Рубрика: Cybersecurity

Nowadays, threats and attacks increase quickly together with the innovation of IT networks. Due to the complexity and volume of reported malware attacks, bigger problems have come up. For standard analytic tools, it will be tough to spot and recognize these threats because they evolve as technology develops more.

An insufficiently protected system is highly-susceptible to unknown breaches. Whitelist systems execute various solutions on collected data, protecting them from further malware attacks and real-time threats. However, the so-called “goodware”, at some point, may change and become utilized for malicious purposes. Virtually, it would be impossible for a system to react since the software is already whitelisted. It then becomes very essential to observe software activity at all times, monitoring it and preventing any suspicious type of action.

The Essence of Modern Tools in the Modern Times

Many companies have to shield their systems from all kinds of attacks. However, only one successful attempt from an attacker is needed to have access in everything they’re hiding. Devices that are protected by “traditional” methods are more likely to be victims of unknown attacks. As technology advances, threats are able to find their way quickly to our systems. Modern times require modern tools, and this is where Big Data comes in handy.

Real-Time Threat Detection with Big Data

As sad as it may seem, most companies tend to cling on to what is “tried and tested” when it comes to cybersecurity. This action inhibits them from discovering a wider and even more effective method of protecting their systems, while cybercriminals continue to thrive on the matter. Every security officer needs to realize that protection is an active system and not just a stagnant method in order to put it into effect.

An effective EPP solution should be able to detect changes in data activities at all times. Such activities include user activity, logjams, network events, and the like. But this can only be possible with advanced data analysis, and of course, the probability of collecting a ton of data. Unlike traditional antivirus solutions, modern alternatives such as Big Data utilize advanced algorithms to enhance their tasks.

The effectiveness of such solutions is almost fool-proof, as it can anticipate both internal and external attacks, and produce automatic workflows to guarantee protection.

Anti-virus and Big Data for Advanced Security

To get rid of the older Antivirus methods’ inefficiencies, next-gen security methods must automate malware analysis instead of simply depending on previous samples taken from past occurrences. These solutions are constructed on a multi-layered and dispersed cloud environment. This implies that antivirus engines would no longer be responsive to only one client, and would instead be sited on the cloud, avoiding any manipulation of any system’s best antivirus software.

When these multiple detection engines are able to work despite being connected to different client computers, the speed of analysis for received data would greatly improve. Constant study of data’s behavioral patterns makes it feasible for security officers to analyze patterns just before the attack actually happens.

In order to successfully conduct the data-visualization process, heaps of data are required. This is made available only because the cloud network is connected in real-time. This is when big data analytics comes in. It helps to recognize and block online threats before a breach has a chance to happen and compromise a system.

Big Data in Enhancing Antivirus Performance

Cybersecurity Analysts are more and more convinced that vendors are no longer focused on the thought of threats coming in “one at a time”. They are now starting to gather data and look at broader trends over time.

Big Data, with its wide array of uses not just in improving an institution’s profit, has great benefits for antivirus performance and online security. Knowing exactly what’s happening with your data in real-time, and looking deeper into malware activity can avoid greater problems in the future.

As threats widen, so do the methods of averting them. The different tools used to gather and evaluate security data have improved greatly over the years. There is now a deeper and more in-depth intelligence when it comes to this matter. These days, utilizing Big Data as the ground for defending systems against new threats can mean the difference between a company’s success and downfall. An institution’s stability relies on proper security, and proper security relies greatly on having full control over every facet of your network.

The post How Antiviruses Can Use Big Data to Strengthen Security appeared first on Analytics Insight.

The media and entertainment industry is no stranger to cyberattacks. It started with the Sony Pictures Entertainment breach in 2014 where 40 gigabytes of sensitive company data, including private emails, were stolen and posted online. Let’s also not forget that last year when Netflix refused to pay a ransom, hackers released ten episodes of Season 5’s “Orange Is the New Black” over a month before its premiere. A few short months later, HBO also had a leak where multiple episodes of unreleased shows and scripts were posted online, including the first five episodes of Season 7’s “Game of Thrones”. Hackers claimed to have 1.5 terabytes of stolen digital content in their ransom note.3 And according to a 2016 nScreenMedia report, 28% of media organizations admit having experienced some kind of attack. It’s a nightmare for all involved with significant revenue lost.

According to the 19th Annual Global CEO Survey by PricewaterhouseCoopers, which surveyed the opinions of 1,409 chief executives in 83 countries, 66 percent of media and entertainment CEOs say cybersecurity could threaten growth at the companies they run. However, 89 percent of chief executives find technological advances concerning and the one to “influence stakeholder expectations”, while 59 percent state that they’re considering making significant changes in how they use technology to meet those expectations.

