Category Archives: Uncategorized

DataTribe Announces Fourth Annual Cybersecurity Start-Up ChallengeJuly 28, 2022FULTON, Md.–(BUSINESS WIRE)–DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today the launch of its fifth-annual DataTribe Challenge. The competition is poised to identify and curate Pre-Series A, high-technology start-ups with a vision to disrupt cybersecurity and data science.Three finalists will split $20,000 in prize money, and one winner will be eligible to receive up to $2 million in seed capital from DataTribe. In 2021, the Challenge had two winners: Quickcode.ai and ContraForce. Quickcode.ai helps non-technical experts build machine learning training data with unprecedented speed and accuracy while ContraForce is the only platform to make comprehensive cybersecurity easy, effective, and accessible for the small to midsize enterprise.“Over the last five years, the Challenge has evolved into an excellent platform for entrepreneurs to not only get exposure and feedback — but to actually fundraise. For the winner, it could take care of their entire seed round. We’re always humbled by the quality of submissions — as founders look over the horizon to chart the future of cyber. The Challenge is a lot of fun and we look forward to working with participants.” said John Funge, Managing Director of DataTribe.Mike Janke, Co-founder of DataTribe said, “The Challenge is the top cybersecurity startup competition in the world. We are inspired by the founders that participate and the innovations they present. We’re honored to be able to use all the resources we have at DataTribe to co-build with entrepreneurs, giving them an unfair advantage and creating the next generation of market-leading companies.”In June 2021, Synopsys acquired the winner of the 2019 Challenge, Code Dx, a software security testing orchestration, correlation, and prioritization platform. The exit was a demonstration of the Challenge’s ability to draw top cybersecurity solutions, as well as of the success of the DataTribe model of partnering with over the horizon technology coming out of national security agencies.DataTribe invites contestants to join the Challenge who have developed a robust concept and/or initiated development of a minimal viable product (MVP) – i.e., a product developed with sufficient features to entice early adopters. The firm anticipates a strong showing from teams with experience working in national security, defense, national laboratories, or at organizations specializing in cybersecurity and data science R&D.Applicants will have until August 31, 2022 to enter an application. DataTribe will review submissions for technical merit, market potential, and readiness of the team. On October 12, 2022, DataTribe will announce up to three finalists. These teams will then have 3 weeks to refine their pitch and prepare for final judging, with assistance from DataTribe’s team of startup veterans. In a live event, finalists will present a pitch and answer questions from a panel of esteemed judges on November 3, 2022.“Winning the 2021 DataTribe Challenge was a major catalyst in achieving the product and market momentum necessary to grow our customer base,” said Stan Golubchick, ContraForce Co-Founder and CEO. “DataTribe is more than just an investor. Their unique foundry approach is a true partnership, adding the experience, support, and knowledge of successful company-builders to our team.”DataTribe is a startup foundry that invests in and co-builds world-class startups focused on generational leaps in cybersecurity and data science. DataTribe was launched in 2015 with the vision of empowering technologists in the Washington, D.C. region to build and grow successful companies.Founded by leading investors, startup veterans and alumni of the U.S. intelligence community, DataTribe commits capital, in-kind business services and decades of professional expertise to co-build the next generation of cybersecurity, big data and analytics companies. DataTribe is headquartered in Fulton, MD. For more information, visit https://datatribe.com.Danielle OstrovskyHi-Touch PR410-302-9459Ostrovsky@Hi-Touchpr.com

