The entire world is navigating through the a crisis and the fallout of the global pandemic has upset political, financial, and economic structures worldwide.

Source

Climate change is a bigger challenge that has been there for a long time and has the potential to impact every human, industry, and living organism on the planet.

Climate Change – Catastrophic impacts on our planet

Changing weather patterns, rising sea levels, and extreme weather events are some of the ways in which climate change is proliferating around the world. As per a developer survey conducted by IBM, 77 percent of the first responders and developers agreed that ‘climate change is indeed the most pressing issue faced by today’s generation’ [Source].

Another insightful study throws some light on preparedness for natural disasters. By 2050, the global population is expected to reach 9.5 billion people, which will put further pressure on the earth’s resources [Source]. Imagine a scenario where 100+ people are living in a small room, how cramped and suffocating it would be for those people?

The same thing will happen if the existing natural resources offered by the earth are not enough to serve living organisms on the earth. Apart from the impact caused on the natural resources on the earth, global warming has led to a rise in the overall temperature of the earth.

A growing amount of GHG [Green House Gases] are also preventing the heat radiated from Earth’s surface to escape into space. Due to this, the heat content in the upper ocean has increased a lot over the last two decades. By 2100, global temperatures could rise by 3-5 degrees Celsius [5.4~9.0 degrees Fahrenheit].

Source

Technological solutions can be instrumental in combating climate change. In the past, IBM has taken significant strides by connecting humanitarian experts with talented developers across the world to keep a check on climate change. #CallForCode is one such initiative by IBM through which the company plans to identify and deploy technology solutions to create a better world for tomorrow.

#CallForCode 2020 – Focus on Prevention and Reversal of Climate Change

Call for Code is a global campaign that was started by David Clark Cause in 2018 and IBM has been the founding partner since the inception of #CallForCode. Call for Code is an initiative targeted towards developers, data scientists, and change-makers who intend to make this world a better place to live! They can catalyze their skills to create solutions using IBM tools.

Call for Code 2019 received a phenomenal response as over 180,000 participants from 165 nations participated in the hackathon focused on relief and natural disaster preparedness. Whopping 5000 applications were created in that edition of Call for Code [Source].

The tracks for #CallForCode 2020 are understandably #Covid-19 and #ClimateChange. Call for Code 2020 is an ideal platform for developers and change agents, as they get an opportunity to utilize their passion for creating technology solutions that can reverse the impact of climate change.

Development Tracks for #CallforCode 2020

The development tracks [or sub-categories] are more relevant than ever before:

IBM provides all necessary resources, tool kits, and products that can be used for creating meaningful solutions for combating climate change. Starter kits from IBM are ideal resources for understanding the scope of the problem and build applications in a short span of time. Climate Change enthusiasts can refer to starter kits, technical resources, and reference materials related to that topic here.

Steps to participate in #CallforCode 2020

For participating in #CallForCode 2020, perform the following steps:

  1. Accept the Challenge – Create your IBM Id & join the challenge by clicking on https://cloud.ibm.com/registration.
  2. Build with open-technology – Leverage available resources such as code patterns, expert videos, and tutorials for giving shape to your idea.
  3. Build a winning team – Leverage the community for getting support, in terms of finding teammates, meeting experts, asking questions, or simply sharing path-breaking ideas.
  4. Submit your idea – Submit details about the idea and the thought process that went into building the same. You also need to submit the participation agreement. The winner stands a chance to win a whopping $200,00.

Important Dates for #CallForCode 2020

  • Final Submission Deadline31st July, 2020
  • Announcement of Global Challenge WinnersOctober, 2020
  • Prize$200,000, Open source support from the Linux foundation, meetings with mentors and investors, and seeing their solution getting deployed through Code and Response to further exemplify using tech for good.

Time to be a part of the change with #CallForCode 2020

Boxengage, which was launched as a better Indian-alternative of Tiktok during the lockdown, made by Indian entrepreneurs for India has gone viral – with erstwhile TikTok influencers joining Boxengage overnight.

