SandaS GRC, the best way to perform the GSMA IoT Security Assessment

ElevenPaths    14 February, 2018


SandaS GRC
ElevenPaths SandaS GRC allows organizations to support their business strategy, improve operational performance, mitigate operational risks and ensure regulatory compliance. Is the perfect complement with which you can create a governance program, risk management and effective compliance of the security of your organization’s information.
With the aim of extending this control to the IoT deployments, SandaS GRC has incorporated a set of controls to secure IoT deployments. These controls are those collected in the GSMA IoT Security Guidelines through the GSMA IoT Security Assessment, where Telefónica has actively contributed.

GSMA IoT Security Guidelines
Telefónica has collaborated within the group of GSMA IoT Security since the beginning of 2016 in the development of the IoT Security Guidelines.
These GSMA security guidelines contain best practices and security recommendations for the Internet of Things. Each document is focused on one layer of the IoT technology stack. To develop these guidelines, actors from all areas of the IoT ecosystem have collaborated: service companies, operators, device manufacturers, communication modules and processors. These four guides are:
The first is an introductory document, while the other three focus on each of the levels of the IoT ecosystem. Each area has different challenges that must be addressed in a specific way, with the aim of guaranteeing its security.

GSMA IoT Security Assessment
Based on these recommendations, the working group led by Telefónica as operator has generated the self-assessment IoT Security Assessment checklist that was published in September 2016 and that has been recently updated to include the recommendations in LPWA networks. The purpose of this document is to provide the different actors of the IoT ecosystem with a list of specific controls to take into account when designing and evaluating the security of an IoT solution.
The self-assessment guide IoT Security Self Assessment is structured in three main sections that cover end-to-end IoT security: processes in the organization, service platforms and devices. The questions in each of these sections are referenced to the recommendations contained in the different documents of the GSMA IoT Security Guidelines.

Sandas GRC and the IoT Security Guidelines
With the addition of the GSMA IoT Security Assessment, SandaS GRC offers a complete and unified view of risk, helping to manage key risks in the whole organization including IoT devices, minimizing their impact on the business.
In this way, it allows a strategic allocation of resources and ensures adequate controls for an integral security plan of an IoT deployment.
José Rodriguez Pérez

Could brainwave analysis turn eSport gamers into elite athletes?

AI of Things    12 February, 2018
Content originally written by Thomas Macaulay for TechWorld.

eSports has turned gamers into digital athletes with million dollar paycheques and backing from multinationals such as Telefónica, whose technologists are optimising player performance by analysing brainwaves. The Spanish telecoms giant set up a big data unit called LUCA in 2016, with a wide remit encompassing business, social initiatives and sport. Data scientists have tracked footballers in La Liga by analysing images from matches and helped cyclists in the Vuelta a España by monitoring training performance and optimising training schedules to ensure peak performance, but it is in eSports where the most visionary tech is unleashed.

“We can identify the key events that are producing a change or an unstable pattern in the game,” says Pedro Antonio de Alarcón, director of the Big Data for Social Good initiative at LUCA. “It could be people screaming, or when they kill somebody. There is a lot of euphoria in the eSports arena. We are analysing in each of the gamers the variables that are most affecting them while playing, for the good and for the bad.”

Photo showing Movistar Riders in the middle of a game
Figure 1 : Big Data anlysis is used to analyze the key variables of eSports gamers.

     

eSports joins the big leagues

In 1972, Stanford University hosted what is widely considered the first video game tournament.  The prize for the winner of the “Intergalactic Spacewar Olympics” was a subscription to Rolling Stone magazine. By 2017, eSports revenues had risen to $696 million and the total audience to 385 million people, according to estimates by market researcher Newszoo.
Telefónica entered the eSports arena in January 2017 under the banner of its mobile subsidiary Movistar. The Movistar Riders field teams in Call of Duty, Counter Strike, FIFA and Hearthstone, but LUCA chose to dedicate its focus its technology on only one game: League of Legends, the most popular eSport of them all. More than 100 million gamers play League of Legends every month, battling in two teams of five to destroy the other side’s base. The best of them compete in the annual five-week League of Legends World tournament. According to the game’s publisher Riot Games, more than 57 million people watched the tournament finals.

The Movistar Riders 3D logo.
Figure 2 : Telefonica entered the eSports arena in January 2017 as Movistar Riders.

 
As the interest and revenues in eSports games such as League of Legends has risen, the top teams have become more professional by taking tools and methodologies from traditional sports such as football and baseball. The Riders have their own 1,000 square metre training centre in Madrid and a physiotherapist to reduce the impact of injuries. But unlike the superstar footballers who are guided to the peak of their profession from childhood, the Riders quickly go from playing games at home to competing in front of thousands of people in attendance, and sometimes millions more watching around the world.

