Digital addiction detox: Streamline tech to maximize impact, minimize risks
While digital addiction has been extensively studied at the individual level,
organizational digital addiction is a relatively new area of concern. This
addiction manifests as a tendency for the organization to throw technology
mindlessly at any problem, often accumulating useless or misused technologies
that generate ongoing costs without delivering proportional value. ... CIOs
must simultaneously implement controls to prevent their organizations from
reaching a tipping point where healthy exploration transforms into digital
addiction. Striking this balance is delicate and requires careful management.
Many innovative technology companies have found success by implementing
“runways” for new products or technologies. These runways come with specific
criteria for either “takeoff” or “takedown”. ... Unchecked technology adoption
poses significant risks to organizations, often leading to vulnerabilities in
their IT ecosystems. When companies rush to implement technologies without
proper planning and safeguards, they lack the resilience to bounce back from
adverse conditions because of insufficient redundancy and flexibility within
systems, leaving organizations exposed to single points of failure.
Why are we still confused about cloud security?
A prevalent issue is publicly exposed storage, which often includes sensitive
data due to excessive permissions, making it a prime target for ransomware
attacks. Additionally, the improper use of access keys remains a significant
threat, with a staggering 84% of organizations retaining unused highly
privileged keys. Such security oversights have historically facilitated
breaches, as evidenced by incidents like the MGM Resorts data breach in
September 2023. ... Kubernetes environments present another layer of risk. The
study notes that 78% of organizations have publicly accessible Kubernetes API
servers, with significant portions allowing inbound internet access and
unrestricted user control. This lax security posture exacerbates potential
vulnerabilities. Addressing these vulnerabilities demands a comprehensive
approach. Organizations should adopt a context-driven security ethos by
integrating identity, vulnerability, misconfiguration, and data risk
information. This unified strategy allows for precise risk assessment and
prioritization. Managing Kubernetes access through adherence to Pod Security
Standards and limiting privileged containers is essential, as is the regular
audit of credentials and permissions to enforce the principle of least
privilege.
The Architect’s Guide to Interoperability in the AI Data Stack
At the heart of an AI-driven world is data — lots of it. The choices you make
today for storing, processing and analyzing data will directly affect your
agility tomorrow. Architecting for interoperability means selecting tools that
play nicely across environments, reducing reliance on any single vendor, and
allowing your organization to shop for the best pricing or feature set at any
given moment. ... Interoperability extends to query engines as well.
Clickhouse, Dremio and Trino are great examples of tools that let you query
data from multiple sources without needing to migrate it. These tools allow
users to connect to a wide range of sources, from cloud data warehouses like
Snowflake to traditional databases such as MySQL, PostgreSQL and Microsoft SQL
Server. With modern query engines, you can run complex queries on data
wherever it resides, helping avoid costly and time-consuming migrations. ...
Architecting for interoperability is not just about avoiding vendor lock-in;
it’s about building an AI data stack that’s resilient, flexible and
cost-effective. By selecting tools that prioritize open standards, you ensure
that your organization can evolve and adapt to new technologies without being
constrained by legacy decisions.
The role of compromised cyber-physical devices in modern cyberattacks
A cyber physical device is a device that connects the physical world and
computer networks. Many people may associate the term “cyber physical device”
with Supervisory Control and Data Acquisition (SCADA) systems and OT network
segments, but there’s more to it. Devices that interconnect the physical world
give attackers a unique perspective: they allow them to perform on-ground
observation of events, to monitor and observe the impact of their attacks, and
can even sometimes make an impact on the physical world ... Many devices are
compromised for the simple purpose of creating points of presence at new
locations, so attackers can bypass geofencing restrictions. These devices are
often joined and used as a part of overlay networks. Many of these devices are
not traditional routers but could be anything from temperature sensors to
cameras. We have even seen compromised museum Android display boards in some
countries. ... Realistically, I don’t believe there is a way to decrease
number of compromised devices. We are moving towards networks where IoT
devices will be one of the predominant types of connected devices, with things
like a dish washer or fridge having an IP address.
Security at the Edge Needs More Attention
CISOs should verify that the tools they acquire and use do what they claim to
do, or they may be in for surprises. Meanwhile, data and IP are at risk
because it’s so easy to sign up for and use third-party cloud services and
SaaS that the average users may not associate their data usage with
organizational risk. “Users submitting spreadsheet formula problems to online
help forms may inadvertently be sharing corporate data. People running grammar
checking tools on emails or documents may be doing the same,” says Roger
Grimes, data-driven defense evangelist at security awareness training and
simulated phishing platform KnowBe4 in an email interview. “It's far too easy
for someone using an AI-enabled tool to not realize they are inadvertently
leaking confidential information outside their organizational
environment.” ... It’s important for CISOs to have knowledge of and
visibility into every asset in their company’s tech stack, though some CISOs
see room for improvement. “You spend a lot of time and money on people,
processes and technology to develop a layered security approach and defense in
depth, and that doesn't work if you don't know you have something to defend
there,” says Fowler.
