The Brandeis GPS blog

Insights on online learning, tips for finding balance, and news and updates from Brandeis GPS

Tag: Analytics (page 2 of 3)

Brandeis expands online course offerings with Learning Analytics graduate certificate

New fall program combines data analysis with the expanding field of online learning

LAN_hero for website_500x300

Brandeis University’s Graduate Professional Studies division (GPS) will launch a fully-online graduate certificate program in Learning Analytics in September 2015, the university announced today.

Designed to be completed in 1.5 years or less, the program is for professionals with strong backgrounds in education, instructional design, or institutional research. Cross-disciplinary in nature, the certificate will provide students with the foundational tool sets and theory of business intelligence and data analysis. These skillsets are necessary for evaluating the effectiveness of courses, programs and instruction, and prepare students to fill a highly in-demand skills gap in a burgeoning job market.

“As the learning analytics field continues to evolve, it is more important than ever before to use the technology and data we have available to us to understand and, ultimately, enhance the learning experience,” said Brian Salerno, director of Online Learning and Instructional Design at Brandeis GPS.

The five-course, 15-credit certificate program draws heavily from two existing Brandeis GPS master’s degrees: Instructional Design and Technology and Strategic Analytics. Applicants are expected to possess a post-graduate degree in a related field as well as three years of relevant work experience.

In addition to the new Learning Analytics certificate, Brandeis GPS offers eight fully online part-time master’s degrees, including Strategic Analytics, Bioinformatics, Health and Medical Informatics, Instructional Design & Technology, and Software Engineering. All Brandeis GPS programs are asynchronous, providing students with a flexible and convenient approach to completing their degree.

Students interested in applying to the Learning Analytics certificate program should complete their application by Aug. 11, 2015. Students also have the opportunity to take a course prior to applying for admission. Registration for the summer 2015 term opened on April 14, with courses beginning May 20. For more information about Brandeis GPS, please visit www.brandeis.edu/gps.

Click here to subscribe to our blog!

Footerindesign

Analytics: Not Just For Data Experts

By Ariel Garber

Analytics is useful in any profession, with the potential to increase efficiency, profitability and accuracy. From healthcare, to marketing, to even sports, analytics is becoming an essential tool in all fields. Here’s a sneak peak into how data affects more industries that you expect.

Technology is shaping a new health care economy, evident in the advances of Stethoscopemobile devices, cloud computing and analytics. “‘We need to empower consumers with the in-the-moment guidance they need,’” said Dennis Schmuland, MD, Microsoft’s chief health strategy officer, “adding that a key technological component of that on both sides of the patient-provider equation is health analytics, thus the need to ‘make analytics easy for everyone.’”

Social media Picture1and marketing analytics tools are also important as social media becomes essential in all fields. Research has shown that “the conversations your customers have among themselves drive about 13 percent of business decisions and can amplify your advertising by 15 percent.

Sports analytics are valuable to both consumers and professionals, for the way we consume sports industry through sports data is dependent upon analytics. “Sports analytics is not just a catch phrase, but an influential part of the future of sports,” said Bloomberg Sports, the leading global provider in data and analytics, “We believe sports analytics plays an integral role in the future of sport, both at a fan engagement and elite sport performance level.” Bloomberg Sports offers a variety of resources to both consumers and professionals. For professional purposes, they provide analytic tools for scouting, video analysis and “player-centric applications to assess performances and aid the preparation of upcoming games.” They also have created a predictive analytics program and use their own broadcast and TV stations to “translate analytics-rich content into broadcast tools used on-air to inform and educate viewers.” They also host their own website, StatsInsights.com, featuring analytics-rich sports articles.

Big data is becoming incorporated into all aspects of sports, from devices that can track pitches during the game, to wearable technology. Adidas’ miCoach system collects data from a device attached to the player’s jersey that shows the top performers and who is tired, as well as “real-time stats on each player, such as speed, heart rate and acceleration.” The data from these devices assists trainers, coaches, and physicians in planning better training and conditioning.

