Rezilyens LLC

Growth Strategy with a customer-centered supply chain

Rez — Mon, 07 Sep 2020 04:04:38 +0000

Supply-chain disruptions can be minor delays caused by a production glitch — or a big jolt from a global pandemic. Businesses are increasingly turning to technology to deal with such interruptions.

Companies are cutting supply chain complexity and accelerating responsiveness using the tools of artificial intelligence. Through AI, machine learning, robotics, and advanced analytics, firms are augmenting knowledge-intensive areas such as supply chain planning, customer order management, and inventory tracking.

Today, optimizing the supply chain is about much more than operational efficiencies. Indeed, the supply chain has proven to be a key driver of new business value and growth at the likes of Amazon and Walmart – provided it is entirely focused on hyper-relevance and customer value. That’s a tough proposition for businesses encumbered by fragmented legacy technologies and outdated one-size-fits-all supply chain models. With many processes still siloed and under-optimized, as well as over-reliant on manual activities and proprietary assets, today’s supply chains are not keeping up with the pace of change. Significant opportunities for improvement, optimization, and innovation are being missed.

In this era of constant change, customers are becoming the undisputed center of attention. Business growth is now about outsmarting the competition through speed and hyper- relevance, enhancing both customer experience and customer loyalty. It’s about developing the intelligence and agility to continuously adapt the whole value chain to what customers expect today – and what they’ll want tomorrow.

A modern operating architecture is essential for supporting the customer- centered supply chain and unlocking new growth. But it takes more than simply transitioning to a new ERP platform for instance.

Rather, it needs a complete customer-centric transformation of the whole supply chain. Creating a genuinely customer-centered supply chain means embarking on a journey of disruptive transformation.

With the transition to a more modern architecture providing the ideal opportunity for a radical reimagination of the end-to-end value chain, now is the time for enterprises to be reconfiguring their supply chains around the real- time needs of their customers.

Making the Shift

First, we need to be sure we’re headed in the right direction. That means setting a North Star vision to guide the transformation, articulating the customer experience we aim to provide, and defining the strategy, value case, and roadmap that will help get we there.
Then, we need to radically rethink operations from siloed work to interdisciplinary collaboration across the value chain. That means taking a sledgehammer to any functional or organizational walls and siloes that are holding us back. It means organizing around the needs of the end-customer and driving toward the efficiency and agility needed for rapid customer delivery. Build the capability to dynamically micro-segment customers, supporting multiple flexible and sustainable supply chains that leverage external partners to share ownership of physical assets. Leverage analytics and “what if” scenario modeling to enhance operations and add value for the customer. Develop an “experiment on the go” approach to drive innovation in each segment’s supply chain.
From experience-based, leader-driven decision making to data-driven decision making at the front line is another critical element. By blending the best of the human workforce with smart new technologies, you can help drive up the use of hyper-efficient automation such as “supply chain as-a-Service” mentality (plan, source, make, deliver) to refocus the business on growth through a dynamic, intelligent operating model and data-led adaptable workforce. AI has the biggest impact when it’s developed by cross-functional teams with a mix of skills and perspectives. Having business and operational people work side by side with analytics experts will ensure that initiatives address broad organizational priorities, not just isolated business issues. Diverse teams can also think through the operational changes new applications may require—they’re likelier to recognize, say, that the introduction of an algorithm that predicts maintenance needs should be accompanied by an overhaul of maintenance workflows. And when development teams involve end users in the design of applications, the chances of adoption increase dramatically.

