As Sri Lanka deals with the second wave of the coronavirus and its economic impacts, a somewhat novel aspect of the new status quo is our increasing dependency on Digital Services. Many of which, we have come to stability, continuity, and convenience. A notable change in this aspect is the shift of key private and government services to digital. However, as we keep shifting our critical operations to cyberspace, we must impress upon and be cautious about the impact of cyber crime. More extremely, we must address the risk of cyber terrorism towards business continuity and national security. In my professional capacity, I have been fortunate to interact with many business leaders, corporate tycoons and Boards of Public Listed companies. Sadly although regular lip service is paid towards cybersecurity; the proof is in the pudding, and our pudding is the stuff of Gorden Ramsey memes. Don’t get me wrong Sri Lanka has capable and talented cybersecurity professionals. Many of whom are regularly picked up by Fortune 500 companies for their excellence. However, it’s the reluctance of top leadership to appreciate and understand the threat of cyber crime & cyber terrorism leaves Sri Lanka vulnerable. Understanding the threat of cyber crime and cyber terrorism Cyber criminals are increasingly setting their sights on targets in Sri Lanka. But are we prepared to deal with this deadly threat? (Image credits: IFEX) Sri Lanka has been already marked as a soft target for cyber criminals. According to the 24th edition of Microsoft’s Security Intelligence Report, Sri Lanka recorded the second-highest malware encounter rate at 9.07 per cent in 2019. Despite a 14% decrease,...
Before the pandemic, it was predicted that cybercrime would globally cost an excess of $6 trillion annually by 2021. The need for more organizations to address unforeseen security risks in their networks and systems while designing a more cyber-resilient posture is not only imperative, but a matter of national security. To help combat these threats, attacks and vulnerabilities, the U.S. Department of Defense (DoD) requires its personnel and contractors to validate their hands-on penetration testing and vulnerability management skills with approved cybersecurity certifications to bolster the resiliency of its networks against attacks. CompTIA PenTest+ was recently approved for the DoD 8570.01 Manual Information Assurance Workforce Improvement Program. That means military personnel and defense contractors who work with sensitive information can take CompTIA PenTest+ to satisfy certain job requirements. This approval is a boon for penetration testing and vulnerability management – and the CompTIA PenTest+ certification – because the DoD now formally recognizes the importance of these skills in job roles. The DoD approved CompTIA PenTest+ for three (3) 8570.01-M job categories: Learn more on the DoD Cyber Exchange public website. How Will This Affect DoD 8140 and NICE Work Roles? The U.S. defense cybersecurity workforce, along with CompTIA, await the tentative release of the DoD 8140 manual in December 2020. It is unknown what exactly will be included in the manual, but it will replace 8570.01-M. We also know it will map work roles to the NICE Framework. We expect NICE work roles to be linked to specific job positions and hiring decisions. CompTIA PenTest+ maps to more than seven NICE work roles with over 70% correlation, which could...
Over the past decade, we have witnessed the size of machine learning algorithms grow exponentially due to improvements in processor speeds and the advent of big data. Initially, models were small enough to run on local machines using one or more cores within the central processing unit (CPU). Shortly after, computation using graphics processing units (GPUs) became necessary to handle larger datasets and became more readily available due to introduction of cloud-based services such as SaaS platforms (e.g., Google Colaboratory) and IaaS (e.g., Amazon EC2 Instances). At this time, algorithms could still be run on single machines. More recently, we have seen the development of specialized application-specific integrated circuits (ASICs) tensor processing units (TPUs) which can pack the power of ~8 GPUs. These devices have been augmented with the ability to distribute learning across multiple systems in an attempt to grow larger and larger models. This came to a head recently with the release of the GPT-3 algorithm (released in May 2020), boasting a network architecture containing a staggering 175 billion neurons — more than double the number present in the human brain (~85 billion). This is more than 10x the number of neurons than the next-largest neural network ever created, Turing-NLG (released in February 2020, containing ~17.5 billion parameters). Some estimates claim that the model cost around $10 million dollars to train and used approximately 3 GWh of electricity (approximately the output of three nuclear power plants for an hour). While the achievements of GPT-3 and Turing-NLG are laudable, naturally, this has led to some in the industry to criticize the increasingly large carbon footprint of the AI...