Boxengage, is especially designed for the requirement of Indian customers wherein both the content creator and visitors can do much more than simply follow or comment on their influencer. Via Boxengage, any kind of content creator across all categories can connect with their followers via multiple ways, such as, live streaming, posting videos, or even holding private sessions with their celebs or influencers, and this engagement-based platform is making users stick much more on the platform.

Boxengage.com, has been co-founded by Indian entrepreneurs – namely, Varun Bajaj, Shivaarti Bajaj, Vikas Jain [leading technology], Ankur Saxena [leading business operations].

Varun Bajaj, Co-Founder of Boxengage, who is an experienced Indian digital entrepreneur, stated on the virality of BoxEngage that

Banning these Chinese apps, especially Tiktok is a great step as apart from major data-privacy issues due to Chinese origin, there was a huge debate around the limited social message of Tiktok as a digital product, as the product was made keeping Chinese mindset in mind. Having said that, we would want to thank the Indian customers and Indian influencers, who have given such a positive response on BoxEngage.com.

Our feedback has shown, Boxengage.com is winning over the Chinese-counterpart considering it has been Made in India keeping in mind the requirements of the Indian users. Therefore, Indian-customers virality has evidenced that they have loved Boxengage.com having much-more advanced engagement use-cases.

Content creators/influencers are able to monetize being on boxengage.com directly, which is a further incentivization for them to join Boxengage.

Furthermore, Boxengage.com is already hitting a run-rate of holding 100+ digital experiences and services per month [which is special feature only available on boxengage] by the onboarded content creators. Runrate is expected to hit 500+ per month mark in July, 2020, and 2000+ per month mark in next 90 days.

On Boxengage, visitors are also able to discover and book all kinds of unique digital live experiences free of costs – from live happiness experiences , to live adventure experiences, live cooking experiences and any other kind of digital experiences one could imagine. Furthermore, Boxengage, has already successfully on-boarded top influencers like Top Olympian Mohit Nagpal, and various other top experience curators such as Canvas Comedy Club to provide these digital experiences.

Already top service providers like Divya Sharma [leading physiotherapist], and top dietitians & health consultants, and various other top service providers have partnered with BoxEngage to deliver live services.

The fog has lifted to reveal photos of cities around the world with clearer skies – an unexpected silver lining in this pandemic. The next time you look skyward, may I suggest that you take a closer look at the clouds dotting the sky too? We often miss not only the beauty of the atmosphere’s omnipresent cloud but also cloud interfaces integrated all around our homes, offices and public spaces.

Image Source

Amid the COVID-19 pandemic, many countries across the world opted to go under a ‘lockdown’ to ‘flatten the curve’ of infection. These lockdowns meant confining the citizens to their homes and shutting down businesses. While it has definitely slowed down economic activity, certain kinds of businesses have experienced tremendous growth.

Take Netflix, for example. Owing to social distancing and stay-at-home orders, it is but obvious that people are keeping themselves entertained through multimedia streaming apps. For the first quarter of 2020, new Netflix subscriptions reached 15.8 million surpassing the earlier prediction of 8.8 million.

This brings us to the question of how Netflix could cope with such a massive surge in usage. The answer is the public cloud. Apart from the almost instant scalability it brings, the cloud-based business model used by companies such as Netflix allows them to not just scale when required, but also handle shifts in traffic patterns – all the while remaining reliable to their customers.

It is clear that the pandemic will accelerate cloud adoption. The opting for a cloud environment, once viewed as an option, will now witness greater urgency, due to the many benefits it brings. According to the annual State of the Cloud Survey, 30% of large enterprises expect their cloud usage to significantly increase as a result of the present crisis.

Furthermore, among SMBs and enterprises, a net 47 percent of organizations plan for increased cloud usage because of the changes that the pandemic has brought on. However, this increasing reliance on the public cloud comes with several underlying challenges, the biggest of which is misconfigurations.

