BLOGSPOT atas

Wednesday, January 31, 2018

How to Make $100,000 a Year as a Financial Advisor

How to Make $100,000 a Year as a Financial Advisor

Entrepreneur Network partner Jeff Rose was a finance major in college, and he knew that he wanted to work in that industry. He took a part-time job with a financial company called A.G. Edwards his last semester of college, which turned into a full-time job after graduation.

His starting salary for that job was just $18,500 before commissions.

In this video, Rose explains how he grew as a professional, including the industry lessons he learned and the work ethic he mastered that allowed him to go from that $18,500 number to eventually earning over $100,000 as a financial advisor.

Click play to learn more ...

https://www.entrepreneur.com/video/308236

===

by Idham Azhari



Virus-free. www.avg.com

Tuesday, January 30, 2018

Make 2018 the Year for Securing the Internet of Medical Things

Make 2018 the Year for Securing the Internet of Medical Things

News of medical device security flaws are increasingly in the news. Consider the announcement from the U.S. Food & Drug Administration last year about a flaw in one model of a St. Jude Medical implantable pacemaker. This was subsequently covered in more than 14,000 published reports to date. Thirty-four different individuals sent me a message soon after the news broke, asking if I had heard about the approximately 750,000 pacemakers of this specific model that had significant security vulnerabilities. Many reports about other types of wirelessly connected medical device flaws occurred prior to that, and more have been reported in the few months since.

Medical devices are integral parts of hospital networks
According to various estimates from research organizations – and healthcare CISOs I chatted with at the Detroit SecureWorld event last fall, where I delivered a keynote about medical devices – anywhere from 30-70% of medical devices within hospitals and clinics are smart"... digitally connected to smartphones, the internet, clinic networks, directly to other devices, etc. These large numbers of medical devices attached to healthcare networks increase the possibilities for a wide range of security and privacy incidents to occur through exploiting their vulnerabilities – especially from and through the medical devices that have no legitimate security controls engineered within them.

Security and privacy incidents can occur due to various factors, such as:

  • Malicious outsider intent - hackers who use such things as ransomware, DDoS bots and other malware to shut down and disrupt network availability, exfiltrate and/or modify data, delete data, etc.
  • Malicious insider intent - inappropriately accessing patient data, using patient data for identity fraud and other crimes, selling patient data to criminals, etc.
  • Mistakes - input errors, programming errors, accidentally opening access to unauthorized individuals, etc.
  • Unintended consequences resulting from lack of planning - attaching smart medical devices to the network that the anti-malware software views as malicious, and subsequently shuts off, creating a denial of service as a result of data volume going beyond bandwidth capabilities, etc.
  • Lack of personnel information security and privacy awareness, which can lead to all the previous examples, in addition to knowingly taking actions that result in privacy breaches, data modification, patient harm, etc.

Security complexity requires multiple layers of controls
Some changes to medical devices can be done remotely. Some need to be done in proximity using near field communication (NFC) protocols. However, I've communicated with too many in the medical device industry who have expressed belief, or claimed, that using NFC is a 100% solution for security. When I asked upon three different occasions in 2017 about the security of their newly announced medical devices, representatives (IT security VPs/management) from each of three different large medical device manufacturers told me, "We use NFC, so security is not an issue." When I explained that if medical devices attach via NFC to computers that are part of a network, then basically any other node on that network may be able to get to the medical device through that network connection, such as through control settings necessary for network functions, or through the use of discovery tools such as Shodan, each of the medical device representatives stopped communicating with me. Avoiding a security risk discussion does not solve the associated security risk.

Lack of planning and integrating with networks and systems can shut down medical devices, sometimes during operations. There have already been medical devices used for performing operations, such as heart procedures, that shut down as a result of an anti-virus scan. Or, the time a nurse tried charging her cellphone using the USB port in an anesthesia machine; it shut down the machine. I could provide a hundred additional examples. If medical device manufacturers do not improve the security engineering of their medical devices, security incidents will increase, along with privacy breaches and patient harm.

Medical device security concerns are justified
Healthcare providers (doctors, nurses and surgeons) are concerned. Rightly so. Flawed devices negatively impact their ability to assure patients they are providing them with safe devices that will help, and not potentially harm, them.

