Exam 000-046 Dumps are updated on daily basis

killexams.com provides validly, Latest, and 2022 updated 000-046 cheat sheet with braindumps Questions and Answers. Practice our 000-046 Practice Questions and Answers to Improve your insight about tips and deceives utilized by merchants and breeze through your 000-046 test with High Marks. We ensure your achievement in the Test Center, covering every one of the references of DOORS v9 test and assembling your Knowledge. Pass with our 000-046 Question Bank.

Exam Code: 000-046 Practice exam 2022 by Killexams.com team
DOORS v9
IBM DOORS test
Killexams : IBM DOORS test - BingNews https://killexams.com/pass4sure/exam-detail/000-046 Search results Killexams : IBM DOORS test - BingNews https://killexams.com/pass4sure/exam-detail/000-046 https://killexams.com/exam_list/IBM Killexams : Businesses are still introducing security risk into cloud environments

While cloud computing and its many forms (private, public, hybrid cloud or multi-cloud environments) have become ubiquitous with innovation and growth over the past decade, cybercriminals have closely watched the migration and introduced innovations of their own to exploit the platforms.

Most of these exploits are based on poor configurations and human error.

New IBM Security X-Force data reveals that many cloud-adopting businesses are falling behind on basic security best practices, introducing more risk to their organisations.

Shedding light on the “cracked doors” that cybercriminals are using to compromise cloud environments, the 2022 X-Force Cloud Threat Landscape Report reveals that vulnerability exploitation, a tried-and-true infection method, remains the most common way to achieve cloud compromise.

Gathering insights from X-Force Threat Intelligence data, hundreds of X-Force Red penetration tests, X-Force Incident Response (IR) engagements and data provided by report contributor Intezer, between July 2021 and June 2022, some of the key highlights stemming from the report include:

* Cloud vulnerabilities are on the rise – Amid a sixfold increase in new cloud vulnerabilities over the past six years, 26% of cloud compromises that X-Force responded to were caused by attackers exploiting unpatched vulnerabilities, becoming the most common entry point observed.

* More access, more problems – In 99% of pentesting engagements, X-Force Red was able to compromise client cloud environments through users’ excess privileges and permissions. This type of access could allow attackers to pivot and move laterally across a victim environment, increasing the level of impact in the event of an attack.

* Cloud account sales gain ground in dark web marketplaces – X-Force observed a 200% increase in cloud accounts now being advertised on the dark web, with remote desktop protocol and compromised credentials being the most popular cloud account sales making rounds on illicit marketplaces.

Unpatched software: #1 cause of cloud compromise

As the rise of IoT devices drives more and more connections to cloud environments, the larger the potential attack surface becomes introducing critical challenges that many businesses are experiencing like proper vulnerability management.

Case in point: the report found that more than a quarter of studied cloud incidents were caused due to known, unpatched vulnerabilities being exploited.

While the Log4j vulnerability and a vulnerability in VMware Cloud Director were two of the more commonly leveraged vulnerabilities observed in X-Force engagements, most vulnerabilities observed that were exploited primarily affected the on-premises version of applications, sparing the cloud instances.

As suspected, cloud-related vulnerabilities are increasing at a steady rate, with X-Force observing a 28% rise in new cloud vulnerabilities over the last year alone.

With over 3 200 cloud-related vulnerabilities disclosed in total to date, businesses face an uphill battle when it comes to keeping up with the need to update and patch an increasing volume of vulnerable software.

In addition to the growing number of cloud-related vulnerabilities, their severity is also rising, made apparent by the uptick in vulnerabilities capable of providing attackers with access to more sensitive and critical data as well as opportunities to carry out more damaging attacks.

These ongoing challenges point to the need for businesses to pressure test their environments and not only identify weaknesses in their environment, like unpatched, exploitable vulnerabilities, but prioritize them based on their severity, to ensure the most efficient risk mitigation.

Excessive cloud privileges aid in bad actors’ lateral movement

The report also shines a light on another worrisome trend across cloud environments — poor access controls, with 99% of pentesting engagements that X-Force Red conducted succeeding due to users’ excess privileges and permissions.

Businesses are allowing users unnecessary levels of access to various applications across their networks, inadvertently creating a stepping stone for attackers to gain a deeper foothold into the victim’s cloud environment.

The trend underlines the need for businesses to shift to zero trust strategies, further mitigating the risk that overly trusting user behaviours introduce.

Zero trust strategies enable businesses to put in place appropriate policies and controls to scrutinize connections to the network, whether an application or a user, and iteratively verify their legitimacy.

