Ulistic Projects Blog

When it comes to artificial intelligence (AI), it seems that no matter the environment, there are always two parties: staunch defenders and unconvinced skeptics. And to be sure, any new technology carries the same burden — Do the benefits outweigh the potential downfalls?

Everyone seems to have a different opinion.

For now, let’s look at some of the most recent news concerning the marriage between AI and healthcare. Later, we’ll get into some fears and potential drawbacks that this new form of technology has posed.

What’s New in the World of Healthcare and AI?

You’ve probably already used it.

While you don’t see robot doctors rolling down the hallway in hospitals quite yet, there are still many artificial intelligence tools being used on a regular basis in the healthcare industry. For example, AI is often used in precision medicine to allow for detail work in risky surgeries. It’s also used regularly in cardiac care and routine colon screenings.

The FDA is finally starting to clear new AI technology.

For a long time, the U.S. FDA (Federal Drug Administration) seemed to be taking forever to examine and clear new artificial intelligence technology.

Now, it’s catching up with the changing times and has recently cleared several intelligent software algorithms. Some of these algorithms scan CT scans for common problems while others analyze data, attempt to detect atrial fibrillation in heart patients, and do many other tasks that humans used to do.

Larger AI systems are being anticipated, but not so widely implemented.

There’s definitely a lot of hype around artificial intelligence, but not many hospitals and healthcare facilities are actually making changes that will allow for its immediate implementation. What does that mean for you? It means that now is the ideal time to get involved in developing new AI equipment and tools or at least investing in their development.

Not everyone is onboard with AI.

Those who aren’t on board? Often, it’s executives.

The only way these guys are going to bankroll new technologies is with some proof that it will be worth the investment — because investments in these areas are significant, and the price tag is what holds a lot of executives back from giving the green light. When proponents can show that the return on investment will be worth it, however, that’s the only time that execs seem interested in supporting brand-new AI systems and software algorithms — and this all comes down to showing the data.

Are There Drawbacks to AI in Healthcare?

Yes, certainly. Below, we’ll focus on two of the main concerns people have about AI in the healthcare industry.

Human jobs lost to robots

Or lost to computers, if you prefer; however, for all intents and purposes, human doctors, nurses, and other medical staff will be replaced by de facto robots.

Either way, just as in any other industry (see grocery store checkout lines, customer service, assembly line work, and more), AI is edging out the real-life competition. This will not only cause widespread job loss, but it will also disrupt the relationship between patients and their caregivers.

While a majority of the healthcare industry is driven by science (and technology) and the possibilities these fields can create for increasing lifespan and wellness, there’s also a large portion of healthcare that’s driven by compassion and humanity’s general desire to care for and heal each other.

Naturally, this is lost on AI.

As such, the caring concern, encouragement, and inspired confidence that a good doctor or nurse can provide will be gone when cold, hard, short-circuiting computers take their place.

Unseen errors

If a human makes a mistake in a human-driven industry, it’s bound to be found out rather quickly. And checks and balances in any pharmacy, doctor’s office, or hospital are primarily run by humans at this point. But wait several years, and you’ll see computers taking over these, often monotonous jobs of double checking, updating, and editing.

Indeed, there are many details of healthcare that computers get right more often than humans, but there are also details that computers probably won’t ever get right — seeing and noticing handwritten memos, detecting typos that could technically be correct but that — logically — are not, and recognizing other errors that just don’t make sense.

Computers can’t do these things. They “make sense” of whatever you tell it to make sense of initially, and they don’t “care” if something “seems off.”

As backup and checks and balances systems become more computer-driven, then, this leaves room for errors at the source that will eventually make it all the way to the patient — without anyone noticing.

While many people have genuine concerns about what AI will do to healthcare, it’s evident that momentum in research, development, and implementation isn’t going to stop. As of right now, there’s just too much hope (and money) wrapped up in the AI industry. In the end, only time will tell how this new technology benefits us — or hurt us.

The number of cyber attacks has continued to increase exponentially. In fact, the FBI reported that since January 1, 2016, the number of cyber attacks using ransomware has risen to more than 4,000 daily attacks. Evolving technology and an increasing dependence on digital communications have created higher risk factors for businesses of all sizes. To effectively evaluate their cybersecurity risks, CEOs need to ask a few critical questions.