There is also a demand for data analytics specialists to translate the data from these devices in a coherent manner for the players and coaches. Moneyball, a 2003 book and 2011 movie featured the Oakland Athletics competitive baseball that utilized analytics in their data-driven strategies. This highlights a shift in sports from gut instincts to a reliance upon science. Analytics is “gaining recognition as a tried and true instrument for competitive advantage in countless industries.”

Brandeis Graduate Professional Studies offers a Strategic Analytics program that produces professionals who understand the strategic potential of big-data analytics and who can translate analysis into effective organizational decision-making, poised to lead today’s organizations to new standards of efficiency and competitiveness.

Brandeis GPS is hosting an Analytics 360 Symposium on Wednesday, April 8, 2015 from 9am-4:30pm at Hassenfeld Conference Center of Brandeis University in Waltham, Massachusetts.

360LogoALT2The day-long symposium will focus on promoting a discussion of the growing field of analytics and how organizations can leverage big data to make more strategic decisions. Panelists will engage in a conversation that places analytics in the context of big data, education, health, marketing and business.

Register here for the Analytics 360 Symposium on April 8, 2015 at Brandeis University. The cost for NERCOMP members is $135 and the cost for non-members is $265. Submit this form to learn more about special pricing available to members of the Brandeis community. For more information, email analytics360@brandeis.edu or call 781-736-8786. You can also find us on Twitter using #GPSAnalytics.

Click here to subscribe to our blog!

Footerindesign

The Emerging Field of Learning Analytics

by Ariel Garber

The development of learning analytics will help shape a new model for teaching and learning, creating a system that provides insight and information to support student success. The field of learning analytics, defined by EDUCAUSE, is “deciphering trends and patterns from educational big data, or huge sets of student-related data, to further the advancement of a personalized, supportive system of higher education.”  Learning analytics evaluates student behavior in order to determine learning efficiency, creating conversations with students about learning strategies and how well they feel learning has occurred. Technology allows us to study learning experiences through the capture and analysis of learning and performance data.

“Analytics provides a new model for college and university leaders to improve teaching, learning, organizational efficiency, and decision making and, as a consequence, serve as a foundation for systemic change,” said George Siemens and Phil Long in their article about learning analytics.

program-hero-strategic-analyticsA key feature of learning analytics is its learning-centric focus, analyzing student performance outside of the classroom in order to gain a new understanding of the efficiency of students, teachers and the curriculum. Beyond basic retention and completion, learning analytics produces students with both inquiry and analysis focus and critical and creative thinking skills.

The implementation of learning analytics requires restructuring academic institutions, to include re-evaluating the flow of data between departments, increasing personal student support, reshaping course design, delivery and more. These changes will be felt by the faculty, students and the institution as a whole. Collaborative and creative leadership is essential in fostering an academic environment that can support and utilize learning analytics.

The Online Instructional Design & Technology program at Brandeis GPS offers foundational skills through the study of instructional design principles, educational technology, and adult learning theories. Students gain the experience needed to solve a variety of instructional challenges and, ultimately, create and deliver high-quality online programs and interactive courseware.

In large part because of the continuous growth in online programs, the Bureau of Labor Statistics data demonstrates that jobs in instructional design and technology have grown 20.8% since 2004, and project above average growth as high as 20% for instructional design jobs between 2010 and 2020. In the next four years alone, the bureau projects over 36,000 new jobs will become available in instructional design and technology.

This reveals the growing forum for learning analytics and Strategic Analytics, also offered at Brandeis Graduate Professional Studies. Brandeis GPS is hosting an Analytics 360 Symposium on Wednesday, April 8, 2015 from 9am-4:30pm at Hassenfeld Conference Center of Brandeis University in Waltham, Massachusetts.

360LogoALT2The day-long symposium will focus on promoting a discussion of the growing field of analytics and how organizations can leverage big data to make more strategic decisions. Panelists will engage in a conversation that places analytics in the context of big data, education, health, marketing and business.