“They need to change into a professional mentality. They need to stay stable when they’re playing, and at the same time they need to improve their skills in the game.” Telefónica uses analytics to understand how game conditions affect them mentally, by connecting them to brain-computer interfaces that can evaluate neurological activity while they’re playing. A commercial device called EMOTIV Insights continuously analyses variables such as stress, relaxation, focus and engagement. Telefónica synchronises this data against in-game action by the second, to find precise correlations between emotions and events.

Two Movistar Riders gamers in the middle of a League of Legends game
Figure 3 : Movistar Riders train at a 1,000 square meter training center in Madrid. 

      

Finding a competitive edge

South Korean teams have won the League of Legends trophy for five years in a row. The Riders are trying to catch up by assessing their strengths and weaknesses against those of their competitors. Riot Games provides servers with data on all of the teams, which de Alarcón and his team can access through APIs. The concept is similar to what’s found in Formula 1, where engineers receive streams of data from a race. “We can capture how a different team is playing,” says de Alarcón. “If you have previously analysed before a competition how this team was performing against others, so you can refine the strategy to beat them accordingly.”
In League of Legends, individual players have different profiles, which can be tracked to understand how they play in different situations, such as going for early kills or focusing on winning gold. “If you get it by the numbers with big data, you immediately get a sense of how they play, what is the style of game they practice,” says de Alarcón. “This is the insight we provide to the team.”
The Riders don’t have the budget for players of some of their competitors, so need to recruit young talent and develop them to the professional team. Telefonica analyses how they’re developing, and identifies when they’re ready for the pros. Brain analysis is already reaping results for the Riders, but de Alarcón doubts that it could be applied to his work with the cycling team. “The problem it has is it’s a bit intrusive. You need to wear a helmet, and the cyclists are very picky about the things you put on top of their bike,” he explains. “You basically can not touch, you cannot add any element to the bike. This is such a competitive world, that anything that you touch – just a small change in the shirt, for example – is changing the aerodynamics and affecting the competition.” These athletic considerations are unlikely to hold back analytics in eSports, as in video games the brain reigns supreme over brawn.
You can read the original article on the TechWorld site, and to keep up to date with the latest news, check out our website, and don’t forget to follow us on TwitterLinkedIn and YouTube.

Predictive Analysis and Machine Learning improving quality of life for refugees

AI of Things    9 February, 2018
The refugee crisis is an ongoing issue that is sadly growing by the day. Currently, it is believed that roughly 65 million people live as refugees or are displaced within their home countries, which is the highest figure in modern history. Efforts have been made to accommodate these people, mostly throughout Europe, however, due to the vast numbers, it has seemed an almost impossible task.

Big Data steps in…

However, there is an area that is yet to be fully explored when talking about the refugee crisis, the use of predictive analytics. This is the ideology of using current and past data in order to predict future events. But are there any obstacles stopping us from optimizing decisions? Sadly, there are many political and financial barriers that stand in the way.

An image showing the 'jungle' in Calais, a refugee camp in the North of France.
Figure 1 : An image showing the ‘jungle’ in Calais, a refugee camp in the North of France. Source Michal Bělka

When the refugee crisis first erupted, nobody predicted the extent of the strain that would be felt on many international borders, particularly those in Europe. ‘Frontline States’ such as Jordan, Lebanon, Turkey and Greece have felt the full force of this disaster as refugees seek temporary homes there and seek to move on to Western Europe.

A vast majority of countries are already collecting migration data and this could prove to be invaluable in the near future. Data from censuses, surveys, smartphone locations and even border crossings are all contributing to painting a clearer picture of this catastrophe. Value can be extracted from this data and drive decision-making. The results can show predictions as to where refugees are travelling and their decisions. Firstly, by spotting these patterns, officials can redirect refugees to different countries but most importantly, vital resources and money can reach those who need it the most. In theory, this should reduce the number of overcrowded camps and a better access to food and water when it is needed the most.
Despite all of the potential, as already mentioned there are some clear obstacles standing in our way. Countries need to work together and those currently hosting fewer refugees need to be more open to the idea of accepting more. But they also must work together on grounds of data sharing as in this instance, keeping their personal data private is of no international benefit. Technical challenges are also on the horizon; how will the data be stored? Who has what rights? In addition, maybe most obviously, this will require a huge financial investment and as it currently stands the UN does not have a specific arm dedicated to incorporating data into solving the refugee crisis. Surely though the investment can be justified as the benefits are visible on a humanitarian level. Undeniably it will improve the quality of life an infinite number of people who have been forcibly displaced from their home country both today and in years to come.