Misconfigurations – The biggest challenge in cloud environments

It is vital to remember that moving to the cloud does not mean all risks are eliminated. While some risk factors are reduced, others are introduced. Cloud environments face security vulnerabilities on several counts, from the failure to maintain proper security hygiene to system vulnerabilities at the end-user level.

In fact, according to research conducted by Crowd Research Partners, nine out of ten cybersecurity experts are highly concerned when it comes to cloud security.

Biggest among these threats are misconfigurations, which to put it in the simplest of terms are the mistakes of the IT teams as they set up the organization’s cloud infrastructure. According to a study conducted by Trend Micro, it was found that on an average 165 million misconfigurations take place on the cloud every day.

The same study also pointed that four out of 10~40 percent of cloud related incidents can be traced back to misconfiguration in the cloud environment. It is necessary to understand why misconfiguration is such a big threat. Let’s take an example we are all familiar with—an iPhone. Before starting to use a new phone, the security settings on the phone needs to be configured, to be changed from the default setting.

Setting up privacy measures such as passcodes, fingerprint analysis, whether one wants to upload a picture of oneself to their Apple account, etc., has to be set up. Similarly, when an organization migrate their workloads to a cloud platform, security needs to be configured. Nevertheless, inadvertent misconfigurations are common. For instance, an application team configuring a workload whose prime concern would be application connectivity, may unintentionally misconfigure the connectivity, thereby overlooking network security.

Another reason for the rise in cloud misconfigurations can be attributed to the lack of visibility and rapid public cloud adoption. Without adequate visibility, security teams are unable to secure cloud environments. Furthermore, as the percentage of adoption grows, the volume of activity proportionally increases, leading to additional misconfigurations such as a lack of awareness of cloud security and policies, lapse in supervision, lack or insufficient control and negligent internal activities.

Add to this the number of services being provided by public cloud providers and it is easy to understand why misconfigurations occur. AWS, for example, between the years 2007 and 2017, have added 100 services to their portfolio, which roughly works out to around 10 services each year. This number spiked in the last two years alone, with their portfolio of services adding over 75 offerings.

On top of configuration visibility issues, container which has emerged as a solution for complicated micro service based cloud native applications (through the flexibility it provides) causes security teams to have very less visibility. This can be primarily attributed to the shared responsibility shift in DevOps, which then results in forgotten systems and undeleted logs which can turn out to be a hidden vulnerability.

Underlying all these challenges is the fact that the pace of technology adoption is much faster than the adoption of security technology. For instance, by the time an enterprise adopts the use of containers, serverless technology emerges as another level of abstraction on top of containers – making it all the more difficult for security teams to keep up.

Steps to avoid misconfiguration

The number of security breaches steadily increasing due to misconfiguration makes it all the more important for enterprises to take the right steps to prevent these. The need of the hour is for security teams to deploy a single security tool that offers the equal amount of visibility and security for both on-premise applications and new generation container and serverless based micro services applications.

The next best practice would be for organizations to deploy custom design tools which can perform an auto-audit of any misconfiguration, thereby matching the best practices guidelines offered by vendors and provide solutions on the go. Finally, it’s always best to partner with professional security consultants, who can help design security cloud architectures that will match future needs.

Additionally, simple measures such as integrating security in DevOps from the very beginning and employing least privilege controls which restricts access to only those who need it will also go a long way in protecting cloud infrastructures.

Enterprises are equally responsible for their assets on the cloud

Most public cloud providers operate with a shared responsibility model. While the onus is on them to protect the infrastructure, it is up to enterprises to be responsible for securing their applications, data, operating systems, access management, & firewalls. Preventing misconfigurations then becomes the vital first step in ensuring security for assets on the cloud.

About the Author

Nilesh Jain is the Vice President, Southeast Asia and India of Trend Micro. You can find more Nilesh Jain here.

