Articles Featured
KRACK Attack: Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II
October 17, 2017
, , , ,

We are all exposed to the Krack Wi-Fi security vulnerability—a flaw that puts any person using wireless internet at risk of being hacked.

The Krack security exploit was discovered by Mathy Vanhoef, a cybersecurity expert at Belgian university KU Leuven, who will present his research at the Computer and Communications Security (CCS) conference later this month.

“We discovered serious weaknesses in WPA2, a protocol that secures all modern protected WiFi networks,” Vanhoef wrote in a blogpost describing the vulnerability. “An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.”

“This implies all these networks are affected by (some variant of) our attack. For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES.”


Multiple Cisco wireless products are affected by these vulnerabilities

In a statement, today Cisco acknowledged multiple wireless products are affected by these vulnerabilities and said it will release software updates to address these vulnerabilities. There is a workaround that addresses the vulnerability in CVE-2017-13082. There are no workarounds that address the other vulnerabilities described in this advisory.

This advisory is available at the following link:

Apple also claims to have fixed the issue in certain versions of its operating systems, including iOS used on iPhones and watch OS used on the Apple Watch, and macOS used on Apple Macs. The patches, however, are mostly available only for trial versions of the software and therefore are available only for developers.

 “Microsoft released security updates on October 19 and customers who have Windows Update enabled and applied the security updates are protected automatically,” the company said in a statement. “We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates.”


Google has yet to issue any fixes for the Krack attack method, saying in a statement on Monday that it is working on ways to resolve it.

A research paper with the title of “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” was made publicly available. This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point. Additional research also led to the discovery of three additional vulnerabilities (not discussed in the original paper) affecting wireless supplicant supporting either the 802.11z (Extensions to Direct-Link Setup) standard or the 802.11v (Wireless Network Management) standard. The three additional vulnerabilities could also allow the reinstallation of a pairwise key, group key, or integrity group key.

‘My God, it’s better’: Emma can write again thanks to a prototype watch, raising hope for Parkinson’s disease – Transform
October 6, 2017

Microsoft researcher Haiyan Zhang created a watch for Emma Lawton that helps the graphic designer control the symptoms of Parkinson’s disease.

Sourced through from:

Articles Featured
Priceless Product Placement of FireEye Cyber Threat Map
September 30, 2017
, , , , , ,

It appears Department of Homeland Security has put its trust on FireEye (NASDAQ: FEYE), the intelligence-led security company. VICE feature on Cybersecurity gave us a glimpse of DHS control room. Of course, I spotted the security product and an organic product promotion.

In April 2015, FireEye had announced that the U.S. Department of Homeland Security (DHS) had certified FireEye’s Multi-Vector Virtual Execution engine and Dynamic Threat Intelligence cloud platform under the SAFETY Act. “Certification is the highest level of liability protection available under the SAFETY Act. Customers of these certified FireEye technologies now have protection under the SAFETY Act from lawsuits or claims alleging failure of the technologies to prevent or mitigate an act of cyber terrorism. FireEye is the only Certification is the highest level of liability protection available under the SAFETY Act. Customers of these certified FireEye technologies now have protection under the SAFETY Act from lawsuits or claims alleging failure of the technologies to prevent or mitigate an act of cyber terrorism. FireEye is the only cybersecurity company with products, technologies or services certified under the SAFETY Act.”

The SAFETY Act — or the “Support Anti-Terrorism By Fostering Effective Technologies Act of 2002” — is a DHS liability management program aimed at encouraging the development and deployment of security products and services that will enhance the protection of the United States. DHS has designated over 700 products, technologies and services since the SAFETY Act was enacted in 2002, but FireEye’s MVX and DTI offerings were the first pure cybersecurity products, technologies or services to receive Certification. The liability protections provided by the SAFETY Act encourage more effective security deployments by automatically limiting the types of liability claims companies using certain products may face following a terrorist event.

In circumstances where the SAFETY Act is triggered under Federal law, claims that arise out of, or relate to the use of, the MVX engine or the DTI cloud would be limited or eliminated for FireEye customers. FireEye also benefits, as when the SAFETY Act is triggered, all covered third-party claims related to the MVX engine and DTI cloud platform product will presumptively be dismissed.