There is now the ability to access, process, and transfer huge amounts of data across multiple platforms at incredible speeds to a much wider audience than ever before. Portable devices and developing distribution channels, such as OTT delivery that allows a video to be played on any device, social media, and subscription video on demand (SVOD) cater to a wide range of tastes in a connected world. Yet, by being so connected there is also an increase in security challenges. Breaches can begin with a phishing attack where emails sent to employees contain malicious attachments or links to websites where malware is unknowingly downloaded to the network. Hackers also look for PCs running older versions of Window that they can easily break into. If security measures aren’t in place, hackers can get into backend databases through a company website and then map a network where they can find passwords that lead to protected areas that contain sensitive data that they can then steal, destroy, or hold hostage for a ransom payment.

Companies within the entire entertainment sector need to become more vigilant about the systems, protocols, and practices they have in place. TechWorld interviewed ethical hacker Ralph Echemendia, who was shocked by the entertainment industry’s lack of security or cybersecurity insurance to cover a cyber breach. The first few weekends of a movie’s box office release are crucial in determining its success. If any part of it gets out prior to its box office release date, it could cost “hundreds of millions of dollars” to the company.5 Hackers know how lucrative the entertainment industry is and its focus on premiere dates. Cybersecurity protection over intellectual property should be a necessity and considered money well spent in preventing such attacks.

So, how can the media and entertainment industry fight against cyberattacks? With the help of cloud technology. All data must be protected while creating content that the viewing audience has come to expect, along with the expectation that that content is also being delivered securely. Cloud-based technology solutions provide remote rights management storage in a connected environment with instant access to current real-time information, such as availabilities and financials, while substantially reducing the spending of capital expenditure and fixed costs. A full-time team of security experts actively manages the security environment and regularly works toward finding and delivering product improvement. There are also multi-DRM (digital rights management) based security solutions available that can protect delivery of video content. Some cloud technology also prevents piracy by locating, authenticating, and eliminating illegal online content streaming.

Digital content needs to be both secure and secured. Production networks, storage locations, corporate IT, and customer data should be access controlled and continuously monitored for intrusion. Stored data and media content in transit across networks, systems, and users should be properly encrypted with encryption keys changed frequently. Proper encryption prevents content from being seen and easily read if intercepted. Emails that contain malicious attachments or websites that contain malware should be blocked while not impeding the creative process. Any sign of a threat should be quickly detected, contained, mitigated, and addressed to prevent any compromise to the company.

Avoid being the next target in the entertainment industry and instead make headlines by being one of the most secure. Fight back.

The post How Cloud Technologies Can Help the Entertainment Industry Fight Cyberattacks appeared first on Analytics Insight.

Every coin has two sides. So does AI. Meaning, though AI is helping industries to grow leaps and bounds, it is also a helping hand for the growth of cybercrimes. According to a report, as AI capacities turned out to be all the more ground-breaking and far-reaching, it is expected that the developing utilization of AI frameworks to prompt the extension of existing dangers, the introduction of new dangers and a change to the typical character of dangers. Further, analysts need to consider potential misuse of AI far prior over the span of their analysis than they do at present, and work to make proper administrative systems to counteract vindictive deployments of AI.

While users are showing signs of improvement at spotting essential attacks like phishing, digital criminal are utilizing new advances like AI and machine learning in order to deceive us, take information, and at last make a huge number of pounds. There is an expansion in individuals attempting to trap people into ill-advised circumstances. Indeed, even atomic power stations and other vigorously secured enterprises are still managed by people, who can be deceived. However, people are getting the hang of maintaining a strategic distance from specific traps. When there is poor punctuation, ill use of capitalisation, messages offering a love intrigue, it is a clear intimation of being suspicious.

Artificial intelligence is probably going to upset the intensity of terrible on-screen characters to undermine regular day to day existence. In the digital space, they say, AI could be utilized to bring down the barrier to entry for doing harmful hacking attacks. The innovation could automate the disclosure of basic programming bugs or quickly select potential unfortunate casualties for financial crime. It could even be utilized to mishandle Facebook-style algorithmic profiling to make social engineering assaults intended to boost the probability that a client will tap on a noxious link or download an infected attachment.

There is also a high risk of the potential threat of virtual assistants. When you have a virtual assistant, you add it to the correspondence, it pursues what you’re attempting to do and encourages whatever’s required. So, in case you’re attempting to look out for a time in your schedule for an espresso with somebody, the virtual assistant gets back to you with choices, presents them to other person, they approve, at that point the virtual assistant sets up the invitation.

