Monthly Archives: April 2021

Browse The Intercept Using Our New Tor Onion Service – The Intercept

Posted: April 29, 2021 at 12:42 pm

Websites that end in .onion are known as Tor onion services or if you want to be dramatic about it, the dark web. Heres how it all works.

When you load a website in a normal web browser like Chrome, Firefox, Safari, or Edge, you make a connection over the internet directly from your house (or wherever you happen to be) to the web server youre loading. The website can see where you are coming from (and track you), and your internet service provider can see which website youre loading (and track what youre doing and sell advertising based on your activity).

But if you open Tor Browser and load the same website, none of those parties can spy on you. Even Tor itself wont know what youre up to. Within the network, consisting of thousands of nodes run by volunteers across the internet, you do not connect from your house directly to the web server. Instead, your connection first bounces between three Tor nodes and then finally exits the Tor network and goes to the website. The website cant see where youre coming from, only that youre using Tor. Your ISP cant see what website youre visiting, only that youre using Tor. And the Tor nodes themselves cant fully track you either. The first node can see your home IP address, because you connect directly to it, but cant see what site youre loading, and the last node (also called the exit node) can see what site youre loading but doesnt know your IP address.

In short, Tor Browser makes it so people can load websites anonymously. Tor onion services do the same thing, except for websites themselves.

So what exactly is an onion service? Just like when people use Tor Browser to be anonymous, web servers can use Tor to host anonymous websites as well. Instead of using normal domain names, these websites end with .onion.

If you load an onion site in Tor Browser, both you and the web server bounce encrypted data packets through the Tor network until you complete an anonymous connection, and no one can track anyone involved: Your ISP can only see that youre using Tor, and the websites ISP can only see that its using Tor. You cant learn the websites real IP address, and the website cant learn yours either. And the Tor nodes themselves cant spy on anything. All they can see is that two IP addresses are both using Tor.

Onion services have another cool property: The connection never exits the Tor network, so there are no exit nodes involved. All the communication between Tor Browser and the web server happens in the dark.

When people hear about the dark web, they tend to think about shady things like drug markets and money laundering. That stuff is, in fact, facilitated by anonymous websites running Tor onion services, just as its facilitated by the normal, non-anonymous internet. But its not the only use of onion services by a long shot.

The Intercept along with dozens of other newsrooms around the world, including pretty much every major news organization, run Tor onion sites for SecureDrop, a whistleblower submission platform. With The Intercepts new onion service for readers of our website, well also join the ranks of the New York Times, ProPublica, BuzzFeed News, The Markup, and other news organizations in making their core websites available as onion services.

I also develop an open source tool called OnionShare which makes it simple for anyone to use onion services to share files, set up an anonymous drop box, host a simple website, or launch a temporary chat room.

But, by far, the most popular website on the dark web is Facebook. Yup, Facebook has an onion service. For when you want some but not too much anonymity.

Continue reading here:
Browse The Intercept Using Our New Tor Onion Service - The Intercept

Posted in Tor Browser | Comments Off on Browse The Intercept Using Our New Tor Onion Service – The Intercept

Has Google "FLoCed" you? This website lets you know if your browser is using the new tech – TechRepublic

Posted: at 12:42 pm

The Electronic Frontier Foundation has a website that "will tell you whether your Chrome browser has been turned into a guinea pig" for the Federated Learning of Cohorts.

Image: GettyImages/gremlin

Google's Federated Learning of Cohorts (FLoC) trial is underway in select areas around the globe. The tracking system has drawn scrutiny for privacy and security concerns. In fact, the Electronic Frontier Foundation (EFF) created a website to let people know if they've been "FLoCed." So how does FLoC work and how is this system different than the old cookie-based method? And, most importantly, how do you know if you've been "FLoCed"?

SEE:Electronic Data Disposal Policy(TechRepublic Premium)

In March, Google published a blog post announcing the initial rollout of a Chrome "developer origin trial" for its Federated Learning of Cohorts (FLoC) tracking system. The company said the technology "is still in development" and expects FLoC to "evolve based on input from the web community and learnings from this initial trial."

The FLoC rollout has drawn plenty of pushback in recent weeks. TechRepublic's sister site, ZDNet, previously reported a WordPress Core proposal to block FLoC as well as browser Brave disabling the tracking system.