A cyberattack on a municipality never comes at a good time, but a cyber security expert says the attack on Saint John’s internet infrastructure comes at a particularly bad time. On Sunday, the city announced there’d been a “significant” cyberattack, which forced it to shut down several online services, including payment systems, email and the city’s website. David Shipley, the CEO of Beauceron Security, a New Brunswick-based cybersecurity firm, said the city has a long road ahead of it after the cyberattack, one complicated by the COVID-19 pandemic. “You’ve got to figure out in a pandemic how you’re going to be able to check all these computers and thoroughly assess if they’re safe to go back on the network,” Shipley said Monday. “With a sophisticated attack, and this looks to be among the ranks of very sophisticated attacks, you’re going to have to almost completely reset everything in order to be sure that the system you’re rebuilding from the ground up is trustworthy.” The city has advised people who may have used its online services to check their bank accounts and credit cards for suspicious activity. Russian origins suspected While there has been no official word on who may be behind the attack, Shipley said the modus operandi of the attacks fits similar attacks caused by groups connected to Russian organized crime. This includes groups using a type of the ransomware, Ryuk, which Shipley said is responsible for 30 per cent of similar attacks in recent months. He said the Saint John cyberattack is the first major one on a New Brunswick municipality, but there have been others in Canada. It is unclear whether...
The world of the internet has expanded and has covered almost all aspects of our lives. The Internet of Things has made everyday living genuinely digital. Internet is no longer just confined to random searches of the elusive piece of information, but a means to carry out most of the activities from banking to switching on the bathroom geyser. And with the internet, so has the cybersecurity threats entered almost all aspects of our lives. Thus, it becomes imperative to safeguard ourselves from the loopholes which the hacking faculties might prey upon. The most trusted and foolproof method used by Cyber Security is the use of the Web Application Penetration Testing tools or Web Pen Tools to check the network, server, or web application and in case of an attack identifies and blocks the loopholes; preventing the worse. Web Application Penetration Testing tools To counter the advances in the field of hacking, it is essential to keep abreast of the latest and the best in the Web Pen Tools. Here is the list of some of the top Web Application Penetration Testing tools one can use to test web app penetration if any: This is a web vulnerability scanner that can scan and detect vulnerabilities of over 4500 kinds, including XSS and SQL injections. It is fully automated, thus saving hours and hours of manual testing. It has high accuracy and low false positives rates. Thus it is fast and reliable. With an advanced manual Pen tool and can be easily integrated with other popular WAFs and vulnerability trackers. It can be operated on CMS systems and supports HTML5, JavaScript, and Single page...
Across the United States, COVID-19 wards like this one at University of Wisconsin Health in Madison are filling up fast, but federal data on their patient numbers and available beds are suspect, which could hinder getting personal protective equipment, other supplies, or medicines to where they are needed most. Federal system for tracking hospital beds and COVID-19 patients provides questionable data By Charles PillerNov. 29, 2020 , 4:30 PM This story was supported by the Science Fund for Investigative Reporting. In mid-November, as the United States set records for newly diagnosed COVID-19 cases day after day, the hospital situation in one hard-hit state, Wisconsin, looked concerning but not yet urgent by one crucial measure. The main pandemic data tracking system run by the Department of Health and Human Services (HHS), dubbed HHS Protect, reported that on 16 November, 71% of the state’s hospital beds were filled. Wisconsin officials who rely on the data to support and advise their increasingly strained hospitals might have concluded they had some margin left. Yet a different federal COVID-19 data system painted a much more dire picture for the same day, reporting 91% of Wisconsin’s hospital beds were filled. That day was no outlier. A Science examination of HHS Protect and confidential federal documents found the HHS data for three important values in Wisconsin hospitals—beds filled, intensive care unit (ICU) beds filled, and inpatients with COVID-19—often diverge dramatically from those collected by the other federal source, from state-supplied data, and from the apparent reality on the ground. “Our hospitals are struggling,” says Jeffrey Pothof, a physician and chief quality officer for the health system of the...
web design company singapore,singapore website design,mobile app developer singapore,design firms in singapore,mobile developer singapore,graphic designer in singapore,web designer singapore,design agency singapore,mobile application developer singapore,singapore app developer,mobile apps development singapore,ios app development singapore,app development singapore,website development singapore,web design services singapore,singapore web development,mobile game developer singapore,mobile apps singapore,singapore web design services,website designer singapore,website design singapore,mobile application development singapore,developers in singapore,android developer singapore,website developer singapore,web development company singapore,web design singapore,singapore mobile app developer,app developer singapore,web application singapore,web development singapore,mobile app development singapore,singapore web design,ruby on rails developer singapore,ios developer singapore,singapore mobile application developer,developer in singapore
.png)
