Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe HarborRay Potter
HIPAA’s Safe Harbor provision is well-known: If PHI is encrypted so that it's unusable, unreadable, or indecipherable to unauthorized individuals, breach notifications aren’t required. However, the U.S. government considers that encryption not validated by NIST to FIPS 140-2 standards is the equal of plaintext. In other words, healthcare providers are rarely in full compliance with the federal benchmark. While governing bodies have been overlooking this incongruity, it is inevitable that the FIPS 140-2 cryptographic standard will be imposed on healthcare providers in the near future. This presentation will prepare attendees for this major hurdle.
Presented at ISACA's EuroCACS 2015 (Copenhaguen).
Understand the impact of Industrial Control Systems (ICS) on the security ecosystem.
Expand the knowledge on SCADA systems and how cyberattacks can have physical consequences, bridging the cyber and physical worlds.
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
Presented: BSidesDC 2015, Washington, DC, October 18, 2015
YouTube Video @ https://youtu.be/v3LBywLthjY
Determining the overall health and security of an industrial control system (ICS) network is currently done by looking at the negative case. If the network infrastructure devices indicate that all the devices are connected and communicating, then the network must be operating correctly. If the controllers indicate that they are able to communicate with the other devices in the system, then the system must be operating correctly. If the network security monitoring (NSM) or security information and event management (SIEM) system are not indicating any security events, then the system must be operating correctly. In each of these cases, the assumption is that the system is operating correctly if there are no errors or events being indicated by any of the devices. In reality, the actual health and security of the system can only be determined by positive conditions. The communication streams need to be measured to determine that they are operating within certain limits based upon a desires set of conditions, like rate and maximum latency. Many controllers keep track of these factors for real-time communications, however they are often only recorded as averages and not high-fidelity measurements.
This paper presents an approach to analyzing the real-time network traffic performance of an ICS by measuring the jitter and latency associated with individual network traffic streams in the system. By using statistical and mathematical analysis of the high-fidelity jitter and latency data, a network reliability factor can be determined and used to indicate the health of those traffic streams. The author will present a method to combine the individual network reliability factors into a network reliability monitoring system. Lastly, the author will discuss how network reliability monitoring can be used to indicate potential security problems by observing the network traffic patterns.
Remote Access Management of your Industrial and Utility assets can be challenging with expensive truck rolls and field visits. With the kalki.io Remote Access Management solution you can manage and maintain your asset remotely over a secure infrastructure that is TLS1.2/1.3 ready.
Cloud-based delivery enables your technicians and engineers to be located anywhere in the world and troubleshoot, engineer, re-engineer, configure or update the firmware of your assets in minutes.
Role-based access control based security infrastructure ensures that only authorized users with necessary privileges are allowed to access your asset. Further at all times you and your customers know who is doing what on your assets.
Learn more at www.kalki.io
Cloak your critical industrial control systems before they get hackedTempered
Learn how cloaking allows you to safely connect your ICS networks and SCADA systems with end to end encryption. Easy to deploy, manage and maintain--without IT security skills.
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe HarborRay Potter
HIPAA’s Safe Harbor provision is well-known: If PHI is encrypted so that it's unusable, unreadable, or indecipherable to unauthorized individuals, breach notifications aren’t required. However, the U.S. government considers that encryption not validated by NIST to FIPS 140-2 standards is the equal of plaintext. In other words, healthcare providers are rarely in full compliance with the federal benchmark. While governing bodies have been overlooking this incongruity, it is inevitable that the FIPS 140-2 cryptographic standard will be imposed on healthcare providers in the near future. This presentation will prepare attendees for this major hurdle.
Presented at ISACA's EuroCACS 2015 (Copenhaguen).
Understand the impact of Industrial Control Systems (ICS) on the security ecosystem.
Expand the knowledge on SCADA systems and how cyberattacks can have physical consequences, bridging the cyber and physical worlds.