Machine Learning contributing to data-driven job hunting…

Another thing to consider for refugees are the job opportunities in their destination country. Machine Learning algorithms are searching for the answers. By using the algorithm it is suggested that the chance of a refugee finding work is increased by up to 70%. As of now, the system is yet to be tested in the real world, but with historical data, the results were very promising. Currently, refugees are randomly assigned an area within a country upon their arrival and frequently it will not be the optimum location in terms of job potential and quality of life. Machine learning can change this for the better. However before the system is implemented, there are a few things that need to be straightened out. The algorithm focuses solely on job potential and fails to consider social connections. It is also likely that such a system would face opposition on a political level, with many countries reluctant to change refugee policies without concrete proof.

Here at LUCA, we see new applications of Big Data and Machine Learning emerging every day. This is yet another clear example of how data-driven decisions and data science are capable of social good. As explained, a lot is standing in the way, however, the foundations have certainly been put in place.

Come and play sports with Telefonica, and take on the best!

AI of Things    7 February, 2018
For another year, the city of Barcelona will welcome the largest global event in the mobile industry: the Mobile World Congress. To make the most of this moment, Barcelona’s Mobile World Centre will welcome a dynamic event organized by LUCA, Telefonica’s data unit, alongside Movistar Team and Movistar Riders, from Monday 26th of February to Saturday 3rd of March.

Banner of the Movistar Team and Movistar Riders showcase
Figure 1 : LUCA will be showcasing the best in Sports Analytics at the Mobile World Centre.

The Mobile World Centre is an initiative of the Mobile World Capital Foundation and Telefonica, with the aim of showing how the mobile and internet worlds transform out lives. Motivated by this initiative and due to the influx of people who will be visiting Barcelona, it was a good moment to showcase Big Data and Artificial Intelligence with LUCA and their backing of Sports Analytics.

 
The event will show the diverse applications of data in the sporting arena. In particular, those applications applied to cycling with Movistar Team and the increasingly well-known world of eSports, with Movistar Riders. These teams already use data in order to improve the performance of their professionals.
Due to this, there will be two parts to the event. Firstly, located in the shop space, there will be a collaboration with Movistar Team which, through using four of the team’s bikes, will simulate a stage of the La Vuelta race in Lagos de Covadonga. Participants will ride one of the bikes and, by following the lead rider’s instructions, be able to follow their performance metrics in a demo designed by LUCA.
The participants will compete among themselves, and be able to compare their metrics with those of Alejandro Valverde, one of the team’s riders. Also, on Tuesday 27th, Mikel Landa (another of the Movistar Team cyclists) will visit the store for a Meet&Greet session with the attendees and will hand out a prize to the individual who has achieved the best metrics during the first two days.

Promotional image for the LUCA event in collaboration with Movistar Team.
Figure 2 : How close could you get to Alejandro Valverde’s race metrics?
As value added, lights will be connected to each bike, which will be sincronized with the device that measures power, and will light up in different colours based on the intensity and power of each participant. The colorful atmosphere that this will create will attract people to enter, as well as guiding the rest of the bike to follow the same intensity, like a spinning class.
On the first floor, LUCA will welcome the collaboration with the eSports team Movistar Riders. Gamers who have signed up in advance via this form will be able to play a game of the videogame League of Legends (LoL). Also, those players who want to will be able to see their performance reflected in a demo designed specifically for the occasion, comparing their metrics to historical data of players from Movistar Riders (whose performance is optimized using advanced data analysis). Also, those who sign up will have the exclusive opportunity to play a live game of LoL against the Movistar Riders gamers on either Monday 26th or Tuesday 27th of February. These will be very special games for the followers of the team and for eSports in general. Those visiting the space during this period will be able to use the headsets that we use to monitor the brainwaves of the players whilst they compete.

Promotional image for the LUCA event in collaboration with Movistar Riders.
Figure 1 : Attendees can take on the Movistar Riders at League of Legend.
Without a doubt, this will be another event where LUCA will show how technology contributes to digital transformation and in addition, the application of data to specific areas of our lives, such as sports.
Come and play sports with Telefonica, and compete with the best!
Where?
Mobile World Centre
Pl. de Catalunya, corner of Portal del Ángel (Barcelona)
When?
From the 26th February to the 1st March, coinciding with the Mobile World Congress
For whom?
All those interested in knowing how Big Data helps to improve sports performance
Follow all the latest news on our social networks:
Twitter: @LUCA_D3  | LinkedIn: LUCA: Data-Driven Decisions 

Ending cyberbullying using artificial intelligence and machine learning

AI of Things    6 February, 2018
Cyberbullying, defined as “the use of electronic communication to bully a person” by Oxford Dictionaries, is a worrying problem in our increasingly connected society. Nowadays, it is perhaps most notable on social media sites such as Twitter and Instagram, platforms founded on the principle of free speech. But, it is time to act, and in this blog we explore how Big Data, Artificial Intelligence (AI) and Machine Learning (ML) can tackle this issue.