In an article titled "Google's FLoC is a Terrible Idea," the EFF said that "no one should mourn the death of the cookie as we know it," stating the third-party tracking tool has "been the lynchpin in a shadowy, seedy, multi-billion dollar advertising-surveillance industry on the Web."

The EFF also created amifloced.org which the organization says "will try to detect whether you've been made a guinea pig in Google's ad-tech experiment."

Companies have taken measures to block third-party cookies, including browsers Safari and the Tor Browser, as ZDNet reported last spring. In 2019, Google announced its Privacy Sandbox initiative and outlined challenges associated with blocking cookies, explaining that doing so encourages other techniques a la fingerprinting in which a person's device or installed fonts "generate a unique identifier" to match people online.

Additionally, without providing an alternative way for publishers to "deliver relevant ads," blocking cookies reduces funding for publishers and, in turn, "jeopardizes the future of the vibrant web," Google explained.

Instead, FLoC provides a "viable advertising business model" for publishers and boosts privacy, Google said in the March blog post.

The company said FLoC maintains individual anonymity and allows publishers to present ads to "large groups" of web browsers which it calls "cohorts" who are "defined by similarities in browsing history, but they're not based on who you are individually."

Once grouped with "thousands of other people," Gooogle said the specific group's identification number is the "only thing provided when requested by a site" explaining this is different from the third-party cookie approach which enables companies to track people "individually across different sites."

SEE:Snowflake data warehouse platform: A cheat sheet (free PDF)(TechRepublic)

An initial FLoC test is underway involving a "small percentage of users" across the U.S., New Zealand, Australia, Canada, Brazil, India, Japan, Mexico, Indonesia and the Philippines with the tech coming to other areas as the trial expands, according to Google. The company said it would introduce a Chrome Settings control in April allowing people to opt-out of Privacy Sandbox proposals including FLoC.

Learn the latest news and best practices about data science, big data analytics, and artificial intelligence. Delivered Mondays

View post:
Has Google "FLoCed" you? This website lets you know if your browser is using the new tech - TechRepublic

Posted in Tor Browser | Comments Off on Has Google "FLoCed" you? This website lets you know if your browser is using the new tech – TechRepublic

Six reasons you should be switching to the Brave browser – htxt.africa

Posted: at 12:42 pm

Something that might not seem important is your choice of browser. Google Chrome, Microsoft Edge and Opera, are all just iterations of the same thing right?

If that thing is Chromium, then yes you would be correct, but all of these browsers employ variations on Chromium that make them unique while still using the same DNA. In fact, once you start digging into these browsers youll find they all behave and collect data differently.

But there is a Chromium-based browser that we love for many reasons and wed urge our readers to start using. That browser is Brave and having used it since version 1.0 was released in November 2019, weve never felt the need to switch to another browser.

The browser claims to put you back in control of your data by blocking intrusive ads and trackers by default. After nearly two years of using Brave, were starting to see what the internet would look like if companies didnt bid for every morsel of our data.

We know you need more than that though, so here is why we think you should switch to Brave.

As mentioned in our preamble, Brave allows you to install applications from the Chrome Web Store which is great if like us, you have a number of app extensions you use everyday.

The other benefit is that when new extensions are released, so long as you have updated Brave to the most recent version of Chromium, you should be able to use those extensions.

For example, if you hate the new Google Suite icons, there is a browser extension for Chrome, and by extension Brave, that you can use to switch them back to the older, more familiar icons.

One of the benefits of blocking trackers and advertising by default is that websites will load faster as they dont have to prime all the features that follow you around.

In reality this time saving is minimal. Following a format of our PC in January and reinstalling Brave, we have saved just under 24 hours we wouldve spent waiting for pages to load.

When comparing Chrome, Opera and Firefox to Braves loading times on YouTube (with a Premium subscription that removes advertising) the page loads slightly faster on Brave but not so fast youll notice it immediately.

The most important feature in Brave is located right in the omni-bar and it is called Shields.

This is, for all intents and purposes, Braves ad-blocker though just calling it an adblocker does it a disservice.

Shields does a number of things including:

Unfortunately, Brave is so good at blocking these that some websites just wont work because the browser is blocking pop-ups and the like. For example, a payment platform refused to move us to the next step because that step came in the form of a pop-up, which Brave blocked.