Artificial intelligence fueled attacker could do a lot with access to so much of information. Access to the sort of data that an AI-fueled attacker is very much alarming. Think of a bit of malware that has access to those correspondences, regardless of whether by means of email, Slack, Whatsapp, or your date-books. Think of getting an email welcoming you to a dental specialist which accompanies a guide, and that guide has a bit of malware infused into it which transforms it into a malicious payload. Probably, a lot of people will click on it as it is somewhat relevant to your current conversation. Further, even microphones and cameras are a huge risk and can pose a lot of danger with their vulnerability. A lot of cases have been witnessed wherein the video conferencing gadget was compromised. Also, the microphone can record conversations and which can be sent to a destination not known. This has been witnessed during a crucial board meeting or a legal proceeding. Seems like we can trust humans and not technology.

Political interruption is similarly as conceivable, the report contends. Country states may choose to utilize automated surveillance systems to smother contradict which is as of now the case in China, especially for the Uighur individuals in the country’s northwest. Others may make automated, hyper-customized disinformation campaigns, focusing on each individual voter with a particular arrangement of untruths intended to impact their conduct. Or on the other hand, AI could basically run denial of-data attacks, creating such huge numbers of persuading fake news stories that real data turns out to be relatively difficult to observe from the noise.

However, there will be enhancements for the two sides; this is a progressing weapons contest. Artificial intelligence will be to a great degree helpful, and as of now is, to the field of cybersecurity. It’s likewise going to be valuable to criminals. It stays to be seen which side will profit by it more. It is predicted that it will be more valuable to the protective side since where AI sparkles is in enormous data accumulation, which applies more to the defense than offense. AI is the best resistance against AI, yet artificial intelligence-based protection isn’t a panacea, particularly when we look past the digital area. More work ought to be done in understanding the correct parity of transparency in AI, creating enhanced technical measures for formally checking the robustness of frameworks, and guaranteeing that strategy structures created in a less AI-imbued world adjust to the new world that is in making.

The post AI’s Growth Can Increase Cybercrimes and Security Threats appeared first on Analytics Insight.

Healthcare Industry has been one of the significant grantees of modern technologies embracing Artificial Intelligence (AI) and Big Data in the sector. The ever-growing efficiency of these technologies has a lot to offer in the field specializing in concerning health results, reduced costs and improved convenience.

We can clearly witness the optimistic flourishing of healthcare sector at prompt velocity including managing patient health, curing diseases and others. Realizing the need of the hour, the healthcare industry is accepting tech innovations at a rapid pace to meet the rising demands. Since everything has its own pros and cons, similarly cybersecurity has become a haunting concern in critical healthcare sector regarding patient health.

Let’s have a brief look at the rhythm of Cybersecurity, AI and Big Data’s role in it.

Technology Magnifying Healthcare Follow-ups

Malignant players are becoming agile when it comes to targeting medical management, which makes cybersecurity a big issue. As per survey data reports, 90% of hospitals have experienced a cyber-attack in the time span of the last five years. Although, with the growth of AI and Big Data, safeguarding the patient data has become comparatively painless.

Malicious Software Diagnosis

When it comes to malware detection, machine learning applications play a critical role. As most of these applications are architected to indicate risk using historical data and malware pattern, they can briskly detect alarming threats against the healthcare sector.

Retaliation of Security Violation

Artificial intelligence has better efficiency to eliminate the risks after a security breach when compared to conventional models. AI can potentially identify oddities in the nexus. Subsequently, the issue is then forwarded to human insight for further operations. Additionally, traffic signals can be categorized to separate sensitive data on individual security protocol using AI-powered automation.

Uproot the Risk Factor

Smart gadgets are more vulnerable to being hacked but AI is helpful in this area too. Data encryption, particularly for malware detection, can be implemented using AI which can set medical management teams free from depending over makers to ensure if security is upgraded.

Having excitement regarding innovations in quite natural but the anticipation of risk factor coming along with it should be kept in mind. However, these circumstances make it important for healthcare administrators, physicians and patients to be cautious and candid to retain secure progress in the near future.

The post How Cybersecurity Transforms AI and Big Data Analytics in Healthcare appeared first on Analytics Insight.

One of the business highs of 2018 has been the movement of critical workloads to the cloud. As the market is buzz with providers like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform vying for market share, this is only the beginning of an exciting new future. According to a Tuesday report from Palo Alto Networks Unit 42 threat research team, even as technology advances, many businesses still remain unclear on which parties are responsible for which elements of cloud security.

The Shared Responsibility Model of cloud security explains that cloud service providers are responsible to secure and protect the infrastructure which forms the backbone of all the services that are offered in the cloud. Monitoring risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities is the responsibility of the cloud customer.