Healthcare information security practitioners (CISOs, CIOs, VPs, managers, etc.) are concerned. And for good reason. Security flaws within medical devices create vulnerabilities to data and functioning not only within the devices themselves, but also to the networks to which they are attached, and other devices on the networks.

Healthcare IT auditors are concerned. And they should be. Insufficient medical device security controls are compliance violations for growing numbers of regulations, laws and contractual requirements, in addition to facilities' own posted privacy and security notices, which contain promises to which they are legally bound.

Healthcare regulators are increasingly concerned. Justifiably so. They are accountable for ensuring information security and privacy regulations are followed. When regulators see more reports of medical device security flaws and vulnerabilities, they are going to become more proactive to pressure medical device-makers to improve security controls, and to pressure device users to ensure devices are implemented with appropriate security.

Patients are concerned. Of course. Their lives could be at stake.

Dedicate 2018 to improving medical device security
As Data Privacy Day approaches this Sunday, here's a recommendation for those in the medical device space (manufacturers, engineers, and vendors). Make it a goal in 2018 to successfully establish effective and practical information security controls within your devices. Stop telling hospitals and clinics that it is not practical for you to do this. It is actually more practical, and will significantly improve security protections for those using medical devices, to build the security controls into the devices from the start. This idea is supported by not only those in the information security profession, but also by the FDA and other regulators.

This will not let healthcare data security practitioners off the hook. Even if medical device creators improve the security of their devices, healthcare IT and security practitioners will still need to remain diligent to ensure the security of those devices in how they are connected to their networks, the control settings to access them, and the management of the data that comes from them. But improved device security will support these efforts.

Establish your baseline for current levels of medical device security now. Then, in December of this year, determine if and where there have been improvements, or if data security, privacy and patient protections have actually degraded. It all depends upon where medical device companies decide to place their priorities...

https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=937

===

by Idham Azhari


Virus-free. www.avg.com

Monday, January 29, 2018

Are You Making These 4 Job Search Mistakes?

Are You Making These 4 Job Search Mistakes?


Whether you're brand-new to the workforce or a seasoned veteran looking for a change, now's a pretty good time to be a job seeker. With unemployment at a relative low, there's a host of opportunity to land a job that not only brings you satisfaction, but serves the very important purpose of supplying you with a steady paycheck.

That said, your job search might end up rather fruitless if you fall victim to certain common errors. Here are a few you'll want to avoid.

1. Limiting yourself to large companies only

There's a reason many job searchers seek out roles in bigger companies. For one thing, companies with more employees and resources tend to offer better benefits than smaller firms, and their salaries tend to follow suit...

https://www.fool.com/careers/2018/01/28/are-you-making-these-4-job-search-mistakes.aspx

===

by Idham Azhari


Virus-free. www.avg.com

Friday, January 26, 2018

Enterprise AR is Going to ‘Get Real,’ and More Predictions for 2018

Enterprise AR is Going to 'Get Real,' and More Predictions for 2018


Google, Amazon, Facebook, Apple, Samsung and Microsoft all want a piece of the VR/AR pie – not to mention Magic Leap, whose first consumer product is "coming soon." VR/AR is about extension, engagement and monetization. Not since the 1980s have all the big tech players been battling for consumer attention and dollars. So, what is on deck in 2018, and why should we care?

These are the trends highlighted by ARtillry Intelligence for 2018:

Enterprise pulls ahead
Enterprise AR is going to get real in 2018, with companies capitalizing on ROI in both efficiencies and error reduction. Think processes, and how interdisciplinary teams can work better together.

Mobile AR rebounds
Mobile AR is set for big wins in 2018! With everybody owning better and higher-resolution phones, the adoption of mobile AR is a natural evolution. AR app revenue is due to increase because companies will start creating AR apps to sell their products and further extend and engage their customers.

Mobile AR standards develop
With both Google and Apple introducing AR offerings into their lineups, coupled with increased demand from retailers, native AR and AR-first mobile app experiences will rule 2018. As a result, AR standards are set to be solidified this year. User experience will be top-of-mind for product managers.

Consumer VR gets a jolt
With Oculus Go set to release in mid-2018 and reportedly to be sold at $199, consumers will happily buy in to provide a jump in the VR market.

Unifying technologies emerge
As platforms and fragmentation continue to evolve, consumers and enterprises alike will look to tech that provides seamless execution. Enter WebVR/AR. In addition, expect to see more tools for developers and options for enterprises.