According to various research studies, cyberbullying affects over half of teens and adolescents. It can take many forms, but perhaps the most talked about of these is “trolling”, which is the posting of inflammatory messages in order to draw out an emotional response. Anyone can become a victim of cyberbullying and, due to the power of anonymity online, anyone can be the bully with very little chance of being punished.

Figure 1 : Over half of teens and adolescents experience cyberbullying
Figure 1 : Over half of teens and adolescents experience cyberbullying.

     
Twitter once called itself the “free-speech wing of the free-speech party” but recent years have seen a movement towards tighter control of what is posted on the platform, and other sites have followed suit. For example, Instagram recently implanted the DeepText algorithm already used by Facebook to clamp down on cyberbullying. The machine-learning algorithm is capable of analyzing thousands of posts and comments each second in order to detect. First introduced to tackle issues of spam, Instagram later decided to use the same technology to block offensive comments.

Back in 2014, Viraj Puri (then 13 years old) gained global recognition for his work in using Big Data to try and end bullying in the US. As reported by the BBC, the student was able to use a variety of algorithms to analyze posts from Twitter, Facebook and Google+ in order to develop a heat map that showed where the issue was most severe. He also launched BullyVention, a blog aimed at raising awareness and acting as a call-to-action.

Figure 2 : Machine learning can be used to detect messages containing offensive content.
Figure 2 : Machine learning can be used to detect messages containing offensive content.

     
Linked to the subject of cyberbullying is the wider topic of hate speech. In response to the 2016 US election, where hate speech became a globally talked about issue, the nonprofit newsroom Propublica decided to act. They worked alongside the Google News Lab to develop the Documenting Hate News Index, which collates all news related to hate incidents. The site uses Google’s Natural Language API (a machine learning tool) to understand the news report’s nature and its intentions. At the time of writing, the “keyword” most talked about is Jacqueline Kent Cooke, who has just been charged with an anti-Semitic assault on New Year’s Eve.

These are just a few examples of how data science can be used to make the internet a safer, less hate-filled place to be. Here at LUCA, we are passionate about seeing Big Data used for social good, and look forward to new and exciting developments in this area. 

#CyberSecurityPulse: Oops, I Went Running and I Published Information From Secret Locations

ElevenPaths    6 February, 2018

The popular fitness tracking app Strava proudly published a 2017 heat map showing activities from its users around the world, but unfortunately, the map revealed locations of the United States military bases worldwide. Strava which markets itself as a “social-networking app for athletes” publicly made available the global heat map, showing the location of all the rides, runs, swims, and downhills taken by its users, as collected by their smartphones and wearable devices like Fitbit. Since Strava has been designed to track users’ routes and locations, IUCA analyst Nathan Ruser revealed that the app might have unintentionally mapped out the location of some of the military forces around the world, especially some secret ones from the United States.

However, information from cartographic systems on facilities of interest to the defense, such as military bases, has always been available. Subject to errors or inaccuracies, but always available given the inability of governments to limit their dissemination. In this sense, this type of information has been used to perpetrate attacks, to the point that India raised in 2009 the closure of Google Earth as a measure to avoid attacks like those in Bombay.


From the point of view of privacy, Strava is not the only platform that exposes information of its users by default. Endomondo also allows to know habits, schedules and health status of its users. Or, a few years ago, with the default configuration of Twitter, you could know where the tweets of a user were published. Or, for example, with Tinder it is possible to locate our objective, knowing what area it is in, when it will work, what routes it takes or if it is in the city. This case is another demonstration of the need to evaluate the level of information exposed from an organization and more if it is about facilities of interest for the defense and to include this threat as part of the counterintelligence plans of an organization.

More information at The Hacker News

Top Stories

100s of ETH Stolen After Bee Token ICO Email List Hacked

Investors who were eagerly waiting for their opportunity to join the Bee Token ICO were robbed for 100s of ETH. Scammers managed to get their hands on the Bee Token mailing list and sent out a phishing email stating that the ICO was now open, followed by an Ethereum address to send their contributions to. To try and entice people to send their ETH, the scammers also stated that they had formed a surprise partnership with Microsoft and would be giving participants a 100% bonus for all contributions in the next 6 hours. If that wasn’t a big enough red flag, the scammers guaranteed that the value of Bee Token would double within 2 months, or your would receive your Ethereum back.