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
Presented: BSidesDC 2015, Washington, DC, October 18, 2015
YouTube Video @ https://youtu.be/v3LBywLthjY
Determining the overall health and security of an industrial control system (ICS) network is currently done by looking at the negative case. If the network infrastructure devices indicate that all the devices are connected and communicating, then the network must be operating correctly. If the controllers indicate that they are able to communicate with the other devices in the system, then the system must be operating correctly. If the network security monitoring (NSM) or security information and event management (SIEM) system are not indicating any security events, then the system must be operating correctly. In each of these cases, the assumption is that the system is operating correctly if there are no errors or events being indicated by any of the devices. In reality, the actual health and security of the system can only be determined by positive conditions. The communication streams need to be measured to determine that they are operating within certain limits based upon a desires set of conditions, like rate and maximum latency. Many controllers keep track of these factors for real-time communications, however they are often only recorded as averages and not high-fidelity measurements.
This paper presents an approach to analyzing the real-time network traffic performance of an ICS by measuring the jitter and latency associated with individual network traffic streams in the system. By using statistical and mathematical analysis of the high-fidelity jitter and latency data, a network reliability factor can be determined and used to indicate the health of those traffic streams. The author will present a method to combine the individual network reliability factors into a network reliability monitoring system. Lastly, the author will discuss how network reliability monitoring can be used to indicate potential security problems by observing the network traffic patterns.
Remote Access Management of your Industrial and Utility assets can be challenging with expensive truck rolls and field visits. With the kalki.io Remote Access Management solution you can manage and maintain your asset remotely over a secure infrastructure that is TLS1.2/1.3 ready.
Cloud-based delivery enables your technicians and engineers to be located anywhere in the world and troubleshoot, engineer, re-engineer, configure or update the firmware of your assets in minutes.
Role-based access control based security infrastructure ensures that only authorized users with necessary privileges are allowed to access your asset. Further at all times you and your customers know who is doing what on your assets.
Learn more at www.kalki.io
Cloak your critical industrial control systems before they get hackedTempered
Learn how cloaking allows you to safely connect your ICS networks and SCADA systems with end to end encryption. Easy to deploy, manage and maintain--without IT security skills.
Robust Cyber Security for Power UtilitiesNir Cohen
The security of critical networks is at the center of attention of industry and government regulators alike. Check Point and RAD offer a joint end-to-end cyber security solution that protects any utility operational technology (OT) network by eliminating RTU and SCADA equipment vulnerabilities, as well as defends against cyber-attacks on the network’s control and data planes. This solution brief explains how the joint solution enables compliance with NERC-CIP directives, provides deep visibility and control of ICS/SCADA communications, and allows secure remote access into OT networks.
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
This talk is about how to get into ICS security, whether you’re a control system engineer or an IT security analyst. It will cover the basic paths you can take to get involved, including some helpful resources and standards to help get you started. The ICS Security industry needs more people to help protect Critical Infrastructure!
In today’s connected world, cyber security is a topic that nobody can afford to ignore. In recent years the number and frequency of attacks on industrial devices and other critical infrastructure has risen dramatically. Recent news stories about hackers shutting down critical infrastructure have left many companies wondering if they are vulnerable to similar attacks. In this webinar we will discuss the most common security threats and unique challenges in securing industrial networks. We will introduce the current standards and share some useful resources and best practices for addressing industrial cyber security.
Key Takeaways:
1. Gain perspective regarding common security threats facing industrial networks.
2. Learn about the relevant standards governing industrial cyber security.
3. Increase understanding of some best practices for securing industrial networks.
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
Presented @ Emerson Exchange
October 7, 2014
Industrial control systems (ICS) are large information technology (IT) systems. Office IT systems, failure of ICS can cause plant outages and even physical damage. Management of ICS needs to be different and smarter. IT vendors frequently recommend patches and configuration changes. Most have no impact to the ICS, which cannot implement changes in real time. ICS typically get one chance every few years to make changes - the turnaround. This paper describes optimization of ISC turnaround work, using cyber-vulnerability assessment to focus turnaround work to only what is necessary.
This presentation was given at BSides Las Vegas 2015.
The modern times that we live in, the gentle shift that we are making towards the Internet of Things (IoT) is slowly but surely getting a grip on our day to day lives. The same goes for securing our Industrial Control Systems (ICS). We see that the demand for ICS security is raising and governmental regulations are being established and implement. However, this also means that the need for ICS security professionals is raising as well. More and more security professionals/firms are starting to perform security assessments such as penetration testing on an ICS level. Two years ago I got the question if I was up for the challenge, converting myself from a ‘normal’ security professional to a ICS specific security professional.