In addition, as organisations evolve their business models to innovate at speed and adapt with ease, it’s essential that they’re properly securing their hybrid, multi-cloud environments.

Central to this is modernising their architectures: not all data requires the same level of control and oversight, so determining the right workloads, to put in the right place for the right reason is important.

Not only can this help businesses effectively manage their data, but it enables them to place efficient security controls around it, supported by proper security technologies and resources.

Dark web marketplaces lean heavier into cloud account sales

With the rise of the cloud comes the rise of cloud accounts being sold on the Dark Web, Checked by X-Force observing a 200% rise in the last year alone. Specifically, X-Force identified over 100 000 cloud account ads across Dark Web marketplaces, with some account types being more popular than others.

Seventy-six percent of cloud account sales identified were Remote Desktop Protocol (RDP) access accounts, a slight uptick from the year prior.

Compromised cloud credentials were also up for sale, accounting for 19% of cloud accounts advertised in the marketplaces X-Force analysed.

The going price for this type of access is significantly low making these accounts easily attainable to the average bidder. The price for RDP access and compromised credentials average $7.98 and $11.74 respectively.

Compromised credentials’ 47% higher selling price is likely due to their ease of use, as well as the fact that postings advertising credentials often include multiple sets of login data, potentially from other services that were stolen along with the cloud credentials, yielding a higher ROI for cybercriminals.

As more compromised cloud accounts pop up across these illicit marketplaces for malicious actors to exploit, it’s important that organisations work toward enforcing more stringent password policies by urging users to regularly update their passwords, as well as implement multifactor authentication (MFA).

Businesses should also be leveraging identity and access management tools to reduce reliance on username and password combinations and combat threat actor credential theft.

Tue, 04 Oct 2022 19:11:00 -0500 en-US text/html https://it-online.co.za/2022/10/04/businesses-are-still-introducing-security-risk-into-cloud-environments/
Killexams : IBM’s former CEO downplays the importance of a college degree for six-figure earning ‘new collar’ jobs that now make up half of its workers

A four-year bachelor’s degree has long been the first rung to climbing America’s corporate ladder.

But the move to prioritize skills over a college education is sweeping through some of America’s largest companies, including Google, EY, Microsoft, and Apple. Strong proponents say the shift helps circumvent a needless barrier to workplace diversity.

“I really do believe an inclusive diverse workforce is better for your company, it’s good for the business,” Ginni Rometty, former IBM CEO, told Fortune Media CEO Alan Murray during a panel last month for Connect, Fortune’s executive education community. “That’s not just altruistic.”

Under Rometty’s leadership in 2016, tech giant IBM coined the term “new collar jobs” in reference to roles that require a specific set of skills rather than a four-year degree. It’s a personal commitment for Rometty, one that hits close to home for the 40-year IBM veteran.

When Rometty was 16, her father left the family, leaving her mother, who’d never worked outside the home, suddenly in the position to provide.

“She had four children and nothing past high school, and she had to get a job to…get us out of this downward spiral,” Rometty recalled to Murray. “What I saw in that was that my mother had aptitude; she wasn’t dumb, she just didn’t have access, and that forever stayed in my mind.”

When Rometty became CEO in 2012 following the Great Recession, the U.S. unemployment rate hovered around 8%. Despite the influx of applicants, she struggled to find employees who were trained in the particular cybersecurity area she was looking for.

“I realized I couldn’t hire them, so I had to start building them,” she said.

In 2011, IBM launched a corporate social responsibility effort called the Pathways in Technology Early College High School (P-TECH) in Brooklyn. It’s since expanded to 11 states in the U.S. and 28 countries.

Through P-TECH, Rometty visited “a very poor high school in a bad neighborhood” that received the company’s support, as well as a community college where IBM was offering help with a technology-based curriculum and internships.

“Voilà! These kids could do the work. I didn’t have [applicants with] college degrees, so I learned that propensity to learn is way more important than just having a degree,” Rometty said.

Realizing the students were fully capable of the tasks that IBM needed moved Rometty to return to the drawing board when it came to IBM’s own application process and whom it was reaching. She said that at the time, 95% of job openings at IBM required a four-year degree. As of January 2021, less than half do, and the company is continuously reevaluating its roles.

For the jobs that now no longer require degrees and instead rely on skills and willingness to learn, IBM had always hired Ph.D. holders from the very best Ivy League schools, Rometty told Murray. But data shows that the degree-less hires for the same jobs performed just as well. “They were more loyal, higher retention, and many went on to get college degrees,” she said.