Thankfully, switching Shields on and off is as simple as clicking a button and Brave will remember to keep Shields switched off for that website.

You can also set how aggressively you want Brave to block trackers and advertising

One of the features of Brave often used to entice new users is the fact that you can earn money for just browsing.

While that is true, its also stretching what you the user needs to endure.

The adverts you see are delivered as desktop notifications that will appear constantly while the browser is open. Playing a game with Brave open? Get an advert. On a call with Brave open? Get an advert.

For this you will earn Basic Attention Tokens (BAT) which you can deposit into your wallet and use for a number of things.

You can of course have Brave deposit BAT into your wallet every month or you can have Brave divide your earnings up and send it to creators you want to contribute to.

Dont expect to earn huge amounts though, throughout April weve earned $2.84 and quite honestly its not worth the constant barrage of adverts we endured.

Right, before we dive into this if you are using the Tor network for serious reasons such as trying to evade a dangerous government or you are seriously trying to remain private, you should use the Tor browser directly from the Tor project.

We say this because unfortunately, in February it was discovered that the Tor feature was leaking .onion URLs visited by users. This has since been fixed but rather safe than sorry right?

If, however, you simply want to browse the dark web and see what there is to see, Brave is a convenient way to do that without having to download a separate browser. Just note that the speed benefits we mentioned earlier disappear when using Tor.

In addition you can also set Brave up to use DuckDuckGo by default in incognito mode for an extra layer of privacy.

The Federated Learning of Cohorts or FLoC is a term you may have encountered in recent weeks.

This is because its a new way to serve ads that Google is proposing by framing it as a positive.

Rather than targeting ads based on your individual preferences, FLoC puts users into groups and targets groups rather than an individual.

How is this a bad thing? Brave explains.

Say I run a website selling polka music, and I serve a dedicated community of die-hard polka fans. My site is successful because Ive identified a niche market that is poorly served elsewhere, which allows me to charge higher than, say, Amazon prices. However, FLoC may stick users browsing in Chrome in a polka music lover cohort, and begin having my users broadcast their polka love to other sites, including Amazon. Amazon could then peel off my polka-record buyers, leaving me worse off, the firm explains.

Brave argues that FLoC could mean worse privacy for you and not better as Google would have you believe.

Many similar examples are possible, but the general point is that FLoC will have your users broadcast their interest in your site (and sites like your site) to unrelated sites on the Web. Those other sites may use this information to engage in forms of price discrimination, or otherwise more aggressively market to your users. Programmatic ad-tech has done exactly this for years, and FLoC would continue this practice into the post third-party cookies era, adds Brave.

Brave isnt alone in this blocking of FLoC thankfully. Microsoft, Mozilla, Apple and even Opera have expressed a dislike for this method of tracking.

Brave is blocking FLoC right out of the gate and so if you needed any reason to switch, this is a rather good one.

Brave is available to download for free on Windows, macOS (Intel and ARM64 iterations), Linux, iOS and Android.

See the rest here:
Six reasons you should be switching to the Brave browser - htxt.africa

Posted in Tor Browser | Comments Off on Six reasons you should be switching to the Brave browser – htxt.africa

Ted Budd Officially Entering 2022 NC Senate Race – The Rhino Times of Greensboro – The Rhino TImes

Posted: at 12:42 pm

Republican 13th District Congressman Ted Budd has announced he is running for the open US Senate seat in 2022.

Budd made his announcement in a video released on Wednesday, April 28, which you can view here: https://www.youtube.com/watch?v=x0gnXHPArcQ

When Budd was first elected to Congress in 2016, the 13th District split Guilford County with the 6th Congressional District, which at the time was represented by Congressman Mark Walker who didnt run for reelection in 2020 and announced he was running for the Senate on Dec. 1, 2020.

In 2020, the 13th Congressional District was redrawn and Budd, who lives in Davie County, no longer represents any of Guilford County, and by running for the Senate he will have to give up his seat in Congress at the end of this term in 2022.

Budds announcement video starts off with monster trucks, a guy with a bullhorn and a dog in goggles. But mostly it is Budd talking about why he is running for the Senate, with a drive-in movie screen behind him depicting images that go along with the speech.