Register here for the Analytics 360 Symposium on April 8, 2015 at Brandeis University. The cost for NERCOMP members is $135 and the cost for non-members is $265. Submit this form to learn more about special pricing available to members of the Brandeis community. For more information, email analytics360@brandeis.edu or call 781-736-8786. You can also find us on Twitter using #GPSAnalytics.

Click here to subscribe to our blog! 

Footerindesign

Analytics 360 Symposium

360LogoHorizontalStyle

Written by: Ariel Garber

Brandeis Graduate Professional Studies will host the Analytics 360 Symposium: Multi-Industry Insights into Data and Intelligence on April 8, 2015 from 8:30am to 4:00 pm at Hassenfeld Conference Center of Brandeis University in Waltham, Massachusetts. The all-day symposium will focus on promoting a discussion of the growing field of analytics and how organizations can leverage big data to make more strategic decisions.

Panelists will engage in a conversation that places analytics in the context of big data, education, health, marketing and business. Sessions cover a wide range perspectives within the analytics field, from  The Open Data Analytics Initiativeto 10 Steps to Tracking Engagement and Influence Online, to A Holistic Approach to Being Data Science Driven.

The keynote speaker, Dr. Robert Carver, is an award-winning Professor of Business Administration at Stonehill College as well as Adjunct Professor at the International Business School at Brandeis University. Dr. Carver specializes in applied quantitative methods, big data, statistics education and business analytics. He will speak on the ethical dilemmas of big data in analytics.

marketing-sales-presentationsOther sessions include The Application of Analytics in the Student’s Academic Lifecycle session led by Leanne Bateman, Faculty Chair for Strategic Analytics at Brandeis University and Principal Consultant for Beacon Strategy Group, a Boston-based management firm specializing in project management services. Other speakers, including professors, leading executives, and researchers, will focus on topics such as publicity, e-learning, and big data.

Register here for the Analytics 360 Symposium on April 8, 2015 at Brandeis University. The cost for NERCOMP members is $135 and the cost for non-members is $265. Submit this form to learn more about special pricing available to members of the Brandeis community. For more information, email analytics360@brandeis.edu or call 781-736-8786. You can also find us on Twitter using #GPSAnalytics.

Click here to subscribe to our blog!

Footerindesign

How Companies Can Use Big Data to Make Better Decisions

By:  – Associate Editor, BostInno

Big Data has swiftly earned a lasting place in our lexicon, because its potential is real and impact undeniable. Companies can collectively scoff and brush big data off as just another trend, but that decision could lead to worse decisions down the road.

how-predictive-analytics-can-make-money-for-social-networks-46ce73d0c0“Every era has a bold new innovation that emerges as a defining advantage for those who get out ahead of the curve,” said Ali Riaz, CEO of enterprise software company Attivio, referencing the industrial revolution and, later, the information age. Giants of industry who took advantage of new machinery or market leaders who learned to leverage relational databases have historically had the upperhand.

“Today’s advantage — the new currency, if you will — is big data,” Riaz added. “Companies that don’t get ahead of this tsunami by using big data to their advantage will be crushed by it.”

Yet, this deluge of data isn’t new, it’s just been given a catchy two-word title.

When asked to define big data, Ely Kahn, co-founder and VP of business development for big data start-up Sqrrl, described it as massive amounts — tera- and petabytes’ worth — of unstructured and semi-structured data “organizations have historically been unable to analyze because it was too expensive or difficult.” With technologies like Hadoop and NoSQL databases surfacing, however, Kahn claimed those same organizations can now make sense of this type of data “cost effectively.”

To Marilyn Matz, CEO of fellow big data startup Paradigm4, the revolution goes beyond just high volumes of information, though.

“It is about integrating and analyzing data collected from new sources,” Matz said. “A central capability this enables is hyper-personalization and micro-targeting — including recommendation engines, location-based services and offers, personalized pricing,
precision medicine
and predictive equipment maintenance schedules.”