More information at The Ripple Cryptocurrency

Tech Firms Let Russia Probe Software Widely Used by U.S. Government

Major global technology providers SAP, Symantec and McAfee have allowed Russian authorities to hunt for vulnerabilities in software deeply embedded across the U.S. government, a Reuters investigation has found. In order to sell in the Russian market, such as the energy and financial sectors, the tech companies let a Russian defense agency scour the inner workings, or source code, of some of their products. Russian authorities say the reviews are necessary to detect flaws that could be exploited by hackers. But the Pentagon is not alone in expressing concern. Private sector cyberexperts, former U.S. security officials and some U.S. tech companies told Reuters that allowing Russia to review the source code may expose unknown vulnerabilities that could be used to undermine U.S. network defenses.

More information at Reuters

Rest of the Week´s News

South Korea Warns of Flash Zero-Day Flaw Exploited by North Korea

According to the alert published by the KISA, the vulnerability affects the latest Flash Player version 28.0.0.137 and earlier. The zero-day vulnerability could be exploited by an attack by tricking victims into opening a document, web page or email containing a specially crafted Flash file. According to the researcher Simon Choi the Flash Player zero-day has been exploited by North Korea since mid-November 2017. The attackers exploited the zero-day vulnerability in attacks aimed at South Korean individuals involved in research activity on North Korea.

More information at KISA

WannaMine: The Sophisticated Cryptominer that Spreads Via NSA EternalBlue Exploit

WannaMine is a Monero cryptocurrency miner that hijacks a system’s CPU cycles to mine. This fileless malware leverages advanced tactics and techniques to maintain persistence within a network and move laterally from system to system. First, WannaMine uses credentials acquired with the credential harvester Mimikatz to attempt to propagate and move laterally with legitimate credentials. If unsuccessful, WannaMine attempts to exploit the remote system with the EternalBlue exploit used by WannaCry in early 2017.

More information at CrowdStrike

Someone Stole Almost Half a Billion Dollars From Coincheck

Coincheck, a Tokyo-based cryptocurrency exchange, has suffered what appears to be the biggest hack in the history of cryptocurrencies, losing $532 million in digital assets (nearly $420 million in NEM tokens and $112 in Ripples). The digital-token exchange has already reported the incident to the law enforcement authorities and to Japan’s Financial Services Agency to investigate the cause of the missing tokens.

More information at Coincheck

Further Reading

Leaked Memo Suggest NSA and US Army Compromised Tor, I2P, VPNs and Want to Unmask Monero Users

More information at Security Affairs

JenX Botnet Leverages Grand Theft Auto Videogame Community to Infect Devices

More information at Chromium

Operation PZChao: A possible Return of the Iron Tiger APT

More information at Bitdefender

Sign up for our newsletter!

The emotions of IoT

Beatriz Sanz Baños    1 February, 2018

Understanding emotions is crucial in new marketing strategies. Due to the oversaturation of products and approaches, new formulas have to be found that help the retail sector sell an increasing number of products. Knowing clients’ emotions can be a fundamental advantage in this respect. So how can we get this information? The technology associated with the Internet of Things is the key that will open the doors to a more efficient and satisfactory way of buying.

Detecting human emotions

Of course, the first step in understanding what a client is feeling is to detect their emotions. This may seem like science fiction, but it is the subject of study by many behavioural specialists. Emotions are reflected in things as simple as our face, our tone of voice or our gestures. And to be able to detect patterns, the first thing we need to do is measure them.

For example, you can analyze the expression of a face or its gestures to know if a customer is surprised, pleased or bored. Facial patterns are currently an inexhaustible source of study for various topics because they provide a lot of information on the emotions we feel.

On the other hand, the voice is also an inestimable source of information. We can detect accents, tones, nuances, doubts and a host of features from it. By 2022, over 70 millionhouseholds will have at least one voice assistant in their home, and the total number of devices installed will top 175 million. According to several studies, you can also ascertain a person’s interest in a topic via their voice.

If we add this to the biometric data that can be obtained from other wearables, such as the increasingly popular wristbands that measure the heart rate or skin moisture, the amount of data we can collect on the emotions generated in a person is huge.

The role of Artificial Intelligence

Once we get the right measurements from a multitude of connected devices (cameras, voice assistants, biometric wristbands), the next step is to analyze them. To do this, nothing fits the bill better than Artificial Intelligence.

The technology associated with AI allows us to analyze patterns that at first seem chaotic or too complex. Thanks to Artificial Intelligence, we can create algorithms that learn and improve with the data they process, so they collect information in an increasingly efficient way.