Ultimately, it will be a race to 100 million VR/AR units sold. According to ARtillry Intelligence, "That's the size of the installed base that will be a key milestone and turning point for VR. It's the number that attracts content creators and supporting functions, as well as a network effect."

What is the unit price that drives the market? $200-$400. How many years until VR/AR reaches the magic 100-million mark? Three years.

We already know that games with in-app purchase business models are proven revenue generators. So, companies in 2018 will try to tap into ROI success experiences and experiment with location-based promotions and sponsorships. Overall, with investment dollars continuing to flow, the market is not slowing down.

The year 2018 will bring more strategic investment, business development and spend in VR/AR. Some unicorns should expect to see their rainbows narrowed – but more established businesses will begin to taste the ROI of user-based VR/AR experiences.

https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=935

===

by Idham Azhari





Virus-free. www.avg.com

Thursday, January 25, 2018

Six things to cut from your resume (and two you should add)

Less is more when it comes to your resume. If it doesn't fit on a single page, it's a sign from the universe that you need to hit "delete"–not fiddle with the margins and font size.

Here's a quick rundown (and here's a more thorough one) of a few things that can definitely go:

  1. That foreign language you got a C in in college
  2. Basic software relative to your role (i.e. Microsoft Office for everyone; Photoshop for designers)
  3. Tech skills that aren't in demand, like outdated coding languages
  4. Soft skills that should be givens, like multitasking
  5. Meaningless buzzwords like "team player"
  6. Joke skills for "personality," like "guacamole aficionado"

Now for a few things you might not have considered adding but probably should:

  1. Soft skills that aren't basic and obvious, like "conflict mediation" and "collaboration design"–rather than, say "listening" (here's more info on finding resume-worthy soft skills)
  2. In some cases, a super-short "objective" statement (here's how and when to write one that doesn't sound pretentious or passé) ...

===


Virus-free. www.avg.com

Wednesday, January 24, 2018

Cryptocurrency and Its Future

Cryptocurrency and Its Future

These days, everyone is trying to understand cryptocurrency. Cryptocurrency is digital money that is designed to be secure and anonymous. Most of us would be able to recognize Bitcoin as one type of cryptocurrency. Last year, the value of Bitcoin and many other cryptocurrencies appreciated significantly, though some governments and skeptics have described some cryptocurrency offerings as a Ponzi scheme. Bitcoin was established in 2009 as the first cryptocurrency. Currently, more than 1,000 cryptocurrencies are on the market. All are based on blockchain technology. Blockchain uses distributed computers to store a record of transactions and verify new transactions, without the participation of any organization for validation.

Cryptocurrency has become a hot topic. In 2017, many investors backed cryptocurrency rather than investing in penny stocks, mutual funds or other financial instruments. We have seen many new cryptocurrencies launched in the market. Bitcoin touched U.S. $20,000 in December. Ethereum, Ripple, Dash and Litecoin are other top cryptocurrencies that moved up fast in 2017, although all have declined in value in January to date.

The technology behind cryptocurrency
Let us further examine the technology of blockchain. Is it reliable? Is it difficult to hack? Blockchain is created on distributed ledger technology, which securely records transactions across a peer-to-peer network. The blockchain technology was created by Satoshi Nakamoto for trading Bitcoin. We can now see its potential reach far beyond cryptocurrency.

A distributed ledger is a record of transactions that is shared and synchronized across many computers without centralized control. Each party owns an identical copy of the record, which is automatically updated as soon as any additions are made. In blockchain, every participant can see the data and verify or reject it using consensus algorithms. Approved data is entered in the ledger as a collection of "blocks" and stored in a sequential "chain" that cannot be altered. Bitcoin and Ethereum are based on public blockchain. Anyone can read public blockchains, send transactions to them and participate in the consensus process.

The future of cryptocurrency
In my view, public blockchains in their present form might not survive. Their future form could be controlled consensus in a private, distributed ledger network. There could be many rules in a private network, one of them being that no transaction is valid unless a minimum of four participants approve it, or a central bank like Reserve Bank of India signs for each transaction. Each participant in a private network can have a legal agreement of commitments to the other participants. This trend may force banks and governments to adopt country-specific cryptocurrency.