Explaining why

The supply chain is and always has been a people business. We’re moving toward a world where humans and machines are collaborating, not just coexisting. The result will be an efficient, sustainable supply chain that delivers better business outcomes. Hence, in this new environment, both machines and humans are essential: By collaborating in roles such as supply chain planning and inventory management, the combined power of humans and machines will create new sources of value for businesses. We’ve explored the nature of the new value-enhancing roles that will emerge and identified three new categories of AI-driven jobs:
Trainers who help AI systems learn how to perform, which includes everything from helping natural language processors and language translators make fewer errors, to teaching AI algorithms how to mimic human behaviors.
Explainers who interpret the results of algorithms to improve transparency and accountability for AI decision making and processes.
Sustainers who ensure intelligent systems stay true to their original goals without crossing ethical lines or reinforcing bias.
make more forward-looking, strategic decisions and spend less time on reactive problem solving. These planners will lead the charge in moving away from a traditional supply chain operating model, which is inflexible and slow, to a new dynamic model with true end-to-end segmentation. That means planning multiple supply chains that meet the needs of specific customer micro-segments as well as managing business relationships and exceptions. Concurrently, a new digital engineer role will emerge: a highly analytical, digitally savvy data scientist who manages, models, and tweaks the algorithms, alert protocols, and parameters guiding the automated decision-making planning systems. The importance of strong analytical skills will grow with the demand for human workers with a digital engineer’s skill set.

Anticipating unique barriers to change

Successful transformations to the customer-centered supply chain follow a clear path with meticulously planned objectives. By establishing a phased approach for harnessing the power of a platform for the customer- centered supply chain, we can potentially guide an enterprise from initial roadmap and business case, through prototyping new solutions, to scaling them across the enterprise.
By investing in a digital core an enterprise can acquire the ability to accelerate innovation, drive up personalization, shift from a process-driven to “event-driven” supply chain, and create exceptional experiences that retain the best customers and talent. And that hinges on pivoting your strategy: keeping one eye focused on core functional excellence and mastering the basics, while allowing the other to look toward the new capabilities and growth bets that will create future customer value propositions. Building blocks of the hyper-relevant enterprise at the core. Every journey to greater customer-centricity will be unique. No two organizations will have identical goals or operate in precisely the same business context.
The potential rewards are huge. With flexible supply chain solutions, cost-effective on-time delivery, and new value-added services, the customer-centered supply chain provides a license for accelerated growth and enhanced customer trust. The impact? A $10+ billion company for example can potentially boost sales up to $100 million, enterprises can help pivot their supply chains wisely and plot out a roadmap to the simplified, flexible architectures that will support winning customer experiences – the source of future business growth and competitive advantage.

Organizing for scale

Finally, it is about placing innovation bets on which customer-centered supply chain networks are created. The top of the list is a ‘visionary budget’. The goal is here to have a budget to improve ‘time to value & results.’ We cannot see this as a tactical initiative designed for a narrow purpose but an opportunity to reimagine our business and implement the ‘accelerant’ tools like AI sooner than later. This will give us the license to differentiate, grow and take market share from our competition. Think big but start small by mapping opportunities to integrate AI with existing technology solutions. Until now, robots, big data, analytics, and other technologies have been used in parallel with people, but in isolation. Their role: improve process efficiencies. Now, with AI systems that can sense, communicate, interpret, and learn, all that changes. AI can help businesses move beyond automation to elevate human capabilities that unlock new value.

Cybersecurity | Shifting the Balance of Power | Rezilyens.AI

admin — Fri, 07 Aug 2020 16:25:55 +0000

The most significant trend we see with the companies we meet is that attackers usually succeed. Many companies despite significant cyber security investments – sometimes in the millions of dollars – organizations are not fully aware of their attacker-exposed IT ecosystem and risks. At the same time, attackers perform reconnaissance, identify targets and exploit weaknesses. And, they have time on their side because organizations remain unaware of their blind spots

A major contributing factor to attacker success is that while IT has evolved dramatically over the past decade, Security Testing solutions have not. To be clear, most approaches that are at least two decades old, like vulnerability scanning and penetration testing. Attackers perform reconnaissance, identify targets and exploit weaknesses. Again, with the luxury of time on their side. But, if we could discover all the IT assets in your attack surface, understand their business context, and test them for weaknesses, we would be able to prevent breaches by proactively focusing on the most important risks.

