## Brandeis GPS Blog

### Insights on online learning, tips for finding balance, and news and updates from Brandeis GPS

#### Tag: Big Data (page 3 of 3)

by: Katherine S Rowell author of “The Best Boring Book Ever of Select Healthcare Classification Systems and Databases” available now!

Today a client asked me to add an “average of averages” figure to some of his performance reports. I freely admit that a nervous and audible groan escaped my lips as I felt myself at risk of tumbling helplessly into the fifth dimension of “Simpson’s Paradox”– that is, the somewhat confusing statement that averaging the averages of different populations produces the average of the combined population. (I encourage you to hang in and keep reading, because ignoring this concept is an all too common and serious hazard of reporting data, and you absolutely need to understand and steer clear of it!)

Imagine that we’re analyzing data for several different physicians in a group. We establish a relation or correlation for each doctor to some outcome of interest (patient mortality, morbidity, client satisfaction). Simpson’s Paradox states that when we combine all of the doctors and their results, and look at the data in aggregate form, we may discover that the relation established by our previous research has reversed itself. Sometimes this results from some lurking variable(s) that we haven’t considered. Sometimes, it may be due simply to the numerical values of the data.

First, the “lurking variable” scenario. Imagine we are analyzing the following data for two surgeons:

1. Surgeon A operated on 100 patients; 95 survived (95% survival rate).
1. Surgeon B operated on 80 patients; 72 survived (90% survival rate).

At first glance, it would appear that Surgeon A has a better survival rate — but do these figures really provide an accurate representation of each doctor’s performance?

Deeper analysis reveals the following: of the 100 procedures performed by Surgeon A,

• 50 were classified as high-risk; 47 of those patients survived (94% survival rate)
• 50 procedures were classified as routine; 48 patients survived (96% survival rate)

Of the 80 procedures performed by Surgeon B,

• 40 were classified as high-risk; 32 patients survived (80% survival rate)
• 40 procedures were classified as routine; 40 patients survived (100% survival rate)

When we include the lurking classification variable (high-risk versus routine surgeries), the results are remarkably transformed.

Now we can see that Surgeon A has a much higher survival rate in the high-risk category (94% v. 80%), while Surgeon B has a better survival rate in the routine category (100% v. 96%).

Let’s consider the second scenario, where numerical values can change results.

First, imagine that every month, the results of a patient satisfaction survey are exactly the same (Table 1).

The Table shows that calculating an average of each month’s result produces the same result (90%) as calculating a Weighted Average (90%). This congruence exists because each month, the denominator and numerator are exactly the same, contributing equally to the results.

Now consider Table 2, which also displays the number of responses received from a monthly patient-satisfaction survey, but where the number of responses and the number of patients who report being satisfied differ from month to month. In this case, taking an average of each month’s percentage allows some months to contribute to or affect the final result more than others. Here, for example, we are led to believe that 70% of patients are satisfied.

All results should in fact be treated as the data-set of interest, where the denominator is Total Responses (2,565) and the numerator is Total Satisfied (1,650). This approach correctly accounts for the fact that there is a different number of values each month, weights them equally, and produces a correct satisfaction rate of 64%. That is quite a difference from our previous answer of 6% — almost 145 patients!

How we calculate averages really does matter if we are committed to understanding our data and reporting it correctly. It matters if we want to identify opportunities to improve, and are committed to taking action.

As a final thought about averages, here is a wryly amusing bit of wisdom on the topic that also has the virtue of being concise. “No matter how long he lives, a man never becomes as wise as the average woman of 48.” -H. L. Mencken.

I’d say that about sums up lurking variables and weighted averages — wouldn’t you?

by: Leah Burrows

In Sunday’s kickoff diploma ceremony, the Division of Graduate Professional Studies at the Rabb School of Continuing Studies conferred nearly 100 graduate degrees and certificates on a diverse group of professionals from across the country and around the world.