Big Data appears alongside Artificial Intelligence to offer the possibility of using massive amounts of data to better analyze the parameters that determine clients’ emotions. And all this, from the collection of information to its distribution and processing, is done thanks to Internet of Things.

A more efficient IoT

When talking about emotions, the IoT is facing a new market niche in which marketing has a lot to gain. Yet so does Internet of Things itself, since this type of analysis will allow it to be more effective in all its tasks. With the results of these analyses, developers can generate more pleasant or efficient applications.

Designers, administrators and ultimately everyone related to a brand can also learn something. The information obtained from emotions, which are a manifestation of our desires, among other things, will make IoT applications better in all senses.

Thus, a music player could adapt its automatic song list to the user’s mood at that moment. Thanks to connectivity, the application could send a signal to a nearby business that had a beacon so it could offer information (an ad, for example) which is especially relevant to the user’s mood. And this is just one example.

All of this is not just about usability. IoT involves many aspects: colours, sounds, touch, aesthetics, lights, the combination of all of them. With this analysis of emotions, the IoT has a great deal to gain by adapting the characteristics of a product or an application to the mood of a user automatically and in real time, thanks to the connectivity offered by Internet of Things.

Which country will lead the race for AI dominace?

AI of Things    29 January, 2018
Every January, the World Economic Forum meets in the Swiss mountain resort of Davos, bringing together politicians, economists, business leaders and more to discuss the key issues of the times. One of the focuses of this year’s event was the rise of Artificial Intelligence and the subject featured prominently on Theresa May’s agenda. The UK’s Prime Minister announced her desire for the UK to become a world leader in AI, and its “safe and ethical use”. In the blog, we look at whether the UK’s claim to this title is legitimate, and who the current key players in the field are.

The UK’s case is strong

There are a number of reasons why Miss May might not be dreaming with this claim. The potential for this industry in the UK is huge, as shown by research by Accenture, which revealed that AI could add over £650bn to the economy by 2035, if its potential is harnessed. Perhaps responding to this, in last year’s spring budget, the government created an investment fund for “disruptive technologies” worth £270m. In the last three years, a new artificial intelligence company has been launched almost each week. However, it is not just the volume of these companies that is worth noting, but their quality and appeal to investors. This is shown by the fact that some of the largest tech companies have acquired UK AI firms in recent times. In 2015, Google purchased London-based DeepMind for a reported £400m and in 2016 Microsoft paid $250m for SwiftKey. The issue here for the UK is that these companies are all being bought by foreign investors, and not by local ones.

A typical London scene featuring Big Ben and the Houses of Parliament.
Figure 1 : In Davos, Theresa May announced the UK’s intentions to become a world leader in AI.

Can the UK topple the US?

When it comes to established AI companies, the United States is currently a cut above the rest. Out of the 2542 companies in the area, 42% are American (second place goes to China with 23%). Additionally, in the recent ‘AI 100’ published by researchers CB Insights, 76% of their startups to watch came from just 13 US States. The nation’s strength stems from a combination of the early success of large companies such as Google, Microsoft and IBM, as well as the quality of their universities. Of the top 20 institutions for AI, 16 are located in the US and consequently, companies can draw from a pool of 78,000 AI specialists.

China might have something to say

When compared to the US, China appears to be lagging behind in second place. It has almost half as many AI companies and far fewer specialized workers to choose from. However, as the Eurasia Group argues in a recent report, China forms part of a “two-way race for AI dominance” (alongside the US). One reason for this is the government’s commitment to the sector. In July of 2017, the State Council released a new development plan that stated their ambition to become a “premier global AI innovation center” by 2030. China’s AI industry is already booming, as shown in CB Insights ‘AI 100’ mentioned earlier. Of the 8 firms to make the cut, 5 are ‘unicorns’ (startups with a value in excess of $1bn) and the top funded company is Chinese firm ByteDance. One area where China already leads the world is in the volume of research papers published on the subject. Data from the Times Higher Education shows that between 2011 and 2015, China published 41,000 papers. In fourth place lies the UK with around 10,000 which shows that there is a lot of work to go before Theresa May can claim that the UK is a world leader.

A photo of the Beijing skyline.
Figure 2 : The Beijing skyline – China is in a ‘two-way race’ with the US for AI dominance.

