Rapid7: NICER - diagnosing the internet’s security flaws
Focusing on three core topics - National, Industry and Cloud Exposure - the report has been intended by Rapid7 as a conversation starter on the current state of internet security.
In a world which is currently in the grip of a significant digital transformation, in no small part accelerated by the COVID-19 pandemic which has forced companies all around the world to consider operational alternatives, the question of security could not be more relevant.
The ‘myth of the silver city’
First and foremost, the aims to dispel the false notion that internet security is ideal in its current state. Although most people’s daily interactions with the internet give no hint of the fragility underneath, Rapid7 is keen to quantify and demonstrate the reasons why this is not the case.
Everybody can afford to be more vigilant and proactive in bolstering their cyber defences, the report posits. After all, technology might have advanced exponentially in the last 50 years, yet the threats presented by phishing scams and exploiting legacy software on the edge remain.
Perhaps most disconcertingly, the most at risk industries are revealed to include financial services, retail and pharma (i.e. vital services), with many FTSE 100, Fortune 500 and Nikkei Index entities suffering disproportionately.
This highlights Rapid7’s argument that a constant re-evaluation and reassessment of legacy systems is necessary; particularly amongst older, established or ‘traditional’ companies, outdated infrastructures that seem to operate well could be the Achilles heel which leads to great financial loss or security breaches in the future.
Starting a conversation on security
Commonly used security protocols such as Telnet and SMB are analysed at great length and a balanced summary of each system’s strengths, weaknesses and applicable use cases is presented.
The ultimate conclusion is an ambiguous one: “Things aren't great, but not disastrously bad and relatively small changes in how we design, develop and deploy services will still have a great impact on the stability, safety and security of the internet as a whole.”
Rapid7 hopes that its work, the result of four years’ research, will generate heated debate within the tech industry on how best to address the fundamental issues around internet security.
Whether the answer lies in developing new protocols, re-evaluating how programmers are trained or something yet unthought of, the company hopes that the report will spur a serious discussion on what we desire the future of the internet to be.
Stay tuned for our feature article on NICER with Rapid7’s Director of Research Tod Beardsley - scheduled to appear in the October edition of FinTech Magazine.
AI and the future of global trade
Artificial intelligence (AI) is becoming entrenched in our daily lives, but the technology is still surrounded by misconceptions and skepticism. Ask the public and they may jump to dystopian scenarios where robots have taken over the world.
While this makes for a good sci-fi blockbuster plot, the reality is different and more benign. Those products that Amazon suggested you buy? AI. That TV series you were recommended to watch on Netflix? AI. That self-driving Tesla car you crave to take for a spin? You guessed it: AI.
There is no single industry that is not being re-shaped by technology. Until recently, however, there was one noteworthy exception: global trade. Fortunately, that is slowly changing.
The mechanism that underpins global trade – trade finance – is an industry that remains largely paper-based and reliant on manual processes. This US$18tn a year industry is now being influenced by a new wave of technological innovation, including AI.
Exploring the potential of AI in Trade Finance
AI refers to the use of computer-aided systems to help people make decisions or make decisions for them. It relies on large volumes of data and models to make sense of information and draw intelligence.
In trade finance, AI is helpful in analysing quantitative data, and the repetitive nature of trade finance means that there is a lot of non-traditional data at our disposal.
This means that when trade finance providers need to assess the risks of funding a transaction, AI models can be a very efficient tool for data analysis and reveal intelligence and risks relating to small companies.
AI helps the industry move beyond traditional credit scoring processes, which are often outdated and remain reliant on historical accounting entries – a barrier that prevents small companies from accessing trade finance and has resulted in a $1.5tn global shortfall.
Overcoming the barriers
AI can tackle this shortfall by creating accurate credit scoring models. This can include a company’s payment history, measure the risks of funding a transaction, identify supply chain risks, and benchmark them against their peer group.
Trade finance providers can use this information to communicate effectively with their SME clients, ultimately helping establish better business relationships.
Towards a technological utopia?
The adoption of AI has the potential to do a lot of good in the industry, and the industry is in the early stages of radical transformation.
Advances are driven by fintechs as well as a willingness to change. The industry is working together to create new infrastructure for distributing trade finance assets to other investors in a transparent, standardised format.
The creation of infrastructure is possible due to improvements in technology and integrated across the trade ecosystem in cooperation with banks, insurers, and other industry participants.
It’s collaboration at its best: together, the industry is using technology to re-shape global trade as we know it.