There have been multiple high-profile security breaches in 2018 which have involved public cloud environments. Here are the key cloud security trends businesses must pay attention in 2019 to keep their workloads and data safe:

1. Account Compromises will Increase

In a recent research release, around 29% of organizations have potential cloud account compromises. Security threats include growing credential compromises, making organisations enforce strong governance and full proof policies. 2019 will see enterprises implement strict monitoring to detect and respond to suspicious user activities.

2. Cloud Attacks on Crypto-currency will Drop

The dropping value of cryptocurrencies around the world along with improved detection capabilities has led to fewer cryptojacking attacks in the cloud. Industry estimates point that only 11% of organizations under study have found cryptojacking activity within their public cloud environments. This leaves enterprises to get ahead and implement necessary protections before the next wave of attacks in the new-year.

3. Ongoing Compliance

Nearly one third (32%) of organizations surveyed are publicly exposed at least one cloud storage service which is the root cause of many high-profile breaches. To address this problem organizations are beginning to implement protections, but there is still a long way to go to reach at comprehensive compliance and governance across public cloud environments.

4. Vulnerability Management will continue

Organizations that have moved their workloads to the public cloud have are at an upper edge over their on-premises peers when it comes to vulnerability management. Hosting their workloads in the cloud enables them to access regular infrastructure updates by service providers.

5. Insider Attacks

As information moves to the cloud, data breaches remain a concern primarily due to the insider misuse or human mistakes. 2019 may be the year of insider attacks as these breaches clearly demonstrate that building even the most robust external defense is insufficient, as employees and contractors possibly pose an even bigger threat to cybersecurity than professional hackers do.

6. Advanced Analytics for Better Cloud Security

Many enterprises have been using multiple security products such as data loss prevention (DLP) tools, security information and event management (SIEMs) antivirus software which generates humongous data. To gain an insider edge, organizations need advanced analytics tools that can process data from multiple sources and flag threats to sensitive data. The growing adoption of technologies such as User and Entity Behaviour Analytics (UEBA) will empower organizations to establish stricter control over their IT infrastructures even before any data breaches occur.

7. Shared Technology Vulnerability

When the technology is on the cloud, enterprise security is often compromised by cloud models like a Software-As-A-Service model. These cloud models make cloud service providers provide service scalability, without altering existing software much. These infrastructural components supporting cloud services are not essentially designed for actual use cases in multi-customer application or multi-tenant architecture environments. This often results in shared-technology-vulnerability that can be well exploited by all cloud-based models.

8. Ransomware Attacks

In the new year and the years to come, cyber criminals will move towards less traditional, more profitable ransomware targets like connected devices, businesses and HNI individuals. Cybersecurity firm McAfee points that organisation must upscale their machine judgment and the speed of orchestrated responses with human strategic intellect to help them understand and anticipate cyber-attack patterns. In 2019, Ransomware technologies will be deployed to tackle cyber sabotage and disruption of organisations, even as business rivals seek to inflict greater damage.

As technology moves to the cloud, business and individuals must keep their eyes and ears open for security breaches and start their preparations to tackle them.

The post Cloud Security Threats that will Trend in 2019 and How to Avoid Them appeared first on Analytics Insight.

New York-based IBM corporation was awarded 9,100 patents in past year, again making it a lead scorer of the list for the most US patents granted in a given year. The company announced its achievement on January 8. Cyber Security innovation was one such factor with more than 1,400 granted patents that towed the company at this success ladder in 2018.

IBM clutched the opportunity among security patents for battling voice phishing (vishing). The company was also permitted patent for optimizing security analysis in cloud software-as-a-service (SaaS) ecosystem that may aid other organisations coordinate malicious activities. Container Security, enabling improvised isolation capabilities were also one of the influences that dragged IBM to the top of the list.

Marc Ph. Stoecklin, principal research scientist and manager of Cognitive Cybersecurity Intelligence at IBM Research quoted “What the 1,400 patents shows is that IBM is doing a big push on cyber-security and it has become a key pillar of our DNA, after all, cyber-security is going to become one of the key pain points of every organization out there.”

He also added that at IBM there has been a heavy thrust on brewing Artificial Intelligence (AI) potentials with cyber-security efforts. A large portion of IBM’s cyber security patents are found in certain ways that Artificial Intelligence can be employed to revamp outcomes including better diagnosis of advanced risks. IBM is amalgamating with AI to develop virtual and effective advisers to support security teams in performing efficiently and responding productively to cyber threats with an adaptive approach.

Let’s have a glance at different patents that guided the steps of successful year for IBM in 2018.