Spain is tackling safe use and ethics

When it comes to addressing the concerns that many people have about AI, one of the most active countries is Spain. In November, the government created a Grupo de Sabios (literally, ‘Group of Wise People’) comprising of nine experts to write a white paper on the subject. The team have been given six months to finish the project, which will provide advice and best practices about the ethical use of the new technologies. Last year, the UK also created something similar, its ‘Centre for Data Ethics and Innovation’ which, according to the government, was a “world-first advisory body”. In the future, as AI becomes more wide spread, we can expect such guidelines to be used globally.
Who do you think will come out in this modern day equivalent of the Space Race? Regardless of who takes the lead in artificial intelligence research, 2018 is sure to be a year of immense progress for the field. In order to keep up to date with the latest developments, follow us on Twitter and LinkedIn!

A closer look at the GRAMMY Awards 2018

AI of Things    25 January, 2018
Now that January is here, it is time to look forward to one of the year’s standout events, the GRAMMYs 2018. This year, the prestigious event will be held on 28th January with various artists hoping to taste success over a variety of categories. But why are we interested in the GRAMMYs and can data provide us with any useful insights into the nature of the event?

The GRAMMYs are separated into a variety of categories including the record of the year, the album of the year and best new artist, just to name a few. There are strong candidates across the board and at times, it can appear near to impossible to make predictions on the winners. This year the likes of Luis Fonsi, Alessia Cara, and Kendrick Lamar are all expected to perform well in their respective categories. However different people with different tastes in music will have different ideas as to who deserves to win. Therefore a deeper analysis of data can help to provide a fairer, rounded opinion.

But where will this data come from?

Streaming services have grown at a staggering rate in recent times. In 2016 we saw a 60.4% increase in streaming revenue coupled with a 20.5% decrease in download revenue. This demonstrates the shift that we have experienced as more consumers turn to streaming solutions such as Spotify or Apple Music rather than downloading individual tracks. However, the digital music market saw overall growth whilst the physical market saw an overall decline. Although this is a separate trend, once again it demonstrates the strength of the digital music market and in particular the market for streaming which is leading the way.
When people stream music, the stream providers are able to extract data about music that the users are listening to, in addition to other key data points such as time, location, duration etc. To demonstrate this, let’s consider Spotify’s related artists section. As a side note, Spotify is believed to have in the region of 70 million paying subscribers in addition to many more free users, which is an extraordinarily large data source. They know the style of content you have been listening to in the past and consequently make judgements on more recommended music. This is Big Data in action.
Scene from a live music concert
Figure 2 : In addition to the awards, many artists will perform their songs live at the event
So when the GRAMMYs come around, large music streaming service providers such as Spotify or Apple Music have the power to make informed predictions as to who will take home the awards. They study the number of streams and the songs with more streams have a greater probability of winning an award. Stream numbers are used here as a gauge of popularity. Music producers and labels alike keep a close eye on this data, attempting to spot trends and get involved as early as possible. Festivals also look to book artists that are ‘trending‘ at the time and this is determined using stream numbers. Lineups are often tailor-made to the market at the time, which is why it feels as if all of your favorite artists are performing at the same event. You are not alone.
Here we can see yet another example of how data science is being used in a variety of sectors. Did you expect data science to be revolutionizing the way we listen to music or providing us with a deep analysis of one of 2018’s key events within the music industry? Here at LUCA, we see the Big Data industry growing larger by the day. More areas are becoming involved whether they know it or not and every sector is shifting towards a data-driven approach.

Managed Detection & Response: Prevention is Not Enough, You Need to Become Cyber-Resilient

Pablo Alarcón Padellano    25 January, 2018

You want your organization to be cyber-resilient but you have no means?

You have advanced security solutions in place, but you lack skilled staff trained to take advantage of them?

You are unable to detect and respond to a security breach and you fear the consequences for your business of the NIS and GDPR legislation?

If you are concerned about these issues, we are also concerned, and that is why we have been working with our skilled analysts, Test Lab and Strategic Partners strive to offer our customers a Managed Detection and Response service beyond the traditional approaches.

Most information security professionals in Europe believe a cyber attack will breach critical infrastructure across multiple countries within the next two years, according to Black Hat’s annual report¹ “The Cyberthreat in Europe”.  Security professionals in Europe feel they do not have the time, budget, or staff to meet the growing security challenges and the additional burdens imposed on them by regulations such as GDPR and NIS Directive:

  • Nearly two-thirds of the respondents believe it is likely their organizations will have to respond to a major security breach in the next 12 months.
  • 62% say they do  not  have  enough  security  staff  to  defend adequately  against  modern cyberthreats. In  fact, just 38 % say they are adequately staffed on the security front.
  • 39% believe  that  a  lack  of  required skills is the primary reason why security strategies fail (skills shortage).
  • Nearly 6 in 10 of the respondents believe they do not have the budget to defend adequately against current and emerging threats.
  • 29% said the largest portion of the budget went toward compliance-related tasks. Measures for dealing with targeted attacks ranked only third.