Understanding The Cyber Security Landscape

Much like addressing any boardroom problem, CEOs need to ask the right types of questions if they are to effectively map out their cybersecurity defense system. A failure to effectively implement cybersecurity best practices can not only lead to stolen business files, but it can cost the company millions of dollars. In fact, in 2018 the average cost of a data breach increased by 6.4 percent from 2017 to reach $3.86 million. To avoid this hefty cost, CEOs should ask their IT teams the following questions.

1. What critical information could be stolen during a cybersecurity attack?
2. Who is authorized to access mission-critical information?
3. Is our business involved in any type of information sharing? For example, are other companies or outside consultants allowed to remotely access the networks where critical information is stored?
4. What security measures are already in place to avoid ransomware attacks? For example, have employees been trained on cybersecurity best practices and is two-step authentication used for all digital communications?
5. How many threats does the business receive on a daily basis? Secondly, what are the identified areas of strength and weaknesses, and how can cybersecurity policies be enhanced?

The next series of questions will help CEOs to better understand specific risk levels.

• What is the identified current level of cybersecurity risk?
• What is the protocol when a cybersecurity risk is a) identified, b) escalated, and c) resolved?
  • Are lessons learned implemented so that the specific type of cybersecurity risk can be mitigated in the future?
• How is the cybersecurity plan designed to mitigate insider threats (e.g., when an employee accidentally opens a corrupted file containing ransomware)?
• Does the business continuity and disaster recovery plan include the potential for cybersecurity incidents?
• Are best practices being implemented and is the cybersecurity plan up to industry standards?
  • Is the business prepared to effectively work with local, state, and federal government cyber incident responders/investigators in the event of a cybersecurity breach?

The goal of these questions is to help CEOs effectively evaluate and manage their company’s specific cybersecurity risks. For example, by identifying which critical assets would be most impacted by a cybersecurity attack, CEOs can best prioritize how to protect these particular entities by allocating resources and developing the policies and strategies needed to manage the heightened cybersecurity risk areas. In short, the goal of asking and answering these questions is to establish a “what if” environment rather than an “it won’t happen here” mentality, which can not only create a sense of false security but can also cause costly data security lapses.

How CEOs Can Implement Cyber Security Best Practices

As they answer the above questions, CEOs should also look to create a cybersecurity environment that leverages best practice approaches. In fact, by answering the above series of questions CEOs will be taking the first step needed to develop a robust cybersecurity plan. By elevating cybersecurity risk management discussions with not only the IT department but also with leaders from each department, CEOs can ensure that best practices are implemented across the company. After all, when it comes to cybersecurity, a company is only as strong as its weakest link, which in many cases is an employee who doesn’t follow the security guidelines.

The next step that CEOs should take is to ensure that the new cybersecurity plan adheres to industry standards. Instead of merely relying on compliance certifications and standards (which often represent the “bare minimum cybersecurity protocols” that a company should implement), CEOs should instead turn to industry best practices. For example, CEOs should ensure that they meet the guidelines outlined in the Federal Information Security Modernization Act, that they follow the insights provided by top organizations, and that create a proactive environment focused on consistency.

Finally, CEOs should ensure that any and all cybersecurity risk metrics are a) useful, b) measurable, and c) meaningful. In this vein, a useful metric would be to measure how long it takes for the IT department to patch an identified vulnerability. If the number of days it takes to create the patch reduces, then it shows that the cybersecurity risk is being lowered. However, if the number of days it takes to create the patch increases, then the company is being placed at a higher risk. If the threat continues to increase, then weakness in the company’s cybersecurity has been identified and should subsequently be addressed.

It is equally critical that companies test their entire incident response plan. As seen through the previous example, the trickle-down impact of a cybersecurity weakness can lead to costly results. By examining the incident response plan across the entire company, CEOs can ensure that both minor and large-scale cybersecurity incidents will be effectively resolved using industry best practices. In this vein, CEOs should evaluate in a mock cybersecurity incident how the department leaders, employees, and IT respond. After all the best incident response plans and cyber security tools are only as good as a) the people using them and b) the people reviewing them. If the entire company is not dedicated to implementing cybersecurity best practices, then the organization will remain at a higher risk level.

The Bottom Line: CEOs Need To Remain Prepared Against Existing And Emerging Cyber Security Threats

It’s no secret that new cybersecurity threats appear every day; however when CEOs fail to create a “what if” approach to cybersecurity, then they are leaving the doors open for an unwanted digital invasion. Through employee education, asking the right questions, and implementing the best practices approach, CEOs can shore-up their cyber security and keep critical data assets safe from threats. In conclusion, CEOs need to remain proactive in their approach to cybersecurity by leveraging the skills of industry experts and becoming a part of the more significant security conversation to ensure that their business and those that they exchange information with remain secure in the coming year.