With an evolving digital landscape and the rapid proliferation of sophisticated cyber attacks, security can no longer be relegated as an afterthought by organizations. The world continues to witness numerous cyber attacks – from Wannacry to the latest Maze attack, with each attack being more unique and complex than the preceding one, and making businesses succumb to huge losses. What’s common between these attacks, you may ask – they are all ‘ransomware’.

Image Source

This ‘cyber pandemic’, as we would like to call it due to its inherent nature of spreading far and wide, has spread its wings across countries leading to concerns around security of data. Its enormity can be gauged from the fact that almost 62 percent of the organizations globally have experienced a ransomware attack in the past one year, as reported by an industry survey by CyberEdge. And, which will likely continue to do so in the foreseeable future, with newer and stealthier attacks underway.

A case in point is the recent Maze ransomware, which created headlines the world over. What’s unique about this ransomware is that it not only encrypts the data but steals it, and with the threat actors threatening to publish the data, which makes it exponentially more devastating. On why organizations should look at ransomware as the proverbial ‘elephant in the room’ and not just shelve the topic aside, let’s delve a bit in into demystifying few of the aspects, which include – ransomware transmission; whether it’s ever a good idea to pay up a ransom, and if ‘prevention’ might be the best ‘vaccine’ in dealing with it.

Infectious modes of transmission

How lethal is ransomware, and why do many of the cyber experts still consider it to be the numero-uno cyber threat even today? All the findings and the industry data validate this fact, with one such finding by Cybersecurity Ventures, a global cybersecurity research firm predicting that – ‘globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019’.

Its proliferation has further been accentuated because of the COVID-19 outbreak, as more and more employees continue to work remotely, and there is less protection due to remote access. It is likely that the users are more susceptible to falling prey to COVID-19 themed malicious emails.

What’s the modus operandi of a ransomware attack and its transmission? Phishing emails are the most common way through which ransomware penetrate an organization – as attachments masquerading as a file which victims tend to trust. However, there are several other vectors through which ransomware can also permeate, which includes endpoints, cloud workloads, networks, web gateways, files, mobile phones and even instances seen across Linux servers.

Typically, ransomware encrypts data using different file formats or extensions with different Advanced Encryption Standard [AES] keys, and hence decryption becomes almost impossible.

‘Ransom’ in ransomware – not a good thing

This is a perennial question, whether to comply to the demands of the ransomware actor or not. It’s important for an organization which has been breached to understand the attackers’ unseen motive, which in many cases is to get a quick return on investment. According to a joint study by PwC India and Data Security Council of India [DSCI], the data breach cost in India has gone up by 8% in 2 years, which is alarming.

We notice that many-a-times organizations are ready to pay a ransom to speed up the recovery of their data and systems. However, it’s important to note that paying it does not guarantee that the users will get the decryption key or unlock tool required to regain access to the infected system or hostage files and may only further encourage threat actors to attack organizations. As long as the ransom scheme, or the ‘cyber heist’ as we like to call it, continues to be profitable, cybercriminals will continue to leverage it on vulnerable targets.

Prevention and Remediation – Keys to defend

In the current parlance, to deal with ransomware an occasional intake of medicine won’t suffice, and a ‘vaccine’ is the order of the day. This is where ‘prevention’ could be the panacea or much needed vaccine that organizations should prescribe to rather than looking at knee-jerk reactive approach to ransomware attacks, which is the current practice.

Despite the prevalent ideals of digital transformation, lack of basic security hygiene, legacy systems with outdated operating systems and unpatched vulnerabilities are still a reality. As per Gartner’s analysis of clients’ ransomware preparedness, globally over 90% of ransomware attacks are preventable.

There is no silver bullet when it comes to stopping ransomware. As part of a layered defense strategy against ransomware, organizations should have multiple security controls in place across email, endpoints, networks, and servers. Since these are correlated, a centralized security visibility across all these layers from a single console helps to reduce IT complexity and to stay on top of the ransomware threat.