A traditional Security Operations Center (SOC), using blocking, monitoring and vulnerability management techniques, can mitigate up to 90% of attacks. The remaining 10% of attacks, caused by sophisticated attacks aimed directly at the organization, is the main concern for 48% of security professionals, according to the Black Hat report.

Threat hunting helps with threats that bypass both preventative and detective controls, and enables organizations to uncover threats that would otherwise remain hidden. According to Gartner’s threat hunting report², hunting success relies on a mature security operations center (SOC) and cyberincident response team (CIRT) functions. In the same way concluded McAfee³ at the end of July, with his new interesting report “Disrupting the Disruptors, Art or Science?”, by investigating the role of cyberthreat hunting and the evolution of the security operations center (SOC).

The study found that 71% of SOCs with a level 4 maturity closed incident investigations in less than a week because of the context provided by skilled threat hunters.

Managed Detection & Response cybersecurity screen capture imagenThese organizations were twice as likely to automate parts of the attack investigation process, and they devote 50% more time to actual hunting.

Perhaps the SOC of your organization may effectively cover SIEM, IDP, vulnerability management and other areas. However, the next phase of maturity is to build the APT Threat Hunting capability. Gartner⁴ has called Managed Detection and Response Services (MDR) those new security service providers that are focused on detecting previously undetected threats that have breached an organization’s perimeter and are moving laterally through the IT environment. Gartner recommends to augment existing security monitoring capabilities to address gaps in advanced threat detection and incident response, and anticipates that by 2020, 15% of midsize and enterprise organizations will be using services like MDR, up from less than 1% today.

Do you have ability to detect threats within your organization? When do you detect them?

According to last SANS Insitute’s report⁵ about effective threat hunting, the chances are very high that hidden threats are already in your organizations networks. Organizations internally realize the discovery of the security breach only in 53% of the cases, compared to 47% that are communicated to the organization by an external third party, according to last FireEye’s M-Trends 2017 report⁶. The median dwell time (the duration a threat actor has in an environment before they are detected) of EMEA organisations is 106 days.

When do you have proof in your organization that you have a security breach? Can you detect it by yourself, or by third parties? You may need to accelerate your advanced threat detection capabilities through an MDR service.

As of May 2018, NIS Directive identified operators of essential services (OESs) and digital service providers (DSPs), and GDPR identified controllers and data processors, will have to take appropriate security measures and to notify serious incidents to the relevant national authority. In the case of the NIS Directive, breach notifications must be done by “without undue delay⁷”, and in the case of GDPR also “without undue delay and, where feasible, not later than 72 hours after having become aware of it⁸”. 

What can constitute an undue delay? What happens if your organization has been breached, but is not aware of this fact due to lack of care? The regulation is deliberately vague to allow a wide range of possible eventualities, and this is where having a complete process of detection and response shows its value, because all this information must be explained to the competent authority or the CSIRT.

In relation to the security measures to be adopted according to the NIS Directive and GDPR, it is indicated that “having regard to the state of the art¹⁰” or “taking into account the state of the art” respectively, these measures will guarantee a level of security of networks and information systems (NIS) and data protection (GDPR). Artificial Intelligence (AI), automated threat detection and proactive threat hunting are powerful tools that need to be leveraged by businesses if they are going to stand a chance of meeting the new requirements set out by NIS Directive and GDPR. And if you do not have your own means, there are already MDR services available in the market that offer specific experience to support organizations that seek to improve their threat detection and response capabilities.

ElevePaths’ Managed Detection & Response 

Organizations can’t afford to believe that their security measures are perfect and impenetrable, no matter how thorough their security precautions might be. Having a perimeter and defending it are not enough because the perimeter has faded away as new technologies and interconnected devices have emerged.

The objective should therefore be to reduce the window of exposure to a potential security breach and reduce those tasks that require a lot of time to allow rapid detection and action, and conveniently manage risks (cyber-resilience). Companies need to reduce threat identification and response processes from years, months and weeks, to just hours and minutes.

As part of our Cybersecurity Services, we offer our Customers our Managed Detection & Response services, based on skilled and specialized security analysts focused on Endpoint Detection & Response (EDR) for advanced malware and targeted attacks, and high value Indicators of Compromise (IoCs) for early identification of sophisticated threats.

ElevenPaths is an Affiliate Member of the Cyber Threat Alliance to contribute to the development of a new, automated threat intelligence-sharing platform to exchange actionable threat data, and also an Associate Partner of the No More Ransomware initiative, to disrupt cybercriminal businesses with ransomware connections. Please stay tuned to discover soon what new solutions and alliances with the state-of-the-art Partners we add to our Managed Detection & Response services.