No matter the industry, big data has a key role to play in moving the needle for companies,mobile-app whether large or small. And that goes for companies currently unable to determine what their “big data” is. The unrecognizable could be customer sentiment in social media, server logs or clickstream data.

“Once you have identified untapped sources of data,” Kahn said, “you can use tools like Hadoop and NoSQL to analyze it.”

Matz broke down, by industry, what that ability to analyze could mean.

In the Commercial Sphere

In the commercial sphere, if a company knows 10 or 100 things about you and your situational context, then that company can do a far better job offering you something relevant to exactly where you are and what you might be interested in, increasing their opportunity to capture your respect, attention and dollars.

In the Industrial World

In the industrial world, if a manufacturing company knows where equipment is operated (hot and harsh climates versus moderate climates), as well as how that equipment is being used (lots of hard-braking) and collects data across a large fleet, then it can predict maintenance before costly breakdowns, saving millions of dollars — and it can price warranties more accurately, as well as improve designs and manufacturing processes.

In Pharma and Healthcare

In pharma and healthcare, evidence-based outcome studies that integrate genomic data, phenotypic data, clinical data, behavioral data, daily sensor data, et al., can lead to more targeted and effective treatment and outcomes for both wellness and illness.

Attivio has been using big data in one of the most vital ways by focusing on detecting military personnel who are at risk for suicide.

But, of course, big data still comes with challenges. Riaz acknowledged the reality, which is that every large organization is comprised of disconnected silos of information that come in all different formats; let alone the various business units, applications, protocols, information repositories, terminologies and schemas that doesn’t always mesh.

program-hero-strategic-analytics“Just dumping data into these unorganized but separate systems is anarchy and an egregious waste of time and money,” Riaz said. “Yet, this is how many technologies address the problem. It essentially just creates another big silo for the information to live in.”

Moving forward, additional ways to combine structured and unstructured data, as well as merge data from within an enterprise to data from outside of it, will need to emerge. And when it does, the impact will be glaringly obvious.

As Riaz posited:

The time to solve big problems with extreme information is upon us. Businesses, organizations and governments are putting a lot of faith – and money – into technology solutions to help them make sense of it all. As a technology industry, we owe it to these companies to deliver real products that deliver real results to real problems, not just create more work.

So, let’s start by making that first big decision: Understanding big data’s importance, no matter how big of a buzzword it’s become.

Click here to subscribe to our blog!

Footerindesign

From Online to the Field: How to Transfer Your Skills

by: – Custom Content Coordinator

There’s no question graduate education is an asset in today’s competitive professional world. Once nice-to-have, a master’s degree is now a necessity for coveted industry positions in the fastest-growing fields. The Department of Labor’s Bureau of Labor Statistics projects by 2020, the number of jobs requiring a master’s degree for entry is expected to grow by 22 percent.

Demand for a graduate education is growing. But is putting your career on hold to attend graduate school really the answer?

Instead of leaving the workforce, more and more are embracing online education. Technology has evolved to make online education a rich, interactive experience that holds its own against the conventional classroom model. Busy professionals can tailor courses to fit their schedule, making it possible to learn and earn at the same time. With a wealth of options like Khan AcademyedX,  and traditional institutions’ online programs, a master’s level education is now only a click away.

So where can an online education take you? While there are programs on the web for every area of study, two in particular will serve you well in today’s competitive job market: software engineering and strategic analytics. Both computer software and big data are integral to business’ operations placing those two skill sets in high demand in every field. See how online master’s degrees in software engineering or strategic analytics will help you break into Boston’s top industries.

Financial Services. Boston’s burgeoning financial community is in need of employees from all skill sets, especially in the realm of software development and data analysis. Today’s global financial institutions, many of which are headquartered right here in the Hub, rely on complex software programs to function. Software engineers who strategically develop, operate, and maintain this crucial technology are in high demand.