The ceremony awarded graduate certificates and master’s degrees in bioinformatics, information security, information technology management, project and program management, health and medical informatics, virtual management and software engineering.

The graduates, most of whom worked full-time jobs as they pursued their degrees and certificates, shared the spotlight with their families, who were praised for their support and patience.

“Friends and family members should get a graduate degree in understanding,” said Anne Marando, executive director of the Division of Graduate Professional Studies.

Student speaker Robert Havasy, MS ’14, agreed, thanking his family for “propping me up when I thought about quitting, when the work seemed too much.”

Havasy, the corporate team lead for product and technology development at the Center for Connected Health, highlighted the differences between Rabb graduates and others receiving their degrees on Sunday.

Many of these students will spend the next few years figuring out what they want to do, struggling to find their place in the work force and searching for a mentor, Havasy said.

“What makes Rabb unique is the vast majority of us came here from established careers,” Havasy told his fellow graduates. “We will return to work next week or, more likely, tomorrow. We will become mentors to these students. So spend time with your interns, use your influence to promote diversity, civility and integrity in the workplace.”

Eric Siegel ’91, the founder of Predictive Analytics World and Text Analytics World, gave the keynote address. He urged the graduates to “do what you love and love what you do.”

“My advice to you is geek out,” Siegel said. “Get into it. Find that thing in your work you get a thrill out of.  The holy grail in your work life is finding that thing that gives you a kick.”

Siegel, the executive editor of Predictive Analytics Times and the author of “Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie, or Die,” received his bachelor’s degree from Brandeis in computer science.

He shared his own experiences geeking out about predictive analytics, theater and teaching. The self-proclaimed “singing professor” lived up to his name, serenading graduates with a few verses from his songs about problem solving and analytics.

“It is a priority to find the fun in your work life,” he told the graduates.

Pursing an education while working a full-time job wasn’t always fun for many of Sunday’s graduates but it was fulfilling.

“This was such a rewarding experience,” said Rocky Moscoso, who received a Master’s of Software Engineering. “I had 14 years of experience in the field before coming to Brandeis and I was able to use what I learned at work in the classroom and visa versa.”

Veronica Orozco, who also received a Master’s of Software Engineering, agreed.

“This experience was insane, overwhelming and totally worth it,” she said.

Leah is the  News and Communications Specialist at Brandeis University, generating content for the university’s website and magazine. Leah also writes for her own blog: wordsbyleah.com

by: Nagendra Nyamgondalu, Senior Engineering Manager at IBM India and Brandeis Graduate Professional Studies Master of Software Engineering Alum

It was only a few years back that most IT managers I spoke to would smirk when they heard  the  term  “cloud” in  a  conversation.  They  either  didn’t  believe  that  cloud  computing  would  be  viable  for  their  businesses’  IT  needs  or  were  skeptical  about  the maturity  of  the  technology.  And  rightly  so.  But,  a  lot  has  changed  since  then.  The  technology, tools and services available for businesses considering adoption of a public cloud, setting up their own private cloud or treading the middle path of a hybrid one, has  made  rapid  strides.  Now,  the  same  IT  managers  are  very  focused  on  deploying  workloads and applications on the cloud for cost reduction and improved efficiency.

Businesses  today  have  the  choice  of  consuming  Infrastructure  as  a  service  (IaaS),  Platform as a service (PaaS) and Software as a service (SaaS). As you can imagine, these models map directly to the building blocks of a typical data center. Servers, storage and networks form the infrastructure on top of which, the required platforms are built such as databases, application servers or web servers and tools for design and development. Once the two foundational layers are in place, the applications that provide the actual business value can be run on top. While all three models are indisputable parts of the bigger picture that is Cloud Computing, I have chosen to focus on IaaS here. After all, infrastructure is the first step to a successful IT deployment.