Abstraction of Vishing

In US, vishing patent is precisely labelled as US Patent #10,068,575 and is denominated as “Cognitive Security against Voice Phishing Activity.” As per IBM Patent description explanation – In a Vishing attack, hackers use a voice over IP (VoIP) system to charade their caller identity to trick victims. In an attempt to monitor and analyse the voice conversation between two parties and identify one as guilty of deceiving other, IBM has patented a question and answer apparatus.

Stoecklin further asserted “This patent is about analysing a conversation and trying to find out whether some personal information is trying to be extracted.”

Security Analysis Optimisation

The second facet of prosperity in terms of innovation for IBM was US Patent #10,084,804, also termed as “Optimising Security Analysis in SaaS.” According to Stoecklin, this particular patent is about assisting teams augment information from examined incidents in their Qradar SIEM (Security Information and Event Management) systems. This enriched innovation comprises of capability to coordinate threat data and other collected data to deduce the chances of malicious activity.

Stoecklin said “It is a very interesting patent which touches on a lot of technical aspects, including connecting dots and basically bridging knowledge gaps… This patent was a major breakthrough in helping security teams get faster responses and non-intuitive connections to information for security events they see and immediately known if there is anything else out there that they should be aware of.”

Container Security: Improved Isolation Capabilities

IBM’s patent for container security enabling improvised isolation capabilities was one of the core aspects for accomplishment of the company in 2018. It is formally designated as US Patent #9,886,303 that interprets an innovation for a particular virtualization control.

The patent has a slight approach towards improving isolation and security between a cloud application and its presenter. According to IBM, it also reduces provisioning time and upgrades performance. This innovation could enable companies with easy movement of data and applications securely across on premises and cloud environment as well.

Prospective Blueprint

Stoecklin said that his squad has been operating on innovation research akin to cyber security fraud activities and technologies with voluminous awaited patent indexing. He affirmed “We are rethinking the traditional approach of how security is being done today, with most organizations having a default deny strategy to block whatever you know you don’t want to have on your network… But that is a huge risk on the defender because you have to know what you don’t want.”

Additionally, he said “We’re putting in quite a bit of innovation at the moment into different types of cyber deceptive systems which help us to move risk from the defenders to the attackers… It’s a number of patents we’re working on, we have already filed them, and they’re using AI to start orchestrating some of these deceptive responses on different levels.”

The base strategy behind the deception handling is to let every end be at default condition and then plant a trap and bait everywhere as a primary admonishing to spot malicious activities.

The post Cyber Security Transformation: An Underpinning for IBM’s expansion appeared first on Analytics Insight.

It was way back in 2000 that Security information and event management (SIEM) approach to security management systems first appeared from vendors. The original SIEM functionality centred on event correlation from perimeter security devices such as IDS/IPS and firewalls and the demand came from vendors like Intellitactics, eSecurity and NetForensics.

Over the last 19 years, SIEM market has evolved with different vendors, use cases and functionalities. SIEM has also increased its market size growing into a $2.5 billion market, dominated by giant vendors such as LogRhythm, AT&T (AlienVault), Splunk and IBM.

The underlying principle of every SIEM system is to aggregate relevant data from multiple sources identifying deviations from the norm to take appropriate action. For example, at the event of potential issue detection, a SIEM might log additional information, generate an alert and instruct other security controls to stop an activity’s progress. A SIEM system can be rules-based or employ statistical correlation engine to establish the relationship between event log entries. Advanced SIEMs have developed to include security orchestration and automated response (SOAR) and user and entity behaviour analytics (UEBA).

The Evolution of SIEM

Despite the evolution of SIEM, today’s products can be seen as super-sized versions when compared to yesteryears. Over the years, SIEM products have been based upon a tiered architecture of distributed data collectors, processors and indexers where a central database was used for data analytics, reporting and visualization. This has led to a situation where SOC personnel focused on activities such as threat detection, incident response, and forensic investigations that are dependent upon SIEM infrastructure teams who upgrade hardware, load balancing servers, adding storage capacity, etc.

The Shift from the On-Premises Servers to the Public Cloud

The next few years will witness the migration of the SIEM backend from on-premises servers to public cloud infrastructure. By the end of 2020, even organizations with opinionated on-premises biases in industries like military equipment manufacturing, financial services and government agencies will eschew on-premises SIEM in favour of cloud-based alternatives.