Rometty has since become cochair of OneTen, a civic organization committed to hiring, promoting, and advancing 1 million Black individuals without four-year degrees within the next 10 years.

If college degrees no longer become compulsory for white-collar jobs, many other qualifications—skills that couldn’t be easily taught in a boot camp, apprenticeship program, or in the first month on the job—could die off, too, University of Virginia Darden School of Business professor Sean Martin told Fortune last year.

“The companies themselves miss out on people that research suggests…might be less entitled, more culturally savvy, more desirous of being there,” Martin said. Rather than pedigree, he added, hiring managers should look for motivation.

That’s certainly the case at IBM. Once the company widened its scope, Rometty said, the propensity to learn quickly became more of an important hiring factor than just a degree.

This story was originally featured on Fortune.com

More from Fortune:

A 2007 flashback: home flippers are in trouble again

Managing Gen Z is like working with people ‘from a different country’

The Renault Nissan empire once held together by fugitive Carlos Ghosn may slowly be unraveling

PayPal tells users it will fine them $2,500 for misinformation, then backtracks immediately

Sun, 16 Oct 2022 06:27:00 -0500 en-US text/html https://finance.yahoo.com/news/ibm-former-ceo-downplays-importance-165139880.html
Killexams : IBM’s Cloud Acquisition Charge Continues With Dialexa

Cloud News

Mark Haranas

IBM continues to spend millions to buy hybrid cloud companies, as the company makes its sixth acquisition in 2022 with Dialexa.

 ARTICLE TITLE HERE

IBM continues to spend millions on buying hybrid cloud companies with the unveiling of its acquisition of engineering consulting specialist Dialexa to boost its cloud charge.

Since IBM CEO Arvind Krishna took the reins in April 2020, IBM has acquired more than 25 companies, including many hybrid cloud businesses.

In February alone, IBM acquired cloud consultant services standout Sentaca, as well as Microsoft Azure consultancy all-star Neudesic—with the two purchases squarely aimed at boosting IBM’s hybrid and multi-cloud services capabilities.

[Related: UK To Probe Amazon, Google, Microsoft’s Cloud Dominance]

Looking at the Armonk, N.Y.-based company’s purchase of Dialexa, IBM will gain 300 skilled product managers, designers, full-stack engineers and data scientists. Dialexa will become part of IBM’s Consulting business unit, which spearheads the company’s digital product engineering services in the Americas.

“Dialexa’s product engineering expertise, combined with IBM’s hybrid cloud and business transformation offerings, will help our clients turn concepts into differentiated product portfolios that accelerate growth,” said John Granger, senior vice president of IBM Consulting, in a statement.

Krishna: Hybrid Cloud A ‘Competitive Advantage’

Dialexa marks IBM’s sixth purchase in 2022 with the goal of boosting its hybrid cloud and artificial intelligence abilities.

Along with buying Dialexa, Sentaca and Neudesic, IBM has also acquired Randori, an attack surface management cybersecurity specialist that helps protect hybrid cloud environments.

Earlier this year, IBM’s CEO said hybrid cloud and artificial intelligence are top of mind for his company in terms of investment and the future.

“We are integrating technology and expertise—from IBM, our partners and even our competitors—to meet the urgent needs of our clients, who see hybrid cloud and AI as crucial sources of competitive advantage,” Krishna said in March. “And we are ready to be the catalyst of progress for our clients as they pursue the digital transformation of the world’s mission-critical businesses.”

In 2021, IBM’s hybrid cloud revenue jumped 19 percent compared with 2020, comprising 35 percent of its total revenue.

IBM’s Acquisition Of Dialexa

Based in Dallas and Chicago, Dialexa delivers a suite of digital product engineering services to help customers create transformative products to drive business outcomes.

Dialexa’s 300-strong engineers and skilled IT experts advise and create custom digital products for customers, which include Deere & Company, Pizza Hut U.S. and Toyota Motor North America. Financial terms of the Dialexa deal were not disclosed.

IBM said Dialexa provides deep experience delivering end-to-end digital product engineering services consisting of strategy, design, build, launch and optimization services across cloud platforms including Amazon Web Services and Microsoft Azure.

“Digital product engineering represents the tip of the spear for competitive advantage,” said Dialexa CEO Scott Harper in a statement. “IBM and Dialexa’s shared vision for delivering industry-defining digital products could be a game-changer.”

