Quote for the day:
"Don't wait for the perfect moment take the moment and make it perfect." -- Aryn Kyle
Major network vendors team to advance Ethernet for scale-up AI networking
“AI workloads are re-shaping modern data center architectures, and networking
solutions must evolve to meet the growing demands,” wrote Martin Lund, executive
vice president of Cisco’s common hardware group, in a blog post about the news.
“ESUN brings together AI infrastructure operators and vendors to align on open
standards, incorporate best practices, and accelerate innovation in Ethernet
solutions for scale-up networking.” ESUN will focus solely on open,
standards-based Ethernet switching and framing for scale-up networking—excluding
host-side stacks, non-Ethernet protocols, application-layer solutions, and
proprietary technologies. The group will expand the development and
interoperability of XPU network interfaces and Ethernet switch ASICs for
scale-up networks, the OCP stated in a blog: “The Initial focus will be on L2/L3
Ethernet framing and switching, enabling robust, lossless, and error-resilient
single-hop and multi-hop topologies.” ... “Scale-Up” AI fabrics (SAIF) provide
high-bandwidth, low-latency physical network interconnectivity and enhanced
memory interaction between nearby AI processors,” Garter wrote. “Current
implementations of SAIF are vendor-proprietary platforms, and there are
proximity limitations (typically, SAIF is confined to only a rack or row). In
most scenarios, Gartner recommends using Ethernet when connecting multiple SAIF
systems together. We believe the scale, performance and supportability of
Ethernet is optimal.”Moving Beyond Awareness: How Threat Hunting Builds Readiness
The best defense begins before the first alert. Proactive threat hunting
identifies the conditions that allow an attack to form and addresses them early.
It moves security from passive observation to a clear understanding of where
exposure originates. This move from observation to proactive understanding forms
the core of a modern security program: Continuous Threat Exposure Management
(CTEM). Instead of a one-time project, a CTEM program provides a structured,
repeatable framework to continuously model threats, validate controls, and
secure the business. For organizations ready to build this capability, A
Practical Guide to Getting Started With CTEM offers a clear roadmap. ...
Security Awareness Month reminds us that awareness is an essential step. Yet
real progress begins when awareness leads to action. Awareness is only as
powerful as the systems that measure and validate it. Proactive threat hunting
turns awareness into readiness by keeping attention fixed on what matters most -
the weak points that form the basis for tomorrow's attacks. Awareness teaches
people to see risk. Threat hunting proves whether the risk still exists.
Together they form a continuous cycle that keeps security viable long after
awareness campaigns end. This October, the question for every organization is
not how many employees completed the training, but how confident you are that
your defenses would hold today if someone tested them. Awareness builds
understanding. Readiness delivers protection.
Beyond the checklist: Building adaptive GRC frameworks for agentic AI
We must move GRC governance from a periodic, human-driven activity to an
adaptive, continuous and context-aware operational capability embedded directly
within the agentic AI platform. The first critical step involves implementing
real-time governance and telemetry. This means we stop relying solely on
endpoint logs that only tell us what the agent did and instead focus on
integrating monitoring into the agent’s operating environment to capture why and
how. ... The RCV is a structured, cryptographic record of the factors that drove
the agent’s choice. It includes not just the data inputs, but also the specific
model parameters, the weighted objectives used at that moment, the
counterfactuals considered and, crucially, the specific GRC constraints the
agent accessed and applied during its deliberation. ... Finally, we must address
the “big red button” problem inherent in human-in-the-loop override. For agentic
AI, this button cannot be a simple off switch, which would halt critical
operations and cause massive disruption. The override must be non-obstructive
and highly contextual, as detailed in OECD Principles on AI: Accountability and
human oversight. ... We are entering an era where our systems will act on our
behalf with little or no human intervention. My priority — and yours — must be
to ensure that the autonomy of the AI does not translate into an absence of
accountability.
Beyond Productivity: AI’s Role in Creating Hyper-Personalized and Inclusive Employee Experiences
Generative AI enhances employee experiences by analyzing unstructured
information, understanding natural language and interpreting intent. Agentic AI
takes this further by acting as a centralized, intelligent interface –
integrating data sources, maintaining contextual awareness, adapting to
individual goals and autonomously executing tasks – minimizing the need for
employees to navigate multiple systems or support channels. From onboarding to
learning, wellness, feedback, and career progression, it provides a seamless
connected experience. Furthermore, AI systems can continuously learn from an
employee’s behavior, preferences, and goals to provide real-time, tailored
experiences. ... As powerful as AI is, it’s success in employee experience
hinges on how well it aligns with human-centric values. Personalization must
never feel intrusive, and inclusivity efforts must be grounded in empathy,
transparency, and consent. Enterprises must adopt a responsible AI approach –
ensuring fairness, explainability, and ethical data use. Employees should have
clarity on how AI systems work, how data is used, and how decisions are made.
Moreover, they should always have the option to challenge or override AI-driven
outcomes. Leadership, HR, and IT teams must work together to create governance
frameworks that reinforce trust – because even the most advanced AI fails if
employees don’t feel seen, respected, and safe.
5 ideas to help bridge the genAI skills gap
Instead of focusing narrowly on technical skills, UST has shifted its training
toward cultivating adaptable mindsets. “We want to develop curiosity, critical
thinking, and creativity — skills that aren’t easily replaced by AI,” said
Prasad, stressing that traditional classroom-style learning is insufficient when
the competitive environment demands experimentation and rapid application.