This is a slow move that has already started and will eventually progress rapidly due to changes in the demand and supply side. CISOs will be looking out for cloud-based SIEM solutions because:

• Unacceptable trade-offs which happen given the capacity-based pricing of SIEM software forcing many organizations to ignore or purge valuable security data that they would otherwise collect and analyze. Another common cost avoidance strategy being adopted is to supplement SIEM with open sourced-based data lake for longer-term investigations. While this can reduce SIEM software costs, it may create interoperability and basic operations challenges as the security staff pivots back and forth from SIEM to the data-lake while managing two sets of security technology infrastructures.

• The security data has been growing massively. According to ESG research, 28 percent of organizations collect analyse and process substantially more security data than they did two years ago. The security data pertains to network packet capture, cloud logs, cyber threat intelligence (CTI), business application logs and so on. Continuous security data growth equates to more personnel, operational tasks and infrastructure capabilities.

• Higher software costs that arise from infrastructure and staffing costs. Some SIEM vendor’s base their pricing on the amount of data under management, making CIOs complain that it is not unusual for them to blow through a three-year SIEM budget in a year.

• With an acute shortage of skilled personnel, CIOs and CISOs must ask themselves whether they really wish to hire and retain dedicated personnel answering to servers, storage devices and network calls.

The Role of the Vendors

Traditional SIEM vendors see huge possibility pushing cloud-based SIEM.

SIEM leaders at IBM and Splunk are already seeing much faster growth rates for cloud-based deployments of their products; a trend which is all set to continue.

New startups will be all about the cloud as they will embrace a cloud-based backend designed for processor-intensive machine learning algorithms, at a massive scale. Sensing opportunity, the cloud service providers are jumping in. Microsoft, Amazon, Google own globally distributed, cloud-based infrastructure and are investing heavily in artificial intelligence/machine learning.

These changes enable cybersecurity analytics to use case representing a perfect opportunity that aligns with their technology investments. These firms have been already on the growth trajectory with Google/Alphabet announcing their security analytics intentions with Chronicle. Amazon is not left behind as it acquired Sqrll hinting at a bigger security analytics/operations play at Re:Invent. Microsoft remains quiet about its security analytics/operations plans but some of its recent announcements suggest that it will join the fray in 2019. SIEM is the new age solution for tomorrow and with giants showing interest this space that has just got more exciting.

The post Cloud-Based Operations and Cyber Security will Witness New Heights in 2019 appeared first on Analytics Insight.

NIRAMAI Health Analytix is a health technology startup developing a novel solution to detect early-stage breast cancer in a completely privacy-aware manner.

The company’s offerings include a cancer diagnosis solution to Hospitals and Diagnostic centers, as well as a low-cost triaging solution to improve rural healthcare through Government and Non-Profit Organizations.

Niramai has developed a new technique called Thermalytix, a novel computer-aided diagnosis solution to identify cancerous and pre-cancerous patients in an affordable, accessible and effective way. The solution is a non-contact, non-invasive, low-cost, and portable for detecting breast cancer for women of all ages. The tool does not require expert skills to operate the system and can enable large-scale rural screening. The core of Niramai software consists of novel computer algorithms based on artificial intelligence and machine learning over thermal images.

The key one-of-its-kind benefits of this solution are:

• Unique screening experience: Niramai breast screening test that is radiation free, non-contact, painless and is completely privacy-aware. During the test, no one touches, compresses, or even sees the women being screened. This makes it easier for women to take a decision to undergo breast health screening regularly without worrying about socio-cultural issues.

• Age-agnostic: Breast cancer incidences among young women are on a rise and traditional methods remain ill-suited for preventive screening for young women. Niramai test works on women of all age group, not just above 45 years of age. The lesser known fact is that breast cancer can also happen to men, and Niramai test is also suitable for screening men.

• Safe: This test is completely safe, does not involve any radiation, and can be taken as often as needed without any side effects.

• Affordable: This test used off-the-shelf thermal sensors. Since the capex for that equipment is less than one tenth of mammography, it makes the solution more affordable and accessible.

• Accurate: Niramai test has shown good accuracy of detecting breast abnormality in women of all age groups. It works even in case of non-palpable lumps, making it possible to detect before a lump can be felt with hand examination.
The company was incorporated in 2016. Over the last two years, the team has focused on protecting IP, launching the product, establishing clinical validity and making solution commercially available across multiple states in India.

The Dynamic Leaders

Niramai was founded in July 2016 by two women Co-founders, Dr. Geetha Manjunath and Nidhi Mathur with diverse expertise. Geetha, who is the CEO and CTO of the company, holds a Ph.D. in Artificial Intelligence from Indian Institute of Science (IISc) and has led large teams to deliver innovative solutions in Hewlett Packard Labs and Xerox Research. She has over 25 years of research expertise in the IT industry and has several patents, publications, national and international recognitions to her credit. Nidhi holds an MBA from Indian Institute of Management Bangalore (IIMB) with specialization in marketing and strategy, and has expertise in commercializing new-to-the-world innovations. Nidhi plays the role of COO and CFO at Niramai.