Protecting data and information systems is a priority for nearly every type of business and organization. The state of Maryland has recently stepped up to support businesses by passing a bill that enables small businesses to invest in security technologies while earning tax credits. There are several aspects of the Maryland Cyber Security Tax Credit that business executives and managers may not be aware of.

What is the Maryland Cyber Security Tax Credit?

The Maryland Cyber Security Tax Credit is an incentive program for companies to buy cybersecurity technology from a cybersecurity provider. This particular tax credit encourages small businesses to purchase cyber technology which will ultimately help protect both their business and consumer information. It’s also being used to help promote the cybersecurity industry. Companies can apply for the tax credit anytime during the year. Applications must be submitted by January 31, however, to receive a credit for the previous year.

A company purchasing the credit can claim 50 percent of the net cost as a tax credit. It’s required that the credit is claimed for the same year that it’s purchased. The tax credit was initiated in 2018 and is awarded by first come, first serve. Currently, $1.5 million in funds is available through the Department of Commerce for cybersecurity technology while $500,000 has been set aside for cybersecurity services.

What are the Particular Benefits of the Tax Credit?

There are several specific benefits for companies when obtaining these tax credits.

• A company can claim as much as $50,000 in tax credits in one year after purchasing cybersecurity technology from a Maryland provider.
• A cybersecurity provider can claim tax credits in one year for $400,000 worth of cybersecurity sales.
• Third parties are allowed to sell cyber security technology if the purchase price is reduced by 20 percent before the 50 percent credit is calculated.
• Third parties must also have the name of the qualified Maryland provider on the invoice as well as describing the technology that was purchased.

Who is Eligible for the Tax Credit?

The tax credit is for businesses that meet specific criteria. Before receiving the tax credit, it must be determined that the services or products being purchased meet the required definition of cybersecurity technology. Cybersecurity technology must be proprietary goods and services that have been created to protect electronically stored information or data. The products or services are created to prevent data extrusion or unauthorized access to data and information systems. Besides meeting the defined criteria for what constitutes cybersecurity technology, both the provider and the business buying the services must meet several eligibility requirements. The following are a few of the requirements that need to be met.

• Both the company providing or buying can be inactive business for no more than 5 years.
• Both the company providing or buying the tax credit must file income taxes in Maryland and employ fewer than 50 individuals.
• A cybersecurity provider in Maryland must be certified as either the company buying the services or selling to claim a tax credit.

• To become a qualified cybersecurity provider in Maryland the company must be certified through the Department of Commerce.

How Does the Application Process Work?

There are several steps a business must take to be a cybersecurity provider or to qualify to buy the tax credit. The Maryland Economic Development Association explains the steps for either process. The process to obtain the tax credit or to be a provider both involve providing several types of documentation such as a detailed business plan and a Certificate of Good Standing from the state of Maryland. There are currently eight businesses in Maryland that are qualified to sell cybersecurity technology.

Business owners now have a tax credit option that can help them protect their vital data and information. Maryland has taken a positive step in assisting companies to improve their cybersecurity while promoting local business.

When you launch an email campaign, you want your message to be read and understood by as many people as possible, and one way to do that is by making your emails accessible to people with disabilities. Those with visual, cognitive, auditory, or mobility impairments have special needs that can be addressed by adhering to some simple practices and assistive techniques to ensure that your message can reach them too. Failing to take steps to include these individuals is not only considered insensitive these days, it’s legally required in many countries, and more to the point, it also costs your business.

Why Email Accessibility Is Important

There are a lot more disabled people in the U.S. and globally than those who aren’t affected by it personally realize. According to the National Institutes of Health, 37.5 million American adults, or 15%, have hearing loss, 1.3 million are blind, and another 2.9 million have low vision. The Centers for Disease Control says that 25% of adults in the U.S. experience some type of disability, and the World Health Organization states that hundreds of millions of additional people around the world are disabled.

From a business perspective, it has been estimated that people with disabilities in the U.S. have $1 trillion in total income and more than $220 billion in disposable income. That makes them a demographic that most businesses can’t afford to ignore, and if you’re not practicing email accessibility, you’re missing out on a big potential market.

