Peter Bihr is developing a trustmark for IoT devices as a Mozilla IoT Fellow. The trustmark aims to increase transparency and empower consumers to make informed decisions about connected products. It will evaluate IoT devices on 5 dimensions - privacy & data practices, transparency, security, openness, and sustainability. Compliance is determined by companies publicly documenting how their products meet standards in each dimension. The trustmark is pledge-based and decentralized, with the goal of raising industry standards for responsible and human-centric IoT development. The first prototype will focus on voice-enabled IoT devices.
Cloud Security Crosses the Chasm, How IT Now Goes to the Cloud for Better Sec...Dana Gardner
Transcript of a discussion on how cloud security is rapidly advancing and how enterprises can begin to innovate to prevail over digital disruption by increasingly using cloud-defined security.
Ryerson’s Privacy and Big Data Institute's inaugural seminar on Privacy by Design (PbD), the revolutionary privacy framework created by Dr. Ann Cavoukian which was unanimously passed as an international privacy standard in 2010 (translated into 37 languages). Dr. Cavoukian is now the Executive Director of the Privacy and Big Data Institute at Ryerson, and formerly served as the Information and Privacy Commissioner of Ontario for three terms. Dr. Cavoukian gave a presentation on Privacy by Design and its application to big data analytics, followed by a Q&A session.
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few.
Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched.
Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem.
He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.
Copy of presentation delivered at the CHASS 2015 National Forum in Melbourne (October 2015), The Council for Humanities, Arts and Social Sciences in Australia is the peak body supporting more than 75 member organisations in their relationships with Federal and State Government policy makers, Academia and the broader community within Australia.
Cloud Security Crosses the Chasm, How IT Now Goes to the Cloud for Better Sec...Dana Gardner
Transcript of a discussion on how cloud security is rapidly advancing and how enterprises can begin to innovate to prevail over digital disruption by increasingly using cloud-defined security.
Ryerson’s Privacy and Big Data Institute's inaugural seminar on Privacy by Design (PbD), the revolutionary privacy framework created by Dr. Ann Cavoukian which was unanimously passed as an international privacy standard in 2010 (translated into 37 languages). Dr. Cavoukian is now the Executive Director of the Privacy and Big Data Institute at Ryerson, and formerly served as the Information and Privacy Commissioner of Ontario for three terms. Dr. Cavoukian gave a presentation on Privacy by Design and its application to big data analytics, followed by a Q&A session.
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few.
Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched.
Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem.
He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.
Copy of presentation delivered at the CHASS 2015 National Forum in Melbourne (October 2015), The Council for Humanities, Arts and Social Sciences in Australia is the peak body supporting more than 75 member organisations in their relationships with Federal and State Government policy makers, Academia and the broader community within Australia.
8 reasons you need a strategy for managing information...before it's too lateJohn Mancini
Highlights from a keynote presentation that complements AIIM's free e-book -- 8 reasons you need a strategy for managing information...before it's too late.
E-book available at http://www.aiim.org/8things
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
The world of computing is moving to the cloud —shared infrastructure, shared systems, instant provisioning, and pay-as-you-go services. And users can enjoy anytime, anywhere access to services and their data, on any device. But are we secure within the new cloud environments? Are information assets adequately protected as they move around in the cloud? The answer to both is yes— as long as your underlying security architecture has been designed for the cloud. In this session, Rob Livingstone will examine key security considerations surrounding the convergence of hybrid clouds, mobile devices and BYOD, and provide practical guidance on how to identify, mitigate and the key technical and systemic risks in your Cloud journey.
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignDr. Ann Cavoukian
How can we enable the responsible use of data analytics while ensuring the strongest protection of personally identifiable data? By building it in as an essential design feature … enter Privacy by Design. By embedding privacy protective measures, such as strong deidentification
protocols, into the design of much-needed research and
data analytics, we will succeed in accomplishing multiple goals, thereby abandoning dated zero-sum paradigms!
The conference will contextualise the changing regulatory landscape, considering the business impact of the GDPR and DPA (2018) and how it is changing policy and process in practice.
When GDPR came into force in May it significantly raised the bar of obligation and accountability, ensuring that all organisations who handle personal data adhere to strict regulations around privacy, security and consent. 6 months on from implementation, the conference will consider how data protection procedure has moved on, with insight from frontline practitioners reflecting on how practices within their organisation have changed.
