sized companies for their business. The list is well known, circulated and targets are on the backs of ALL the C-Suite, most of the technical folks and the MSP/VARS that support them.
Yes... This IS a thing.... We now apparently pat ourselves on the back for being bloody unicorns...
The global average mean time to identify a data breach is 197 days.
The mean time to recover from a data breach is around 70 days.
76% of organizations were targeted by a phishing attack in the past 12 months.
75% companies say a data breach has caused a material disruption to business processes.
The global average cost of a breach is around $4m.
We are losing an average of 22.5 million records a DAY.
Statistically you now have a 33% chance of being breached in the next 24 months.
USA is still the most popular target, 57% of breaches, 97% of the data in last 24 months
Welcome to the root of ALL.. The humble tick in the box
You know the ones...
Do you have a firewall?
NOT is it out of the shrink wrap or anything
Dammit, now they want to know IF it’s actually turned on
The Security industry circles them like packs of hyena or vultures waiting for one of them to fall, get breached, or for a vendor to be thrown out… pouncing on the fresh kill with glee…
SOX, SOX2, Healthcare, PCI, FERC, NERC, NIST, CMMC, Etc.
One wants to know IF we have something, the other wants to know what color it is, and CMMC want’s to know IF it’s plugged into the Pentagon...
PC can only use QSA’s
SOX needs accountants and lawyers
CMMC wants it’s own folks
FERC and NERC needs wizards with magic misslies
Etc.
You can only join OUR club if you “fit” or pay enough....
Elitist anyone?
Sorry, not enough time to tick the box, have to build our auditing empire and take over all the others......
Welcome to the bastard children spawned from Vulture capitalism and DEFCON
We’re short millions of people
We’re minting millionaires daily
We’re attracting millions in investment weekly
Etc.
2021 anticipated numbers....
Not content with keeping stuff in one place, we have devised MORE ways to spread it all over the place, now we hide it all over the planet consuming great quantities of energy (BitCoin alone consumes enough energy to almost make it into the top 10 country list of energy consumers)
Where one goes, the others follow soon after, think of us as a plague of locust.
Used to be web-app-database.
hahahahahahah
An example of adversarial perturbation attack (deviation) used to evade classifiers… (other include cats to dogs, and STOP signs to SPEED signs…)
We modified 0.005% of the data in the image.
AND with about an hour inside YOUR environment I can turn Javelin, Carbon Black, AND Clownstrike against themselves and DoS your own systems.... (2018/2019)
Each of those layers has it’s own tick boxes, own challenges, own regulatory bodies and ways that they need to be used/adhered to/worked with/managed/reported on....
Ah, yep, this one… IF I speak nice words to it OR sacrifice the odd intern to the computer room it’ll all be ok?!? This ISN’T going to work, you can’t ignore that Windows 95 system OR BYOD any longer.
Oh yea, incase anyone forgot Compliance does NOT equal security, it’s a fallacy and one we sell to companies AL the time
Yup
Even though you purchased the EDR, XDR, EIGRP, NAS, NAC, IDS/IPS, DLP, HIDS,
Heck you got acronym soup and your shit’s still insecure.....
Who us? We might have mentioned 100% protection BUT if you read the fine print you’d realize that only IS the case in a controlled environment.... Which means IF you turn the computer on you’ve voided the warranty
Accountability anyone?
Ah, well what we say and what we do ARE two different things....
CAN I offer you hostage (I mean ransomware) negotiation services?
How about Incident response prepay?
Or a discount on your next hacker proof piece of software?
No perimeter
No barriers
No control
No asset management
No basics
No chance.
Because...
Attribution sucks.
Bad attribution is brinkmanship
Really bad attribution is war
(although we’re already AT war, just nobody want’s to tell the Internet)
Why get a pittance for bug bounties when I can make bank selling the exploits to our own government (or someone elses)
You don’t listen
You are a ONE way street
The intel you share is stale
AND the very people whom you SHOULD listen to, you alienate for the most part
Your field offices are a joke
Hi, this is the FBI, look we’ve been watching your computes for a while, they got breached and we’ve been using them to gather evidence, hope you don’t mind leaving them on......
Really?!?
You care about prosecutions and headlines, not helping.
Might as well get some, nothing else is going to help, so at least WHEN I get breached I can go drown my sorrows in good whisky and bourbon OR tea.
Let’s have a frank discussion… this IS where many of you are at!
Another work of fiction coming up......
Take a leaf out of the Visa/MasterCard book of business, charge the banks, who charge the companies, and they in turn charge the consumers for all this additional overhead....