Budd leaves no doubt about where he stands on President Donald Trump and displays three separate clips of Trump at rallies in North Carolina talking about the good job Budd has done.

Budd says, Today the US Senate is the last line of defense against the becoming a woke, socialist wasteland and Im running to stop that period.

Budd begins the video saying, Im a small businessman who was so fed up with the liberals attacks on our faith, our families and our way of life that I ran for Congress to stand and fight beside Donald Trump to drain the swamp and take our country back.

Budd adds, Joe Biden, Chuck Schumer and Nancy Pelosi are shredding our Constitution, creating an unprecedented crisis at the southern border, cutting American jobs and mortgaging our childrens future with massive debts. My core beliefs come from being raised in Davie County. Im 100 percent pro life and I even think that elections should be fair and secure.

He also says, Ive shoveled a lot of manure on my familys farm and its not the dirtiest job Ive ever had now that Ive been to Congress.

Budd also notes that since he owns a gun shop, people know where he stands on the Second Amendment.

Along with Walker, former North Carolina Gov. Pat McCrory has announced his candidacy for the Senate seat. Jen Banwart, who has said he doesnt plan to raise any money, has also announced he is running in the Republican primary.

More here:
Ted Budd Officially Entering 2022 NC Senate Race - The Rhino Times of Greensboro - The Rhino TImes

Posted in Libertarianism | Comments Off on Ted Budd Officially Entering 2022 NC Senate Race – The Rhino Times of Greensboro – The Rhino TImes

Elections official admits breaking rule | Indiana | Journal Gazette – Fort Wayne Journal Gazette

Posted: at 12:42 pm

INDIANAPOLIS Indiana's top elections official has acknowledged violating state political fundraising rules with the launch of her 2022 election campaign.

Republican Secretary of State Holli Sullivan requested contributions as she announced her campaign Monday five days earlier than allowed under changes to state law signed by Gov. Eric Holcomb that day.

Sullivan, who was appointed secretary of state by Holcomb in March and is vice chair of the Indiana Republican Party, said she was seeking a full four-year term to defend the integrity of Indiana's elections.

State law prohibits candidates for state offices from fundraising during the legislative sessions when the two-year state budget is drafted. Lawmakers extended their meeting deadline from the typical April 29 until November so they can return to approve new election districts.

The Committee to Elect Holli Sullivan has determined that it made an improper solicitation of campaign funds, Sullivan's campaign said in a statement. These public solicitations have been removed and all contributions have been returned.

State Libertarian Party Chairman Evan McMahon said If you are vying to be elected to head the office that oversees elections and enforces campaign finance laws it would probably be a good idea to not break those laws.

Read the original post:
Elections official admits breaking rule | Indiana | Journal Gazette - Fort Wayne Journal Gazette

Posted in Libertarianism | Comments Off on Elections official admits breaking rule | Indiana | Journal Gazette – Fort Wayne Journal Gazette

Investment in construction automation is essential to rebuilding US infrastructure – TechCrunch

Posted: at 12:41 pm

Champ SuthipongchaiContributor

With the United States moving all-in on massive infrastructure investment, much of the discussion has focused on jobs and building new green industries for the 21st century. While the Biden administrations plan will certainly expand the workforce, it also provides a massive opportunity for the adoption of automation technologies within the construction industry.

Despite the common narrative of automating away human jobs, the two are not nearly as much in conflict, especially with new investments creating space for new roles and work. In fact, one of the greatest problems facing the construction industry remains a lack of labor, making automation a necessity for moving forward with these ambitious projects.

The residential construction industry alone had some 223,000 and 332,000 unfilled construction job vacancies at the peak unemployment rate of 15% in 2020, but thats actually about the same when unemployment was only at 4.1%. Between 1985 and 2015, the average age of construction workers increased from 36 to 42.5, while those aged 55 and older increased from 12% to over 20%. The 2018 Population Survey conducted by the Census Bureau found that workers under 25 comprised just 9% of the construction industry, compared to 12.3% of the overall U.S. labor force.

Productivity in the construction industry has likewise remained static since 1995, primarily driven by the aging demographic of the existing labor force, the apprenticeship nature of the job, and difficulty in attracting and retaining new workers. In short, there is insufficient labor to do the job, while existing staff are becoming increasingly less productive as skilled workers that have accumulated decades of experience in their crafts are lost due to retirement.