Also in demand are those who can collect, manage, and analyze massive amounts of data.  With the growth of e-commerce and online transactions alone, interpreting and understanding the strategic potential of big data is essential to the health of financial institutions.

Technology. From budding startups to established corporations, Boston’s tech world is a diverse, eclectic, and exciting field to work. Best of all, it’s growing. Fast. It goes without saying that a master’s in software engineering would be an asset for anyone seeking to break into the tech industry, but it’s not strictly computer nerds who need apply. Analytical minds are needed to process big data and apply insights to an organization’s bottom line.

Higher Education. With more than fifty college and universities in Boston, there are plenty of opportunities in the field of higher education, especially for those with a master’s degree in software or strategic analytics. Software programs are vital for a university to function, from student networks to administrative tasks to alumni communications.

Also, for universities, data is at the center of their operations. Statistical insights are key to understanding the application process, students’ academic performance, the movement of funds, and more.

Government Services. The State House and City Hall need more than politicians to keep Massachusetts and Boston running smoothly. As expected, sophisticated software powers all government operations, but strategic analytics skills are just as, if not more, valued at a government institutions. Our governing bodies are incessantly collecting and analyzing data on constituents. With a master’s in strategic analytics, you’re able to apply your skills analyzing and leveraging data to guide government projects.

Click here to subscribe to our blog!

Footerindesign

Is Healthcare the Next Frontier for Big Data?

By:– Custom Content Coordinator, BostInno

The health care industry has always been at the center of emerging technology as a leader in the research and application of advanced sciences. Now, more than ever, the industry is on the edge of an innovation boom. Health care information technology possesses vast potential for advancement, making the field fertile ground for game-changing innovation and the next great frontier for big data.

The use of electronic health records (EHR), electronic prescribing, and digital imaging by health care providers has exploded in recent years, Health Affairs reports and the global program-hero-itm1health information exchange (HIE) market is projected to grow nearly ten percent per year, reaching $878 million in 2018, according to Healthcare Informatics.

But despite massive growth, health care IT faces a number of barriers slowing advancement.

When it comes to health information technologies, demand is outpacing delivery. Users desire higher levels of performance beyond the capacity of current IT solutions.

“Providers certainly want to do things that vendor technology doesn’t allow right now,” Micky Tripathi, Ph.D., CEO of the Massachusetts eHealth Collaborative (MAeHC), said to Healthcare Informatics.

One reason technology is lagging is health care IT systems are independently developed and operated. Rather than one massive network, there are numerous “small shops developing unique products at high cost with no one achieving significant economies of scale or scope,” Health Affairs reported. As a result, innovations are isolated, progress is siloed, and technology cannot meaningfully advance.

To deliver the highest quality of care, the health care community must unite disparate systems in a centralized database. But, this is easier said than done. The industry must be sure to maintain the highest standards of security complying with Health Insurance Portability and Accountability Act of 1996 (HIPAA). Medizin

As a result, the health care IT industry currently faces a crucial challenge: devise an overarching system that guarantees security, sustainability, and scale.

The key to unlocking solutions is Big Data are the informaticians who translate mountains of statistics into meaningful healthcare IT applications.

“The growing role of information technology within health-care delivery has created the need to deepen the pool of informaticians who can help organizations maximize the effectiveness of their investment in information technology—and in so doing maximize impact on safety, quality, effectiveness, and efficiency of care,” the American Medical Informatics Association noted. The future of health care hinges on the ability to connect the big data dots and apply insights to a creating and practicing a smart IT strategy.

Organizations have thrown themselves into the big data trenches to innovate solutions to the problem facing their industry. Ninety-five percent of healthcare CEOs said they were exploring better ways to harness and manage big data, a PricewaterhouseCoopers study reported. With the commitment of the health care community, plus the right talent and resources, industry-advancing innovations won’t be far behind.