Articles Featured
Artificial Intelligence is Slowly Transforming Contact Centers
March 14, 2017
, , , ,

In May 2017 at ICMI Expo Shep will share some of the 52 “Amazement Tools” featured in his book of the same name. Learn best practices, tactics, and strategies to help them deliver the most amazing customer service on the planet.

Over the years, I have watched artificial intelligence swiftly move from a thing of the future to a practical element in the improvement of contact center operations. With the contact center remaining a vital component of customer acquisition and retention, it seems obvious that continual advancements are key in boosting the success of businesses worldwide. When it comes to improving the contact center experience for improved client acquisition and retention, intelligent network interfaces are beyond compare. Understanding just how artificial intelligence beneficially alters the contact center landscape has helped me see how this feature benefits business operations.

I had the opportunity to talk to Shep Hyken, author “Amaze Every Customer Every Time” recently. Shep believes we are “going to see artificial intelligence play a big support role in the world of customer service. AI will help companies with the most menial tasks like changing address. However, when it comes to something bigger, AI (Artificial Intelligence) becomes IA (Intelligent Assistant).“

Emotional Sensitivity for Improved Quality of Service (QoS)

To best serve clients, contact center agents must accurately detect and respond to emotional changes in the caller’s voice. Improperly reading the client’s emotional status can sour the end user experience and paint the company in a bad light. Since clients share negative business experiences far more often than positive interactions, unfavorable reviews could spread like wildfire due to a single agent’s inability to pick up on these details.

An intelligent network, however, has the power to pick up on the tonal differences and speech pattern changes that indicate a heightened emotional state. The system then notifies the contact center agent about the client’s emotional status to enable a positive result to an interaction that may have otherwise taken a negative path.

The system also has the power to provide feedback about the agent’s emotional response and act as a guide for the use of a beneficial tone. Not surprisingly, contact centers with this emotional feedback system in place report a 28 percent increase in the satisfaction of their customers.

Shep, who will be a keynote speaker at the ICMI Contact Center Expo and Conference in May, envisions a scenario where “the AI is listening to the call in realtime and communicating to the call center rep what he or she needs to tell the customer. Moreover, in addition to that, especially for contact centers and support centers that might have a sales role involved, the AI will tell the rep what to sell this customer next, what they are going to need next. They are going to listen to the call and the artificial intelligence will, through word recognition, intonation, the context of the call, it will be able to do amazing things in five years.”

But he quickly corrects himself: “We are almost there now. We are like sitting on the doorstep of this.”

Word Choice Dictionaries Assist Service Architecture

Clients who dial a contact center’s number likely have a complaint or question in need of a quick resolution. When calls are improperly routed through the system, clients end up feeling frustrated well before reaching the desired department, making it difficult for contact agents to fully resolve the issue.

Thankfully, continual improvements in the word choice dictionaries used by contact center software vendors actively help to improve the client experience by routing the calls to the right department every time. An intelligent network can detect short and long tail keywords to accurately direct the client through the menu system without delay.

Like the tone of voice and speech patterns, word choice acts as a smart indicator into the state of mind of each client. If any clients utilize hostile language, speech analytic software can send the callers to specialized agents to offer an additional layer of service and support. Thus, this smart system not only improves customer relations but also offers a boost to cyber security.

Intelligent Network Learning Boosts Speech Recognition

With each day of activity, an intelligent network becomes more adept at learning about the unique needs of its associated client base. The system actively improves the quality of service by learning just how to accurately implement traffic management and speech recognition techniques for each unique business model. As client resolution times decrease in response, QoS stats increase in tandem. Since the system learns day by day, a commitment to the utilization of cloud contact center software for the long term has the potential to offer returns in the form of steadily increasing QoS improvements.

Embracing the Power of Scalable Intelligent Networks

As the interactive voice response (IVR) system learns about the company’s operations, the telecommunication infrastructure must scale in response. With IVR and intelligent networks as a long-term growth strategy, cloud-managed services are needed to facilitate the expansion of a highly scalable infrastructure. Storing software-defined wide area network (SD-WAN) drivers in the cloud allows IT managed services to increase exponentially in size through the years.