The event will also provide an update from the regulator; exploring regulatory action policy, decision making for fines and penalties, and clarifying some of the most prominent areas of misconception and non-compliance.
Core conference topics include:
• Key legal issues and obligations
• Data security and encryption
• Privacy Impact Assessments
• Databases, data mapping and classification
• Privacy by design
• Practical strategy implementation
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
Follow along with these webinar slides as we take a close look at what it takes to prepare for all kinds of data privacy regulations – learn how to protect your data in order to be compliant with regulators or for healthy business practices in general.
Want to follow along with the webinar replay? Download it here for free: http://info.aiim.org/protect-your-information
AIOTI GA WG03 (IoT Standardisation) Chairman Presentation - 3 Nov 2015Patrick GUILLEMIN
3 November 2015, Brussels, AIOTI (Alliance for Internet of Things Innovation) GA (General Assembly) Working Group 3 (WG03 IoT Standardisaion) Chairman presentation - pitch 10mn
The Long White Cloud: Addressing Privacy, Residency and Security in the Cloud...Doug Newdick
This paper aims to explore what the real issues, risks and constraints are for New Zealand organisations that are thinking about cloud computing and how to address them.
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Livingstone Advisory
The rate of business and societal change fuelled by innovative, emerging and disruptive information technologies is well known, with impacts being felt in almost every facet of life. The forces driving the evolution and adoption of such technologies are complex, diverse and not always well understood. How can organisations predict the consequences of future tech? How should they fortify against the chaos of change while taking advantage of innovation?
This public lecture provides a concise perspective on the implications of emerging technologies and offers practical insights on how many enterprises and individuals survive, and also thrive, in a world of rapid technology-induced change.
Privacy and Security by Design Spotlight Presentation at HIMMS Privacy and Security Forum, December 5th 2016. Presented by Jeff R. Livingstone, PhD, Vice President and Global Lead, Life Sciences & Healthcare, Unisys Corporation.
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Market Engel SAS
Digital signature solutions are quickly replacing paper-based signatures and have the potential to dominate signature-related processes. The primary benefits of this technology include increased efficiency, lower costs and increased customer satisfaction. Processes that still require a handwritten signature slow down turnaround time, increase complexity in terms of archiving, and also raise environmental issues with regards to paper usage. Companies are therefore increasingly adopting digital signature solutions to address those challenges.
The financial services industry is the pioneer in the adoption and development of digital signature solutions, and we expect other industries, such as telecommunication, commerce, utilities, notaries and healthcare, to follow soon as the benefits of this new technology, namely increased efficiency, lower costs and increased customer satisfaction, are not restricted to any industry. While offering clear advantages, digital signature solutions still need to overcome some challenges, such as the need to adapt existing systems and processes to the new technology, concern about acceptance by business partners and the perceived high cost.
The European Union is currently finalizing regulation, which will increase the legal value of advanced electronic signatures and remote electronic signing services by offering the possibility to generate a qualified digital signature using a remote signing system. The regulation is expected to be enacted in early July 2014. This development is expected to serve as an example for other markets on how to approach digital signatures from a regulatory standpoint.
This report is based on Arthur D. Little’s survey of 50 market experts in Europe, as well as comprehensive secondary market research. In this report, we provide an overview of the digital signature technology, its current and potential market, as well as the benefits and challenges it brings. We also present examples of practical applications of digital signature solutions.
8 reasons you need a strategy for managing information...before it's too lateJohn Mancini
Highlights from a keynote presentation that complements AIIM's free e-book -- 8 reasons you need a strategy for managing information...before it's too late.
E-book available at http://www.aiim.org/8things
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
The world of computing is moving to the cloud —shared infrastructure, shared systems, instant provisioning, and pay-as-you-go services. And users can enjoy anytime, anywhere access to services and their data, on any device. But are we secure within the new cloud environments? Are information assets adequately protected as they move around in the cloud? The answer to both is yes— as long as your underlying security architecture has been designed for the cloud. In this session, Rob Livingstone will examine key security considerations surrounding the convergence of hybrid clouds, mobile devices and BYOD, and provide practical guidance on how to identify, mitigate and the key technical and systemic risks in your Cloud journey.
