Tag Archive for: role

What is Exploratory Testing? Its Role in Agile Software Development

/in


Exploratory testing can be defined as the simultaneous test designing and execution process. Unlike “traditional” testing methods, it does not restrict testing to a predefined set of instructions. Rather it encourages the tester to explore and discover potential testing cases in any application.

For instance, a software tester can create a test “idea” at the start and then explore the target application to create additional tests for successfully testing the application. With minimum planning, software testers can use their expertise to determine their next action step “on the fly.”

Why is exploratory testing gaining importance for today’s application development? Today, application companies demand continuous testing and integration to meet changing customer expectations and market demands. A structured approach to software testing (based on defining set test cases) is no longer adequate. With exploratory testing, testing teams can now convert a “user story” (with a sequence based on user persona) into a test case.

How does this type of testing elevate Agile? Let’s explore next.

Source…

NATO’s Role in Global Cyber Security

/in


This paper is part of a series called: NATO in a New Era: Global Shifts, Global Challenges. The full series is available, here

Malicious cyber activity has increased substantially over the past years, ranging from ransomware and espionage to politically motivated cyberattacks and sophisticated malware used in the war in Ukraine. NATO allies must remain on high alert.

The changed nature of military conflict changes the defensive mission of NATO, which faces capable opponents in cyberspace and raises the question of how to create accountability when a hostile state fails to observe globally agreed norms.

The set of action for NATO for the next five years evolves around how to impose costs and how to deny benefits against malicious actors in cyberspace.

Introduction

What the war in Ukraine says about cyber power is yet not entirely cleared from the fog of war. Many aspects remain uncertain, but given the unpredictability of the Putin regime, the risk of an escalation in hostile cyber exchanges between Russia and NATO states remains high. What is clear is that, as of February 24, 2022, we live in a different world in which the European and global security orders have been shattered.

This brief first explores the challenge that cyber threats pose to NATO allies and how the rapidly evolving cyber-threat landscape can alter the international security environment. Secondly, it looks at developments in cyber defense policy within NATO. Finally, the brief analyzes how NATO needs to adapt to address cyber challenges, studying how allies align their sovereign interests, capabilities, and cyber doctrines with NATO operational requirements and strategic ambitions. NATO is set to issue strategic documents in 2022 that will guide the next decade of its military planning. This will certainly require more transatlantic consultation on political-military matters with an emphasis on cyber security and cyber defense.

Cyber Challenge to World and NATO Allies

Malicious cyber activity has increased substantially over the past years while the world has kept turning amid the omnipresent pandemic and now war in Ukraine. States, non-state actors, and criminal groups compete and are…

Source…

The role of Big Tech in cyber defence

/in


Cyber warfare has reached new levels – with attacks now disrupting supply chains, infiltrating governments, and affecting national infrastructure. And cyber threats at a national level have significantly bigger consequences than an organisational data breach, ones which impact international relations.

Back in 2021, the US accused China of a global cyberespionage campaign and responded with a broad coalition that included Britain, the EU and even NATO. Beijing rejected the attempted initiative and called it irresponsible. Overall, it was a highly tense situation involving two super nations, and ultimately, a conflict which emphasised a growing problem for government offices. The UK’s Gloucester City Council has been hit twice by attackers in the last decade, Belgium’s defence ministry and Canada’s foreign ministry have been targeted by hackers, and perhaps the most serious of all; Ukraine’s massive cyber attack that shut down numerous government websites. The fallout of Ukraine’s cyber attack highlights the catastrophic effects of cyberwarfare at a national level. It should be a wake-up call for countries to strengthen their own cyber security posture.

While most countries like the UK and Belgium are increasing investment in cybersecurity, the US is turning to Big Tech for help with cyber defence. After sending out a letter back in December, the White House met executives from the top tech firms – including Google, Apple, IBM and Amazon – to discuss how to bolster software security in the wake of the attack on Log4j, the open-source software. A bold move, one that indicates the private sector could be the answer to securing critical infrastructure and systems.

The current state of national cybersecurity

Perhaps a rather obvious and inevitable challenge for governments is that countries will undeniably engage in cyber-espionage. In a data-driven and digital-first world, the easiest form of information gathering is to target systems and data. Some of the targets of the SolarWinds/Nobelium attack of 2020 included the Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Agency (CISA), and the US Treasury.

Source…

China’s plans for a national cybersecurity barrier. A US Federal role in the open-source software supply chain? A look at proposed reporting deadlines.

/in


CISA: Federal Agencies Taking Steps to Address Log4j Flaw (Decipher) CISA said that thousands of internet-connected assets have been mitigated by federal agencies under its Emergency Directive that addressed the Log4j flaw.

CISA Still Helping Federal Agencies Remediate Log4j Vulnerability (MeriTalk) The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) said today that it is continuing to help Federal agencies remediate the Log4j vulnerability that CISA first warned about in December.

Lesson from Log4j: Open-source software improvements need help from feds (POLITICO) The tech industry is readying solutions to the security risks posed by the collaborative software that underpins modern-day computing — but aid from Washington could be essential to the project’s success.

The Case for Cyber-Realism (Foreign Affairs) Geopolitical problems don’t have technical solutions.

Russian troops intervene in protest-roiled Kazakhstan, where security forces have killed dozens of demonstrators (Washington Post) Russian troops landed in Kazakhstan on Thursday after the Central Asian country’s president asked for help to quell sweeping anti-government protests — a major test of a Moscow-led military alliance as the Kremlin deepened its role in the crisis.

Kazakh president gives shoot-to-kill order to put down uprising (Reuters) Kazakhstan’s president said on Friday he had ordered his forces to shoot-to-kill to deal with disturbances from those he called bandits and terrorists, a day after Russia sent troops to put down a countrywide uprising.

Kazakhstan unrest: From Russia to US, the world reacts (Al Jazeera) Bloody protests have drawn the attention of regional powers Russia and China, as well as Western capitals.

West must stand up to Russia in Kazakhstan, opposition leader says (Reuters) The West must pull Kazakhstan out of Moscow’s orbit or Russian President Vladimir Putin will draw the Central Asian state into “a structure like the Soviet Union”, a former minister who is now a Kazakh opposition leader told Reuters.

How Kazakhstan could shift Putin’s calculus on Ukraine (Atlantic Council) The unrest poses a question for Putin: Should he continue…

Source…