An Innovative Approach to Detect Cancer

The core mathematics used by Artificial Intelligence (AI) algorithms has now matured and the accuracy levels of automated decision-making have reached the threshold of acceptance, and in some cases even surpassed human decision-making. This has unleashed a new era of innovation creating a real-life impact. AI/Deep Learning Technologies are definitely useful in a country like India where there is a shortage of skilled medical professionals. Niramai makes cancer diagnosis objective, simpler and effective for Radiologists by helping them make more reliable clinical decisions with the help of technology.

Dr Sudhakar, Radiologist at HCG, Bangalore has tried Thermalytix and believes in the value it provides, “With Thermalytix bringing together the dual advantages of thermography and artificial intelligence, it’s possible to do away with errors of manual interpretation. It’s an effective way of detecting malignant tumours or lesions at an early stage, thereby preventing a majority of cancer deaths.” His viewpoint is shared by many Indian and US doctors who believe Niramai solution can overcome the limitations of existing solutions in an effective way.

Awards and Recognitions

Niramai is one of the only four Indian startups invited to participate in the Google Launchpad Global Accelerator program in 2018, one in four selected by Philips for their first edition of HealthWorks program in India, and winner of Amazon AI Award in Healthcare category. The company also won BNP Paribas award for Best Startup in Preventive Healthcare, and Best Startup in Indian Cancer Congress. Niramai also won the BIRAC WinEr 2018 as well as Aegis Graham Bell Award for Data Science category.

Business Challenges

The biggest challenge was to prove the clinical validity in an indisputable manner. The company has worked with major hospitals and key experts in the field to establish the efficacy of the solution.

The Road Ahead

Niramai has published multiple clinical trials in international forums and been able to showcase good results to drive clinical and regulatory acceptance. This solution is available in 14 centres across country. The test can now be availed by women in Bengaluru, Mumbai, Pune, Mysore, Hyderabad, Dehradun, Chennai and Delhi. We would conduct group screening programs in corporate and academic institutions to enable many women to avail the test at their workplace or at home, in addition to partnering with NGOs, cancer societies, and government bodies to conduct large scale camps in rural areas.

Niramai is working towards increasing the awareness about the solution among women population as well as practitioners. It is partnering with leading medical specialists to create additional proofs of the efficacy of the solution and establish the complete workflow to recommend how this solution can be an integral part of health services delivery. With efforts like that, the company will gradually move the solution towards being the standard modality accepted by a wider section of the medical community. In addition, Niramai is also looking at extending the application of the innovation to areas other than breast cancer.

The post NIRAMAI: A Revolutionary Breast Cancer Screening Solution Powered by AI appeared first on Analytics Insight.

India – January 16th, 2019 – Researchers at Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite.

Fortnite has nearly 80 million players worldwide. The game is popular on all gaming platforms, including Android, iOS, PC via Microsoft Windows and consoles such as Xbox One and PlayStation 4. In addition to casual players, Fortnite is used by professional gamers who stream their sessions online and is popular with e-sports enthusiasts.

If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information as well as enabling them to purchase virtual in-game currency using the victim’s payment card details. The vulnerability would also have allowed for a massive invasion of privacy as an attacker could listen to in-game chatter as well as surrounding sounds and conversations within the victim’s home or other location of play. While Fortnite players had previously been targeted by scams that deceived them into logging into fake websites that promised to generate Fortnite’s ‘V-Buck’ in-game currency, these new vulnerabilities could have been exploited without the player handing over any login details.

Researchers outlined the process in which an attacker could have potentially gained access to a user’s account through vulnerabilities discovered in Fortnite’s user login process. Due to three vulnerability flaws found in Epic Games’ web infrastructure, researchers were able to demonstrate the token-based authentication process used in conjunction with Single Sign-On (SSO) systems such as Facebook, Google and Xbox to steal the user’s access credentials and take over their account.

To fall victim to this attack, a player needs only to click on a crafted phishing link coming from an Epic Games domain, to make everything seem transparent, though sent by the attacker. Once clicked, the user’s Fortnite authentication token could be captured by the attacker without the user entering any login credentials. According to Check Point’s researchers, the potential vulnerability originated from flaws found in two of Epic Games’ sub-domains that were susceptible to a malicious redirect, allowing users’ legitimate authentication tokens to be intercepted by a hacker from the compromised sub-domain.