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignDr. Ann Cavoukian
How can we enable the responsible use of data analytics while ensuring the strongest protection of personally identifiable data? By building it in as an essential design feature … enter Privacy by Design. By embedding privacy protective measures, such as strong deidentification
protocols, into the design of much-needed research and
data analytics, we will succeed in accomplishing multiple goals, thereby abandoning dated zero-sum paradigms!
The conference will contextualise the changing regulatory landscape, considering the business impact of the GDPR and DPA (2018) and how it is changing policy and process in practice.
When GDPR came into force in May it significantly raised the bar of obligation and accountability, ensuring that all organisations who handle personal data adhere to strict regulations around privacy, security and consent. 6 months on from implementation, the conference will consider how data protection procedure has moved on, with insight from frontline practitioners reflecting on how practices within their organisation have changed.
The event will also provide an update from the regulator; exploring regulatory action policy, decision making for fines and penalties, and clarifying some of the most prominent areas of misconception and non-compliance.
Core conference topics include:
• Key legal issues and obligations
• Data security and encryption
• Privacy Impact Assessments
• Databases, data mapping and classification
• Privacy by design
• Practical strategy implementation
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
Follow along with these webinar slides as we take a close look at what it takes to prepare for all kinds of data privacy regulations – learn how to protect your data in order to be compliant with regulators or for healthy business practices in general.
Want to follow along with the webinar replay? Download it here for free: http://info.aiim.org/protect-your-information
AIOTI GA WG03 (IoT Standardisation) Chairman Presentation - 3 Nov 2015Patrick GUILLEMIN
3 November 2015, Brussels, AIOTI (Alliance for Internet of Things Innovation) GA (General Assembly) Working Group 3 (WG03 IoT Standardisaion) Chairman presentation - pitch 10mn
The Long White Cloud: Addressing Privacy, Residency and Security in the Cloud...Doug Newdick
This paper aims to explore what the real issues, risks and constraints are for New Zealand organisations that are thinking about cloud computing and how to address them.
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Livingstone Advisory
The rate of business and societal change fuelled by innovative, emerging and disruptive information technologies is well known, with impacts being felt in almost every facet of life. The forces driving the evolution and adoption of such technologies are complex, diverse and not always well understood. How can organisations predict the consequences of future tech? How should they fortify against the chaos of change while taking advantage of innovation?
This public lecture provides a concise perspective on the implications of emerging technologies and offers practical insights on how many enterprises and individuals survive, and also thrive, in a world of rapid technology-induced change.
Privacy and Security by Design Spotlight Presentation at HIMMS Privacy and Security Forum, December 5th 2016. Presented by Jeff R. Livingstone, PhD, Vice President and Global Lead, Life Sciences & Healthcare, Unisys Corporation.
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Market Engel SAS
Digital signature solutions are quickly replacing paper-based signatures and have the potential to dominate signature-related processes. The primary benefits of this technology include increased efficiency, lower costs and increased customer satisfaction. Processes that still require a handwritten signature slow down turnaround time, increase complexity in terms of archiving, and also raise environmental issues with regards to paper usage. Companies are therefore increasingly adopting digital signature solutions to address those challenges.
The financial services industry is the pioneer in the adoption and development of digital signature solutions, and we expect other industries, such as telecommunication, commerce, utilities, notaries and healthcare, to follow soon as the benefits of this new technology, namely increased efficiency, lower costs and increased customer satisfaction, are not restricted to any industry. While offering clear advantages, digital signature solutions still need to overcome some challenges, such as the need to adapt existing systems and processes to the new technology, concern about acceptance by business partners and the perceived high cost.
The European Union is currently finalizing regulation, which will increase the legal value of advanced electronic signatures and remote electronic signing services by offering the possibility to generate a qualified digital signature using a remote signing system. The regulation is expected to be enacted in early July 2014. This development is expected to serve as an example for other markets on how to approach digital signatures from a regulatory standpoint.
This report is based on Arthur D. Little’s survey of 50 market experts in Europe, as well as comprehensive secondary market research. In this report, we provide an overview of the digital signature technology, its current and potential market, as well as the benefits and challenges it brings. We also present examples of practical applications of digital signature solutions.