Automation will need to be a key element of any major infrastructure push, especially if we hope to meet the ambitious goals of current proposals. That being said, not all areas of the construction industry are primed, or even viable, for this shift to automation.

Construction is one of the worlds largest industries but has two major challenges: market fragmentation and complex stakeholders.

The construction industry as a whole is nationally fragmented but occasionally locally concentrated. This differs depending on the segment and type of construction company, with each generally comprising less than 10 workers. The top 100 general contractors account for less than 20% of the total construction market. Subcontractors are even more fragmented, with top players accounting for less than 1% of the total market share. This makes sales processes and scaling very slow and highly inefficient.

More:

Investment in construction automation is essential to rebuilding US infrastructure - TechCrunch

Posted in Automation | Comments Off on Investment in construction automation is essential to rebuilding US infrastructure – TechCrunch

How Advanced Automation and New Technologies are Enabling Enterprises to Do More with Less – Security Boulevard

Posted: at 12:41 pm

As industries try to play catch-up as COVID-19 pushed everyone to remote work, technical debt is more of an issue than ever before. Technical debt is a term that describes the implied cost of additional work, or re-work, caused by choosing an easy solution over a better solution that may take longer to implement. Like financial debt, if technical debt isnt dealt with or repaid, it can accumulate interest, making it more difficult for companies to implement sweeping changes that could improve the organization or improve the software.

As artificial intelligence (AI) and automation become more pervasive in the modern world, one of the areas they focus on is this technical debt that organizations have mired themselves. Without AI solutions, the debt will build and build, making software more bloated and more modular the longer it is in effect. The solution lies in automation where the technical debt can be addressed and further improve an organizations cyber resiliency and where return on security investment (RoSI) can be calculated.

Automation is especially appealing to those in cybersecurity when looking at GRC solutions that are modular and siloed and have difficulty talking to one another. This also contributes to technical debt and requires human intervention as it accumulates. For many organizations, execution, governance, and operational success are elusive because there have not been the same kind of breakthroughs for most cybersecurity practices compared to other industries that use AI, and the awareness of automation options remains low.

According to Gartner though thats changing, 30% of enterprises plan to increase AI investments since the start of the pandemic, and 47% of AI investments remain unchanged. The ability for a company to automate also depends on their maturity level. Companies must have a sufficiently mature security program in order to take advantage of automation opportunities. If automation was implemented on a larger scale, security incidents, financial loss, data loss, and data breaches could be mitigated more effectively.

Automation is slowly but surely transforming from an optional condition to a means of survival. Although there was a demand for it pre-pandemic, the global crisis has accelerated digital transformation initiatives and broken down some of the obstacles higher-level executives had with automation processes.

AI encompasses a vast range, including machine learning (ML), natural language processing (NLP), Robotic process automation (RPA), and more. NLP especially plays a significant part in advanced automation. NLPs ultimate objective is to read, decipher, and understand language thats valuable to the end-user. Currently, there are several ways NLP is used in day-to-day life. Many are familiar with chatbots or auto-complete in emails or texts. But theres a gap in cybersecurity and risk assessment where NLP could be used to inform risk management and regulatory compliance. Since interactions between humans and machines are based on language processing, NLP allows organizations to process increasingly large amounts of data, granting them the ability to be more efficient, more risk cognizant, and more secure.

Incident detection and prediction is one area where humans can take advantage of AI. NLP used for risk and compliance requirements can identify overlaps in frameworks and data from an enterprises tech stack and use it to identify vulnerabilities in security infrastructure.

However, there are a number of AI-fueled cyber security solutions out there, and it has definitely become a buzzword in cyber. These GRC automation tools still tend to require human oversight and intervention. They do not achieve pure automation. In this industry, automation tends to encompass employees and security leaders getting texts or emails when controls need to be addressed or updated, but what if there were more powerful options that allowed for an automated system that could identify how threats endanger your current tech stack?

At an operational level, advanced automation addresses risk and the plague of technical debt that business leaders and IT face. Automation allows executives to allocate resources in a way that will yield the greatest return on information security investment and gives them the opportunity to augment as many processes and systems as possible to increase resilience, efficiency, and agility. Doing away with siloed data and technical debt that cripples monitoring strategy allows security teams to increase their maturity and allocate resources to automation options that give a significant return on investment and to calculate the return.