At the end of the day the patsy/sorry customer will pay, they don’t have a choice.
Apparently MANY of you don’t think you do...
OR that the cost OF putting that tick in the box is too high, so might as well just fly under the radar OR respond to ALL the requests with “working on it” and send the same plan to everyone, after all who the hell checks....
Don’t even THINK of playing this game!!
Welcome to 2021, the insurance companies have woken up and are finally NOT always simply believing your SAQ works of fiction... That checkbox is now going to be examined and woe betide you if you’ve lied.....
Although, lets face it lying IS part of commerce apparently
Got found out?
Got breached?
Got a smack on the wrist coming up?
LEARN how to cry in public and apologize (or appear contrite)
Free first lesson, heck we know you’ll be back.
Money talks, and in the trifecta of our industry nothing talks louder than reoccurring revenues. What better way to generate those venture capital multipliers than to lock an entire population up and subject them to a battery of tests, exams, checks, probes, assessments, along with reams of paperwork? What’s better? Not just to do it once BUT do it quarterly, heck even monthly in some cases. Oh, while we’re at it lets increase the revenue streams by dividing the pie up... we can call it data, show folks how each different element needs its own set of checks, balances, and folks crawling ALL over your systems on a regular basis. We ALL win, heck even the consumer wins... They get free credit reporting for life!!
Lets face it, YOU aren’t going to change a damm thing by chasing one criminal at a time, YOU won’t fix anything by hassling US the hackers, and you won’t stop taking people’s money... So yea, go ahead and ignore the tick in the box, nothings REALLY going to happen TO you.
Heck even GDPR can’t get its shit together and we has high hopes for that.... There’s a queue of folks waiting to be assessed and not enough hands to go round...
Good question, the general population’s not woken up
The industry’s making bank (360 billionaires and counting)
You’re not making progress
The adversaries appear to be happy to just bleed us slowly and not kill us (yet)
So, yea, probably, at least until I retire, then someone else can deal with it...
Let’s look at some options....
Stop bloody fighting it with red tape, compliance regulations, and bullshit that slows things down
Best Buy? MicroCentre? Craigslist? Or go out onto the job market to compete for talent, or bring in an MSP/MSSP? How do you even benchmark them when there’s no Angie’s list to even evaluate them against? What questions DO you ask, HOW do you contact them, choose one, and what the hell is a bake off?
Let’s face it, that’s not likely to solve ALL the issues, so how DO we change things?
This is one of the core one, you get sold that perfect solution ONLY to find when things go wrong it’s NOT their fault, have you EVER read that agreement, that software license OR the contract that basically says it’s all YOUR fault, we get you coming, going AND in the middle AND then when it all breaks, we charge you twice as much to fix it all back up and start you again…
NOTHING is 100%
NOBODY can “keep you secure”
ALL we can do (IF you listen and/or accept help) is to reduce your risk
ALL we can do is educate
We HAVE to reduce the complexity within our offerings!
Too many screens
Too many things to go wrong
Too many things to forget AND not enough hands to go round let alone catch it when it all comes crashing down
In our industry we are great at talking, at explaining ourselves AND we do it in a way that nobody understands ½ the time….
Talk in English or your native language
Listen with BOTH ears AND shut up once in a while.
360,000 NEW pieces of malware, viruse, trojan, programs every day.....
Kali is the Hindu goddess (or Devi) of death, time, and doomsday and is often associated with sexuality and violence but is also considered a strong mother-figure and symbolic of motherly-love
Don’t feel like spending days or weeks dealing with assessments, vendors or other things, how about a nice simple game of D&D for business… How about throwing out a few scenario’s and seeing HOW you would fare?
It doesn’t always end well, BUT at least it’s happening in a TAME environment!!
I cannot over-emphasize this... Seriously the only way WE ALL win is if we work together!!
FBI take fucking note!!
Evaluate VENDORS BEFORE you bloody sign up!
Because this IS how much some of them care about YOU!
Yea, that “we consolidate into a single pane of glass...”
You ARE allowed to taser vendors.
SIMPLE THINGS!!!! STOP Complicating it, STOP wrapping it in red tape!!
The Late Sir Terry Pratchett. It’s NEVER “what if” or ”never” or “maybe” it’s got to be a Plan for WHEN
No matter what I say, what I’ve said, no matter how I’ve talked about it, many of you won’t do anything, some of you will do a little and hopefully ONE or two of you will do enough to NOT end up on the wrong side of an incident in the near future. For those of you who don’t do anything because security problems only happen to others, then I wish you luck, and will see you soon enough.