Mark Haranas

Mark Haranas is an assistant news editor and longtime journalist now covering cloud, multicloud, software, SaaS and channel partners at CRN. He speaks with world-renown CEOs and IT experts as well as covering breaking news and live events while also managing several CRN reporters. He can be reached at mharanas@thechannelcompany.com.

Fri, 23 Sep 2022 09:04:00 -0500 en text/html https://www.crn.com/news/cloud/ibm-s-cloud-acquisition-charge-continues-with-dialexa
Killexams : Better Buy: IBM Stock vs. 2-Year Treasury Notes

Investors this year increasingly turned away from dividend stocks in favor of the rising yields being offered on bonds. Given that investors can now earn a 4.3% return on a 2-year Treasury note, many prefer that guaranteed return to the risks of putting money into the stock market.

International Business Machines (IBM 1.74%) offers a dividend yield that exceeds that bond return. But with a bear market in progress, are investors better served to take a chance on the cloud stock or to take the 4.3% return at virtually zero risk?

IBM and its dividend

IBM didn't participate in the bull market of the 2010s. The stock dropped as its tech businesses suffered a considerable growth slowdown. In an effort to change that, IBM pivoted into the cloud computing sector aggressively, in part via its $34 billion purchase of Red Hat in 2019. Grand View Research forecasts a compound annual growth rate of 16% through 2030 for the cloud industry. Growth like that could certainly help both IBM and its stock.

Also, IBM spun off its managed infrastructure business into a new public company, Kyndryl. This business was less of a fit with the parent company amid its pivot to the cloud. Separating it off should make it easier for IBM to grow its revenue.

Time will tell if these moves can help the stock price recover. Nonetheless, IBM currently pays its shareholders $1.65 per share every quarter, or $6.60 per share annually. At the current stock price, that adds up to a yield of 5.6% per year. Moreover, depending on your financial situation, the IRS may tax your dividends at a lower capital gains rate, which can offer an added advantage.

Additionally, IBM hiked its payout annually for 27 consecutive years, making it a Dividend Aristocrat. That status carries some importance as many income investors will be more inclined to buy and hold IBM stock because of this status. Also, since abandoning Dividend Aristocrat status tends to hurt a stock, management will probably prioritize maintaining it by continuing to raise those payouts.

Investors also can also reinvest their dividend payments into more IBM stock. However, such newly purchased shares will pay you the dividend yield at that time. The return will rise if the stock falls since investors can buy the exact cash return at a lower price. Conversely, cash yields will drop if the stock rises, but those investors still benefit since the stock has increased in value.

What to know about 2-year Treasury notes

U.S. Treasury notes offer more stability than stocks such as IBM. Investors who purchase the 2-year Treasury note receive semiannual interest payments. At the current interest rate of 4.3%, investors will receive a 2.15% cash return on their invested amount in each of the subsequent three six-month periods. In the fourth period, when the note matures, investors receive the final 2.15% payment along with the return of their principal.

Investors should also be aware that bond values can fluctuate. If interest rates drop, the value of the bond will fall; the opposite will happen if rates rise. This affects investors if they decide to sell the bond early. Upon maturity, the note will return to its par (or nominal) value.

Additionally, bond interest payments are subject to federal income tax but exempt from state and local taxes. In some cases, this is higher than taxes on dividends. Still, bond issuers are obligated to make such payments. In contrast, IBM faces no legal obligation to continue its dividend.

Also, like with a stock, investors can reinvest their interest payments into more notes or other forms of Treasury bonds. However, those purchases will be subject to the prevailing interest rates at that time.

IBM or the 2-year Treasury note?

Investors who lack much risk tolerance should choose the Treasury note. Given its guaranteed return, they will not have to worry about volatility.

Nonetheless, for investors comfortable with buying stocks, IBM is a surprisingly strong buy. The cloud industry is in growth mode, which should propel IBM stock to a long-awaited turnaround. Moreover, IBM has repeatedly shown it wants to hold on to its Dividend Aristocrat status. This should provide its income investors returns that are not only larger than the bonds offer, but also likely to increase in size.

Will Healy has no position in any of the stocks mentioned. The Motley Fool has no position in any of the stocks mentioned. The Motley Fool has a disclosure policy.