Advanced automation is critical in addressing modern security challenges by increasing speed and efficiency while cutting back on operational costs. Solving the pent-up data debt frees up vital resources and employees to focus on other matters and reduces inefficiency.

By combining AI and NLP, security leaders can make sense of data coming out of a security tech stack, showing where and how various tools and solutions manage compliance programs across standards. NLP allows for improvements over time with self-learning to become more efficient in enhancing cybersecurity processes. The automation of assessments gives business leaders insight into real-time risk monitoring.

Crosswalking is a process where the NLP engine identifies keywords that map to specific controls and control actions. Currently, the process of crosswalking in many cybersecurity solutions is manual and inexact. NLP gives organizations the ability to leverage nascent data thats coming out of a platform. When other cybersecurity companies discuss crosswalking its typically behind a closed door, and no one knows how it happens or what it does. Mapping different frameworks dont always provide a direct 1:1 solution. So having an option for automation that is transparent, thorough, and learns, is critical in increasing maturity and understanding.

CyberSaint takes a deep learning approach that allows crosswalking between frameworks without a significant amount of human intervention. This increases security maturity and makes the organization more risk cognizant. This becomes even more key when discussing cloud-based shifts post COVID-19.Many Fortune 500 companies use spreadsheets to track and monitor risks and vulnerabilities, but this incredibly time-consuming task, typically done by an employee manually checking controls. By the time IT professionals reach the end of the spreadsheet, it can already be out of date. This leaves organizations vulnerable and consumes valuable resources that could be allocated elsewhere. In the era of COVID-19, with many companies downsizing their security budgets, this can be a massive blow to a cybersecurity program as resources become scarcer and employees gain an ever-growing list of responsibilities.

With automated risk platforms, its possible to manage risks and increase program maturity over time, dynamically. Software that can continuously prioritize threats and add more automation over time across compliance, risk, and audit can make a sizeable difference in downsized security teams. It becomes possible to track tangible, measured impacts and returns on investment with a balance between quantitative and qualitative data.

Executives need to start demanding more and expecting more of their IT GRC stacks. To achieve operational excellence, they need to shed the technical debt and move forward with automation to augment current processes and make them perform for them instead of constantly utilizing workarounds that are inefficient and leave critical systems open to risk.

To learn more about risk management and how automation is changing the landscape of cybersecurity, click here. To see a demonstration of CyberStrong and how it can help your enterprise to more with less, contact us.

Visit link:

How Advanced Automation and New Technologies are Enabling Enterprises to Do More with Less - Security Boulevard

Posted in Automation | Comments Off on How Advanced Automation and New Technologies are Enabling Enterprises to Do More with Less – Security Boulevard

UK demand for digital automation skills doubles as employees feel the burn out | RoboticsTomorrow – Robotics Tomorrow

Posted: at 12:41 pm

Demand for digital automation skills has more than doubled since 2019, according to new research from specialised recruiter Robert Half and global labour market trends experts Burning Glass. The need for automation proficiency is rising faster in non-technical roles, up by 125% since 2019, than it is in traditional IT roles, which are up by 96%. Non-technical roles seeing strong growth in demand include Management Consultants and Sales Directors.

New research from specialist recruiter Robert Half and global labour market trends experts Burning Glass indicates that demand for digital automation skills is set to double (+99%) by the end of 2021 compared to pre-pandemic figures. An analysis of nearly 9,000,000 UK job postings has revealed that the number of jobs requiring automation capabilities is on course to reach around 90,000 this year, compared to 39,323 in 2019, with demand rising fastest in non-technical roles such as Management Consultants and Sales Directors.

Three strategies to help integrate automation into the workforce:

1. Find the quick wins: Look for opportunities to roll out easy proof of concept (PoC) trials or pilot programmes so that stakeholders across the business can see how such projects can work and learn how to go about introducing automation. PoC trials shouldn't be hugely ambitious and therefore don't necessarily require large amounts of technical knowledge to get started.

2. Do a cost / benefit analysis: For each project, it's essential for business leaders to understand how implementing an automated solution will affect the team, what the expected benefits are, and how much resources it will require. This helps to create a strategic approach to automation where the highest value opportunities are given priority.