Employees are given access to a range of AI tools such as GitHub Copilot, Google
Gemini, and Cursor, and encouraged to experiment safely in R&D environments.
... Rather than pulling people out of their daily job for separate training
sessions, the company embeds training directly into daily workflows at the
points where people are likely to be confronted with the need for learning
material. Digital adoption platforms like Whatfix provide in-system nudges and
tips directly in the tools recruiters use, guiding them in real time. Recruiting
system training is integrated within the application. Users don’t know they’re
interacting with a digital coach that’s training them to use the system and its
AI features, such as candidate sourcing, resume analysis, and client outreach,
effectively. According to Busch, the payoff is measurable: “How-to” support
questions have been reduced 95% since implementing workflow learning.
Digital transformation works best when co-owned — but only if you do it right
All too often, the CIO has gone in alone to the CFO, CEO, or board to argue the
benefits of a digital project in order to obtain funding. A sounder approach is
to confirm the need for a digital solution to a particular business problem with
the CxO in charge of that business area, and to then go in together to the
budget meeting so that both the technology and the business values can be
effectively presented. Secondly, there is no reason the IT budget must bear the
full costs of a co-owned project. ... A first step for CxOs and CIOs toward a
new, unified value creation paradigm is to root out the historical roadblocks
that stand in the way of executive cooperation. CxOs must fully engage in
digital projects from start to finish, and CIOs must be willing to accept
co-star (instead of star) billing in projects. Most CIOs are making this shift
in thinking, but CxOs still lag in project participation. Second, CIOs must gain
CxO hard-dollar budget commitments for digital projects. When both co-fund and
advocate for digital projects in front of the board, CEO, and CFO, both have
skin in the game. Third, co-assign executive leadership responsibilities for key
project milestones. The CxO might be responsible for defining the business use
case and what a specific digital solution must deliver, while the CIO might be
responsible for developing the solution.
Australian legislators spar with platforms, each other over age assurance laws
If there’s one thing every platform can agree on when it comes to age assurance,
it’s that biometric age verification measures are a good idea – but probably
just not for them. The latest to suggest that maybe they aren’t subject to the
law are TikTok and Snapchat. The companies have reportedly made the case to
Australia’s eSafety Commissioner that there are potential legal workarounds to
Australia’s incoming social media regulations, which will prohibit users under
16 from having accounts. ... “We’re doing these things, ultimately, for the good
of young people in Australia. It will span television, radio, digital. There
will be some on billboards near schools around the country. They’ll see it on
TV. They’ll see it online. They’ll see it, ironically, on social media, because
until the 10th of December, it is legal for kids to be on social media. And if
that’s where they are, that’s where we need to talk to them about what this
means and why we’re doing it.” ... There is, in questioning from Senator David
Shoebridge of the Australian Greens, an apparent desire to assign blame to age
verification providers. He argues that Australia’s privacy laws aren’t yet ready
to accommodate such data collection, in that Australia’s 1988 Privacy Act
doesn’t include requirements for the deletion of data. He asks about
workarounds, like masks and VPNs.5 Must-Follow Rules of Every Elite SOC: CISO’s Checklist
Even the best analysts can’t detect everything alone. When communication breaks down and teams work in silos, critical context slips away; alerts are missed, work gets repeated, and investigations slow to a crawl. That’s why collaboration has become a core part of modern SOC performance. Inside the ANY.RUN sandbox, the Teamwork feature lets analysts join the same live workspace, share results in real time, and coordinate across roles without switching tools. Team leads can assign tasks, monitor progress, and track productivity; all from a single interface that keeps the team aligned, no matter the time zone. ... Every SOC knows the feeling; too many alerts, too many clicks, not enough time. Analysts lose hours on repetitive actions: opening files, running scripts, clicking through pop-ups, or solving CAPTCHAs just to trigger hidden payloads. With Automated Interactivity inside the ANY.RUN sandbox, all those steps happen automatically. The system opens malicious links hidden behind QR codes, interacts with fake installers, solves CAPTCHAs, and performs other routine actions; no human input needed. The sandbox handles these interactions on its own, exposing every stage of the attack chain in a fraction of the time. ... Even the best detection tools miss things. False negatives happen all the time; a file marked “safe” can still hide malicious behavior deep in its code or trigger only under specific conditions.Identifying risky candidates: Practical steps for security leaders
Today’s fraudsters and malicious insiders often leave digital breadcrumbs
outside a traditional organization’s direct visibility. Hiring teams cannot
connect those breadcrumbs on their own, and they should partner with the
security team to surface hidden affiliations, past fraudulent activities, or
concerning behavioral patterns as a part of the overall candidate assessment.
... Outside-the-firewall checks are especially important in a remote or hybrid
work environment where face-to-face verification is limited. The practical
takeaway is that companies need to broaden their visibility: the more you
combine traditional HR processes with external digital risk signals and
collaborate across internal teams, the harder it becomes for a fraudulent
candidate to work within your company undetected. ... Employees under stress or
facing job insecurity may become more prone to misconduct, either through
negligence or malice. Those with declining performance reviews, who are facing
disciplinary action, or that have presented resistance to security upgrades are
worth closer scrutiny. Employees that give notice of resignation should be
keenly watched for unauthorized activity. ... The definition of insider threat
is shifting. Where once the focus was on accidental misconfigurations or
negligence, today it increasingly includes malicious acts, fraud, and hybrid
cases where dissatisfaction or personal pressures drive risky behavior.
No comments:
Post a Comment