“Fortnite is one of the most popular games played mainly by kids. These flaws provided the ability for a massive invasion of privacy,” said Oded Vanunu, head of products vulnerability research for Check Point. “Together with the vulnerabilities we recently found in the platforms used by drone manufacturer DJI, show how susceptible cloud applications are to attacks and breaches. These platforms are being increasingly targeted by hackers because of the huge amounts of sensitive customer data they hold. Enforcing two-factor authentication could mitigate this account takeover vulnerability.”

Check Point has notified Epic Games of the vulnerability which [has now been fixed. Check Point and Epic Games advise all users to remain vigilant whenever exchanging information digitally, and to practice safe cyber habits when engaging with others online. Users should also question the legitimacy of links to information seen on user forums and websites.

Organizations must perform thorough and regular hygiene checks on their IT infrastructure they have not left outdated and unused sites or access points online. In addition, it is good practice to review any outdated website or sub-domains that may still be online though not in use.

In order to minimize the threat of falling victim to an attack that exploits vulnerabilities like this, users should enable two-factor authentication, ensuring that when logging into their account from a new device, the player would need to enter a security code sent to the account holder’s email addresses. It is also important that parents make their children aware of the threat of online fraud and warn them that cyber criminals will do anything to gain access to personal and financial details which may be held as part of a gamer’s online account.

A full technical analysis of this vulnerability is available from the Check Point Research blog: https://research.checkpoint.com/hacking-fortnite/

Follow Check Point via:

Twitter: http://www.twitter.com/checkpointsw

Facebook: https://www.facebook.com/checkpointsoftware

Blog: http://blog.checkpoint.com

YouTube: http://www.youtube.com/user/CPGlobal

LinkedIn: https://www.linkedin.com/company/check-point-software-technologies

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.

The post Check Point Software Finds Vulnerabilities that Would Allow Hackers to Take Over Fortnite Gamers’ Account Data appeared first on Analytics Insight.

Cybercrime has increased at a high speed in the last few years. The problem is likely to get worse in the future, but there are several ways to combat security threats using cyber intelligence. Some of the tools can be downloaded online at a small cost or a small fee. You can combine these tools with other online resources to help prevent possible attacks.

Cyber threat intelligence is also known as CTI and helps to collect and analyze information regarding any potential or current attacks threatening the safety of a business or its assets. Threat intelligence is beneficial because it’s a proactive security measure and therefore data breaches are spotted on time and save you money spent to clean up after an attack. The purpose threat intelligence is to help companies protect their investment. They provide actionable information and offer invaluable support. Here are ways to fight security threats using cyber intelligence.

Observing Tactics and Trends of the Malware

Many companies are struggling and just do not know how to eliminate different versions of malware. They seem to get wilder than before, but if you can observe the trends and tactics of the malware, you can use cyber intelligence to deal with the problem. This means you have to be vigilant and make use of all awareness programs and security systems to prevent viruses and malware from infecting your network. The battle is never-ending and it’s through a close assessment that you can be a few steps ahead of the ever-evolving threat tactics.

Set the Goals You Want to Achieve

Think about what you want to achieve with the use of a threat intelligence framework. You definitely want to protect your network, but there should be more. Other goals may include:

• Quick response time in case of an incident

• Gather all forensic data after an attack

• Staying alert to any signs of new threats.

• Get rid of any false positives likely to drain resources and attention

When using cyber threat intelligence tools, you get information depending on your goals and what you choose to prioritize. If you want to study forensic data based on a post-breach investigation specifically, you should get SIEM or the security information, and event management software will be the best tool for you.

Create a Threat Intelligence Frame

After you created a threat intelligence framework, you need to refine the cyber threat feeds continuously. You should choose the right tools, but that does not mean you are done. You must update the tools regularly. Check the sources of data; if any old ones no longer provide useful information, replace them. Also, remember to diversify the threat intelligence sources to help you access a wide range of information.

Work with an Expert

Capacity to identify goals, assets to protect and different ways to optimize intelligence takes an experienced hand to come up with the best. This is what helps you to maximize threat intelligence feeds, and your company’s IT may not have this ability if you are at this point, hire experienced cyber security experts. Even though these services are costly, you can discuss with them on terms that will favor your business’s financial situation.

There are different ways to combat security threats using cyber intelligence and you can read more at https://ottomatik.io/blog/tutorials/mysql-backup/. All you need is consistency because the criminals will not stop trying to use different exploits and cyber attacks to hack your data. While your security architecture may need to be changed, you can only do it after considering the risks and threats your company is likely to face. Make use of cyber intelligence to know the right steps to take.

The post Best Ways to Combat Security Threats using Cyber Intelligence appeared first on Analytics Insight.