As technologists, we need to do better. Surprisingly, the 1,246 pg UK Brexit deal includes references to Netscape 4.x, SHA-1, JPEG2000, & non-cloud infrastructure models. It's mix of outdated file standards, tools, and design practice. It's easy to dismiss the fact the authors suggest aged cybersecurity encryption algorithms and applications from the 1990's. The real question is why? The problem we are facing is much larger than a "cut and paste" error. The pace of technology is increasing, but we must bring non-technologists along with us.

As professional engineers, cybersecurity scholars, cloud computing professionals, and technology practitioners, the latest standards, versions, and solution stacks are intuitive to us. They are second nature to us, we regularly apply emerging technology to solve problems. We are the creative class Richard Florida described, knowledge workers defined by Tom Peters. We use the latest package managers, version controlled repositories, and libraries in our designs, deployments, and daily builds. We design for resiliency using agile approaches with our product teams and apply DevSecOps techniques for our Software Factories.

While we advocate for simple concepts like encryption at rest, encryption in transit, loosely coupled architectures, it is clear non-technologists are not processing what we are saying. How do we know this? As evidenced in the Brexit deal, we see plain text connections in the diagram, product versions from decades ago, and design patterns that will not scale. Perhaps what is most alarming is the absence of approaches such as application programming interfaces, distributed ledger technology, zero-trust concepts, identity protections, access controls, governance models.

The list goes on and on. But who is to blame for these seemingly glaring omissions? Some suggest it's a cut and paste clerical error, but even at that I would expect a reviewer to question the ciphers for securing DNA profiles, fingerprint data, and vehicle registrations. The combination of SHA-1 (outdated since 2015) + Netscape (h/t Web Design Museum) + DNA profile should make us cringe.

As technologists, we need to do better. Communicate differently, collaborate in new ways, share the vision with new techniques, demonstrate improved methods. I am convinced the solution, in part, lies with engineers, technologists, researchers, professors, and practitioners.

I recommend the Brexit authors start with core foundational standards to design modern #cloud #architecture for #scaling & #security. There are so many helpful resources, I included 4 that focus on cloud, cloud cybersecurity, re:invent conference proceedings, and even a lab with hands-on instruction to build a distributed ledger to manage vehicle titles!

In additional to the technology standards, we need to appropriately address the ethical use of the data collected. It's time for the non-technologists to treat technology as essential to security and design of systems, not merely an "after-thought."

The challenge before us is to step out of our technology domain and work across boundaries to improve the way we are working, the concepts we are advocating, and created scalable, secure, safe platforms on which future communities will build.
​
References:

• NIST Definition of Cloud Computing SP 800-145 (Mell & Grance, 2011)
• Assured Identity for the Cloud (Daniels, 2011)
• IBM Blockchain Hands on Lab, Distributed Ledger (IBM)
• AWS re:Invent Replay starts on 12-January with over 200 sessions.

As we approach the close of 2020, we reflect on a year that tested our community of global leaders in health, security, and productivity like no other time in recent memory.  While the past 12 months have proved to be tumultuous, volatile, and ambiguous, I would like to share some of the lessons we learned in hopes they may be applied to the following year. 

As we usher in 2021 with the inspiration of hope and promise, 3 leadership lessons from 2020 are apparent: technology advantage, demand for leadership, and integration of processes and platforms.  Leaders who focus on these areas  will successfully guide their organizations, product teams, and companies.

1. Technology Advantage

• Productivity
  • Maximizing investments in labor, tooling, and platforms was key in 2020.  The trend will continue in 2021 and we will focus on resilient operations.  Investments in Artificial Intelligence-based platforms will allow us to predict machine maintenance before an outage, supply chain interrupts before they occur. 
    
    
• Collaboration
  • 2020 was the year of remote work and video conferencing.  We learned to work with new platforms, tools, and remote locations, such as the spare bedroom.  2021 will continue the trend, and platforms will be key for continued collaboration across boundaries.

2. Leadership Demand

• Transparency
  • The nature of our work is increasingly collaborative.  Group projects, multiple time-zones, global regions.  In 2020, we dropped the formality of multiple reviews, pre-reads, and dry-runs; the priority was in making information available, not polishing a final product.  Our work products should be transparent, accessible, visible.  And be willing to adjust as the situation changes, conditions improve or degrade.
    