CISOs: Embrace a common business language to report on cybersecurityThe U.S. Securities and Exchange Commission (SEC) recently issued updated proposed rules regarding cybersecurity risk management, program management, strategy, governance and incident disclosure for public companies subject to the reporting requirements of the Securities Exchange Act of 1934. As a result, the SEC may be amending previous guidance on disclosure obligations relating to cybersecurity risks and cyber incidents to include processes that require organizations to inform investors about a company’s risk management, strategy and governance in a timely manner with any material cybersecurity incidents.Over the past two years, security breaches have been on the incline as digital transformation has rapidly increased, expanded and affected business models, customer experiences, products and operations. Now a top business risk category for many companies, cybersecurity is increasingly a focus and conversation at the board and C-suite level.And, since the role of the chief information security officer (CISO) has grown dramatically from not only protecting the technology, but all of the supporting data, intellectual property and business processes, companies are recognizing the need for the CISO to have increased access to the C-level and board to help with business decisions.The challenge, however, is that often security leaders traditionally communicate in technical and operational terms that are challenging for business leaders to understand. For CISOs to be effective, they must adopt a holistic security program management (SPM) strategy. This approach will support the ability to communicate and report on cybersecurity efforts consistently in business terms, using outcome-based language, and connect security program management to their business’ key priorities and objectives.What is cybersecurity security program management (SPM)?SPM reflects modern cybersecurity practices and supporting domains. This approach supports a common language that can be applied across industries and understood by both technical and nontechnical executives — while adapting and shifting in business outcomes, technology and the threat landscape. However, for SPM to be successful, the security industry needs to refocus from centering on compliance frameworks to SPM methodologies that are continuously updated and managed throughout the year. This approach will broaden business insight into key elements and technologies of a modern cybersecurity program such as application security, cloud security, account takeover and fraud.SPM has been proven effective in guiding security leaders to continuously measure, optimize and communicate their program needs and results. In fact, consistency of SPM has proven to provide continuity in security programs — even as people may change roles — and for reporting, ensuring that metrics are accurate and reliable.Despite the elevation of cybersecurity as a top board priority and concern, businesses need to address the “elephant in the room” — the failure of communication and common understanding between the CISOs, security programs, and their boards’ understanding of SPM. Organizations are recognizing that only a small percentage of their security teams are being effective when communicating security program strategies and risks to the board, according to a Ponemon study.CISO: Cybersecurity support starts at the topThis can be described in two parts. First, the board needs to understand the biggest risks to revenue — cyberattacks are not cheap. Cyberattacks can be an expensive threat to companies. Yet, few companies can communicate their security program effectiveness to executives and the board in business terms that can be quickly understood.Second, communication has to be consistent across the organization. We must embrace business language and terms from one business unit to another. For example, in comparing two business units, one may generate revenue but the other may not because the second business unit may be a support role for the company. The security program may prove to be optimal in the first business unit yet not in the second. Why not? In speaking with the executives and board, the security leader must speak at a level that their stakeholders understand in order to be aware of what a comprehensive security program will reveal. Providing relevant, digestible information on SPM and its progress both up and down the ladder — to peers, team(s), the C-suite and board — is critical.There is no one quick fix to address and remediate all security issues. Over the years, organizations have implemented various strategies to remain compliant. Though compliance is not as comprehensive as a security program: it may only focus on certain pieces of people, processes, technology and assets that are in scope for a particular compliance effort. Others have implemented SPM to increase transparency and help C-level and the board better understand and assess the maturity and comprehensiveness of a company’s cybersecurity program, and therefore the relative levels of risk exposure that companies face.The bottom line is that CISOs are hired to protect the company’s data, applications, infrastructure and intellectual property (IP). As companies move forward in the 2000s, the focus is on data being the new currency — we must embrace SPM in order to be successful in reporting on our cybersecurity efforts.Making a difference for the businessGartner predicts that by 2025, 40% of boards will have a dedicated cybersecurity committee overseen by a qualified board member. At the board, management and security team levels, this is one of the several organizational changes that Gartner forecasts will expand due to the greater exposure of risk resulting from the digital transformation during the pandemic. To effectively lead, the security leader must have decades of security program experience, have previously reported directly to a board, become an advisor or an independent board observer and have reputable security certifications. With those qualifications covered, the CISO will have the business acumen and support to get the job done. As a key advisor to the board, a security leader will help increase the awareness of the financial, regulator, and reputational consequences of cyberattacks, breaches and data loss and be central to risk and security planning. These discussions will ensure risks are reviewed, funded or accepted as part of the organization’s business strategy.Demetrios “Laz” Lazarikos is a 3x CISO, the president and cofounder of Blue Lava.