Let’s observe some of the best practices that organizations and users can adopt to strengthen their defenses against ransomware and mitigate risks

  • Back up important files using the 3-2-1 rule – create 3 backup copies on 2 different media with 1 backup in a separate location.
  • Enable virtual patching, especially for operating systems that are no longer supported by the vendor.
  • Ensure emails are safeguarded with sandboxing technology and anti-spam solution, and there is an advance scanning & detection technology in place for mail endpoint & network traffic.
  • Implement multi-factor authentication and least privilege access policies to prevent abuse of tools that can be accessed via admin credentials, like RDP, PowerShell and developer tools.
  • Regularly update software, programs, and applications to protect against the latest vulnerabilities.
  • Increase awareness of how ransomware spreads, i.e., through spammed emails and attachments.
  • Avoid opening unverified emails or clicking links embedded in them.

The hard question that CISOs, CTOs, CIOs and all the security and IT managers should ask themselves is that, in the eventuality of a newer ransomware threat, are they really prepared well enough to deal with it.

About the Author

Sharda Tickoo is a Technical Director with Trend Micro. She is based out of Mumbai (India). You can find more about Sharda Tickoo here.

C-CAMP and Applied Materials India Private Limited announced financial and technical support to two biotech start-ups in order to fast-track near-to-market technologies in the battle against COVID-19.

The two start-ups, Coeo Labs and Biomoneta, incubated under the Centre for Cellular and Molecular Platforms [C-CAMP], an initiative of the Department of Biotechnology [DBT], and were chosen by C-CAMP’s COVID-19 Innovations Deployment Accelerator [C-CIDA] launched on 25th March 2020 to identify and help accelerate near deployment-ready solutions that have the potential to fight the pandemic.

C-CIDA received more than 1100 innovation submissions and after a rigorous assessment, selected 31 innovations that have high potential to help battle against COVID-19 as C-CIDA Stars for Impact. With this, C-CIDA has built a diverse portfolio of innovations ranging from diagnostics and novel therapeutic approaches to air and surface sanitization and many more categories.

Of the 31 innovations identified as ‘C-CIDA Stars for Impact‘,  Applied Materials India selected two start-ups working in the following high-priority areas:

  • Assisted Respiratory TechnologiesCoeo Labs, for its non-invasive Continuous Positive Airway Pressure [CPAP] product, Saans Pro
  • Air Sanitization TechnologiesBiomoneta, for its air decontamination product, ZeBox

The Applied Science & Technology Research Accelerator [ASTRA] provided an avenue for multiple start-ups incubated by C-CAMP to explore potential collaborations and/or investments with Applied Materials India. In continuation of these efforts and to help battle the COVID-19 crisis, Applied Materials India will provide technical expertise and financial assistance to C-CIDA, Coeo Labs and Biomoneta.

Speaking on the funding, Srinivas Satya, Country President and Managing Director, Applied Materials India, said

It is heartening to see the passion start-ups bring to our nation’s battle against COVID-19.  Many of these entrepreneurs have brilliant solutions and need help bringing the technology to scale.  As a company with deep technical expertise and a long history of supporting our communities, we believe we must do all we can to accelerate the development of innovations that can strengthen the country’s response to COVID-19.

In a time when infrastructure is a challenge and access to medical relief is limited, we are pleased to collaborate with indigenous start-ups that can help pave the way to a healthier future in India.

Speaking on the collaboration, Dr. Taslimarif Saiyed, CEO and Director, C-CAMP, said

We are delighted to get this support from Applied Materials India for our C-CIDA, where our mission is to bring near deployment-ready innovations to the field. C-CIDA has had a significant impact across India and this support further fosters our efforts. We look forward to working closely with Applied Materials India to deliver impactful innovations together.

C-CAMP is one of the flagship incubators set up under the DBT and a member of the Bangalore Life Sciences Cluster [BLiSC], with a mandate to enable cutting-edge life sciences research and innovation and promote life sciences entrepreneurship. In 2019, C-CAMP forged a close collaboration with Applied Materials India to help accelerate time-to-market of promising biotech start-ups in India. Applied Materials India has also been engaging with the Biotechnology Industry Research Assistance Council, a program under the DBT, across various levels since 2019.