Health care is indisputably the next great frontier for big data. How we seek, receive, and pay for health care is poised to fundamentally change and health care informaticians will be leading the evolution.

Click here to subscribe to our blog!

Footerindesign

 

How Predictive Analytics Can Improve Healthcare

The below is the winning essay for a Brandeis GPS’ contest written by Health and Medical Informatics student, Davis Graham. Join Brandeis GPS is a free webinar 7/17 at 7pm: Long Term CareThe Last EMRFrontier

 

“My specific interest in predictive analytics is the ability to merge the once vacant silos of health information into a model which engages a person into the maintenance of a healthier lifestyle.[1]  Genomics and health information technology has the potential to help predict disease before it becomes chronic.  Predictive analytics will allow us to change from a treatment oriented to a preventive oriented healthcare system contributing to the efficiency of healthcare.

Predictive analytics gives the foundation for an individual to step onto a healthier path in life when substantial knowledge supports the first step.  There is a survival instinct which takes place in every individual when faced with the loss of health or life, giving them a fearlessness to assume responsibility to preserve their health and life.

The key element of a healthier population is engagement and implementation of a program which improves health.  For example, if a person has knowledge from predictive analytics showing they would have a 98% probability of being a candidate for colorectal cancer, then the barriers of fear currently existing in our current health care system would program-hero-strategic-analyticsinspire the patient to seek preventive care.  No one should die of colorectal cancer in this country or in the world.  Getting the patient to have a CT Colonography (CTC) would decrease the mortality rate for colorectal cancer substantially.  The cost of a CTC due to just the volume would decrease into the $250 range.  The current cost at our facility is $495; it costs us $200 to have the CTC read through teleradiology by a radiologist who reads these studies frequently.  Predictive analytics could change the whole landscape of CTC cost by pure volume.  Radiologists who are not reading CT Colonography (CTC) now would learn how to read them and would become experienced because of the increase in volume.

It is my hope that predictive analytics is steering healthcare back to the “doctor-patient relationship” of a patient driven healthcare.[2]  It is my belief that patient driven healthcare is the most efficient and effective way of providing health to a population.  With the aid of predictive analytics, the robust information gained from predictive analytics data will enable a society to engage in healthcare, which would educate the population with Stethoscopeknowledge as to how to predict their health outcomes.  Thus, the future patient population would embrace preventive health.  With patients engaged in their health, predictive analytics could reverse the current wasteful trend of 80% of healthcare expenditures being spent on 20% of the population, to one that is healthier for the economics of a country and a population.[3]  I could see in the future where 70% of the healthcare dollars is spent on 100% of the population with the remaining 30% going to research and development in healthcare and predictive analytics.

Predictive analytics would reverse the 20 to 30% of profits now going to health insurance companies into increased health dollars invested into healthcare.  A great example is William McGuire from United Health Care who earned $1.2 billion in one year.  This should be a light to the world that the $1.2 billion which William McGuire made did not go back into the healthcare system;[4]  it went into his pocket to spend and donate where his personal interests lay.  To put it in perspective, $1.2 billion could open 925 doctors’ offices each being 7,000 square foot for a cost of $1,297,400 each[5] or 4.8 million CTCs reimbursed at $250 each.

A key component to predictive analytics is the unbridled sharing of information. With quantum cryptography and the recent efforts of quantum computer (such as D-Wave), we are on the edge for sharing and processing healthcare’s “big data.” Predictive analytics in how-predictive-analytics-can-make-money-for-social-networks-46ce73d0c0the United States will be a new frontier for all health information which is electronically collected around the world. With predictive analytics, a combination of pharmaceuticals used to cure a chronic disease in one area of the world will enable population health to take steps in preventive care in advance of the chronic disease in other parts of the world.