Articles Featured
Cisco CUIC for Actionable Insights Into Contact Center Operations
January 16, 2017
, , , , , , , ,

Your contact center is a lifeline to your customers.  And the contact center reports you receive are the quickest, most efficient way of measuring success.

Contact Center Reporting dashboardThe day-to-day management of a contact center is about refining business processes in real-time and responding to unplanned changes quickly and efficiently.  Here is some key of the reasons why reporting is so critical for contact center stakeholders:

Through continuous analysis of contact center applications, reportings tools can help drive more customer transactions to completion – and faster – thus achieving the customer’s goal resulting in higher customer satisfaction.

  • To determine where callers are dropping off in an IVR system and quickly make positive changes to the call flow.
  • To identify what customers are commonly calling about and address those issues up front through automation, effectively reducing the load on live agents while also increasing customer satisfaction by addressing caller needs quickly.
  • To gain insight into contact handle times of abandoned and missed calls. Detect inefficiencies in agent performance that may need additional training. And to view a business dashboard of all core metrics, including queue and agent activity, statistics such as total calls by time of day and average call duration, allowing you to schedule agents accordingly.

Cisco Unified Intelligence Center provides a relational view of contact center objects (queues, agent teams/groups, agents, skill groups, etc.), enabling managers to navigate through their business processes with ease.  This tool provides the ability to apply appropriate action accordingly to ensure the highest level of service for your firm and your customers.

Cisco’s Unified Intelligence  Center (CUIC) reporting application provides rich and timely data to respond/report on situations within the contact center.  CUIC provides the ability to monitor, via real time or historical, all activity and interactions from a single touch point. Statistics can be viewed by media type (calls, emails,  chats, etc.), agent team(s), by an individual agent(s,), skill groups, etc.

•    An  Enterprise-wide  view  of  operations  from  almost  any  device  that  supports a web connection
•    Multiple combinations of real time user0defined displays of agents, teams, queues, skill  groups and applications
•    The ability to mix real-time and historical reporting via one window (Dashboard)
•    On-demand contact center data that can be exportable to standard desktop requests for ease in analyzing
•    Alerts that are flexibly defined with different color-coded threshold indicators that alert  users when defined limits have been reached
•    Scheduling capabilities that allow for reports to be delivered via email in formats such as MS Excel and pdf.  Data can also be provided to other systems via CSV formats via a file share methodology.

Based on the premise that no two contact centers are alike, CUIC allows managers to define the operational metrics (e.g. service level definitions) to best manage the unique goals of your business.

Feedback and analysis complete the contact flow. Each step of the contact flow through your business provides an opportunity for measurement – not just of operational information, but business information, as well. Cisco Unified Intelligence Center uses well0documented data warehousing techniques to provide a complete, understandable view of customer contact and related business information.

You can access reports whenever they are needed. Reports can be requested upon demand or scheduled based on your unique business needs. Template sharing and distribution is made available via email and web access (on0net or off0net). Informative graphs and drill down links to supporting information are available via menu choices or hyperlinks.

CUIC comes with templates that are already designed to get a contact center up and running quickly. Interval reporting is supported via 15 or 30 minutes, with daily, weekly, and monthly templates ready from the start. Real Time information is always available.

Key acronyms to remember:

  • TR – Transitional Reports, useful for adapting from other ACDs to UCCE PQ – Precision Queue, a more advanced method of matching callers to agents
  • SG – Skill Group, agents who are members, have been assigned that skill
  • CT – Call Type, method of categorizing calls

CUIC Dashboards

CUIC dashboard 2Reporting templates are stored in folders, accessible to users via the CUIC Reports page. Multiple subfolders can exist, and user access is managed via security settings. Both real-time and historical information is accessed via the same interface. Users with appropriate rights can build/manage their folders and grant access to other users if needed.   Dashboards, a compilation of various reports and other items, can be created and published for users that do not require access to the CUIC main window. Combining data (call type, skill group, agent teams) can assist the end0user with what is happening in the contact center.

The dashboards access real-time and historical information without having to access CUIC itself. This is accomplished via the use of permalinks, a standard feature of CUIC.   Permalinks can be stored as bookmarks on any compatible browser (IE, FF, etc).