To find out more about these companies in India who are part of new wave of health tech start-ups aiming to create innovative solutions that are also affordable, please visit the Coeo Labs for Saans Pro and the Biomoneta website for ZeBox.

About C-CAMP

Centre for Cellular and Molecular Platforms is an initiative of Department of Biotechnology [DBT], Government of India and a member of the Bangalore Life Sciences Cluster [BLiSC], with a mandate to enable cutting-edge life science research and innovation and promote life science entrepreneurship.

C-CAMP has directly funded, incubated and mentored close to 150 start-ups over the last few years and is connected to 1000+ start-ups and entrepreneurs across the country in healthcare, agriculture and environment. C-CAMP is an initiative supported by Department of Biotechnology, Ministry of Science and Technology, AIM-NITI Aayog, Ministry of Electronics and Information Technology [MeitY], GoI, and Government of Karnataka.

In India and elsewhere around the globe, consumers are being incentivized to purchase electric cars under the pretense that these types of vehicles are better for the environment. While it’s true that electric vehicles have the potential to reduce emissions, charging electric car batteries with conventional electrical grids, which primarily use coal to generate energy, could actually worsen the crisis caused by fossil fuel emissions.

Recently, Forbes India published an article that the Neutrino Energy Group was proud to welcome Dr. Bharat Bhanudas Kale of Pune, Maharashtra into its international organization of pioneering energy scientists. Dr. Kale has been selected to be part of the spearhead of the Neutrino Energy Group’s Car Pi project.

With over 20 patents to his name, Dr. Bharat Bhanudas Kale has more than 250 international journal publications, and nearly 30 years of experience in sustainable energy and nano-material technologies, Dr. Kale is one of India’s most prominent research scientists in some of the world’s most significant scientific fields. He is a founding member of the Centre for Materials for Electronics Technology [CMET] in Pune, and in 2020, he was recognized as a Fellow of the Royal Society of Chemistry in London.

Dr. Kale’s extensive experience in the field of sustainable energy technologies already made him a great fit for the Neutrino Energy Group, but it was his additional expertise in novel nano-materials that truly sealed the deal. For quite some time, the Neutrino Energy Group has been attempting to develop a brand-new method of consumer conveyance that uses neutrino energy instead of coal-generated electricity or fossil fuels, and Dr. Kale’s research into meta-materials made him the perfect scientist to bring this project to fruition.

The Car Pi: Invisible radiation converted by metamaterials will power the electrical vehicles of tomorrow

Known as the Car Pi, the Neutrino Energy Group’s proposed electric vehicle will be powered with nothing more than the endless stream of elementary particles, electromagnetic waves, temperature differences, electro smog, neutrinos and other natural and artificial invisible radiation that pass through us and everything we see during every moment of every day. This revolutionary innovation in the automotive industry will forever change the way that people around the world use cars. The Neutrino Energy Group Board of Directors has determined that Dr. Bharat Kale will be one of the leaders of the Car Pi project.

Having received the blessing of the Neutrino Energy Group, Dr. Kale intends to construct the entire body of the Car Pi with metamaterials. A metamaterial is a material that is artificially constructed to have properties that are not available in materials found in the now nature, and these artificial materials express their unique attributes based on the arrangement of their molecules rather than the base materials from which they are fabricated.

In the context of vehicle construction, metamaterials have a variety of benefits that could improve efficiency and safety. Since vicinity powered vehicles will need to be extremely energy-efficient to operate effectively, metamaterials are ideal construction materials for the Car Pi project. Once Dr. Kale and his team have successfully completed a prototype of the Car Pi, it will be made available on the global market.