    
• Visibility
  • In 2020, we stopped pretending there are two worlds: one at work and one outside of work.  With civil unrest in cities around the world, it became apparent that our community affects us at work in many ways.  We opened up with leaders, colleagues, staff.  We asked “how are you doing, how are things where you are?”  And we listened with humility.  Being visible with teams will be key in 2021.  Approach humbly, engage with sincerity.
    
    
• Compassion
  • We dealt with unstable video conferencing platforms, interruptions from children during videoconferences, and “you’re not on mute.”  Leaders will go into 2021 with compassion, caring, and patience as we all adjust to new work conditions.

3. Integration Critical

• Through process automation, data governance, process definition
  • The way we worked in 2020 highlighted a number of process inefficiencies.  We quickly dropped non-value-added processes in favor of speed to market approaches.  The increasing demand for information highlighted the need for better integrated data sets, systems, and tools.  In 2021, we will continue to apply techniques such as robotic process automation (RPA), using the opportunity to lean out processes while automating where possible.
• Platform and data interoperability
  • Proverbial “silos of excellence” are examples where we maximized a function or a sub-system process, but failed to address the entire system.  2021 will demand that we break down silos through integration techniques such as data lakes, common access models, interoperability frameworks, and data governance.  Commonality across functional systems will actually increase innovation and allow us to focus on “systems of differentiation” for competitive advantage.

In 2020, we proved the human spirit endures.  From gratitude, to humble engagement, listening with empathy, and servant leadership, we endure.  Focusing on the technology advance, leadership approach, and integration, we will make a positive difference in 2021.

We are seeing an increasing volatile, uncertain, complex, and ambiguous (VUCA) global environment.  Countries and organizations that excel will invest in automation and integration of platforms and systems.

As technologists, we have identified 21 emerging technology trends to watch in 2021.  

1. Artificial Intelligence - Automation, Governance, Data
2. IoT Internet of Things - Automation, Connectivity, Data
3. Blockchain - Integration, Cybersecurity
4. Additive - Automation, Integration, Efficiency
5. Autonomous Vehicles - Transportation, Fulfillment, Logistics
6. Robotics - Automation, AI, Data, Digital Manufacturing
7. Virtual Reality - Learning, Skills Development, Collaboration
8. Wi-Fi6 - Connectivity, Cybersecurity, Digital Manufacturing
9. Quantum - Automation, Infrastructure
10. 5G - Connectivity, Cybersecurity, Digital Manufacturing
11. Composite Manufacturing - Automation, Integration, Efficiency
12. Natural Language Processing - Communications, Learning, Efficiency
13. Customer Experience - Communications, Learning, Efficiency
14. Digital Twin - Logistics, AI, Data, Digital Manufacturing
15. Process Mining- Automation, AI, Data, Digital Manufacturing
16. Haptic Technology - Cognitive, Augmented Reality, Training, Digital Twin
17. Swarm - Intelligent Agents, Bots, Defense
18. Edge Computing - Compute, Automation, AI, Digital Manufacturing
19. Advanced Materials - Digital Manufacturing, Integration, Logistics
20. API Programming Interfaces - Integration, Efficiency, Automation
21. Smart Spaces - Facilities, Future of Work, Collaboration

I just found out a new book by S Sambhi, S Sambhi, VS Bhadoria leverages my research in IoT, Distributed Ledger Technology/Blockchain, Cloud Computing, and Artificial Intelligence.  I am looking forward to reviewing the final publication! 

IoT-Based Optimized and Secured Ecosystem for Energy Internet: The State-of-the-Art - Internet of Things 
In India, the concept of smart cities and Internet of Everything is taking shape with a faster pace, so the dependence on electrical energy is increasing day by day. Renewable energy is being adopted rapidly to overcome the power shortages and to meet the power demand.

