The KIT -- Knowledge and Information Technology -- No. 289

The KIT

Knowledge & Information Technology

No. 289 - 1 June 2021

In this Issue

· Another KIT Anniversary

· Digital Twins in Healthcare

· Enterprise Security Tidbits

· EU Draft Regulation on AI

· AIRSIDE Live 2021

· What Should Be in an SBOM?

Our Consulting Services

IT Strategy and Roadmap

Enterprise Architecture

Business Process Modeling

Enterprise Software Selection

IT Innovation Briefings

IT Due Diligence for M&A

Cloud Computing Adoption

Enterprise Security Maturity

Knowledge Management

Communities of Practice

Taxonomy Development

Enterprise Social Media Adoption

For more information

Visit us: www.cebe-itkm.com

E-mail us: info@cebe-itkm.com

Phone: +1 415 870 4856

+33 970 444 992

Twitter: @cbaudoin

See: Previous KIT issues

Forward this issue to colleagues and friends!

Another KIT Anniversary!

With this issue, the KIT starts its thirteenth year of regular, semi-monthly publication. Will it be the last one? We'll probably keep you guessing until the last moment. But if you like the KIT, please consider two moves that might give it a longer life:

contribute to it: send us your short articles or comments on ours;
consider a "private label" issue for your organization -- we'll select content that matters to your colleagues;
publish a version in another language, using our archive of past issues for material.

Digital Twins in Healthcare: Webinar on June 2

Erin Bournival (Dell Technologies), who leads a couple of Industrial internet Consortium Task Groups and co-chairs the ISO/IEC JTC 1/SC 41 standards subcommittee on IoT and digital twin, and Koen Kas, from Healthskouts, will explain how the healthcare sector, including medical device manufacturers and health delivery organizations, is adopting digital twin technology to improve equipment, predict performance issues, and provide better care. And yes, this is tomorrow at 1500 UTC (8:00 PDT, 11:00 EDT, 1700 CET) and lasts only 30 minutes. Register here.

Enterprise Security Tidbits

Matt Chiodi of Palo Alto Networks was the featured speaker at the May 19 meetup of the ACM's San Francisco Bay Area Chapter. He mentioned three things we found interesting:

60% of organizations do not disable the Microsoft remote desktop protocol on their Windows clients as they should, potentially allowing hackers to take control of PCs remotely. While RDP has legitimate uses for remote problem solving by helpdesk agents, companies that do not use such a service should disable the RDP client.
There is now such a thing as "cryptojacking" -- the hijacking of enterprise computers for cryptocurrency mining. The victim may be unaware of the exploit, but the performance of their servers may be affected and their power consumption will likely increase, costing them (real) money.
The most used cryptocurrency for nefarious activities is not Bitcoin, it is Monero (XMR), which offers stronger anonymity to its users.

European Union Draft Regulations on Artificial Intelligence

Following on its now famous and influential regulation on data protection (GDPR), the European Union is now tackling the societal and ethical implications of AI with a set of draft regulations published on April 21. Unsurprisingly, industry players are already complaining that these regulations will be too burdensome, and argue instead for "self-regulation," which generally means no real regulation at all. On the other hand, some privacy and civil rights advocacy groups are criticizing the draft for being too lenient on the private sector. Brussels must be thinking that If you get attacked from both sides, you must be doing something right.

The EU approach is to classify AI applications into four tiers, based on the risk of abuse. The most risky (such as face recognition used for racial profiling) would be banned, the least risky would be allowed with minimal safeguards, and the intermediate tiers would require various levels of testing and labeling.

For a concise and reasonably dispassionate summary of the proposal, see this article in IEEE Spectrum.

AIRSIDE Live 2021

On June 3rd (yes, we're already in June, so that's in just two days) AIRSIDE is presenting a day-long virtual conference on big data, data governance and data security. The event starts at 7:30 a.m. Pacific (first talk at 8:10) and winds down at 4:00 p.m., which gives people in Europe (but not Asia) a chance to catch most of the event. The 30+ speakers represent a mix of consultants, end users, and technology companies. Click here for the detailed agenda and (free) registration.

U.S. Executive Order on Cybersecurity and Request for Comments on Software Bill of Materials

Following the May 12 Executive Order from the White House on cybersecurity, the National Telecommunications and Information Administration, which has already been working for a couple of years to define a Software Bill of Materials (SBOM), has been formally directed to publish the "minimum elements" for an SBOM, and is asking the public for comments. The deadline to respond is not clear yet (it will be at least mid-June) and the requests is posted here.

Software suppliers should pay attention this this: regardless of their own response to the RFC, this will give them a preview of what data they will probably be asked to supply with their software in the future. And if you purchase enterprise software and want to know what's in it, including what vulnerabilities may have been inherited from open-source or commercial components, you should also take an interest in this.

Seen Recently...

Bert Regeer (@bertjwregeer), discussing privacy concerns about Amazon's plan to turn on its Sidewalk mesh network on June 8, potentially connecting devices such as Alexa and Ring to your neighbor's WiFi: "What would it take for TV/device manufacturers to opt-in to Sidewalk and send data back even if the user has opted not to connect it to Wifi/Ethernet?"

Corey Quinn (@QuinnyPig), in response: "Opt in? You naive adorable fool! Amazon will charge these companies through the nose for access to this and they will pay it with a smile on their faces!"