Oakland, Mich., Schools Consult Industry for Cybersecurity EdThe district’s CTE campuses have been working with technology leaders from the county and private sector in recent years to ensure cybersecurity course curricula are aligned with ever-changing workforce needs.July 20, 2022 by Brandon PaykamianWith cyber criminals fighting constantly to stay one step ahead of IT security professionals, staying up-to-date on changes in the field of cybersecurity is vital for school districts and workforce training programs preparing students for jobs in the industry. Seeing the need for industry insights, Oakland Schools in Michigan has been working with county technology leaders, private companies and other industry partners to align its cybersecurity curricula with the needs of employers.According to Jarrad Grandy, executive director of student services at Oakland Schools, the district’s technical educators meet with employers at least twice a year as part of a cybersecurity education advisory committee for Oakland Schools Technical Campuses, the district’s career technical education schools, to evaluate their cybersecurity courses.“In the 2018-2019 school year, we switched to a model that was much more employer-driven. Their role is to consistently and constantly give us what they’re seeing in the field,” Grandy said, noting that the advisory committee is just one of several that guides technical programming at Oakland Schools.“They help us figure out what we need to teach kids,” he added. “They give us advice on what’s coming, what we should focus on, or what we should focus on less, and we must combine that with state standards.”Grandy said much of the cybersecurity course content, tech equipment purchases and assessments are regularly evaluated and adjusted as needed with the help of said industry partners, who collaborate with educators and administrators to align courses with workforce trends. He added that employers also work with the district to guide activities such as cybersecurity simulations, wherein students get hands-on experience dealing with cyber attacks and data breaches.“This is an employer-driven process … We’re driven by what the industry needs,” he said. “If we’re doing what we’re supposed to do and you like the output in the long run, then the goal is to get every kid who is interested and meets the employer standards to be gainfully employed.“You need to have employers who say, ‘This is something to actually pursue and invest in,’” he continued. “For us, in the last five years or so, we’ve really focused as an organization on making sure that what we do is employer-driven from the programs we offer, to the processes we use, to the systems we design and develop.”According to a 2020 analysis by the Bureau of Labor Statistics, demand for IT security professionals is expected to grow 33 percent by 2030 amid an increase in cyber attacks against public- and private-sector organizations with growing network vulnerabilities, due in part to the rise of telework during COVID-19.While employers’ specific IT needs can vary from company to company and industry to industry, Grandy said, most are in need of workers with at least some degree of IT security knowledge as workplaces become increasingly digitized.“Depending on the partner you talk to, many times what we end up hearing is you need kids with soft skills. That’s one part of it,” he said. “The basics are the basics — how you handle data protocols, how you handle data from one server to the next … Our kids work on the fundamentals of cybersecurity, but while they’re working on the fundamentals, they’re getting work-based learning opportunities where they get to see in real time where there may be a data breach, or an employer says, ‘Here was a data breach we had in the past, and here’s how we approached it.’”Noting that IT skill sets have become increasingly integral to operations across industries today, Grandy said one of the committee’s main focuses recently has been to integrate the district’s cybersecurity programming at its Southwest and Southeast campuses with other technical courses.“I see cybersecurity becoming more and more attached to all of our programs. IT, in many ways — and cybersecurity as a subgroup — is an enabler industry,” he said of the district’s tech ed plans moving forward. “There’s cybersecurity in construction, cybersecurity in health, cybersecurity in auto. For our system, what we’ll be doing over the next few years is much more collaboration in our programs we offer to give students a realistic view of how their work is going to impact other industries … In general, we will see more integration of our programs across industries.”

Nowadays it is clear that Python is the go-to language for AI, more than R. But have you ever wondered what contributed to this? I lived the transition from R to Python in the industry. Let me tell you the story.R to PythonI joined Microsoft in 2016, and back then it wasn´t clear whether AI will be in R or in Python. The only big company interested in R was Microsoft, they had a product called R Server and they acquired a company called Revolution Analytics, so Microsoft had many top R developers. Other big techs like Google, Amazon, or Facebook were not interested in R at all, they were already using Python. Around 2018, it was clear that Python was becoming the language for AI, and R lost the race. Microsoft decided to focus all its efforts on Python first, instead of having two languages.R for statistics, Python for machine learningR has a long tradition in statistics, whereas Python was more popular in machine learning. Python took the lead thanks to two libraries, sklearn for general ML, and OpenCV for computer vision. While R users were more interested in statistical packages, Python users were more interested in machine learning packages. This is key because machine learning is better suited for products that solve business problems than statistics, therefore, machine learning got more support from the big techs. Big techs can afford to put developers into open source (I was one of them), so machine learning got more open source supporters than statistics.R community was not interested in deep learningIn my view, the battle of R vs Python was lost in the deep learning space. R users were just not interested in deep learning at all, it was mostly statistics. I know this very well because I was one of the few R users pushing for deep learning in R. Between 2016 and 2017, I spent a lot of my time contributing to MXNet in R, which was the only deep learning library supporting R. While the Python package of MXNet had hundreds of supporters, R package had just a few. The consequence was that R was not able to follow up with the trend of modern AI that was being done with deep learning.Nowadays it is clear that AI is written in Python, but it’s a pity because I love R, it’s a great language.I think one interesting lesson to get from the evolution of R vs Python is that the power of the open source community is much stronger than the industry. Microsoft (and other companies) put millions of dollars to support R, but the community was not interested in machine learning or deep learning.In the end, the lesson is the same as in other industries, the customer (in this case the user) is the king. This article was written by Miguel Fierro.If you like it, please consider to show ❤️

Design a site like this with WordPress.com
Get started