One enterprise software firm, R3, has come up with a distributed ledger made up of many nodes which would allow for a single, global database. This single ledger would record transactions between organizations and people. This platform might fulfill financial institutions' dream of secure and consistent transactions.

In 2018, the cryptocurrency market will continue to grow as more capital is invested. Cryptocurrency-based funds may be launched. For scalability and performance, more platforms will be born. New regulations may surface to manage cryptocurrencies as they become part of our financial system...

https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=934

===

by Idham Azhari


Virus-free. www.avg.com

Tuesday, January 23, 2018

6 Things We've Learned About the New Cashierless Amazon Go Store

6 Things We've Learned About the New Cashierless Amazon Go Store

After five years of development and 14 months of testing by Amazon employees, Amazon Go, a convenience store without cashiers that automatically charges customers for items, opened its doors to the public this morning.

Located on the ground floor of Amazon's downtown Seattle headquarters, the 1,800-square-foot brick-and-mortar store joins a series of the company's forays into brick-and-mortar retail, from the opening of a chain of bookstores to the acquisition of Whole Foods Market...

https://www.entrepreneur.com/slideshow/307847#

===

by Idham Azhari


Virus-free. www.avg.com

Monday, January 22, 2018

Encouraging Women in Tech is About a Better Future for All of Us

Encouraging Women in Tech is About a Better Future for All of Us

Why is ISACA's SheLeadsTech program needed?

Why does the 2030 Agenda for Sustainable Development consider the technology gender gap to be an important topic to address, and who must be involved in the solutions?

Where are we now?
Thematic focus and indicators are useful to understand the current situation. Factors such as access to education and training, Internet usage and salary comparisons provide some helpful context.

In the Organization for Economic Co-operation and Development (OECD) area, only 3% of graduatesin ICTs are women. This percentage could be balanced by job training and, in fact, OECD calculations show that 55% of women are engaged in on-the-job training.

The worldwide proportion of seats held by women in national parliaments grew from 13.3% in 2000 to 23.4% in 2017, according to UN data. On the other hand, in the business sector, less than one-third of senior- and middle-management positions were held by women in 2015.

According to The International Telecommunication Union (ITU), 53% of the world's population was not using the Internet at the close of 2016. Women were more affected than men: global Internet penetration for men was 51% compared to 45% for women. Regional gender gaps were significant, ranging from 23% in Africa to 2% in the Americas.

In 2016, 84% of individuals in OECD countries were using the Internet, but this usage varied across OECD countries and among social groups. In 2016, Internet usage among women in OECD countries was significant (83%), but differences remained between young (96%) and elderly women (61%). In all OECD countries except the United States, the proportion of Internet users with tertiary education was above 90% in 2016, but there were wide differences among less educated people.

We all know women often earn significantly less than men, even after individual and required skills for the job are taken into consideration.  But this is different for ICT skills. According to OECD calculations, returns on ICT tasks are higher for women than for men (and this was a surprise to me). We can see positive trends if we analyze the percentage change in hourly wages for 10% increase in ICT task intensity. In fact, the difference between country percentage for female and male workers is positive or equal in a great proportion of analyzed countries.

Where do we want to be?
In 2015, the UN General Assembly adopted the 2030 Agenda for Sustainable Development as the agreed framework for international development. The agenda has a stand-alone goal on gender equality and the empowerment of women and girls (goal 5). There are gender equality targets in other goals, too. The 17 goals and 169 targets went into effect in 2016 and will guide the decisions taken over the next 15 years.

One of the paragraphs expresses where we want to be, or where we must be: "Realizing gender equality and the empowerment of women and girls will make a crucial contribution to progress across all the Goals and targets. The achievement of full human potential and of sustainable development is not possible if one half of humanity continues to be denied its full human rights and opportunities. Women and girls must enjoy equal access to quality education, economic resources and political participation as well as equal opportunities with men and boys for employment, leadership and decision-making at all levels . . . The systematic mainstreaming of a gender perspective in the implementation of the Agenda is crucial."

How do we get there?
Education, participation and the use of technology are enablers for change.

The first step will be achieved if women's full and effective participation and equal opportunities for leadership at all levels in all area of life are ensured and reforms are undertaken to give women equal rights to economic aspects.

Education is a must to achieve participation. Education is a human right. If this right is not protected, discrimination against women and girls will not end.