3. Think about the broader impacts: More broadly, apart from productivity and efficiency considerations, executives should consider conducting an impact analysis of the effects of automation on things like employee happiness, career development, and training and development so that they can anticipate and pre-emptively address these issues.

"As automation becomes more widespread, roles and job functions will change significantly," continued Weston. "This surge in demand means it's more important than ever for businesses to invest in life-long learning. It's estimated that 21m UK workers will need digital upskilling over the next decade and automation needs to be a core element of such educational initiatives. As such, executives should be reviewing their learning and development programmes to make sure they are able to provide the skills most urgently needed. Alongside this, all businesses - especially SMEs - need to be taking advantage of government support to help with digital upskilling such as the Chancellors recent Help to Grow' scheme that can help shoulder some of the cost of upskilling and retraining."

See more here:

UK demand for digital automation skills doubles as employees feel the burn out | RoboticsTomorrow - Robotics Tomorrow

Posted in Automation | Comments Off on UK demand for digital automation skills doubles as employees feel the burn out | RoboticsTomorrow – Robotics Tomorrow

Supervised Active Intelligence The Next Level of Security Automation – Security Boulevard

Posted: at 12:41 pm

Taking a proactive approach to threat hunting in cyber security is crucial, especially today when attacks are more stealthy and more complex than ever. What this means is that the olden ways of cyber security relying on time-consuming manual workflows are slowly becoming obsolete, and cyber security teams must be supported by active learning intelligence in their threat hunting processes.

This is why, in order to respond to these pressing needs, DFLabs crafted Supervised Active Intelligence, which is a combination of multiple capabilities, all working together to ensure a smooth and interrupted SecOps workflow. In this article, we will describe the power of Supervised Active Intelligence SAI, reveal its role in the cyber security environment, and talk about the potential of active intelligence in cyber security.

Supervised Active Intelligence provides analysts with all the information they need to make well-informed decisions. It is a special case of machine learning which rests upon IncMan SOARs learning algorithm to query a user and extract relevant data. Its supervised learning algorithm leans on machine learning to:

Via Supervised Active Intelligence, SOC teams can successfully decide to orchestrate, contain, report, and remediate breaches with fewer resources required and in a much quicker and more efficient manner.

Supervised Active Intelligence was built to elevate the maturity of automation in security operations, and help build a trusting relationship between humans and SOAR by allowing security professionals to take a crucial decision-making role in the path of automation.

We said several times that SOAR does not replace humans but makes them more efficient. Many doubts are raised about the development of advanced cyber security technologies, mainly because it is feared that forward-thinking tools will eventually render humans obsolete. However, that is not the fact, nor it will be in the foreseeable future.

The way Supervised Active Intelligence operates is that it relies on human guidance to launch machine learning and automation initiatives. This is the principle upon which SAI was built in IncMan SOAR. SAI follows a guided path to automation led by security professionals. Its functionality is strictly dependent on human guidance, which is the foundation of the relationship between security teams and Supervised Active Intelligence.

Supervised Active Intelligence was built to help security teams accomplish their desired targets with enhanced efficiency, speed, and performance. SAI does not, however, work autonomously.

The key element to remember here is that security teams supervise the active intelligence brought by IncMan SOAR. SAI will only launch machine learning processes after it has been instructed by the security professionals responsible for the given case. After receiving the instructions, SAI will continue on its automation journey, but it is vital to remember that ACTIVE does not mean AUTONOMOUS in this situation. SAI is and will be dependent on human guidance.

Supervised Active Intelligence in IncMan SOAR is based on the premise of human guidance. It fuses machine learning and human intelligence to formulate the end result Supervised Active Intelligence.

More specifically, Supervised Active Intelligence is driven by the following:

This is, in short, the basis behind the design and development of Supervised Active Intelligence in IncMan SOAR. Its role is to bring a new, more effective path to security automation that will offer a higher level of efficiency and success in incident remediation.

In other words, SAI will help humans be more effective in SecOps.

SAI speeds up the decision-making process for security analysts by providing them with applicable recommendations regarding a given incident. Upon providing relevant Playbooks to a certain incident based on historical precedent, SAI uses its machine learning capabilities to eliminate the false positives and create incidents when they are real and extract more intelligence relevant to the incident, ultimately helping the security professional make a fast, well-informed decision.