So how can you start making your emails more user-friendly and understandable to those with disabilities? Here are ten methods you can start using right away.

10 Tips For Meeting Email Accessibility Standards

• Create concise and straightforward content. This is something you should be doing for the benefit of all your readers. Stay away from language that’s too technical and trendy business jargon that can distract readers away from your message. It’s also a good idea to use very clear subject titles to help those using assistive technologies like screen readers understand what the email is about, and to include a link to a plain text version of the email.
• Use a larger font size. This can be very helpful for those with low vision and for dyslexia sufferers too. Aim for at least 14 pixels or larger for the best results.
• Consider your use of colors. The use of color can be important for branding and capturing attention, but it can be a problem for those with vision impairment. Text and other types of content need to have a certain amount of contrast against a background color to be visible, with the accepted standard being a ratio of 4.5:1. You can check your emails for the right contrast on any page with this handy online tool.
• Break up text content with images. You probably already know that it’s good form to keep your paragraphs short and to use subtitles, but placing images that represent a visual depiction of what’s being conveyed in the text between longer paragraphs can help to increase engagement and message reinforcement for all your readers and also help those with disabilities to understand. Keep in mind that if you use animation or graphics that flicker or flash like a strobe that it can cause seizures in people with certain disorders.
• Use alternative text for images. Alt text is an attribute that can be added to an email to display a box with a text description of what an image is for those who can’t perceive them.
• Use mobile accessibility designs. With so many people using mobile devices these days, your emails should be mobile friendly for viewing on smartphones and tablets. You can make them even more accessible to those with disabilities by including the ability to easily resize content without using third-party technology and by using large target areas for your CTA buttons.
• Use HTML5 semantic elements. Use the same heading and paragraph tags that you would use to render content on a regular web page to make your text clearer and more easily understood.
• Use “presentation” in layout tables. It’s common practice to use tables for layout and formatting purposes in emails, and you can easily make them more accessible by adding the element role=“presentation”. This tells any assistive technology to read the content but to ignore the table properties.
• Include a text description for hyperlinks. Someone using a screen reader won’t know where a hyperlink is taking them if the text just reads ‘click here’. Adding text to describe the content of the landing page will let them decide if they want to click the link or not.
• Consider adding transcripts and captions to videos. This is essential for those with hearing and vision impairments and also allows for private viewing or reading in situations where having the sound up is impractical, and when someone wants to understand the video transcript for deeper comprehension and consideration.

Creating emails that are more accessible to people with disabilities is not only considerate to your current or potential customers, but it’s also just good business practice. You can learn more about best practices in the Web Content Accessibility Guidelines (WCAG). You should also make use of this helpful checklist, and take advantage of this list of evaluation tools to test your emails.

On December 17, 1903, Orville and Wilbur Wright made the first successful flight in a mechanically propelled airplane. To celebrate the accomplishment and commemorate the achievements of the brave brothers, December 17 became Wright Brothers Day by a 1959 Presidential Proclamation. Wright Brothers Day is now honored every year in the United States with festivities and activities.

A Land of Innovation and Invention

In the nation’s beginnings, the founding fathers had to cross an unfriendly ocean to live in uncharted land. Early settlers made their way across the vast landscape, using their strength and ingenuity to adapt to often harsh conditions.

Over the history of the US, Americans laid track to build railroads to span the nation, while other Americans built the cars that would change the way people live. The Wright Brothers succeeded in their revolutionary flight soon after.

What Was Once Thought Impossible

Before the Wright Brothers launched their flight, most people could not imagine that flight by humans was possible. Earlier efforts to leave the ground were limited, because there was no way to sustain flight or control a contraption in the air. The Wright Brothers knew that they would need to be able to control the wings and nose so that a pilot could navigate while in the air.

While it seems obvious now, their ideas changed the way humans view the world. People felt attached to the earth, trapped in two dimensions. Once people were able to fly, they could see the world from an entirely new perspective. Distances become relative, and the world seems both grander and more interconnected. The boundaries that used to limit people’s activities no longer hold that control over our lives.

Humble but Loving Beginnings

Milton and Susan Wright were the parents of Orville and Wilbur, and they encouraged their sons to learn about whatever they could and to travel to other parts of the world. Mr. Wright was a bishop in the United Brethren Church, and his position caused him to travel a lot for church business. While he was away, he sent many letters and gifts home to his family, exposing them the many fascinating wonders the world has to offer.