ISACA's SheLeadsTech program is committed to prepare current and upcoming female leaders for the digital future through thought training and skills development programs.

Governments and members of society in general must approve and defend legislation for the promotion of gender equality and the empowerment of all women and girls.

The business community can strengthen recruitment, salary and promotion policies to ensure women are not treated differently just because they are women. The business community also can support programs such as ISACA's SheLeadsTech to further the mission and help build global alliances.

Finally, as women and men, we can:

  • Respect women in all situations and places, including social, business and familiar environments;
  • Educate our daughters and sons in the same respectful environment; and
  • Encourage female family members' participation in ICT fields and in programs like ISACA's SheLeadsTech, taking into consideration more than getting a better salary or managerial position. The real reason is more than this. It is all about a better future for all.

===


Virus-free. www.avg.com

Thursday, January 18, 2018

PowerShell: A Powerful Tool for Auditors


Some auditors may not know it, but a useful audit tool has been sitting right at your fingertips all along. The tool is PowerShell, a command-line utility you can use to answer many useful audit questions during your engagements. The benefits to the auditor are at least twofold: it allows you to save time by directly gathering authoritative information from the environment, and it helps you develop a useful industry skill with universal appeal.

First, you must be provided access to the tool on your desktop. Second, you must point PowerShell to directly query Active Directory for the information you want. This is accomplished using the set-location AD: command after launching PowerShell. Once issued, your cursor should change to reflect that you are executing queries against an Active Directory domain controller, so it looks like this: PS AD :\>.  All the below commands can be paired with Out-GridView or Out-File to provide report-based output.

Get-ADPrincipalGroupMembership: This command generates a complete list of security groups where a particular user account is a member. From an audit perspective, you can identify potential segregation of duty conflicts or assess the appropriateness of access based on defined job responsibilities.

Get-ADGroupMember: This is the inverse of the previous command, and provides a list of user accounts that exist in a particular security access group. This command also can be useful to test access authorizations for appropriateness.

Get-ADUser <username> -property*:  A slightly more complex example, the following command would provide a more detailed output for a single, specific user account. From an audit perspective, this helps determine when an account was created, if the account is enabled, when the account last logged onto the network, and if and when bad password attempts occurred. This command can be combined with other PowerShell commands using the vertical pipe symbol (|) above the enter key to generate more complex data sets. Similar commands exist for Organizational Units, Service Accounts and Groups – just swap User in the above command with these terms.

Get-Hotfix: This simple and effective command provides a list of Microsoft patches applied to a specific machine or set of specified machines, which is helpful when auditing compliance with patch cycles and the overall patch management process. The command provides the specific type of installed items (whether it's an actual hotfix, update or security update), the time the item was installed and the user account that installed the patch.

Get-ADObject: Using the -Filter and -Property switches with this command allows an auditor to understand when certain object classes, such as security groups, initially came into existence, among other useful information. This information can be compared to monitored groups to detect changes and determine the effectiveness of logging controls.

Honorable mentions: Get-Forest, Get-Domain, Get-GPResultantSetOfPolicy and Get-GPO all allow successful profiling of the current AD environment. As a result, an auditor can understand functional levels of the forest and domain, which servers are acting in flexible single master operation (FSMO) roles, which servers serve as catalog servers and much more. These commands are a useful basis for planning any Active Directory audit...

https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=931

===

by Idham Azhari




Virus-free. www.avg.com

Wednesday, January 17, 2018

Interview Questions You Think You Shouldn't Ask -- And Why You Should

Interview Questions You Think You Shouldn't Ask -- And Why You Should

Interviewers today are increasingly afraid of asking anything that even feels personal. Trying not to offend or to appear biased in any way, they stick to the script: the candidate's résumé and the requirements of the job. It can make for a very perfunctory and boring conversation.

To be a good interviewer, you must deviate from the script and ask some personal questions. It takes self-awareness and sensitivity, but unless you attempt to find out who people really are, you'll never really make a connection...

https://www.forbes.com/sites/garyburnison/2018/01/16/interview-questions-you-think-you-shouldnt-ask-and-why-you-should/#64cceb01473b

===

by Idham Azhari


Virus-free. www.avg.com

Tuesday, January 16, 2018

15 Surprising Facts About Wikipedia

15 Surprising Facts About Wikipedia

While bosses and teachers might dub it as an unreliable website, Wikipedia's popularity is undeniable. Today, Wikipedia has 299 different language versions, more than 32.5 million active editors and an average 600 new articles a day just on the English Wikipedia site. It's safe to say, since its launch in January 2001 by tech entrepreneurs Jimmy Wales and Larry Sanger, Wikipedia has shaken up the internet.