The Neutrino Energy Group Is Making Electric Cars Truly Sustainable

The Car Pi will be unlike anything the world has ever seen before, but that’s part of the course for the Neutrino Energy Group. While the rest of the world was still scratching its head in the wake of the 2015 discovery that neutrinos have mass, the Neutrino Energy Group was already hard at work developing Neutrino Power converters, which will produce usable quantities of electricity with nothing more than the kinetic energy of invisible radiation.

Just as in the case of the newly-discovered trilayer graphene superconducting material, a part of the neutrino energy technology developed by CEO Holger

Thorsten Schubart and his team involves the use of incredibly thin layers of graphene to create a resonance from passing invisible radiation and convert kinetic energy into electricity. To do so, spiked graphene and silicon are adhered to a suitable substrate, and when passing radiation of elementary particles strike this combination of nano-sized silicon and graphene, a harmonic resonance process begins that is then registered by an electrical conversion device.

With the help of Dr. Bharat Kale and his extensive experience in both renewable energy and metamaterials, the Car Pi will instantly take the global automotive industry decades into the future.

JFrog, the Universal DevOps technology leader known for enabling ‘Liquid Software’ via continuous software release flows, announced the lineup for its annual DevOps community and JFrog user conference swampUP.

It will take place online June 23 and 24 for the Americas and June 30 and July 1 for EMEA & APAC. Notably, all conference registration proceeds will be donated to COVID-19 charities.

Shlomi Ben Haim, Co-founder and CEO of JFrog, said

Since JFrog’s inception, we have partnered with the community to bring top tools and methodologies to the market, always with the developer in mind. Community safety also means we can’t all be together in the usual way, but the need to share is still there.

We wanted to partner again with the open-source and DevOps communities and deliver not only the top-shelf content they’re used to from swampUP, but also to give back to our global communities as we collectively accelerate the cure for this virus.

All-virtual this year, swampUP will ‘fast-forward’ the current DevOps landscape with visionary keynote addresses and thought?provoking sessions from industry experts covering the latest trends and best practices around software distribution, containers, automation, security, and package management.

Kavita Viswanath, General Manager, JFrog India, said

swampUP 2020 is going to be super exciting especially for APAC and India since this is the first time that we are having an exclusive 2-day conference just for our APAC and India customers. We see tremendous growth and potential in this market and continue to focus and invest here.

JFrog is bringing together an impressive list of industry thought leaders and DevOps luminaries to offer a unique combination of insight, entertainment and inspiration, including

Selected list of speakers for the swampUP Conference

• Kohsuke Kawaguchi, co-CEO, Launchable, Inc., and creator of Jenkins

• John Willis, vice president of DevOps and digital practices, RedHat

• Wayne Chatelain, senior manager of software engineering, Capital One

• Jessica Deen, Azure Avenger

The annual conference is divided into two parts, with the first day focused on delivering hands-on DevOps training alongside other practitioners and peers. Specialized courses led by DevOps experts are designed to empower attendees to fast-forward their DevOps or DevSecOps knowledge and abilities.

The second, full conference day will begin with an industry keynote address followed by breakout sessions following four separate streams: Cloud Native, DevSecOps, Enterprise DevOps and Digital Transformation. Over 30 sessions will be delivered from thought leaders from global companies including Google, Microsoft, Adobe and more.

Registration for swampUP is open and spots for both training and the conference are filling quickly. Secure your spot today to ensure you don’t miss this exciting virtual event.

In the span of a few months, the coronavirus has reached every country, every community, and every neighbourhood. No nation is spared. Economy grinds to a halt. Millions have fallen sick.  In the meantime, if you take a look at the 15 biggest cyber attacks in the 21st century, you would notice a few things.

Image Source

First, no country is untouched. Second, it’s extremely disruptive to business operations. Third, millions have fallen victim to these attacks. We have been dealing with a different kind of outbreak for many years, that is, the pandemic of cyber attacks.

The world responds

By now, most countries have imposed a mixed bag of measures to deal with the outbreak. If you look closely, the overarching strategy for dealing with COVID-19 has revolved around four quadrants: prevention, detection, response, and prediction.