A trustmark for the Internet of Things (IoT). An initiative by ThingsCon with support from the Mozilla Foundation.
Learn more at trustabletech.com and thingscon.com.
Presented at ThingsCon Salon Berlin, 17 July 2018.
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoPeter Bihr
Presenting the ThingsCon Trustable Tech Mark at Casa Jasmina's Magic Monday. Torino, 24 September 2018.
Learn more about the ThingsCon Trustable Tech mark at https://thingscon.com/iot-trustmark
Your firm needs to be committed to protecting information assets, including personal data and client documents. As a trusted advisor to our clients, the expectation is that we are aware of threats and are guarding their data. Data privacy and information security are fundamental components of doing business today, no matter how large your firm is.
In this paper we will look at three specific ways of protecting our clients:
1. Protection through our ability to research and improve intellectual capital
2. Protection through policies, procedures and processes
3. Protection by securing client data
Many Asset and Wealth Managers that consider upgrading their Client Portals find it too big a task: complex, expensive or costly. In this webinar, we will attempt to debunk these common myths, and help you build a pathway to upgrade your digital client experience. Is it easy? No, but it is no Rocket Science either!
What we will cover:
1. Why Client Portals are critical
2. Common misconceptions debunked
3. Best practices when designing portals
4. Practical steps to get started
Theo Paraskevopoulos is CEO of GrowCreate, an independent Cloud software and CX company. Invessed is a platform that helps Asset and Wealth Managers manage their data and power websites, client portals and apps.
On December 9 & 10, Deloitte hosted over 20 business executives and thought leaders at the Internet of Things (IoT) Grand Challenge Workshop at the Tech Museum of Innovation in San Jose. The objective of the gathering was to work collectively to solve one of the more largely unexplored areas of IoT: revenue generating IoT use cases. The following report captures what was discussed during this extraordinary event where an open, collaborative dialogue focused on advancing the field of IoT.
Explore the key findings here or learn more at www2.deloitte.com/us/IoT-challenge.
The national Scot-Secure Summit is the largest annual Cyber Security Conference in Scotland: the event brings together senior IT leaders and Information Security personnel, providing a unique forum for knowledge exchange, discussion and high-level networking.
The conference programme is focussed on promoting best-practice cyber security; looking at the current trends, the key threats - and offering practical advice on improving resilience and implementing effective security measures.
Executive Perspective Building an OT Security Program from the Top Downaccenture
Designed for executives, this non-technical track addresses key components of a successful OT security program. The discussions are intended to spark conversation and this guide highlights key takeaways on what works, what doesn’t and what’s next. https://accntu.re/3N7KmiZ
Similar to Towards a Trustmark for IoT (April 2018) (20)
What type of (smart) city do we want to live in?Peter Bihr
Presentation about better metrics and design principles for smart cities.
NEXT Conference Hamburg, 19 September 2019.
Learn more at https://thewavingcat.com
Internet of Things: Bestandsaufnahme & Spannungsfelder (Uni Dresden, 18. Okt ...Peter Bihr
Präsentation am Masterstudiengang für angewandte Medienforschung über Spannungsfelder rund um Internet der Dinge, künstliche Intelligenz und algorithmische Entscheidungsfindung.
Netzpolitik13: Das Internet der Dinge: Rechte, Regulierung & SpannungsfelderPeter Bihr
Talk für die Konferenz "Das ist Netzpolitik!" (Berlin, 1. September 2017).
Beschreibung:
Vom Hobby-Basteln bis hin zur Smart City: Das Internet of Things (#IoT) hat zunehmend Berührungspunkte mit allen Bereichen unseres Lebens. Aber wer bestimmt was erlaubt ist, was mit unseren Daten passiert, und ob es OK ist, unter die Haube zu gucken? IoT sitzt an der Schnittstelle vieler Technologie-, Governance- und Regulierungsbereiche—und schafft dadurch gleich eine ganze Reihe von Spannungsfeldern.
Fit für die nächsten 20 Jahre - ForecastingPeter Bihr
Cleaned up German version of a client talk about future-proofing the organization, forecasting as a tool, and an eclectic collection of signals with a focus on humans and machines working together.