Quickly rising to prominence, Wikipedia was one of the first user-generated online encyclopedias where people from the general public could become editors and contribute content.

From Wikipedia theme songs to celebrations, here are 15 facts about Wikipedia that you probably didn't know..

https://www.entrepreneur.com/slideshow/307170

===

by Muhammad Idham Azhari


Virus-free. www.avg.com

Monday, January 15, 2018

In the Age of Cybersecurity, Are Data Centers Ignoring Physical Security?

In the Age of Cybersecurity, Are Data Centers Ignoring Physical Security?

Maintaining a data center is a huge responsibility. While you certainly have systems in place for dealing with cyberthreats, are you giving enough attention to physical security? This is still a very important aspect of the security equation.

Five Tips for Keeping Data Centers Secure
The objective of physical data center security is pretty straightforward: keep out unauthorized people while closely monitoring those who do have access. That being said, the actual process of securing a data center isn't nearly as simple. You have to be meticulous and comprehensive in your approach. The following tips should prove helpful:

1. Be strategic about the location. The location of your data center is paramount. You want to make sure it's hidden away and outside of floodplains and situated in an area that can be easily secured. Ideally, the plat of land should be away from main roads and highly trafficked areas, but you also don't want it in such a discreet location that unwanted behavior goes undetected.

2. Redundant utilities. Every little detail of your data centers matters – including access to utilities. Inadequate access could compromise the entire operation. "Data centers need two sources for utilities, such as electricity, water, voice and data," Sarah Scalet writes for CSO. "Trace electricity sources back to two separate substations and water back to two different main lines. Lines should be underground and should come into different areas of the building, with water separate from other utilities."

3. Install security cameras. It's important that you install security cameras for a number of reasons. Security cameras can serve as effective deterrents. When criminals (or even employees) see a camera, they're suddenly less interested in doing whatever it was they were planning on doing. Cameras have a way of preventing crime before it ever starts. In addition, security cameras allow you to go back and see who or what caused a specific outcome. This can be invaluable when a security issue does occur. Fortunately, today's security cameras are more practical and cost-effective than ever. Cameras with high weatherproof ratings can withstand substantial amounts of rain, snow and dust, while still providing clear and responsive audio, video and power. And because today's cameras are typically available at modest price points, you can afford to install as many as you need to get total coverage both inside and outside the data center.

4. Maintain a low-key appearance. Data centers are best unnoticed. In an ideal world, even your closest neighbors wouldn't know that a data center is on the property. This means you need to nix the signage and keep the building as unassuming as possible. If you're really serious about security, consider putting up decoy signage for a faux business.

5. Layer security. A data center should have multiple layers of security so it's impossible for someone to gain access by bypassing just one mechanism. For example, it's a good idea to have a combination of exterior gates, biometric checkpoints, access codes and secured cages around specific hardware. While this may initially feel excessive, you'll never regret a multi-layered approach.

Make an investment in security
It makes no sense to build out a data center and then skimp on security – whether of the physical or cyber variety. A data center comes with massive amounts of responsibility, and organizations must do what it takes to protect their investment. By no means are these tips a comprehensive security strategy, but they do provide a nice starting point. Are you prepared? Now's the time to take action.

https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=930

===

by Idham Azhari


Virus-free. www.avg.com

Friday, January 12, 2018

CES 2018 Photo Gallery: Our Favorite Things We've Seen (So Far)

CES 2018 Photo Gallery: Our Favorite Things We've Seen (So Far)

Pick a topic, from health to cars to robotics, and CES has it covered. The annual Consumer Electronics Show in Las Vegas features more than 4,000 exhibitors, as well as a packed schedule of talks, press conferences and parties. And of course, nonstop product demos. 