In essence, we are embarking on a voyage into a new land of opportunity to process big data to predict solutions into the future. Healthcare is a team effort and aligns with Ernest Shackleton and his eclectic team, all of whom survived the harshest environment of being beset in the Antarctica.  Our healthcare system needs such a team to drive through the storms of economic pressure and the current healthcare system into one which perseveres.  Predictive analytics is the system which will not only benefit the United States, but predictive analytics in healthcare also has the potential to benefit the health of the world in a way healthcare has yet to be seen.”

About the Author: 

photoDavis Graham is currently earning his M.S. in Health and Medical Informatics with Brandeis University, Graduate Professional Studies. Davis is the Executive Director & CFO at the Manatee Diagnostic Center in Florida.  This essay won a contest for free entry into Eric Siegel’s Predictive Analytics World Conference.

Click here to subscribe to our blog!

Footerindesign

So What Is the Risk of Mobile Malware?

By: Derek Brink

Originally from: https://blogs.rsa.com/risk-mobile-malware/

Obvious, or oblivious? Short-term predictions eventually tend to make us look like one or the other—as Art Coviello astutely noted in making his own predictions for the security industry in 2014—depending on how they actually turn out. (Long-term predictions, however, which require an entirely different level of thinking, are evaluated against a different scale. For example, check out the many uncannily accurate predictions Isaac Asimov made for the 2014 World’s Fair, from his reflections on the just-concluded 1964 World’s Fair.)

Art’s short-term prediction about mobile malware:

Chapa NO MALWARE2014 is the tipping point year of mobile malware: As businesses provide greater mobile access to critical business applications and sensitive data, and consumers increasingly adopt mobile banking, it is easy to see that mobile malware will rapidly grow in sophistication and ubiquity in 2014. We’ve already seen a strong uptick in both over the past few months and expect that this is just the beginning of a huge wave. We will see some high-profile mobile breaches before companies and consumers realize the risk and take appropriate steps to mitigate it. Interestingly, the Economist recently featured an article suggesting such fears were overblown. It is probably a good idea to be ready just the same.

The Economist article Art references (which is based on an earlier blog) asserts that “surprisingly little malware has found its way into handsets. . . smartphones have turned out to be much tougher to infect than laptops and desktop PCs.” (Ironically, the Economist also publishes vendor-sponsored content such as How Mobile Risks Are Pushing Companies Towards Better Security. I suppose that’s one way to beat the obvious or oblivious game: Place a bet on both sides.)

RSA’s Online Fraud Resource Center provides some terrific fact-based insights on the matter, including Behind the Scenes of a Fake Token Mobile App Operation.

But the legitimate question remains: What is the risk of malware on mobile? Let’s focus here on enterprise risks, and set aside the consumer risks that Art also raised as a topic for another blog.

Keep in mind the proper definition of “risk”—one of the root causes of miscommunication internet-security1among security professionals today, as I have noted in a previous blog—which is “the likelihood that a vulnerability will be exploited, and the corresponding business impact.” If we’re not talking about probabilities and magnitudes, we’re not talking about risk.

Regarding the probability of malware infecting mobile devices:

  • The Economist‘s article builds on findings from an academic paper published by researchers from Georgia Tech, along with a recent PhD student who is now the Chief Scientist at spin-off security vendor Damballa. Their core hypothesis is that the activities of such malware—including propagation and update of malicious code, command and control communications with infected devices, and transmission of stolen data—will be discernible in network traffic.
  • From three months of analysis, they found that about 3,500 mobile devices (out of a population of 380 million) were infected—roughly 0.001%, or 1 in 100,000.
  • Compare this to the computers cleaned per mille (CCM) metric regularly reported by Microsoft: For every 1,000 computers scanned by the Microsoft Malicious Software Removal Tool, CCM is the number of computers that needed to be cleaned after they were scanned. For 1H2012, the infection rates per 1,000 computers with no endpoint protection was between 11.6 and 13.6 per month.

All of this nets out to say that currently, mobile endpoints are three orders of magnitude less likely to be infected by malware than traditional endpoints.