ThingsCon Amsterdam: A responsible Internet of ThingsPeter Bihr
Keynote for ThingsCon Amsterdam 2016. Learn more about ThingsCon Amsterdam at http://thingscon.nl and more about ThingsCon at http://thingscon.com
Please note: This upload was converted from Keynote to PPT, so there might be layout issues.
IoT Communities & different modes of productionPeter Bihr
For Retune Festival 2016, a quick overview of various modes of production in IoT communities, and an overview of some of the IoT communities I find most interesting and am most fond of.
Speaking about open innovation, especially around Internet of Things and hardware, at the 10th anniversary of Creative Commons Poland: http://creativecommons.pl/10th-anniversary-of-creative-commons-poland/
Torino IoT Meetup at Casa Jasmina, 20 July 2015.
We ended up having a spontaneous conversation instead of using slides, but these were the notes I drafted before the meetup. They give you a hint as to the angle from which I approached the topic of ethics, policies and interfaces in IoT and smart homes.
Brief talk about the state of IoT and Wearables, and designing connected services for humans rather than just slapping screens on our wrists.
IXDS Pre-Work Talk, Dec 9, 2014 at IXDS Berlin.
Tokyo Samurai Startup Island: Berlin as a hardware startup hub for EuropePeter Bihr
Berlin Night @ Toyko
My presentation as part of a delegation of Berlin technologists and startups to Tokyo.
Presented at Samurai Startup Island, June 2, 2014: http://everevo.com/event/10976
IoT in Berlin: Berlin Innovation Meetup @ Recruit Technologies TokyoPeter Bihr
A presentation about the potential of a talent exchange between Japan and Germany for the IoT scene at the Berlin Innovation Meetup at Recruit Technologies Tokyo:
http://atl.recruit-tech.co.jp/berlin_meetup/
O'Reilly Solid: What Can IoT Entrepreneurs and the Mittelstand Learn from Eac...Peter Bihr
At O'Reilly Solid (http://solidcon.com) I gave a talk exploring one questions: What Can IoT Entrepreneurs and the Mittelstand Learn from Each Other?(http://solidcon.com/solid2014/public/schedule/detail/33139).
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Pushing the limits of ePRTC: 100ns holdover for 100 days
Towards a Trustmark for IoT (April 2018)
1. Fostering the creation of a responsible &
human-centric Internet of Things
Towards a Trustmark for IoT
This work is created as part of a
Mozilla’s IoT Fellowship
3. Peter Bihr
The Waving Cat: Managing Director
Research, strategy, foresight for commercial, governmental
& non-profit organizations.
ThingsCon: Co-founder, Chairman
A global community of IoT practitioners with the mission to
foster the creation of a responsible & human-centric IoT.
Mozilla: Fellow
As a Mozilla IoT Fellow, I’ll be developing a trustmark for IoT.
The prototype will focus on voice-enabled IoT.
Contact
Email: peter@thewavingcat.com
Twitter: @peterbihr
Web: thingscon.com
Web: thewavingcat.com
Web: peterbihr.com
4. A Trustmark for IoT
I co-founded the ThingsCon network to explore how
to create IoT products responsibly.
This, and the research that led to our research report
for Mozilla (“A Trustmark for IoT”), led me to pursue
this project—within the ThingsCon network and with
support from Mozilla through a Mozilla IoT Fellowship.
Please note: This project is supported by but
independent from Mozilla—I do not speak for Mozilla.
Read the report at
thingscon.com/iot-trustmark
5. For a human-centric & responsible
Internet of Things
A global community & event platform by and for IoT practitioners
thingscon.com
6. Our theory of change:
Change is made through better
day-to-day decisions
7. IoT - an overview & why we need a trustmark
TL;DR: The Internet of Things increasingly touches all
aspects of our lives, but mostly it consists of black
boxes. We need to make sure that we can trust them.
Note: The next few slides will elaborate on this. If you’re
familiar with IoT, feel free to skip to the next section.
8. Source: The Waving Cat
The term Internet of Things (IoT) covers a wide
field of applications
10. Images: Stephen die Donato, Andrew Welch
Connected
Home
Smart
City
Two areas which manifest underlying issues of IoT
Challenges our traditional
notions of privacy*
* In the West, in the last 150 years or so
In public space, there is no
opt-out (of data collection,
urban analytics, etc.)
