That Was Close! Reward Reporting of Cybersecurity “Near Misses”

Building, deploying, and maintaining systems with sufficient cybersecurity is challenging. Faster improvement would be valuable to society as a whole. Are we doing as much as we can to improve? We examine robust and long-standing systems for learning from near misses in aviation, and propose the creation of a Cyber Safety Reporting System (CSRS). To support this argument, we examine the liability concerns which inhibit learning, including both civil and regulatory liability. We look to the way in which cybersecurity engineering and science is done today, and propose that a small amount of ‘policy entrepreneurship’ could have substantial positive impact. We close by considering how a CSRS should be organized and housed

That Was Close! Reward Reporting of Cybersecurity “Near Misses”

Building, deploying, and maintaining systems with sufficient cybersecurity is challenging. Faster improvement would be valuable to society as a whole. Are we doing as much as we can to improve? We examine robust and long-standing systems for learning from near misses in aviation, and propose the creation of a Cyber Safety Reporting System (CSRS). To support this argument, we examine the liability concerns which inhibit learning, including both civil and regulatory liability. We look to the way in which cybersecurity engineering and science is done today, and propose that a small amount of ‘policy entrepreneurship’ could have substantial positive impact. We close by considering how a CSRS should be organized and housed

SMURF1 Amplification Promotes Invasiveness in Pancreatic Cancer

Pancreatic cancer is a deadly disease, and new therapeutic targets are urgently needed. We previously identified DNA amplification at 7q21-q22 in pancreatic cancer cell lines. Now, by high-resolution genomic profiling of human pancreatic cancer cell lines and human tumors (engrafted in immunodeficient mice to enrich the cancer epithelial fraction), we define a 325 Kb minimal amplicon spanning SMURF1, an E3 ubiquitin ligase and known negative regulator of transforming growth factor β (TGFβ) growth inhibitory signaling. SMURF1 amplification was confirmed in primary human pancreatic cancers by fluorescence in situ hybridization (FISH), where 4 of 95 cases (4.2%) exhibited amplification. By RNA interference (RNAi), knockdown of SMURF1 in a human pancreatic cancer line with focal amplification (AsPC-1) did not alter cell growth, but led to reduced cell invasion and anchorage-independent growth. Interestingly, this effect was not mediated through altered TGFβ signaling, assayed by transcriptional reporter. Finally, overexpression of SMURF1 (but not a catalytic mutant) led to loss of contact inhibition in NIH-3T3 mouse embryo fibroblast cells. Together, these findings identify SMURF1 as an amplified oncogene driving multiple tumorigenic phenotypes in pancreatic cancer, and provide a new druggable target for molecularly directed therapy

An Experimental Analysis Of the Demand For Payday Loans

The payday loan industry is one of the fastest growing segments of the consumer financial services market in the United States. We design an environment similar to the one that payday loan customers face and then conduct a laboratory experiment to examine what effect, if any, the existence of payday loans has on individuals\u27 abilities to manage and to survive financial setbacks. Our primary objective is to examine whether access to payday loans improves or worsens the likelihood of financial survival in our experiment. We also test the degree to which people\u27s use of payday loans affects their ability to survive financially. We find that payday loans help the subjects to absorb expenditure shocks and therefore survive financially. However, subjects whose demand for payday loans exceeds a certain threshold level are at a greater risk than a corresponding subject in the treatment in which payday loans do not exist

An international effort towards developing standards for best practices in analysis, interpretation and reporting of clinical genome sequencing results in the CLARITY Challenge

There is tremendous potential for genome sequencing to improve clinical diagnosis and care once it becomes routinely accessible, but this will require formalizing research methods into clinical best practices in the areas of sequence data generation, analysis, interpretation and reporting. The CLARITY Challenge was designed to spur convergence in methods for diagnosing genetic disease starting from clinical case history and genome sequencing data. DNA samples were obtained from three families with heritable genetic disorders and genomic sequence data were donated by sequencing platform vendors. The challenge was to analyze and interpret these data with the goals of identifying disease-causing variants and reporting the findings in a clinically useful format. Participating contestant groups were solicited broadly, and an independent panel of judges evaluated their performance. RESULTS: A total of 30 international groups were engaged. The entries reveal a general convergence of practices on most elements of the analysis and interpretation process. However, even given this commonality of approach, only two groups identified the consensus candidate variants in all disease cases, demonstrating a need for consistent fine-tuning of the generally accepted methods. There was greater diversity of the final clinical report content and in the patient consenting process, demonstrating that these areas require additional exploration and standardization. CONCLUSIONS: The CLARITY Challenge provides a comprehensive assessment of current practices for using genome sequencing to diagnose and report genetic diseases. There is remarkable convergence in bioinformatic techniques, but medical interpretation and reporting are areas that require further development by many groups

The Science Performance of JWST as Characterized in Commissioning

This paper characterizes the actual science performance of the James Webb Space Telescope (JWST), as determined from the six month commissioning period. We summarize the performance of the spacecraft, telescope, science instruments, and ground system, with an emphasis on differences from pre-launch expectations. Commissioning has made clear that JWST is fully capable of achieving the discoveries for which it was built. Moreover, almost across the board, the science performance of JWST is better than expected; in most cases, JWST will go deeper faster than expected. The telescope and instrument suite have demonstrated the sensitivity, stability, image quality, and spectral range that are necessary to transform our understanding of the cosmos through observations spanning from near-earth asteroids to the most distant galaxies.Comment: 5th version as accepted to PASP; 31 pages, 18 figures; https://iopscience.iop.org/article/10.1088/1538-3873/acb29

That Was Close! Reward Reporting of Cybersecurity "Near Misses"

The proliferation of connected devices and technology provides consumers immeasurable amounts of convenience, but also creates great vulnerability. In recent years, we have seen explosive growth in the number of damaging cyber-attacks. 2017 alone has seen the Wanna Cry, Petya, Not Petya, Bad Rabbit, and of course the historic Equifax breach, among many others. Currently, there is no mechanism in place to facilitate understanding of these threats, or their commonalities. While information regarding the causes of major breaches may become public after the fact, what is lacking is an aggregated data set, which could be analyzed for research purposes. This research could then provide clues as to trends in both attacks and avoidable mistakes made on the part of operators, among other valuable data. One possible regime for gathering such information would be to require disclosure of events, as well as investigations into these events. Mandatory reporting and investigations would result better data collection. This regime would also cause firms to internalize, at least to some extent, the externalities of security. However, mandatory reporting faces challenges that would make this regime difficult to implement, and possibly more costly than beneficial. An alternative is a voluntary reporting scheme, modeled on the Aviation Safety Reporting System housed within NASA, and possibly combined with an incentive scheme. Under it, organizations that were the victims of hacks or “near misses” would report the incident, providing important details, to some neutral party. This database could then be used both by researchers and by industry as a whole. People could learn what does work, what does not work, and where the weak spots are