But doesn’t this conflict with other published research about mobile malware? For example, I’ve previously blogged about an analysis of 13,500 free applications for Android devices, published in October 2012 by university researchers in Germany:

  • Of 100 apps selected for manual audit and analysis, 41 were vulnerable to man-in-the-middle (MITM) attacks due to various forms of SSL misuse.
  • Of these 41 apps, the researchers captured credentials for American Express, Diners Club, PayPal, bank accounts, Facebook, Twitter, Google, Yahoo, Microsoft Live ID, Box, WordPress, remote control servers, arbitrary email accounts, and IBM Sametime, among others.
  • Among the apps with confirmed vulnerabilities against MITM attacks, the cumulative installed base is up to 185 million users.

In another blog, I’ve noted that mobile applications have a more complex attack surface mobile-appthan traditional web applications—in addition to server-side code, they also deal with client-side code and (multiple) network channels. The impact of these threats is often multiplied, as in the common case of support for functions that were previously server-only (e.g., offline access). This makes security for mobile apps even more difficult for developers to address—mobile technology is not as well known, development teams are not as well educated, and testing teams are harder to keep current.

Meanwhile, malware on mobile is indeed becoming more prevalent: Currently over 350,000 instances from 300 malware families. It is also becoming more sophisticated—e.g., by obfuscating code to evade static and dynamic analysis, establishing device administration privileges to install additional code, and spreading code using Bluetooth, according to the IBM X-Force 2013 Mid-Year Trend and Risk Report.

But threats, vulnerabilities, and exploits are not risks. What would be obvious to predict is this: The likelihood of exploits based on mobile malware will increase dramatically in 2014—point Art.

The other half of the risk equation is the business impact of mobile exploits. From the enterprise perspective, we would have to estimate the cost of exploits such as compromise of sensitive corporate datasurveillance of key employees, and impersonation of key corporate identities—e.g., as part of attacks aimed at social networks or cloud platforms, where the mobile exploits are the means to a much bigger and more lucrative end. It seems quite reasonable to predict that we’ll see some high-profile, high-impact breaches along these lines in 2014—again, point Art.

Obvious or oblivious, you can put me down squarely with Art’s prediction for this one, with the exception that I would say the risk of mobile malware is much more concentrated and targeted than the all users/all devices scenario he seems to suggest.

About the Author:

BA8D94F2924E634831C8CA3D8E7179C7477BBC1Derek E. Brink, CISSP is a Vice President and Research Fellow covering topics in IT Security and IT GRC for Aberdeen Group, a Harte-Hanks Company. He is also a adjunct faculty with Brandeis University, Graduate Professional Studies teaching courses in our Information Security Program. For more blog posts by Derek, please see http://blogs.aberdeen.com/category/it-security/  and http://aberdeen.com/_aberdeen/it-security/ITSA/practice.aspx

Footerindesign

My Journey in Online Learning

The M.S. in Project and Program Management program at Brandeis GPS through the eyes of a recent graduate, Thomas Gratiano.

ProjectManagement_03Three years ago as the manager of the Program Management Group within the Manufacturing and Global Supply Chain (MGSC) Division, my manager challenged me to build my business acumen. To meet this challenge, I started researching: certifications, certificates, and degree programs.

Eventually I came across the Brandeis program, the curriculum was exactly what I was looking for to build on my existing Program Management skills. During the pursuit of my degree at Brandeis I took four classes on campus and six online.  Although I was hesitant at first about taking online classes, the online option provided an increased level of flexibility.  This proved to be a key feature of the program as I ended up Program Managing two projects with our team in Belgium while attending classes online. I was able to travel as often as required with no impact to my ability to participate in class. e-Learning Concept. Computer Keyboard

Upon completion of my degree, I was promoted to senior manager in charge of Framingham manufacturing operations and the MGSC Program Management group. The Brandeis degree built my business acumen and provided me the opportunity to continue to grow with my company. 

« Older posts Newer posts »

Protected by Akismet
Blog with WordPress

Welcome Guest | Login (Brandeis Members Only)