We believe the most effective way to reduce risk is to look at the attack surface from the outside, using an attacker’s point-of-view, and identify and remediate those exact attack vectors they would likely target. Those critical attack vectors are 1000 times more important than a pile of CVEs in a vulnerability scanner report. So, here is how our approach helps you demonstrate to your CEO or Board that you’re improving the company’s security posture.

Our insurgent mission is to eliminate the world’s shadow risk – identify and eliminate the critical security risks in your organization’s IT ecosystem: the shadow risk that attackers seek and target.

We bridge the gap left by legacy tools – bridge the gap between what legacy tools can do and what organizations need.

Reconnaissance process – automatically map an organization’s attack surface based on the reconnaissance process, methodologies and technologies that sophisticated attackers use.

Global botnet – enable gathering of attacker-exposed data of nearly billion servers and devices – petabytes of data.

Far more than port scanning – typical port scanners scan for open ports and banners; we’re collecting dozens of fingerprints for each asset. We can detect web applications, links, references, URL patterns, headers, banners, certificates, deployed software, and unique keywords, which may resemble departments’ and subsidiary names.

Mapping the entire IT ecosystem – using fingerprints per company to calculate the company’s attack surface mathematical graph! There are dozens of iterations to calculate this attack surface graph. We start with Company X, and very quickly start discovering its subsidiaries, acquired companies and partner-specific assets that are strongly related to this company.

IT ecosystem with context – It’s important to consider one’s entire IT ecosystem data as a graph, not a list of IPs, so you can understand the content and context of each asset – and thus understand what’s most attractive to an attacker.

Reveals the attacker’s path of least resistance – simulate the attacker’s assessment of the entire attack surface, focusing on finding highly exploitable assets that provide access to other critical assets in your network.

Legacy scanners ignore attack vectors – legacy vulnerability scanners ignore actual attack vectors, and essentially detect only CVEs in known assets.

Evaluating like an attacker – leverage the attacker’s decision-making process to determine the discoverability level of these assets and the attractiveness level of these assets based on their business context. For instance, a mainframe or source code management system is probably much more interesting to attackers than an Apache server which may be 10 years old and has no data on it based on what attackers can see.

Prioritizing based on business impact – our unique analysis allows us to bring the number of critical attack vectors down from the thousands that a legacy scanner would show you to just 5 or 10. Critical attack vectors prioritized by the platform will typically include exposures that no other solution identifies. Typical penetration testing scope is less than 1% of an organization’s attack surface and are a classic ‘checkbox’ and don’t suffice anymore.

Even sophisticated organizations can be exposed – [Real World Example] A client of ours added a third-party a deception system, which created their biggest security weak spot. The system was misconfigured by an engineer from the deception company and that misconfiguration exposed the telco’s management system to the Internet. Our approach identified this critical vulnerability.

Actionable, remediation guidance – Each identified issue is supported with actionable, prioritized and prescriptive remediation guidance so your team knows where to start and how to get it done.

The platform…

At its foundation, leverages a bot network to SCAN the internet to identify all the assets that belong to your organization.
It then builds a MAP of your attack surface using a graph data model that understands what’s yours, and what’s related, based on asset fingerprints and classification.
The platform security-TESTs your attack surface using techniques that go beyond basic vulnerability scanning.
Is the PRIORITIZES risks using an attacker’s perspective.
And helps you ELIMINATE RISK and validate it has been eliminated.
The goal is to help you MANAGE your CYBER RISK and communicate the progress and status of that to your stakeholders.

Cyber Rezilyens: Perils of Code Security (Injection)

admin — Tue, 14 Jul 2020 11:06:17 +0000

Why is code security so difficult?

It’s often said that, “Defenders think in lists, adversaries in graphs.” Our adversaries are humans supported by bots and automation. As an enterprise defender, you are in a game with an adversary, so you need to start thinking and acting strategically with a long game in mind and a playbook to counter adversaries’ own plays. Trust me, your adversaries are doing this as we speak.