Fri, 14 Oct 2022 00:20:00 -0500 Will Healy en text/html https://www.fool.com/investing/2022/10/14/better-buy-ibm-stock-vs-2-year-treasury-note/
Killexams : IBM Research Secures Future Safe From Quantum Attacks

Quantum computing will bring unimagined innovations to the world when it finally arrives in full glory. Still, quantum remains in the research labs at companies like IBM, Google, and Microsoft. While companies and research institutions are investing billions of dollars to increase the capacity of quantum systems, a time will come in the following years, or decades, when researchers will reach "quantum supremacy." But these large quantum marvels could also jeopardize the security of critical information systems. Researchers, including IBM are working to develop new security algorithms that will be resilient to these attacks.

The Quantum Threat to Security

While quantum can solve computing challenges far beyond what is possible today, its ability to find the factors of large prime numbers makes it the ideal cybersecurity safe cracker once quantum computing systems mature in their scale, quality, and speed. Every computer system and every bit of "secure" data could become vulnerable to attack from quantum-equipped nefarious actors. The World Economic Forum "estimate(s) that over 20 billion digital devices will need to be either upgraded or replaced in the next 10-20 years to use the new forms of quantum-resistant encrypted communication. We recommend that organizations start planning for this now.

What constitutes "adequate size" might provide us some false comfort: a 2019 study suggested that a computer with 20 million qubits would take eight hours to break modern encryption. Today's quantum computers are on the order of only 100 qubits. But while that implies that the threat is in the distant future, one must consider that a bad actor doesn't need to wait for the massive quantum system to materialize. The "Steal now, crack later" approach leads to a latent future security threat. Consequently, organizations should deploy quantum-safe security as soon as possible to minimize future risk.

Stopping Quantum Attacks Before They Begin

Consequently, the National Institute of Standards and Technology (NIST), a bureau of the U.S. Department of Commerce, has been conducting an ongoing search for quantum-safe security algorithms that are both secure and efficient. After all, we need our laptops, cars, and mobile phones to also be able to resist attacks from quantum-equipped bad actors. After four rounds of submissions, NIST selected four algorithms from a slate of 82 candidates. IBM Research had submitted 3 of the four chosen algorithms. All submissions have been subjected to research by industry scrutiny by government agencies, academic scientists, and mathematicians. This process is now reaching its conclusion; the NIST is expected to publish standards based on these 4 algorithms sometime in 2024.

The NIST contest covers the two aspects of security that could be vulnerable to quantum computing: public key encapsulation (used for public-key encryption and key establishment) and digital signatures (used for identity authentication and non-repudiation). For the former, NIST selected the CRYSTALS-Kyber algorithm. NIST selected three algorithms for signatures: CRYSTALS-Dilithium, FALCON, and SPHINCS+, with CRYSTALS-Dilithium as the primary algorithm in the signature category.

The Telco Industry Steps Up to Address Quantum Safe

On September 29, GSMA announced the formation of the GSMA Post-Quantum Telco Network Taskforce, of which IBM and Vodafone are initial members, to help define policy, regulation and operator business processes to enhance protections of telecommunications in a future of advanced quantum computing. Since virtually all organizations and sectors conduct commerce on the internet, and the 800 providers whose pipes that carry all the internet traffic, the Telco industry is a good place to start. We expect other sectors to follow suit, perhaps starting with banking, government, and health care.

IBM Adds Quantum-Safe Security to the IBM z16

Given the magnitude of the potential risks, and the predominance of IBM Z systems in security-critical applications, IBM has included future-proof digital signature support in its latest z16 mainframe using CRYSTALS-Kyber and CRYSTALS -Dilithium algorithms selected by NIST. z16 implements this algorithm across multiple layers of firmware to help protect business-critical infrastructure and data from future quantum attacks. IBM has said it is also working to bring these new methods to the broader market.

In addition, IBM has developed a multi-step process to assist clients toward rapidly making institutions quantum safe. The company works with clients to identify where they are vulnerable to quantum-based cryptography attacks, assess cryptographic maturity and dependencies, and identify near-term achievable cryptographic goals and projects. The risks clients may face vary substantially based on the type of applications and data an organization handles and the state of its current cryptography.

Conclusions

Quantum computing's potential threat to global information security may seem to be a distant and abstract risk. However, the inevitable advances of quantum technology and the "Steal now, crack later" approach bad actors are undertaking to make quantum-safe a genuine and pressing matter for vendors and IT organizations. IBM wasted no time bringing that technology to market in the IBM z16. IBM Research has contributed three of the four algorithms the NIST quantum-safe contest has selected to be the most viable, secure, and efficient of the 70 techniques evaluated.