CIOs must also serve as chief AI officers, according to Salesforce survey
CIOs are now in the business of manufacturing intelligence and work-autonomous
work. CIOs are now responsible for creating a work environment where humans
and AI agents can collaborate and co-create stakeholder value -- employees,
customers, partners, and communities. CIOs must design, own, and deliver the
roadmap to the autonomous enterprise, where autonomous work is maturing at
Lightspeed. ... CIOs are under pressure to quickly learn about, and implement,
effective AI solutions in their businesses. While more than three of five CIOs
think stakeholder expectations for their AI expertise are unrealistic, only 9%
believe their peers are more knowledgeable. CIOs are also partnering with
analyst firms (Gartner, Forrester, IDC, etc.) and technology vendors to learn
more about AI. ... Sixty-one percent of CIOs feel they're expected to know
more about AI than they do, and their peers at other companies are their top
sources of information. CIOs must become better AI storytellers. In 1994,
Steve Jobs said: "The most powerful person in the world is the storyteller.
The storyteller sets the vision, values, and agenda of an entire generation
that is to come." There is no better time than now for CIOs to lead the
business transformation towards becoming AI-led companies.
Policing and facial recognition: What’s stopping them?
The question contains two “ifs” and a presumption; all are carrying a lot of
weight. The first “if” is the legal basis for using FRT. Do the police have
the power to use it? In England and Wales the police certainly have statutory
powers to take and retain images of people, along with common law powers to
obtain and store information about the citizen’s behavior in public. The
government’s own Surveillance Camera Code of Practice (currently on policy’s
death row) provides guidance to chief officers on how to do this and on
operating overt surveillance systems in public places generally. The Court of
Appeal found a “sufficient legal framework” covered police use of FRT, one
that was capable of supporting its lawful deployment. ... The second “if”
relates to the technology i.e. “if FRT works, what’s stopping the police from
using it?” Since a shaky introduction around 2015 when it didn’t work as hoped
(or required) police facial recognition technology has come on significantly.
The accuracy of the technology is much better but is it accurate to say it now
“works”? Each technology partner and purchasing police force must answer that
for themselves – as for any other operational capability. That’s
accountability.
How AI is becoming a powerful tool for offensive cybersecurity practitioners
What makes offensive security all the more important is that it addresses a
potential blind spot for developers. “As builders of software, we tend to
think about using whatever we’ve developed in the ways that it’s intended to
be used,” says Caroline Wong, chief strategy officer at Cobalt Labs, a
penetration testing company. In other words, Wong says, there can be a bias
towards overemphasizing the good ways in which software can be used, while
overlooking misuse and abuse cases or disregarding potentially harmful uses.
“One of the best ways to identify where and how an organization or a piece of
software might be susceptible to attack is by taking on the perspective of a
malicious person: the attacker’s mindset,” Wong says. ... In addition to
addressing manpower issues, AI can assist practitioners in scaling up their
operations. “AI’s ability to process vast datasets and simulate large-scale
attacks without human intervention allows for testing more frequently and on a
broader scale,” says Augusto Barros, a cyber evangelist at Securonix, a
security analytics and operations management platform provider. “In large or
complex environments, human operators would struggle to perform consistent and
exhaustive tests across all systems,” Barros says.
While Cyberattacks Are Inevitable, Resilience Is Vital
Cybersecurity is all about understanding risk and applying the basic controls
and sprinkling in new technologies to keep the bad guys out and keeping the
system up and running by eliminating as much unplanned downtime as possible.
“Cybersecurity is a risk game—as long as computers are required to deliver
critical products and services, they will have some vulnerability to an
attack,” Carrigan said. “Risk is a simple equation: Risk = Likelihood x
Consequence. Most of our investments have been in reducing the ‘likelihood’
side of the equation. The future of OT cybersecurity will be in reducing the
consequences of cyberattacks—specifically, how to minimize the impact of
infiltration and restore operations within an acceptable period.”
Manufacturers must understand their risk appetite and know what and where
their organization’s crown jewels are and how to protect them. “Applying the
same security practices to all OT assets is not practical—some are more
important than others, even within the same company and the same OT network,”
Carrigan said. Remaining resilient to a cyber incident—any kind of
incident—means manufacturers must apply the basics, sprinkle in some new
technologies and plan, test, revise and then start that process all over
again.
AI-Powered DevOps: Best Practices for Business Adoption
In security, AI tools are proving highly effective at proactively identifying
and addressing vulnerabilities, boosting threat detection capabilities, and
automating responses to emerging risks. Nonetheless, significant potential for
AI remains in phases such as release management, deployment, platform
engineering, and planning. These stages, which are crucial for ensuring
software stability and scalability, could greatly benefit from AI's predictive
abilities, resource optimization, and the streamlining of operational and
maintenance processes. ... While generative AI and AI copilots have been
instrumental in driving adoption of this technology, there remains a major
shortage of AI expertise within DevOps. This gap is significant, especially
given that humans remain deeply involved in the process, with over two-thirds
of our respondents indicating they manually review AI-generated outputs at
least half the time. To address these challenges, organizations should devise
specialized training courses to properly equip their DevOps teams with the
skills to leverage AI tools. Whether through industry-recognized courses or
internal programs, encouraging certification can enhance technical expertise
significantly.
Quote for the day:
"All progress takes place outside the
comfort zone." -- Michael John Bobak