The purpose of this talk would be to provide a starting point for security professionals that want to make the shift towards ICS Security, just like I did two years ago. While the term starting point might be a bit misleading, the goal would be to provide an ICS 001 talk instead in contrast to an ICS 101 talk.
International Standards together with testing and certification (conformity assessment) in a systems approach are important tools for a successful cyber security strategy. However, they need to be incorporated into an overarching strategy that includes a comprehensive set of measures at the organization, process and technical levels, including ongoing training and overall risk management.
UniQ-ID identity and Access Management is based upon real assured identities. So you are shure about the identity. Assured identities save money, protect the privacy.
Reference Customer Implementation: Monitoring 4,000 devices distributed across 20+ remote sites made easy with OpManager Enterprise Edition - A unified approach to manage the complete IT
Learn what makes SCADAguardian (the Nozomi Networks flagship technology) so unique and powerful. From enterprise IT, to OT, we enable scalable security strategies for ICS.
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
The line between the once mutually exclusive IT and engineering departments is beginning to blur as PC-based technologies familiar to the IT sector find their way into measurement applications. Learn how to create synergy between these two groups by understanding how enterprise security protocols apply to wireless/wired measurement systems.
Robust Cyber Security for Power UtilitiesNir Cohen
The security of critical networks is at the center of attention of industry and government regulators alike. Check Point and RAD offer a joint end-to-end cyber security solution that protects any utility operational technology (OT) network by eliminating RTU and SCADA equipment vulnerabilities, as well as defends against cyber-attacks on the network’s control and data planes. This solution brief explains how the joint solution enables compliance with NERC-CIP directives, provides deep visibility and control of ICS/SCADA communications, and allows secure remote access into OT networks.
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
This talk is about how to get into ICS security, whether you’re a control system engineer or an IT security analyst. It will cover the basic paths you can take to get involved, including some helpful resources and standards to help get you started. The ICS Security industry needs more people to help protect Critical Infrastructure!
In today’s connected world, cyber security is a topic that nobody can afford to ignore. In recent years the number and frequency of attacks on industrial devices and other critical infrastructure has risen dramatically. Recent news stories about hackers shutting down critical infrastructure have left many companies wondering if they are vulnerable to similar attacks. In this webinar we will discuss the most common security threats and unique challenges in securing industrial networks. We will introduce the current standards and share some useful resources and best practices for addressing industrial cyber security.
Key Takeaways:
1. Gain perspective regarding common security threats facing industrial networks.
2. Learn about the relevant standards governing industrial cyber security.
3. Increase understanding of some best practices for securing industrial networks.
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
Presented @ Emerson Exchange
October 7, 2014
Industrial control systems (ICS) are large information technology (IT) systems. Office IT systems, failure of ICS can cause plant outages and even physical damage. Management of ICS needs to be different and smarter. IT vendors frequently recommend patches and configuration changes. Most have no impact to the ICS, which cannot implement changes in real time. ICS typically get one chance every few years to make changes - the turnaround. This paper describes optimization of ISC turnaround work, using cyber-vulnerability assessment to focus turnaround work to only what is necessary.
This presentation was given at BSides Las Vegas 2015.
The modern times that we live in, the gentle shift that we are making towards the Internet of Things (IoT) is slowly but surely getting a grip on our day to day lives. The same goes for securing our Industrial Control Systems (ICS). We see that the demand for ICS security is raising and governmental regulations are being established and implement. However, this also means that the need for ICS security professionals is raising as well. More and more security professionals/firms are starting to perform security assessments such as penetration testing on an ICS level. Two years ago I got the question if I was up for the challenge, converting myself from a ‘normal’ security professional to a ICS specific security professional.
The purpose of this talk would be to provide a starting point for security professionals that want to make the shift towards ICS Security, just like I did two years ago. While the term starting point might be a bit misleading, the goal would be to provide an ICS 001 talk instead in contrast to an ICS 101 talk.
International Standards together with testing and certification (conformity assessment) in a systems approach are important tools for a successful cyber security strategy. However, they need to be incorporated into an overarching strategy that includes a comprehensive set of measures at the organization, process and technical levels, including ongoing training and overall risk management.
UniQ-ID identity and Access Management is based upon real assured identities. So you are shure about the identity. Assured identities save money, protect the privacy.