More about CUIC dashboard can be found in the  Cisco Unified Intelligence Center User Guide, Release 11.5(1) 

Dashboard pic above courtesy:

Articles Featured
Build or Buy Contact Center Analytics?
January 2, 2017
, , , , , , ,

Contact Center AnalyticsAs software capabilities evolve from data collection through data analysis to the latest developments in Artificial Intelligence (AI), it’s generating exciting possibilities for the Contact Center reporting tools as well.

Not only for processing, interpreting and extrapolating the rich seams of customer data generated on contacts (calls, chats, email) but also as an effective means of optimizing agent performance, training, and recruitment.

But before acquiring the latest technological solutions as they emerge, the contact center leader must first derive and implement a clear strategy, which begins by identifying and prioritizing the specific problems to be solved on the company’s customer service performance goals, and how the new methods will complement existing resources.

Inherent to the strategy must be the ability to measure its effectiveness.

If the company still measures the success of its call center in terms of time and cost, it will require substantial change. Change will mean evolving from good old efficiency outcomes like Average Speed to Answer ASA, Average Hold Time AHT, the number of abandoned calls, and Service Level to customer perception, attitude, and behavior.

Big Data – and what to do with it

Each call handled by the contact center contributes to the valuable feedback that allows a company to gauge customer response, identify areas which must be improved, and adjust accordingly.

Advanced contact center reporting tools (often referred to as Analytics) are descriptive in nature and provide companies with the ability to collect and categorize these calls and retrieve customer data and history as and when required.

An individual call may not reveal much in isolation, but harvesting the collective power of these massive data sets identifies patterns and trends that can be translated into actionable information, and can quickly flag problem areas as they occur.

contact center analytics Predictive Analytics

Advances in computer science, such as machine learning and Artificial Intelligence, go further than just identifying trends and employ algorithms and complex models to assemble computer-generated predictions based on the historical lessons learned from the information collected.

Collectively known as Predictive Analytics, they can be used to interpret and extrapolate data to identify weaknesses and anticipate trends and problems.

The conclusions can be further refined through simulation or optimization to give deeper insights than traditional reporting or to improve specific decisions.

Prescriptive Analytics

By using a model to predict the outcome of a decision and compare its anticipated outcome against those of the alternatives, prescriptive analytics can go further by recommending a course of action.
Ability to accurately recommend “next best action” to the contact center agents is the holy grail of contact center efficiency.

The importance of having a strategy

Contact Center stakeholders face the challenge of selecting a software with the best return on in investment. But many are not sure how to get started with contact center analytics and feel they must make a significant investment in new tools and skills.

The desirable outcome will determine the mechanism for a proof of concept but addressing a business problem that can provide quick and quantifiable win is highly recommended.

Analytics should be driven by the business problem you want to solve

Whether it is improving customer experience, increasing operational efficiency, managing risk, and compliance, or finding new business opportunities, it is important to identify and prioritize the problems and areas of improvement you wish to address before deciding upon a clear course of action.

The strategy must also take into consideration the resources already available and how they can best be leveraged and optimized by the addition of advanced software capabilities.

analytics-3Measuring and Improving Performance  

To be able to ascertain whether the strategy is successful, objectives such as ‘improved Customer Satisfaction’ will have to be clearly defined and measured.

Customer service is the responsibility of an entire organization, and it’s important to get all the stakeholders on board by convincing them of the need for and the benefits of changing course.

It will be an iterative process of trial, measurement, adjustment, then a trial, analysis, adjustment again, ad infinitum.

Build or Buy?

After you’ve solved a high-impact business challenge and gained buy-in from decision makers you will need to determine if you should purchase or develop a solution. Many of the large enterprises with experienced Data Scientists tend to develop their package. These firms primarily take on this complex task because analytics is a critical differentiator for them.

While others purchase Contact Center analytic packages that can be relatively quickly deployed and consumed by knowledgeable users. Often these packages are offered by the same vendor that powers Contact Center’s queuing platform.

Open source tools such as the R programming language, Python, and Spark are also available. However, domain-specific languages like R, in general, do not suit Contact Center’s low-latency production environments.