Essentially, IaaS is the ability to control and automate pools of resources, be it compute, storage,  network  or  others  and  provision  it  on-­‐demand.  Delivering  IaaS  requires  technology  that  provides  efficient  and  quick  provisioning,  smart  scheduling  for deployment  of  virtual  machines  and  workloads,  support  for  most  hardware  and  of  course, true scalability. OpenStack is an open source framework founded by Rackspace Hosting  and  NASA  that  takes  a  community  approach  to  make  all  this  possible.  It  was  designed  with  scalability  and  elasticity  as  the  overarching  theme  and  a  share­nothing, distribute-­‐everything approach. This enables OpenStack to be horizontally scalable and asynchronous. Since inception, the community has grown to a formidable number with many  technology  vendors  such  as  IBM,  Cisco,  Intel,  HP  and  others  embracing  it.  The  undoubted advantage that a community-­‐based approach brings, especially to something like IaaS, is the extensive support for a long list of devices and cloud standards. When a new type of storage or a next generation network switch is introduced to the market, the vendors have a lot to gain by contributing support drivers for their offerings to the community. Similar support for proprietary technology has dependencies on customer demand and the competitive dynamics amongst the vendors -­‐ this almost always results in delayed support, if that. While proprietary versus open source is always a debate, the innovation and cost benefits that open alternatives have provided in the recent years, has  clearly  made  CIOs  take  notice.  Support  for  a  variety  of  hypervisors,  Open  APIs,  support  for  object  or  block  storage  and  the  mostly  self-­‐sufficient  management capabilities are some of the common themes I hear on why businesses are increasingly adapting OpenStack. Additionally, the distributed architecture of OpenStack where each component (such as Compute, Network, Storage & Security) runs as a separate process connected  via  a  lightweight  message  broker,  makes  it  easy  for  ISVs  looking  to  build  value-­‐adds  on  top  of  the  stack.  All  the  right  ingredients  for  a  complete  cloud management solution for IaaS.

Most  IT  managers  dream  of  the  day  when  every  request  for  infrastructure  is  satisfied  instantly by the click of a button regardless of the type being requested, workloads run smoothly and fail-­‐over seamlessly when there is a need to, resource usage is constantly optimal  and  adding  additional  hardware  to  the  pool  is  a  smooth  exercise.  Business  managers dream of the day when they have instant access to the infrastructure needed to run their brand new application and once it is up, it stays up. Aaah Utopia.

The good news is it is possible here and now.

Nagendra Nyamgondalu is a Senior Engineering Manager at IBM in India. He is a 2003 graduate from Brandeis University, Graduate Professional Studies’ Master of Software Engineering Program.

From Steve Jobs to Ariana Huffington, entrepreneurs are the movers and shakers of our modern world, transforming ideas into empires and concepts into cultures. While anyone can claim to have “the next great business idea,” an extraordinary few can translate those ideas into a viable business. That requires much more than a single stroke of brilliance; it takes a unique blend of boldness, passion, and business know-how that not too many possess.

There is no step-by-step formula to successfully launching and leading your own venture. Every entrepreneur has his or her own unique business philosophy and strategies for success. But, it seems there are a few overarching hallmarks of a great entrepreneur.

If you’re itching to start your own company and create game-changing innovations, start taking notes. Here are seven habits of successful entrepreneurs. Adopt these habits, and hopefully, you’ll start thinking (and earning) like a successful entrepreneur.

## 1. Act first, think second

Successful entrepreneurs are not afraid to take risks. They are quick to act even in face of great uncertainty. Rather than spending exorbitant time analyzing, planning, and predicting; they take action. Sure, sometimes the outcome of this speedy decision-making isn’t exactly ideal, but quite often, boldly seizing the moment before it’s too late pays off. If they do make mistakes, the best entrepreneurs learn from them, pick themselves up, and continue to innovate.

“They act, learn from what they find, and act again,” Paul B. Brown said in Forbes.

## 2. Be a lifelong learner

Great entrepreneurs are constantly curious. They deeply desire to know how products work, how people think and endlessly ask, “why?” This thirst for knowledge not only keeps them well-informed about their industry and the larger world, it enables them to detect opportunity early and innovate breakthrough products.