11. IoT lacks transparency
The Internet of Things with its dizzying array of connected products
and services is hard to navigate.
Consumers have little insight into what any one connected
product does, what it even might be capable of, or if the company
employs good, responsible data practices.
This is not an oversight on the consumers' side: We lack the tools
to find out.
12. Quelle: The Waving Cat
A simple litmus test: 4 questions
that we should be able to answer
for every connected device.
But for connected products, these
are very hard questions to answer.
13. Photo: Peter Bi hr
We need to model
less for efficiency
and more for
resilience.
One part of that is
increasing
transparency of
connected
systems.
15. Methodological notes
This trustmark concept is based on three main pillars:
The values we believe in and promote within ThingsCon, namely the creation
of a responsible IoT, respect for users and their privacy and other rights,
inclusivity and diversity, and openness.
The research we published with the 2017 report “A Trustmark for IoT” of
existing approaches to consumer protection labels, trustmarks, and certifications.
Conversations within the ThingsCon community of IoT practitioners, as well as
throughout the industry in my other role as managing director of a research &
strategy firm.
16. Goals
The trustmark we’re proposing is aspirational and aims to raise
the bar at the top of the pyramid: This is modeled not just to
filter out crap but to raise the overall bar of the conversation, and
to show that IoT can be done respectfully & responsibly.
Let me be clear: This is a work driven by values, not
pragmatism—because I believe this needs to exist in order to get
to a better IoT, and a better society.
We believe that good ethics are good for business. This is
also the angle we’ll take when pitching the trustmark to potential
industry partners.
Read my first thoughts on the
trustmark on medium.com
17. thingscon.com/iot-trustmark
Early feedback & successes
Our 2017 trustmark research has received great
feedback and reach.
Among other things it was quoted extensively in Brazil’s
National IoT Plan.
Now we want to put our research into action.
18. Why?
To recap, we need a trustmark for IoT…
• to empower consumers to make informed decisions.
• to allow for responsible organizations to clearly communicate
their commitment to a higher standard.
19. What
We’re proposing a trustmark for IoT that increases transparency and
empowers consumers to make better decisions. This trustmark…
• evaluates 5 key dimensions
• is pledge-based
• builds on verification through publicly available documentation
• (mostly) decentralized
The prototype phase will focus on voice-enabled IoT (smart speakers, etc.)
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
20. Dimensions
The trustmark evaluates compliance with 5 dimensions that we
identified in our initial research* as most crucial for consumers:
• Privacy & Data Practices
• Transparency
• Security
• Openness
• Sustainability
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
*See A Trustmark for IoT (2017), p. 56
21. Pledge-based
The trustmark is based on voluntary commitment: it’s pledge-based.
Why?
• As a rule of thumb, (more costly) certification based on third-party audits tend to
provide higher credibility. But we believe that our approach of transparency
through documentation offers both carrot (USP) and stick (public shaming).
• Certification requires a level of centralization we aim to avoid. (Exception: We
might need a governing body of sorts at a later stage.)
• Lightweight and easy to adopt beats hard verification for our purposes. The
notable exception is security, where we rely heavily on external certification as
indicators (the trustmark as an indicator of indicators).
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
22. Verification through documentation
The trustmark should convey at a glance the level of trustworthiness and allow to get more
detailed information to back this up. The approach of "self-assessed but verifiable" opens up
trustmark-carrying products to public scrutiny in a similar way that open source software can be
peer reviewed.
Compliance with the trustmark is proven by providing publicly available documentation to answer (in
a structured way) the questions that determine a product's compliance. A company is required to make
this information available and easily accessible/findable on their website (/iot-trustmark or
comparable, details TBD).
Why?
• While we cannot enforce that all information provided this way is accurate, the stick (scrutiny and risk
of public shaming/campaigning) outweighs the advantages of faking compliance.
• In the meantime it's significantly easier, cheaper, and quicker to provide this kind of documentation
over an external audit.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
23. Decentralized
The documentation and pledge based approach also means the
trustmark is largely decentralized: Application to and of this trustmark
is done by each company independently from a centralized
authority. (We are looking into options to make this legally binding
through a licensing model.)