Reference Customer Implementation: Monitoring 4,000 devices distributed across 20+ remote sites made easy with OpManager Enterprise Edition - A unified approach to manage the complete IT
Learn what makes SCADAguardian (the Nozomi Networks flagship technology) so unique and powerful. From enterprise IT, to OT, we enable scalable security strategies for ICS.
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
The line between the once mutually exclusive IT and engineering departments is beginning to blur as PC-based technologies familiar to the IT sector find their way into measurement applications. Learn how to create synergy between these two groups by understanding how enterprise security protocols apply to wireless/wired measurement systems.
How can industrial companies implement the concept of Industry 4.0 without putting IT security at risk? Seven steps can be taken to build a secure “Smart Factory”: 1. connect machines and systems through secure IoT gateways; 2. secure and remotely access all devices; 3. centrally orchestrate and manage devices, users, and processes; 4. collect data from machines and IoT gateways; 5. monitor the infrastructure; 6. analyze the collected data; 7. integrate edge computing. Welcome to Industry 4.0.
Wireless Security Best Practices for Remote Monitoring Applicationscmstiernberg
Wireless network security continues to be an area of intense research and development, particularly in applications where wireless sensors are extending the reach of traditional monitoring and control systems. While the IT sector has embraced the IEEE 802.11i standard for corporate networks, engineers have many more options available to them for their industrial network designs. This presentation will provide an overview of IEEE 802.11i, IEEE 802.15.4, ZigBee, and other security protocols as they relate to measurement and automation applications. In addition, network design and commissioning best practices will provide attendees with a set of recommendations for guarding against the most common security attacks.
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
• Why An Industrial Cybersecurity Standard
• What Is IEC 62443 About
• How It Impacts On You - The Security Lifecycle
• IEC 62443 Certificates
• Reference: Some Ongoing Projects
• Summary
This presentation goes through several topics areas that are of specific interest in developing IoT Gateway solutions. IoT is a popular area of development that presents unique challenges like hardware and operating system selection, product life-cycle support and maintainability, software architectural solutions, connectivity, security, secure updates, and API availability. We discuss technologies and concepts like Hardware acceleration support, Linux kernel maintenance, Edge networking, LXC/Docker/KVM, Zigbee, 6loPAN, BLE, IoTivity, Allseen Alliance, SELinux and Trusted boot.
The aim of the presentation is to give an overview of the challenges in building an IoT Gateway and the Solutions available using Embedded Linux.
This presentation was delivered at LinuxCon Japan 2016 by Jim Gallagher
This presentation provides Internet of things architecture fundamentals, functional topology, system overview. Also it provides software architecture of IoT Devices, IoT Gateway, IoT Cloud. This presentation also provide internet of things issues and solutions for the same.
Inductive Automation’s Co-Director of Sales Engineering Kevin McClusky (presenter) and Chief Strategy Officer Don Pearson (moderator) discusses a prevention-focused approach that encompasses physical security as well as cybersecurity. As you’ll learn, an effective SCADA security plan doesn’t just safeguard the platform itself but also each network, device, and database connection.
Learn more about:
- Phishing and other common attack vectors
- Guarding against internal threats
- Locking down your operating system
- Leveraging encryption effectively
- Using Java safely
- Applying security guidelines in the Ignition industrial application platform
- And much more
Inductive Automation’s Co-Director of Sales Engineering Kevin McClusky (presenter) and Chief Strategy Officer Don Pearson (moderator) discusses a prevention-focused approach that encompasses physical security as well as cybersecurity. As you’ll learn, an effective SCADA security plan doesn’t just safeguard the platform itself but also each network, device, and database connection.
Learn more about:
- Phishing and other common attack vectors
- Guarding against internal threats
- Locking down your operating system
- Leveraging encryption effectively
- Using Java safely
- Applying security guidelines in the Ignition industrial application platform
- And much more
Hwee Ming Ng, Red Hat, Abhilash Vijayakumary, Red Hat
Telco over Cloud is rapidly changing the telecommunications industry landscape by introducing cloud computing, virtualization paradigms and software approaches already in use and mature in traditional IT environments. While designing the cloud solutions for telco infrastructure understanding its information security risks and mitigation strategies are critical. Legacy approaches are inadequate, this session intends to help the operators to build and approach a telco cloud solution with the right cloud security knowledge.