## 3. Delegate

Even the greatest geniuses of our time did not achieve fame and fortune all on their own. The best entrepreneurs know how to build a team whom they can trust to help them realize their vision. Recruiting the right people and delegating effectively is a hallmark of a great CEO. This empowers you to achieve more than you ever could alone. Plus, collaboration is the seed of innovation.

## 4. Tune into market needs

Plenty of people can spout brilliant, forward-thinking ideas, but if they are unable to match these schemes with a need in the market, they’re useless. Successful entrepreneurs start with a market need. They don’t let arrogance about their “genius” ideas dictate their actions. The market is their master.

## 5. See the silver linings

When unexpected complications and dilemmas obstruct the path to success, great entrepreneurs don’t see problems, they see opportunity. Armed with this positive attitude, they do not waste time stressing over setbacks. Instead, they find the silver lining in negative situations and discover unexpected opportunities. While they do not wear rose-colored glasses, the best business owners are not bogged down by failure. They continue to be agile innovators and remain ahead of the game.

## 6. Put people first

The best entrepreneurs put people first both internally within their organization and externally, when serving customers. Successful ventures are led by those with an immense capacity for empathy and are able to understand other people’s perspectives. Being able to step beyond your limited viewpoint and truly observe, listen, and understand those around you is a crucial asset. It enables entrepreneurs to let the customer’s needs – not their own ideas – dictate strategy. It also helps them encourage loyalty, productivity, and camaraderie among their employees.

## 7. Never be satisfied

The best entrepreneurs are never “done” with a project. They would continue to iterate and improve a product for all eternity if time and money permitted.

“Great entrepreneurs are fanatical about improving their products and services…They’ll spend extraordinary time and effort simply to get things right,” said Geoffrey James in Inc.

And if they do complete one project, they waste no time before diving into a new venture, building upon the success of their most recent product. This quest to always be better is what enables successful entrepreneurs to create industry-leading products and be endless sources of innovation.

Author: Derek Brink

What a joy it is to be understood! Yet many security professionals find it difficult to be understood by the business decision-makers they are trying to advise.

“They just don’t get it,” we say. And we grumble that our committed, faithful, and honorable efforts to protect the company and its assets are under-recognized, under-appreciated . . . and under-funded.

We could try speaking louder, and more slowly—the comedic memes for how we instinctively try to communicate with someone who speaks a different language.

Of course, we could start trying to speak the same language. That would probably yield better results.

The way we talk about risk is a prime example of how we habitually miscommunicate. Security professionals mistakenly think they are talking about risk, when they are, in fact, talking about threats, vulnerabilities, and exploits. Some examples include

• Phishing attacks: This is not a risk. It’s an exploit of a very common vulnerability (humans).
• OWASP Top 10: These are mistakenly described as “The 10 Most Critical Web Application Security Risks,” but they are not risks. They’re vulnerabilities and exploits.
• Advanced persistent threats: This isn’t a risk. It’s a threat. (Even when we get the name right, we get it wrong.)
• Rootkits: This is not a risk. It’s a type of exploit.

As security professionals, we tend to go on and on, talking about threats, vulnerabilities, exploits, and the technologies that help to defend against them, and we think we’re talking about risk. Meanwhile, the business decision-makers we’re trying to advise are confused and frustrated.

So, what is the right language? What is risk?

Shon Harris, author of the popular CISSP All-in-One Exam Guide, defines risk as “the likelihood of a threat agent exploiting a vulnerability, and the corresponding business impact.” Douglas Hubbard, author of The Failure of Risk Management: Why It’s Broken, and How to Fix It, defines risk as “the probability and magnitude of a loss, disaster, or other undesirable event.” (And in an even simpler version: “something bad could happen.”)

To be very clear, it’s not that there are multiple definitions of risk, or that the definition of risk is unclear. It’s that we as security professionals aren’t speaking the right language. When we speak about security risks, we should be speaking about the probability of successful exploits, and the magnitude of the corresponding business impact.