This saves security professionals from the time-consuming hassle of having to search for relevant information regarding an incident on various tools. Heres exactly how SAI gives humans the much-needed edge in security operations:

Phase #1:

Eliminating false positives via TRIAGE capabilities and creating incidents that are real. SAI supports analysts with its TRIAGE capabilities in order to eliminate false positives and create incidents when they are real. To help you accomplish that, our team helps you set incident rules that will enable the SAI engine to understand what qualifies as a false positive and what falls into the category of incidents.

Phase #2

Allowing analysts to make the right decision by recommending relevant Playbooks. SAI supports analysts by allowing them to make well-informed decisions. The Supervised Active Intelligence engine recommends the right Playbooks and uses its machine-learning algorithm to find the most suitable way to respond to the incident. It Enriches the team with the right information to help them launch an immediate response to the incident.

Via Supervised Active Intelligence, CISOs and SOC Managers will have a great way to incorporate machine learning into their security operations without disrupting the existing workflow within their SOC team.

All in all, there is literally no downside in incorporating Supervised Active Intelligence into your conventional SecOps. Your analysts will still be behind the scenes controlling the wheel, with the only difference being that SAI will perform all the time-consuming and repetitive tasks for them.

Bottom line is, security leaders are trying to find new ways to make automation in security operations more effective. Humans are yet to give automation their full trust, but with SAI, automation in cyber security is taking a great forward.

Automation is deemed as a core pillar in the heart of security automation, along with machine learning and active intelligence. And by refining the development of security automation, humans will get a much-needed helping hand that will boost the efficiency, speed, and accuracy of their security operations. Learn more about the other powers of IncMan SOAR and the bountiful benefits of progressive automation.

Larticolo Supervised Active Intelligence The Next Level of Security Automation proviene da DFLabs.

*** This is a Security Bloggers Network syndicated blog from Our Blog DFLabs authored by DFLabs. Read the original post at: https://www.dflabs.com/resources/blog/supervised-active-intelligence-the-next-level-of-security-automation/

Here is the original post:

Supervised Active Intelligence The Next Level of Security Automation - Security Boulevard

Posted in Automation | Comments Off on Supervised Active Intelligence The Next Level of Security Automation – Security Boulevard

UK demand for digital automation skills soars – ComputerWeekly.com

Posted: at 12:41 pm

Demand for digital automation skills is rising in the UK as businesses try to find ways to support workers by removing repetitive tasks, according to research.

The need for automation proficiency is accelerating faster in non-technical roles such as management consultants and sales directors, up by 125% since 2019, than in traditional IT roles, which are up by 96%, according to a survey carried out by specialist recruiter Robert Half and global labour market trends expert Burning Glass.

According to the research, which analysed nine million UK job postings, the number of roles requiring automation capabilities is set to reach around 90,000 this year, compared with 39,323 in 2019.

These findings show that businesses understand they need to find ways to support and supplement their workers by removing more repetitive tasks and freeing them up to focus on more value-add activity, said Matt Weston, managing director at Robert Half UK.

Sales directors are increasingly being tasked with improving efficiency, and are hence turning to automation, including software that auto-fills client contact forms during phone calls or using artificial intelligence to support on-the-job training, according to Weston.

Executives should be reviewing their learning and development programmes to make sure they are able to provide the skills most urgently needed Matt Weston, Robert Half UK

As automation becomes more pervasive in the workplace, roles and job functions will change significantly, he said. Citing numbers from the Confederation of British Industry (CBI) that about 21 million UK workers will need digital upskilling in the coming decade with automation as a key area of focus, the executive argued that this ongoing change also meant it was important for businesses to invest in continuous training.

Executives should be reviewing their learning and development programmes to make sure they are able to provide the skills most urgently needed, said Weston.

In addition, the Robert Half executive noted that businesses, particularly small and medium-sized enterprises (SMEs), should take advantage of government support to help with digital upskilling, such as the Help to Grow scheme announced by chancellor Rish Sunak in this years Budget.

See the original post:

UK demand for digital automation skills soars - ComputerWeekly.com

Posted in Automation | Comments Off on UK demand for digital automation skills soars – ComputerWeekly.com