Beyond the NIST-approved algorithms, IBM Is working to provide “crypto agility”, helping organizations not only replace the soon-to-fail existing algorithms but also transform their security practices to remain resilient as new threats emerge in the post-quantum world. Creating crypto observability, enabling ongoing monitoring and actions on crypto-related security items, will help keep the world safer from bad actors with virtually unlimited computing capacity at their disposal.

More information can be found at here.

Disclosures: This article expresses the opinions of the authors, and is not to be taken as advice to purchase from nor invest in the companies mentioned. Cambrian AI Research is fortunate to have many, if not most, semiconductor firms as our clients, including Blaize, Cerebras, D-Matrix, Esperanto, FuriosaAI, Graphcore, GML, IBM, Intel, Mythic, NVIDIA, Qualcomm Technologies, Si-Five, SiMa.ai, Synopsys, and Tenstorrent. We have no investment positions in any of the companies mentioned in this article and do not plan to initiate any in the near future. For more information, please visit our website at https://cambrian-AI.com.

Wed, 28 Sep 2022 12:00:00 -0500 Karl Freund en text/html https://www.forbes.com/sites/karlfreund/2022/09/29/ibm-research-prepares-for-a-world-safe-from-quantum-attacks/
Killexams : See Which Of The Latest 13F Filers Holds IBM No result found, try new keyword!In terms of shares owned, we count 6 of the above funds having increased existing IBM positions from 06/30/2022 to 09/30/2022, with 2 having decreased their positions. Looking beyond these ... Thu, 13 Oct 2022 02:26:00 -0500 text/html https://www.nasdaq.com/articles/see-which-of-the-latest-13f-filers-holds-ibm-1 Killexams : IBM set to buy Dialexa, adding to list of more than 25 acquisitions since April 2020

RESEARCH TRIANGLE PARK – In a move to enhance its hybrid cloud and AI capabilities, IBM will buy the digital product engineering consulting services firm Dialexa in a deal that will close later this year.

IBM announced the deal in a statement, which also notes that the purchase of the firm will “deepen IBM’s product engineering expertise and provide end-to-end digital transformation services for clients.”

When the deal closes, Dialexa will become the sixth company bought by IBM in 2022.

But Big Blue has been on a buying frenzy since April 2020, when Arvind Krishna became the company’s CEO.  According to the company, IBM has acquired more than 25 other firms, with 13 to bolster IBM Consulting.

The latest acquisition of Dialexa points toward how IBM may grow its consulting services presence.

“In this digital era, clients are looking for the right mix of high-quality products to build new revenue streams and Strengthen topline growth,” said John Granger, senior vice president, IBM Consulting, in a statement. “Dialexa’s product engineering expertise, combined with IBM’s hybrid cloud and business transformation offerings, will help our clients turn concepts into differentiated product portfolios that accelerate growth.”

The company’s 300 employees are based in Dallas and in Chicago, and will join IBM Consulting, according to the statement.  Among the firm’s clients is Toyota Motor North America, which will invest $2.5 billion in North Carolina to build the company’s first U.S. electric battery manufacturing plant in Randolph County.

Thu, 22 Sep 2022 12:00:00 -0500 en-US text/html https://wraltechwire.com/2022/09/23/ibm-set-to-buy-dialexa-adding-to-list-of-more-than-25-acquisitions-since-april-2020/
Killexams : Securing UK Manufacturers from Cyber Attacks with Cyber-Physical AI (Guest blog by Exalens)

Guest blog by Dr Ryan Heartfield, Co-founder and CTO / Chief Scientist at Exalens #Cyber2022

Manufacturers have been transforming their operations to harness the power of connected devices to optimise production, but this move to enhance operational output has opened the door to new threats– cyber criminals eager to take advantage of gaps in the system.

According to IBM’s X-Force Threat Intelligence Index, manufacturing ranked as the most targeted industry by cyber attacks in 2021. This unfortunate prize used to be awarded to financial services, but the landscape has shifted and so has the focus of threat actors.

Let’s look at the nature of these risks, and actions that manufacturers can take to minimise the impact of cyber attacks using artificial intelligence (AI).

Risks that manufacturers are facing

Many businesses operate under the misconception that they are unlikely targets and that cyber criminals prefer to infiltrate larger enterprises. But it’s shown that attacks are more likely to occur on the vulnerable. Cyber criminals of all stature are searching for the path of least resistance– casting a wide net for easy marks to compromise and extort.

Ransomware was observed as the primary method of attack against manufacturers (after initial access was gained). Malicious actors find vulnerabilities in a system, gain access, encrypt its contents (and in various cases steal it as well), then demand payment to release the data back to its owner. 