Applying the trustmark will always be free of charge.
Eventually we’ll need a governance system. For the purposes of
prototyping, I’ll be making final decisions based on input from
research, workshops, and the ThingsCon network in particular.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
24. The foundations of an ecosystem
The knowledge encoded in this trustmark—through documentation,
etc.—serves as the foundation of what we hope to be a larger
ecosystem.
The trustmark documentation shall be provided in a standardized form
to allow for third parties to offer services on top of this foundation,
like editorials, ratings & reviews.
Note: This is our goal; year 1 serves to learn and prototype, and to
develop the concept to a stage of maturity that gets this launch-ready.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
25. How
We plan the trustmark to evaluate a
product’s compliance through a
scorecard or checklist of questions to
be answered and documents to be
provided.
Each of them feeds into one of the five
dimensions: 5 dimensions x 5
compliance points for a possible total
of 25 points.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
26. Inputs, processes, outputs
The trustmark will evaluate a mix of
• Inputs: What goes into making a product?
In the textile world, Bluesign is a trustmark that demonstrates that an
apparel manufacturer uses sustainable, eco-friendly materials
• Processes: How is a product made?
Fairtrade with their strong focus on sustainable farming practices and
good labor conditions
• Outputs: What is the product like when it’s finished?
CE certification confirms that the final product fulfills certain EU quality
and safety requirements
27. How: Example questions
We’re drafting the checklist of questions to answer, and documents to provide to pass the
trustmark. We expect a mix of types of input:
• Third-party certifications and standards can serve as an indicator of quality. For
example, if a company open-sources their hardware according to OSHWA’s guidelines,
this might count into the openness score. If a product is GDPR compatible (and hence
guarantees data portability as well as privacy by design) this might count into the privacy
score. We expect third-party certifications to be especially relevant for the security score.
• First-party indicators, i.e. questions answered directly by the company. For example,
“Do you follow Security by Design best practices? Please elaborate.” or “Do you have a
business model in place that carries you beyond investments? Please elaborate.”
Some of this will be fuzzy. We’ll be prototyping how to allow for that.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
28. Scoring
The passing requirements are to
fulfill two conditions:
• No complete FAIL (0 points) in any
dimension
• At least 20/25 points total
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
29. Example
This examples FAILS the test:
• It does not score 20/25 points.
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
30. Example
This examples FAILS the test:
• A complete failure (0 points) in one
dimension (Security).
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
31. Example
This examples PASSES the test:
• It scores 20/25 points total.
• No dimension fails (0 points)
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
32. Example
This examples PASSES the test:
• It scores >20/25 points total.
• No dimension fails (0 points)
Note: It’s still up for debate if the requirement is
• “≥20/25” or
• “minimum 4/5 per dimension”
Icon: Lock by Ralf Schmitzer from the Noun Project (CC)
33. Open questions & next steps
• What aspects need to be evaluated through the checklist/
questionnaire (template for documentation)?
• Is there a way to make a pledge legally binding, and if so: What
does it take to make it so?
• Should using the trustmark be tied to “hard stick” conditions,
ie. fines, and if so how could they be enforced?
• Gather feedback, run prototyping sessions, and fine-tune the
concept.
34. Mood board
What could the trustmark look like, and how can it communicate
levels of trustworthiness effectively? Some examples from other
projects we liked in our research:
FCC Broadband Labels
Creative Commons licensing
Bihr/Thorne: Privacy Icons
Beyond IO: Washing instructions for IoT
Adryan: Data Labels
35. Pathways to partnerships & participation
This is a project in an early stage. We’re looking in a number of areas.
Particularly we’re looking for…
• academic partners to accompany the development of this trustmark
• bold commercial partners to help us prototype our requirements list
against their existing or upcoming products
• non-profit and media partners who can help us understand what
they need in order to build third-party offerings on top of a trustmark
Please get in touch if you’d like to get involved.
36. Thank you.
The Waving Cat GmbH
Twitter @thewavingcat
Web thewavingcat.com
Peter Bihr
Twitter @peterbihr
Email peter@thewavingcat.com
Contact ThingsCon
Twitter @thingscon
Web thingscon.com