Imagine yourself in the role of the business decision-maker, and imagine that your subject matter experts presented you with the following assessment of risks related to endpoint security:

• Cleverly engineered stealth malware, rootkits, is designed to evade detection, and persists on endpoints for prolonged periods of time. And new strains of malware are targeting an area of endpoints that performs critical start-up operations, the master boot record, which can provide attackers with a wide variety of capabilities for penetration, persistence, and control. In both cases, we may already be infected, but not even aware.
• There is a 15 percent probability that an endpoint security exploit will result in business disruption and productivity losses that may exceed \$5M.

Which of these would be more helpful to you in terms of informing a decision about endpoint security? (It should go without saying that this point could just as easily apply to managing identities and access, or data protection, or application security, or mobility initiatives, and so on. Endpoint security is just an illustrative example.)

Clearly, the second option is more helpful. And the second option is properly framed in terms of risk.

In no way does this guarantee what the actual decision will be. One decision-maker might conclude, “I approve your request to invest in additional endpoint security controls to reduce this risk,” while another decision-maker might conclude, “that’s a risk I’m willing to live with.” But that’s okay—as security professionals, we will have done our job.

By better understanding how to communicate about security risks, we will also enjoy the benefits of being better understood.

Derek E. Brink, CISSP is a Vice President and Research Fellow covering topics in IT Security and IT GRC for Aberdeen Group, a Harte-Hanks Company. He is also a adjunct faculty with Brandeis University, Graduate Professional Studies teaching courses in our Information Security Program. For more blog posts by Derek, please see http://blogs.aberdeen.com/category/it-security/  and http://aberdeen.com/_aberdeen/it-security/ITSA/practice.aspx

Brandeis Graduate Professional Studies is pleased to announce our 2014 Commencement speaker for the Rabb School of Continuing Studies Diploma Ceremony, Eric Siegel, PhD.

Eric completed his undergraduate degree from Brandeis University in 1991, and subsequently earned his PhD from Columbia University. Eric is the founder of Predictive Analytics World and Text Analytics World. He is the Executive Editor of the Predictive Analytics Times, and he makes the how and why of predictive analytics understandable and captivating. Eric is the author of Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie, or Die and a former Columbia University professor who used to sing to his students. He is a renowned speaker, educator, and leader in the field. He has appeared on Bloomberg TV and Radio, Fox News, BNN (Canada), Israel National Radio, Radio National (Australia), The Street, Newsmax TV, and NPR affiliates. Eric and his book have been featured in Businessweek, CBS MoneyWatch, The Financial Times, Forbes, Forrester, Fortune, The Huffington Post, The New York Times, The Seattle Post-Intelligencer, The Wall Street Journal, The Washington Post, and WSJ MarketWatch.

I cannot believe the term is already over! While it seems like these past ten weeks flew by, I can remember there still being so much snow on the ground the first week and now we finally have beautiful weather outside.

This was my first course with GPS as well as my first graduate course since I graduated from undergrad at Brandeis almost two years ago, so it certainly was an exciting new experience. I was enrolled in Foundations of Data Science and Analytics, one of the required courses for the newest master’s program, Strategic Analytics. I was definitely intimidated when I first began, as an Enrollment Advisor at Brandeis, I had very little formal experience working with analytics. I found as I worked through the course, I could apply the principles I learned into many facets of my day-to-day job and the operations of the university as a whole. Our instructor, Leanne Bateman, was great at making sure we related each week’s discussion back to our own experiences at work. I particularly enjoyed one of our assignments where we had to write a job description for a data scientist in our own office.

It was an adjustment to get back into the mindset of doing schoolwork. My first week I left all of my reading and videos for Saturday afternoon and I sat in Starbucks for almost 8 hours! But after the first few weeks, I got into a rhythm of setting out times on particular days to do readings and postings.  After these ten weeks, I am very glad that I took the course and I think it will greatly benefit me at work. I plan on taking the summer off, but maybe I will enroll in my second GPS course in the fall!

