In order to protect themselves, organizations need to develop cyber frameworks and internal security environments that are living, breathing and constantly evolving, both to adequately protect against outside threats and in order to meet the increasing demands of regulators. They must also ensure their cyber insurance policies provide sufficient coverage for regulatory proceedings and associated penalties. When controls fail and security incidents occur, it goes without saying that investigations and fines are close behind. A review of the FTC’s cyber enforcement actions, demonstrate that regulatory enforcement is not limited solely to Fortune 500 companies – there are many “smaller” companies included on that list.
Organizations depend more on freelancers because they are more available and accessible as a result of platforms like Toptal, and because they lack the in-place talent needed to complete critical projects. As a senior tech leader at Wal-Mart put it, “It often just takes too long to recruit, hire and on-board full-time staff.” These agile talents are matched to projects typically for 3 to 6 months. In past, these individuals were often kept at arm’s length, and treated as marginal to the “real” team. That’s changing – slowly, but clearly. For example, Qualcomm includes its agile talent when the team is in training. So does ScanDisk and Shire. This is an important shift for both the organization and for the agile talents themselves.
An online shopper, who often knows what they are looking for, is faced with the task of coming up with the right search terms, or scrolling through many pages of inventory to find it. Attempts at augmenting the keyword search experience with natural language have not made a major difference yet, partly because of the fact that shopping, for most users, is a very visual experience. Deep learning can be of help here, too! Auto-encoding features of images in an inventory based on similarities and differences brings about a rich model of what is available in the inventory, and the model is surprisingly close to how we as humans perceive shoppable items. The model alone, of course, is not enough: We need a way to understand a shopper’s preferences as they interact with the inventory.
The only constant is change, and one of the major untold challenges for enterprises across the globe is the underlying need to ramp up the capabilities of staff so they can operate in a whole new way. It is critical to not only embrace new people, ideas and methodologies, but also to tap into the wisdom and culture of the more experienced workforce to create an effectively trained organization. In an era where reinvention and some form of technology refresh seemingly happens every year, companies that offer pathways to help their employees build skillsets to to meet the needs of tomorrow will find themselves ahead. Perhaps the most prominent example of this in recent times is AT&T. Its competitors were once other phone companies. Now? It also competes in the cloud and internet space against other carriers as well as the web-scale giants.
One best practice (which I've discussed elsewhere) is to follow the Interface Segregation principle: Organize the members of the "other class" into a series of interfaces that contain all -- and only -- the members that particular clients need. This ensures that a client only needs to be changed if a member in the interface it uses changes (and, ideally, that change is forced by the client changing its requirements -- see the same article for a discussion of the Dependency Inversion principle). Following these principles gives you some flexibility in how the other class can be enhanced without impacting every client that uses it. When you follow the Interface Segregation principle, code in the client only refers to the other object using an interface. It's the difference between the client having this code:
“Oftentimes a perpetrator is not necessarily someone you might expect,” Ostwalt said. “It is four times more likely to be someone well-respected than someone who has a lower reputation, and generally it’s someone who is characterised as working well with others.” One key to preventing fraud is to understand why employees steal from their companies in the first place. The KPMG study found that 66% commit fraud for personal gain or greed. Another 27% stole from their employer because the systems in place enabled access. ... “Most are going after something that will enrich them or put them in a position to meet objectives inside or outside the organisation,” Ostwalt said. “Lots of times it’s just because they can – because they have access to the systems because the control was not tight enough.”
If you are like most CIOs, you have an IT organization that is good at many things, but when it comes to understanding how its own work in IT drives business value, the team has room for improvement. That was the situation that Guy Brassard faced when he joined Southwire, a $4.8 billion electrical-wire, cable and cord manufacturer. The company's management team set a strategy for growth and operational excellence, which put increased pressure on IT. Several acquisitions and transformational activities later, Brassard saw that his IT team had many of the skills necessary to support the company's growth strategy, but not the business acumen and knowledge required to step into newly created global business-facing positions.
"Companies don't want to have their workers get lost in social networks on work time, and their fear is that this is the first step in that direction. There could be a need for this if Facebook can thread the needle correctly." Judith Hurwitz, an analyst with Hurwitz & Associates, agreed that making deep inroads into the enterprise won't be easy for Facebook. "Very sophisticated security is mandatory," she said. "I am not sure that [Facebook] has put an emphasis on this. Obviously, the pricing model is established to get a massive amount of signups, but the question is, what is next? How do you manage users? How do you prevent a former employee from remaining on the network? How do you make sure that information on this environment meets regulatory requirements? There are a lot of questions."
The mobile industry coalesced to two operating systems: iOS and Android. Both use APIs that have high overlap, so management vendors can now let IT manage all these devices from a single panel of glass using a consistent set of controls. The variability and exceptions are thus now quite manageable -- even if you add Windows 10 and MacOS computers to the equation (they use similar APIs). We won't see that level of consolidation in the IoT world. Even if every type of device ended up being dominated by one or two providers, the huge diversity of devices would still mean hundreds of providers. The chances of them agreeing to a common set of APIs is close to zero.
“So if you’re a very large bank and starting from scratch it’s not something that is entirely straight forward and the view has always been do I really need to do it. There’s hasn’t been much of a burning platform until recently.” That has changed, there is a burning platform and the sharks are circling underneath. Banks have to change and if they want to see things like a 45% increase in profitability then they will need to look at technology. This is where the idea of the cognitive bank comes in. IBM is one of the companies pushing this notion of a bank’s systems and processes being more intelligent, mainly with the help of Watson.
Quote for the day:
"When human judgment and big data intersect there are some funny things that happen." -- Nate Silver