The show, which began for media on Jan. 8 and other industry professionals on Jan. 9, takes over the city at an otherwise relatively sleepy time of year. Hotels and convention centers along the Las Vegas Strip become filled with every type of gadget imaginable as startups and legacy companies alike vie for a minute of time to anyone willing to look and listen...

https://www.entrepreneur.com/slideshow/307182

===

by Idham Azhari


Virus-free. www.avg.com

Thursday, January 11, 2018

Check Out the Coolest Cars and Concept Vehicles at CES 2018


Check Out the Coolest Cars and Concept Vehicles at CES 2018

If you want to see what's hot at CES, look no further than the North Hall of the Las Vegas Convention Center. Its floor plan this year is, without exaggeration, 90 percent cars.

Indeed, CES is becoming more and more of a cornerstone for players of all sizes in the auto industry. If you sort the CES exhibitor directory by the "automotive/vehicle technology" category, it serves up 555 results...

https://www.entrepreneur.com/slideshow/307253

===

by Idham Azhari


Virus-free. www.avg.com

Wednesday, January 10, 2018

Chart Goals to Create a Road Map to Your Success

Chart Goals to Create a Road Map to Your Success


Many people suffer from being rational dreamers. They want to achieve a big dream but hold themselves back by being risk averse. They don't want to disrupt the status quo and play things safe. 

To coax themselves out of their comfort zones, people learn to set goals. I consider the process of goal setting to be like arranging checkpoints along the way to a desired end. Setting and meeting small goals can serve as a thermometer check on progress, measuring advancement and indicating an overall plan's viability...

https://www.entrepreneur.com/article/238174

===

by Idham Azhari


Virus-free. www.avg.com

Simple, Structured Approach Needed to Leverage Threat Patterns

Simple, Structured Approach Needed to Leverage Threat Patterns

IT risks come from various sources that are not always easy to identify in advance, making prevention and mitigation really challenging. With the explosive growth in cloud, social, mobile and bring your own device (BYOD) computing, the attack surface is greater than ever, and new attack scenarios become possible due to the complexity of the network topology and the variety of enterprise applications and technologies that have to coexist.

Deploying threat patterns, defined as a set of characteristics featuring a suspicious behavior that can be revealed in security monitoring solutions (whether detective such as a SIEM platform or preventive such as a web gateway platform), is a great starting point for security operations teams to identify suspicious activities or potential attacks against networks, systems or applications.

However, threat patterns are complex to maintain, subject to false positives and negatives, and result in extra effort for the limited security operation center (SOC) resources, which traditionally are mostly deployed tuning their platforms and trying to identify what really matters among a huge number of alerts and indicators.

We believe that adopting a simple, structured and well-defined process borrowed from the Software Development Life Cycle (SDLC) is the key to develop and maintain those threat patterns in an effective manner. A well-designed threat pattern can lead to an increase in the threat detection rate and optimize the effort of the SOC, which can focus only on those risk scenarios that really matter to the organization.

This approach, described and detailed in a new ISACA white paper, Threat Pattern Life Cycle Development, guides the threat analyst throughout five phases:

  • Analysis, in which input data is mapped against significant use and misuse cases
  • Design, in which the logical flow and thresholds are defined
  • Development, in which the threat pattern is first deployed in the selected security platform
  • Testing, to ensure that the functional requirements have been met
  • Evolution, to ensure that the logic of the threat pattern continues to be aligned with business and risk objectives throughout its life cycle

We believe this new ISACA guidance will prove useful in putting threat patterns to better use...

https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=928

===

by Idham Azhari


Virus-free. www.avg.com

Tuesday, January 9, 2018

6 useful skills every employer will be looking for on résumés in 2018

6 useful skills every employer will be looking for on résumés in 2018

Alongside common New Year's resolutions like fitness and wellness goals, professional development is probably one area of your life you're looking to improve in 2018.

Even if you're not currently looking for a job, it's always a good idea to keep your résuméupdated and make sure you don't fall behind on the always-evolving skill sets needed in your industry. 

You don't need degrees in these highly-demanded skills. Instead, you can go to an e-learning site to find hundreds of courses that will let you learn everything you need to know, on your own time.

Now's a better time than ever to learn that program or technology you've been hearing everyone talk about this year, because online-learning platforms like Udemy and GoSkills are currently slashing prices on courses that normally cost hundreds of dollars...

http://www.businessinsider.com/best-job-skills-for-resume-2018-1/?IR=T/#project-management-1

===

by Idham Azhari


Virus-free. www.avg.com