Rebecca Weiss graduated from Brandeis University in 2012 with a Bachelor of Arts in Politics and Sociology. Currently, she works with Brandeis Graduate Professional Studies as an Enrollment Advisor.

by: Ari Davidow

It’s textbook season once again. That’s the time of year when I go through new textbooks for next semester’s course.

The good news is, “Cloud Computing,” a subject so out on the edge when it was first offered four years ago that it was a “special topic,” is now relatively main stream. The bad news is, the textbooks still focus on how to teach network administrators how to set up cloud services. Which wouldn’t be a bad class, and it is certainly useful to IT professionals, but it isn’t the class that we teach here at Brandeis.

My course focuses as much on how “Cloud Computing” is changing how we do our jobs, as it does on the practicalities of using common Cloud infrastructure. We don’t neglect becoming familiar with common Cloud “Infrastructure as a Service” components such as: storage, queue servicing, database and web servers and the like. But that is a limited corner of the field.

I first realized how far ahead of the times our course was when I saw one of the computing consulting groups, IDC, refer to the topics we address as “The Third Platform.” Turns out, by focusing on the different types of Cloud Computing platforms, spending time considering related issues (“Big Data” and how “mobile computing” affects it all), we were focusing attention on what IDC feels is a major shift in computing. A shift so large it is comparable to the switch from mainframes to personal computers not so many years ago.

Additionally, the IDC report accidentally highlights how we create courses. Sometimes, when we’re teaching a language or computing system, we focus on the basics of just learning that language or platform. If you take a Ruby class, or a class in Analytics, you’ll get a good grounding in those disciplines. But with Cloud Computing we are talking about changes in technology that are changing everything around them.

Software as a Service (SaaS) has radically changed how Enterprise applications are purchased and maintained. Infrastructure as a Service (IaaS) has changed the way start-ups work and thoroughly changed the economics of putting new ideas to the test. The proliferation of mobile devices has similarly destroyed the likelihood that network security is as simple as thinking in terms of one person/one device, most of which are physically hooked up to the network. This is a paradigm already challenged by the need to integrate SaaS services with the rest of the network.

When you sign up for “Cloud Computing” this summer, you are signing up to explore the entire “Third Platform.” We’ll also walk you through some bare metal Cloud Computing basics and have some big fun with Big Data. I look forward to seeing you soon.

P.S. As with all Brandeis GPS classes, you can participate with whatever computing device is convenient to you—your computer, your tablet or smartphone. We like to practice what we teach.

Brandeis University’s division of Graduate Professional Studies announced today it has launched a new Master of Science degree in strategic analytics.

The online program is designed to harness the proliferation of data in all aspects of business using advanced analytic tools. With the advent of “big data,” businesses can reduce risk and improve performance through better-informed decision-making in areas such as revenue management, dynamic pricing and business modeling.

“At leading businesses, analytics is now core to driving strategy, and the demand for expertise in analytics is continuing to blossom,” said Eric Siegel, founder of Predictive Analytics World and author of “Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie, or Die.”

The new comprehensive program includes courses focusing on how data are collected, stored, secured, mined and analyzed, along with courses on how analyzed data can be translated into valuable business information to drive strategic decision-making. The program will provide the academic rigor needed to help business leaders and analysts understand how to collect, deploy, analyze and implement data-based decision-making in all phases of their business.

Seven core courses and three electives are required (a total of 30 graduate credits). Students may enroll in up to two courses before officially applying for admission.

Strategic analytics are critical to the strategic management of any business or organization,” said Leanne Bateman, who chairs the new program. “The management, analysis and use of large data sets at the foundation of any business drive the strategic decisions that increase revenue and reduce costs for the organization.”

Program graduates will be able to:

• Evaluate and apply analytic tools and techniques to manage large sets of data, distributed data, and cloud-based data
• Integrate leadership and communication skills with information technology, information management, and data science to maximize business intelligence and decision-making