Wilbur and Orville started in the printing business and even had their own newspaper for a while. They started their own bicycle business in 1894, making and selling bikes to turn a profit. But their dreams were always bigger.

When Wilbur and Orville started seeing other inventors’ attempts at building flying machines, the brothers figured out where they were going wrong. Their first gliders did not succeed, but the Wright Brothers kept trying until they achieved their dream. The Wright Brothers decided what they wanted to do, and then they realized what other people couldn’t with their own abilities.

Facebook has just announced that a Photo API bug gave app developers access to user photos outside of the scope intended for 5.6 million users. This includes granting apps access to Facebook Stories, Marketplace photos, and photos that were uploaded but not shared. The bug was in effect from September 13^th to September 25^th.

As of now, Facebook is working on releasing tools to allow app developers to determine if they were impacted by this bug, and will work with them to delete unauthorized photos. Facebook will also be notifying any users they suspect may have been affected.

Learn More

If you have any questions or concerns about this latest Facebook bug, please don’t hesitate to contact me directly at {phone} or {email}.

A recent sextortion scheme highlights the vulnerability users face when their data is stolen and used against them.

The widespread threat made it seem as though a hacker had compromising video of a victim taken while visiting adult pornographic websites. The scammers threatened to release the video unless they were paid in bitcoins.

Here’s a closer look at the threat and how to prevent such ruses in the future.

What Happened in the Sextortion Case?

The latest fraud was different from earlier sextortion cases in one significant aspect. Victims were targeted with an email that appeared to come from their very own email account.

In the past, similar hacks used passwords to an adult website that had been stolen in a data breach. The scammer would threaten to release information about the victim’s activity in exchange for cryptocurrency.

Are These Schemes Successful?

The risk of public embarrassment is a powerful motivator for many victims who would rather pay than be exposed for visiting questionable websites. The recent scheme was first noted in the Netherlands, where it reportedly netted €40,000 in short order. That kind of quick cash is highly motivating to hackers looking to make a large amount of money fast.

What Did the Sextortion Email Say?

The English version of the scam had a subject line that included the victim’s email address and “48 hours to pay,” e.g. “username@example.com 48 hours to pay,”

In broken English, the scammer claimed to be part of an international hacker group that now had access to all accounts and gave an example of a stolen password.

Throughout several months, the email alleged, the victim’s devices were infected with a virus from visiting adult websites. Now, the hackers had access to a victim’s social media and messages.

“We are aware of your little and big secrets … yeah, you do have them,” the email continued. “We saw and recorded your doings on porn websites. Your tastes are so weird, you know.”

The email further claimed to have recordings of the victim viewing these websites and threatened to release them to friends and relatives. It demanded payment of $800 in bitcoin within 48 hours of reading the message. If the funds were received, the data would be erased. If not, videos would be sent to every contact found on the victim’s device.

For unsuspecting victims, receiving such an email could be terrifying. That’s why so many people succumb to such demands and pay up.

What Can Users Do?

While it’s easy to be scared into sending payment, the reality is that these emails can be ignored and deleted. It’s a good idea after doing so to run an anti-virus scan on all your devices to be sure that there is no malware installed.

Many of these scams occur because a domain has been hacked. However, these vulnerabilities can be eliminated by using some basic protections. Using domain name system (DNS) records designed for email validation and authentication are an essential first step. Here are three of the most common:

• SPF. A sender policy framework (SPF) verifies that an email that claims to come from a domain is associated with an authorized IP address. An SPF can detect faked sender email addresses in spam filters. Hackers are less likely to target such domains for phishing attacks.
• DKIM. DomainKeys Identified Email (DKIM) lets an email receiver verify that an email coming from a domain was authorized by that domain. Senders need to attach a digital signature to each outgoing message that’s linked to a domain name. The recipient’s system can compare that signature to a published key.
• DMARC. Layered on top of SPF and DKIM is domain-based message authentication, reporting and conformance protocol (DMARC). Established in 2011, DMARC allows email senders to publish policies about unauthorized email. Also, email receivers can provide reporting to those senders. Both are designed to build a domain reputation and credibility about Domain-issued emails.

Your users and domains are vulnerable to hackers looking to exploit technology to shame people into paying. With the right technology assessments, security protocols and safeguards in place, your systems will be protected and dissuade hackers from attacking your sites in the future.