Ransomware as an attack may have multiple other vectors leading to it. Malware (malicious software), a broad term which ransomware falls under, represents a host of programs used to gain control of a system and cause harmful actions (locking devices, disrupting system processes, deleting, corrupting data, or stealing data etc). Phishing operations (social engineered emails luring people to fake websites to extract sensitive information, or with infected file attachments that will compromise their system) have also been a key area of exploitation. All of which provide an entry point to compromise a company and need few resources to execute.

Mitigate risk with the fundamentals

The first step to cyber defence requires a cultural mindset and alignment from the organization and teams on strategies and measures. This means creating policies to patch and update firmware and operating systems and enforcing security protocols for secure passwords, keys, and multi-factor authentication. Manufacturers should have a system backup and restore strategy and need to build a network map with their interconnections.

This is not an exhaustive list, but it can act as a starting point. There are always new tactics being used by criminals, so this is often a one-sided interaction. Organizations find themselves playing catchup in a never-ending game of attack and defence.

But there are new developments using AI that further mitigate risks and reduce incident response time so that manufacturers can stay resilient in the face of attacks.

Build resilience to cyber attacks with cyber-physical AI

Resilience is the key objective to prioritise when it comes to cyber attacks, because threats are inevitable, and we cannot eradicate the source of every malicious attempt – no matter how many preventative controls we may put in place!

The challenges add up for manufacturers because they are entering a new paradigm with cyber-physical interconnections. IT and OT systems now interact to optimise production with connected devices. But this ever-growing interplay between the digital and physical world compounds the demand for cybersecurity. Digital transformation for operators means understanding new and probable risks, dealing with an increased load of data processing, time restraints to coordinate growing complexity, and a skills gap between available human resources and the necessary experience to manage these workflows.

Through research I conducted with other leading academics, we categorised cyber-physical threats and their impact on smart environments and used deep learning models to detect cyber-physical intrusions. Our research showed that AI offers scalable solutions to support the growing cyber-physical security demands on smart environments. This research background led me to co-found Exalens where we focus on securing smart manufacturers with cyber-physical AI – which intelligently combines both computer-related and physical process data to Strengthen the way in which operational threats are detected and categorised.

Cyber-physical security may be a new term to some, but it is a more complete description of what manufacturers are facing. Visibility across the interconnection of every system adds complexity but is vital for security. AI allows us to utilise data from cyber-physical systems to test and train models, then automate processes.

The benefits of cyber-physical AI for manufacturers include:

  • Real-time visibility and correlation between IT and OT systems
  • Automated detection and classification of threats and faults (e.g., cyber attack vs equipment failure)
  • Increased speed of incident detection
  • Reduction in operational downtime
  • Reduced burden on the workforce
  • Reduction in human error
  • Improved oversight, responsiveness, and serviceability by IT and OT teams

The pathway for manufacturers going through their digital transformation journey requires a first step– establishing a firm foundation of cybersecurity protocols and solutions. The next step forward for manufacturers building resilience to cyber attacks requires scalable solutions that leverage the power of cyber-physical AI to automate processes. This reduces the burden on the team, improves cyber-physical visibility, and speeds up response time to threats, which increases resilience and reduces downtime.


Help to shape and govern the work of techUK’s Cyber Security Programme

Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.

*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.


Upcoming events 

Cyber Innovation Den

On Thursday 3 November, techUK will host our fourth annual Cyber Innovation Den online. This year we’ll explore efforts being made to realised the ambition set out in the National Cyber Strategy, with speakers taking a look at the progress we’ve seen to date, including the foundation of the UK Cyber Security Council, the reinvigoration of the Cyber Growth Partnership and the continued growth in the value of the sector to the UK economy.

Book now!

Cyber Security Dinner

In November techUK will host the first ever Cyber Security Dinner. The dinner will be a fantastic networking opportunity, bringing together senior stakeholders from across industry and government for informal discussions around some of the key cyber security issues for 2022 and beyond.

Book now!


Get involved

All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.

The Cyber Security Group provides a coherent voice for industry working in "high threat" areas - including defence, national security and resilience, the protection of critical national infrastructure, intelligence and organised crime.

The Cyber Management Committee sets the strategic vision for the cyber security programme, helping the programme engage with government and senior industry stakeholders.

The CSSMEF is comprised of SME companies from the techUK membership. The CSSMEF seeks to include a broad grouping of different SME companies working in the Cyber Security (CS) sectors.