They have a mission, objective, a game plan and a set of trusted plays they run against enterprise networks. If you are building lists and checking boxes, you aren’t in the game – you are on the bench while the action is on the field of play … which happens to be your network, cloud assets, plants, partners, and supply chain. For instance, the attack surface is getting larger for the attackers to exploit and there are too many doors, windows and entry points. It is not a question of IF but WHEN and some of the latest include –

Companies worry EU court ruling could disrupt global data transfers. The European Union’s highest court will decide Thursday whether a widely used tool for moving data from within the bloc to outside countries is legal. Companies have started looking for alternative methods to continue transferring personal information around the world ahead of the ruling.
The European Court of Justice will determine whether a mechanism known as standard contractual clauses is enough to keep data private outside the bloc.
SAP issues fix for vulnerability affecting thousands of customers. Enterprise software maker SAP SE said a patch released should fix a problem that could have let hackers take control of widely used applications. The Department of Homeland Security called the bug, known as Recon, a “critical vulnerability” and urged customers to apply SAP’s update immediately. It is estimated that 40,000 organizations are affected by Recon.
New Jersey tech services firm hit by ransomware. Collabera, which provides technology services and staffing, detected a cyberattack that appeared to be ransomware. Employee data was compromised during the incident, according to an internal memo.

What is your playbook? Many security products are point solutions, meaning they solve one problem, sometimes well, sometimes not. Unfortunately, point solutions are often easy for adversaries to bypass. The challenge enterprises face is there are so many products to address so many threats at different points in enterprise architecture, each with its own requirements for management, and poor native integration capabilities. One of many such vulnerabilities is “Injection.” SQL injection (SQLi) is a technique used to inject malicious code into existing SQL statements.

A code injection happens when an attacker sends invalid data to the web application with the intention to make it do something that the application was not designed/programmed to do. Perhaps the most common example around this security vulnerability is the SQL query consuming untrusted data. The core of a code injection vulnerability is the lack of validation and sanitization of the data used by the web application, which means that this vulnerability can be present on almost any type of technology.

Anything that accepts parameters as input can potentially be vulnerable to a code injection attack. SQL injection attacks can affect any application that uses a SQL database and handles data, including websites, desktops, and phone apps—with extremely serious consequences. These injections make it possible for malicious users to bypass existing security controls and gain unauthorized access to obtain, modify, and extract data, including customer records, intellectual property, or personal information. Attackers can also use this technique to locate the credentials of administrators and gain complete control over affected websites, applications, and database servers. When managing a website, it’s important to stay on top of the most critical security risks and vulnerabilities. Preventing code injection vulnerabilities really depends on the technology you are using on your website. For example, if you use WordPress, you could minimize code injection vulnerabilities by keeping it to a minimum of plugin and themes installed. If you have a tailored web application and a dedicated team of developers, you need to make sure to have security requirements your developers can follow when designing and writing software. This will allow them to keep thinking about security during the lifecycle of the project. We are as strong as our weakest link. Here are few actions we can take to prevent and detect injections:

Separate data from the web application logic.
Leverage SQL injection attack tool like Havij, SQLmap, or jSQL to identify vulnerable code.
Apply patches and updates to the vulnerable code along with any other out-of-date components.
Implement settings and/or restrictions to limit data exposure in case of successful injection attacks.
The preferred option is to use a safe API, which avoids the use of the interpreter.
Use positive or “whitelist” server-side input validation. This is not a complete defense as many applications require special characters, such as text areas or APIs for mobile applications.
For any residual dynamic queries, escape special characters using the specific escape syntax for that interpreter.
Use LIMIT and other SQL controls within queries to prevent mass disclosure of records in case of SQL injection.
Consider setting up a web application firewall to filter malicious requests to your website. These can be particularly useful to provide protection against new vulnerabilities before patches are made available.