In cybersecurity, we often talk about the importance of a holistic strategy that consists of the same quadrants. At its core, a good cybersecurity strategy should take multi-pronged approach and a long-term view.

Prevention

The first pillar of the defense is prevention. In the time of COVID-19, prevention means protecting people from being infected in the first place, such as washing your hands, socially distancing yourself from others, disinfecting your phone and wallet when you get home, and more.

In cybersecurity, prevention means the exact same thing – protecting your IT assets from being infected in the first place. Because most major data breaches can be traced back to a single point of failure that could have been prevented.

Today, many new cybersecurity vendors talk of a shining silver bullet that miraculously waves away all your cybersecurity headaches – such as Machine Learning or EDR. But in reality, the concept of a single silver bullet doesn’t hold up.

You need the basic technologies – such as antivirus, application control, web and file reputation, etc. – to do the heavy lifting. These technologies can filter majority of the alerts, categorizing them as either good or bad.

Detection – knowing what you’re looking for

Contact tracing is crucial during outbreaks. The longer you take to identify a patient, the more people will be infected.

In cybersecurity, detection is about the same thing – how fast you can detect a breach in your system determines the scope of damage. We believe in this strategy called connected threat defense. By deploying security solutions at all the touch points in an IT system, from the endpoints to the network to the server, you can start to connect the dots and gain visibility into every nook and cranny. If you know what’s lurking in your IT environment, you can significantly increase your chance of getting rid of it.

Endpoint detection and response [EDR] is another tool designed for the same purpose. EDR technology works like a black box in a plane. It records everything that takes place on the endpoints and threat hunters can rewind to see from which point a threat entered the system, and how it spread across the network. Based on the information, a blueprint of the malware’s infection path can be drawn.

Response – prioritizing the important ones

During the outbreak, there are many false positives and false negatives. Some people may test negative now but develop the symptoms next week. Suspected cases may turn out to be totally innocuous. Because the medical supplies are limited, the healthcare workers need to prioritize. To prioritize, you need context-rich information about the patient.

It’s the same in cybersecurity. A Security Operations Centre [SOC] receives thousands of alerts on a daily basis. Hence, prioritization becomes the key and this is where XDR comes into picture. XDR is the natural progression from EDR. The X stands for anything you can apply detection technology to, such as emails, servers, or the network. XDR is a big collector of security alerts, absorbing data from various touchpoints.

Essentially what XDR does is to break the silos between all these solutions gathering data on their own. A prominent feature of the XDR tool is a central data lake where all data will flow to eventually and be analysed as a collective.

All this data churning can minimize alert fatigue, as it produces high-priority alerts with rich context around it. SOC analysts can now focus on alerts that need immediate action instead of combing through every single one of them and manually looking for connection.

Prediction – taking two steps ahead

Wall Street Journal reported that epidemiologists were teaming up with data scientists to forecast the spread of the coronavirus outbreak in the near future. By taking into consideration a vast array of different types of data, the model is expected to predict the number of new cases to arise in an exposed population, or peak infection rates.

Likewise, in cybersecurity, the more accurate our predictions are, the more effectively we can deal with an upcoming data breach. We achieve this by collecting and correlating a vast array of different types of detection and activity data from our native sensors, deployed at different layers within the organisation, like the endpoint, network, email, and the cloud environment.

Combined with big data analytics, threat models, advisory-based behaviour analytics and detection rules from our security experts, we can help to uncover if an emerging or unknown threat or a threat actor is attempting to infect your organization. On top of that, continuous risk assessment of an organisation’s cybersecurity posture also serves to predict impending issues.

COVID-19 will go away, just like any of the pandemics in the past. But cyber attacks will stay as long as there’s a computer connected to the internet. The most effective way to deal with cyber attacks is not to dream of a cure-all panacea, but to take small but coordinated measures that culminate in an all-rounded defense strategy.

About the Author

Dhanya Thakkar is the Vice President & Managing Director, AMEA, Trend Micro. You can more about him here.