I am thrilled to join you for the Winter 2021 session of CST 620 9042 Prevention of Cyber Attack Methodologies (2211).
​
Although we officially begin on 12 January, 2021
I wanted to simply say hi and welcome each of you :)

What to expect:

• Collaborative environment
• All work open, visible, accessible for our course
• Approachable and engaged professor

My approach to our course is the same as the high performance teams I manage.  I don't have ALL the answers and we can learn from each other throughout the semester.  I have had RSA scholars, Fortune 50 consultants, and some of the brightest cybersecurity professionals enroll in this course.  You are among giants in the industry and I simply cannot wait to see what you add to the course!

Have a wonderful holiday.  I hope you can enjoy some downtime before we bring on 2021!

Be well,
Jeff
​Professor, UMGC
@jeffdaniels

...The big military funding bill contains a lot of AI items…

The United States is about to get a bunch of new AI legislation and government investment, thanks to a range of initiatives included in the National Defense Authorization Act (NDAA), the annual must-pass fund-the-military bill that winds its way through US politics.

For those of us who lack the team to read a 4,500 page bill (yes, really), Stanford HAI has done us a favor and gone through the NDAA, pulling out the relevant AI bits. 

What the US military is doing about AI:

• Joint AI Center (the US military's main AI office): Making the Joint AI Center report to the Deputy SecDef, instead of the CIO. Also getting the JAIC to do a biannual report about its work and how it fits with other agencies. Also creating a board of advisors for the JAIC.
• Ethical military AI: Tasks the SecDef to, within 180 days of bill passing, assess whether DoD can ensure the AI it develops or acquires is used ethically.
• Five AI projects: Tasks the SecDef to find five projects that can use existing AI systems to improve efficiency of DoD.
• DoD committee: Create a steering committee on emerging technology for the DoD.
• AI hiring: Within 180 days of bill passing, issue guidelines for how the DoD can hire AI technologists.

​Source: James Clark AI Blog

Interesting research as the Felps et. al explore the the impact on deep neural networks and machine learning as individuals take control of their data and remove PII and personal data.

​Entire paper here Class Clown: Data Redaction in Machine Unlearning at Enterprise Scale

Abstract:

​Individuals are gaining more control of their personal data through recent data privacy laws such the General Data Protection Regulation and the California Consumer Privacy Act. One aspect of these laws is the ability to request a business to delete private information, the so called “right to be forgotten” or “right to erasure”. These laws have serious financial implications for companies and organizations that train large, highly accurate deep neural networks (DNNs) using these valuable consumer data sets.

​However, a received redaction request poses complex technical challenges on how to comply with the law while fulfilling core business operations. We introduce a DNN model lifecycle maintenance process that establishes how to handle specific data redaction requests and minimize the need to completely retrain the model. Our process is based upon the membership inference attack as a compliance tool for every point in the training set. These attack models quantify the privacy risk of all training data points and form the basis of follow-on data redaction from an accurate deployed model; excision is implemented through incorrect label assignment within incremental model updates.

Dr. Jeff Daniels, editor of the Journal of the British Blockchain Association received a Certification of Appreciation from JBBA  founder, editor in chief and president Dr. Naseem Naqvi, FBB

Daniels said, "I am thankful to work with Dr. Naseem Naqvi and the editorial board at JBBA.  We are doing  important research at the British Blockchain Association.  Dr. Naqvi and our colleagues are publishing critical research in the fields of medical, technology, cybersecurity, finance,  industrial systems, and many other domains.  Distributed Ledger Technology will play a pivotal role in future cybersecurity, assurance, and trusted platform solutions."

The JBBA, the Journal of the British Blockchain Association, is the world’s first peer-reviewed, academic Blockchain journal that is available both in print, and online. The JBBA is a fully open access journal offering a wide-ranging and comprehensive coverage of all facets of DLT/ Blockchain Technology and Cryptocurrencies. We welcome manuscripts reporting Blockchain and DLT research projects, scientific methods, case studies, analysis, reviews and practical use cases of emerging distributed ledger technologies and innovations including sound descriptive work. All research articles undergo a fully ‘double-blind’ peer review process by 2-3 independent, external reviewers.

The publication can be found at https://jbba.scholasticahq.com/   

I am partnering with Kelly Caudle, Program head of Cisco Academy Support Center (ASC), Instructor Training Center, VMWare Academy, IT Academy, and Lead Instructor on a grant for Cisco Training.

We will start in February 2021, thankful for the partnership!