Cyber Rezilyens: The Forward-Reverse Perils of Cybersecurity

admin — Sat, 20 Jun 2020 02:42:46 +0000

Every organization – no matter who they are, how large they are, or where they are in the world – is at risk from cyber attackers. More than $125 billion each year is spent on information security worldwide and the spending is increasing. Cyber attackers are, however, evading the defense, breaking in, remaining undetected for months, and finding the Crown Jewels.

The Crown Jewels are essential data, intellectual property and other critical assets. Cyber attackers are stealing or hijacking the Crown Jewels to disrupt operations, causing enormous financial and reputational damage.

First, the attack surface is getting larger for the attackers to exploit and there are too many doors, windows and entry points. It is not a question of IF but WHEN and here’s why –

The latest include –

Australian organizations are being targeted by a “sophisticated state-based cyber actor” and the attack was targeting all levels of government as well as political, business, education and health organizations.
Cyberattacks on health care, pharmaceutical and research organizations in order to steal valuable research on coronavirus vaccines and treatments.
Amazon discloses large cyberattack attempted against a cloud customer. AWS Shield fended off the attack, which threw 2.3 trillion bits of data per second at the customer’s cloud service and much higher than the previous DDoS record of 1.7 trillion bits per second in 2018.
H&R Block reports unauthorized access of customer accounts: The tax prepare discovered in early June that some customer accounts on their portal had been accessed in late April by an intruder.
Cognizant employee data breached. Cognizant Technology Solutions Corp. notified an unspecified number of employees and customers were impacted.
Akamai gives customers more time to pay bills; and fallout from attack on legal-tech firm Epiq hits several large customers. Hackers trigger far-reaching destruction by targeting low-profile firm.
Austrian telecoms (A1 Telekom Austria) detected a hacker on its network in December (2019) but it took them about six months to eject the hacker given this was an advanced persistent threat (APT).

The Newton’s first law is the law of inertia, it is also, alas, the first law of cyber attacked companies. It’s not their fault since there are innate cognitive biases that bind us to the present while blinding us to long-term threats and opportunities.

Among them are availability and confirmation biases, which is our instinct to solve problems based solely on the information that we have immediately at hand and our tendency to interpret data in a way that supports our pre-existing expectations. A one size fits all approach doesn’t work since all cyber attacks are not made equal and most likely why companies are getting wrong today in terms how they approach cyber security. A malware is several standard deviations different than an advanced persistent threat (APT) campaign that isn’t in the realm of a normal hack. Where a less sophisticated cyber attack might be dealt with by removing malware from compromised computers, fending off an APT requires analyzing attacker’s behavior; a cat and mouse game that can take several months to analyze hacker movement and damage.

What’s different in an advanced persistent threat (APT)?

The hacker is going to quietly study how the network and servers are connected for some time before preparing to conduct espionage leveraging a VPN (Virtual Private Networks) or equivalent to mask their location and presence.

How you mitigate advanced persistent threat (APT)?

Here are some techniques for consideration among a long list of them-

It is just as important to predict the behavior of the intruders and shut down entry points to the network when the attackers aren’t active.
The operation of kicking a hacker out of a network must be executed quickly while the attacker is inactive so that any openings into the company’s infrastructure can be sealed up before the hacker has time to respond.
There needs to additional safeguards to separate the less critical parts of its network from the critical infrastructure.
There needs to be an additional layer of security credentials making it harder for anyone without the extra login details to access the network infrastructure.
One option is to disconnect servers from the internet and make existing passwords invalid at the same time before carefully letting users back in.
Back up corporate data so that nothing would be lost if the hacker outsmarted you.
Leverage multifactor authentication to access all corporate accounts.
Augment the tools that monitor threats so they will receive alerts more frequently about attempted intrusions.

It’s a big effort for any company that suffers an attack. It is far more effective to invest in detection and prevention than remediation.