Authors

Dr Ryan Heartfield

Co-founder and CTO / Chief Scientist, Exalens

Dr. Ryan Heartfield Co-founder and CTO/Chief Scientist at Exalens. He has over a decade of experience in combatting complex cybersecurity threats through AI-driven threat detection and incident response capabilities, and dynamic software-defined network security architecture.

Prior to Exalens, Ryan was a senior security architect at Splunk for Security Orchestration Automation and Response (SOAR), and security architect for UK Government, where he led the delivery of advanced cybersecurity operations capabilities. He is a previous Research Fellow of Cybersecurity within the Internet of Things and Security Research Centre at the University of Greenwich, and he holds a PhD in Cybersecurity and First-class degree in Computer Systems and Networking from the University of Greenwich.

LinkedIn:
https://www.linkedin.com/in/ryan-h-607627198/

Read lessmore

Mon, 10 Oct 2022 20:04:00 -0500 text/html https://www.techuk.org/resource/exalens-cyber2022.html
Killexams : IBM veteran joins Red Hat C-suite in major executive shakeup No result found, try new keyword!IBM subsidiary Red Hat is making key changes to its executive leadership – shifting current CFO Carolyn Nash into the Chief Operating Officer role as it gives its finance and operations ... Wed, 12 Oct 2022 02:51:00 -0500 text/html https://www.bizjournals.com/triangle/news/2022/10/12/red-hat-ibm-executive-leadership-changes.html Killexams : IBM (IBM) Gains But Lags Market: What You Should Know

IBM (IBM) closed at $127.73 in the latest trading session, marking a +0.36% move from the prior day. This move lagged the S&P 500's daily gain of 0.69%. At the same time, the Dow added 0.64%, and the tech-heavy Nasdaq lost 0.2%.

Coming into today, shares of the technology and consulting company had lost 8.02% in the past month. In that same time, the Computer and Technology sector lost 14.62%, while the S&P 500 lost 9.94%.

Investors will be hoping for strength from IBM as it approaches its next earnings release. On that day, IBM is projected to report earnings of $1.88 per share, which would represent a year-over-year decline of 25.4%. Meanwhile, our latest consensus estimate is calling for revenue of $13.75 billion, down 21.96% from the prior-year quarter.

Looking at the full year, our Zacks Consensus Estimates suggest analysts are expecting earnings of $9.39 per share and revenue of $59.9 billion. These totals would mark changes of +18.41% and -15.38%, respectively, from last year.

Investors might also notice accurate changes to analyst estimates for IBM. These revisions typically reflect the latest short-term business trends, which can change frequently. As such, positive estimate revisions reflect analyst optimism about the company's business and profitability.

Our research shows that these estimate changes are directly correlated with near-term stock prices. To benefit from this, we have developed the Zacks Rank, a proprietary model which takes these estimate changes into account and provides an actionable rating system.

The Zacks Rank system, which ranges from #1 (Strong Buy) to #5 (Strong Sell), has an impressive outside-audited track record of outperformance, with #1 stocks generating an average annual return of +25% since 1988. Over the past month, the Zacks Consensus EPS estimate has moved 0.88% lower. IBM is currently a Zacks Rank #3 (Hold).

Digging into valuation, IBM currently has a Forward P/E ratio of 13.56. This represents a no noticeable deviation compared to its industry's average Forward P/E of 13.56.

Meanwhile, IBM's PEG ratio is currently 1.94. This metric is used similarly to the famous P/E ratio, but the PEG ratio also takes into account the stock's expected earnings growth rate. Computer - Integrated Systems stocks are, on average, holding a PEG ratio of 1.77 based on yesterday's closing prices.

The Computer - Integrated Systems industry is part of the Computer and Technology sector. This group has a Zacks Industry Rank of 162, putting it in the bottom 36% of all 250+ industries.

The Zacks Industry Rank gauges the strength of our individual industry groups by measuring the average Zacks Rank of the individual stocks within the groups. Our research shows that the top 50% rated industries outperform the bottom half by a factor of 2 to 1.

To follow IBM in the coming trading sessions, be sure to utilize Zacks.com.


Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report
 
International Business Machines Corporation (IBM) : Free Stock Analysis Report
 
To read this article on Zacks.com click here.
 
Zacks Investment Research

Mon, 19 Sep 2022 11:43:00 -0500 en-US text/html https://finance.yahoo.com/news/ibm-ibm-gains-lags-market-214509102.html
000-046 exam dump and training guide direct download
Training Exams List