In this session we intend to explain the principle technologies of telco cloud based systems and strategies for safeguarding/classifying data, ensuring privacy and ensuring compliance with regulatory agencies for telco operators. We will also describe the role of encryption in protecting data and specific strategies for key management as well as how to select an appropriate solution to specific business requirements which are in well alignment with cloud based business continuity / disaster recovery strategies. We will also compare baseline and industry standard best practices by doing risk assessments of existing and proposed cloud-based environments.
Additionally, presentation will focus on specific technologies like virtual firewalls, security zones, virtual tenant networks and their mapping to various use cases/challenges which an operator faces while designing the telco cloud.
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
Join Don Pearson and Travis Cox from Inductive Automation and Chris Harlow from Bedrock Automation as they discuss an end-to-end approach to SCADA/ICS security that encompasses software as well as hardware.
You’ll learn about:
What built-in security is and why it’s essential
Security benefits of OPC UA and MQTT
How to secure your PLC, RTU, or DCS
Best practices such as role-based access and authentication
Security risks that are often overlooked
And more!
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
Join Don Pearson and Travis Cox from Inductive Automation and Chris Harlow from Bedrock Automation as they discuss an end-to-end approach to SCADA/ICS security that encompasses software as well as hardware.
You’ll learn about:
What built-in security is and why it’s essential
Security benefits of OPC UA and MQTT
How to secure your PLC, RTU, or DCS
Best practices such as role-based access and authentication
Security risks that are often overlooked
And more!
Remote management and data access of solar pv systemsNirmal Thaliyil
This webinar provides high-level insights on data acquisition mechanisms commonly adopted for centralized Solar PV system. We will have la ook at how kalki.io as a cloud software solution helps in acquiring data from various assets and devices deployed in the field and helps you in diagnose issues using vendor specific tools remotely. Commercial and industrial power producer can make use of platform to collect data as an aggregator system from multiple field location and share those data with utility SCADA systems on standard interfaces. You can also make use of collected data by building or integrating custom applications on top of the platform using standard interfaces provided. Let’s look at how kalki.io centralized software as a service reduces your capital investment without compromising on the regulatory compliances and data security.
This webinar introduces the concept of Cloud-based HES (Head End System) for DLMS COSEM metering for Energy Data Management, AMI, Smart Grid and Smart Cities. With the meter data being crucial for all energy analytics and integration with multiple applications and systems becomes critical, Cloud-based HES provides a cost-effective, secure and scalable alternative for meter data acquisition
Monitoring MV& LV Distribution assets using LoRaWANNirmal Thaliyil
Webinar on last-mile connectivity of LV / MV substations using LoRaWAN.
This session covers the importance of network monitoring for LV and MV electrical distribution network and why do we need that by looking at some of the use cases and business benefits. It also covers the required network communication characteristics and issues faced to monitor data from assets deployment on the wide distribution area and how LoRaWAN technology plays a significant role in solving these issues.
This webinar is intended to explain why edge-based solution is important for utilities. How will the availability of automation and telemetry protocol fast track the data analytics for utilities.
Published in 2011, this paper explains the importance of advanced Metering Infrastructure Energy Industry. The need for communicable and possibly smart meters with open communication protocol with smart communication infrastructure and scalable head end system has attained significance. Lets identifies some of the essential requirements for building DLMS based scalable, flexible and open end to end Smart metering systemlarge scale AMI system.
Published in the year 2014, this paper explains how interoperability and decentralized automation system can be achived in electrical distribution grid using IEC61850. Network information from neighboring nodes can help field controllers make decisions faster and more accurately thereby making the distribution network self- healing and reliable.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
4. Cybersecurity Best Practices
4
Response
• Network management service
• Remote key and certificate
management process
• Patching, backup and recovery
Detection
•Audit trail
•Security events and alarm
logging
•Analysis tools
Protection
•Hardening
•Edge firewall
•Authentication
•digital signature & access
control
•Data encryption
•Validation
5. Enhanced Device Security
• Secured device access
• Controlling communication ports
• Encrypting of communication link and data
• Controlling firmware and configuration update
• Authenticating device access (RBAC)
• Logging of security alarms and events
5