Expert: Agile data-driven decision-making key to growth
"You can't achieve agility, and you can't be adaptive unless you empower your
business users with as much self-service analytics and business intelligence and
reporting as they can consume," Evelson said. "Self-service is really the only
way to become agile and adaptive." That, however, is linked to data governance,
which is also imperative to agile data-driven decision-making. "There is a very
fine line between too much self-service and not enough governance, versus too
much governance and not enough self-service," Evelson added. "Hopefully, there
is a middle ground between the two, which we call Goldilocks data governance."
All of the competencies together, meanwhile, enable an organization to be agile
through what Evelson terms multi-modal analytics and reporting. They empower
organizations to do descriptive analytics through dashboards and reports,
diagnostic and predictive analytics to get insights, and ultimately prescriptive
and actionable analytics to make decisions and trigger actions. And should
organizations fail to become agile and adapt to constant change, they risk
irrelevancy and ultimately insolvency. Forty years ago, the average lifespan of
companies in the S&P 500 was about 30 years, Evelson said.
The Brain Is Neither a Neural Network nor a Computer
Autonomy is the idea that the brain is self-governing, receptive to the
environment, but always in control. Somatic disorders ranging from improper
sugar levels and hormone imbalances to diseases such as malaria or syphilis can
cause mental dysfunction. Some individuals are placed in mental hospitals when
correcting an underlying disorder would actually fix the problem. At the
simplest level, no amount of mental determination would make you a world-class
athlete if you did not have the right type of muscle fibers or hand-eye
coordination. You cannot flap your arms and fly—the aerodynamics does not allow
it. Paganini could only be the legendary violinist he was because of his
flexibility. No amount of musicianship could provide that
ability. Cognitive processes are embodied. They emerge from the interaction
between physical organisms and their environment, not just their brains. For
example, there is evidence that the nature of your gut bacteria can cause
anxiety, stress, and even depression. Replacing a diseased organ with a healthy
one can increase mental functioning. A kidney transplant will help remove
poisons from the blood such as urea or ammonia which will increase brain
health.
The state of corporate legal departments and the role of the Chief Legal Officer
The survey affirms we are in the “age of the CLO.” With 78 percent of
respondents reporting to the CEO, the overall trend remains very positive.
Further, while CLOs still spend around one quarter of their time providing legal
advice, they also spend a significant amount of time on board matters and
governance issues, contributing to strategy development, and advising other
executives on non-legal issues. The survey found that 46 percent of CLOs are
responsible for their company’s data privacy function, reflecting the growing
integration of legal in business strategy and technology policy. In the order of
functions reporting to the Chief Legal Officer, only compliance (74 percent)
outranks privacy. CLOs are also increasingly engaging with environmental,
social, and governance issues. This includes diversity and inclusion (D&I).
A full 72.7 percent of CLOs expect diversity and inclusion specifically to
accelerate in 2021. Encouragingly, even despite COVID-19, 32 percent of law
departments plan to take on more lawyers in 2021, a slight increase over 30
percent from 2020.
Defense Against Vulnerabilities in the Cloud – Is It Too Late?
Apart from the traditional challenges around access management, data pilferage
and threats from data communication with third party applications is gaining
prominence. Communication with third party applications has found increased
traction through APIs, which are increasingly being targeted by threat actors.
Further, misconfigurations and policy violations in cloud assets create
potential vulnerabilities and backdoors leading to risk of compromise. This is
primarily due to the policies of some companies to not change the default
security settings on their cloud workloads. These cloud vulnerabilities are
accentuated by the increasing number of connected systems and their
dependencies. The genesis of many vulnerabilities boil down to access and
privilege management. Organizations need to plan for a deep inspection and
vulnerability management system as part of their devsecops pipeline for
building scalable cloud native applications. A comprehensive vulnerability
management system goes a long way to enable organizations to effectively
manage and minimizing their threat attack surface.
How to build a trustworthy and connected future
More broadly, big(ger) data from personal, commercial and government sources
has the potential to address various challenges related to the Sustainable
Development Goals. For instance, the Humanitarian and Resilience Investing
Initiative aims to fill critical gaps in the available data that are
preventing investors from accessing more humanitarian and resilience investing
(HRI) opportunities. The pandemic has exposed and exacerbated existing gaps
and inequalities, notably almost half of the global population remain offline
and broadband services are too expensive for 50% of the population in
developed countries. These “connectivity deserts” hamper access to health,
education and economic inclusion. In a bid to improve access to the digital
economy, during The Davos Agenda, the Forum launched the Essential Digital
Infrastructure and Services Network, or EDISON Alliance, tasked with working
to accelerate digital inclusion Meanwhile, in metropolises around the globe,
which account for nearly two-thirds of CO2 emissions, smart energy
infrastructure connected through data and digitalization is central to
transitioning to “net zero” cities.
2020 Marked a Renaissance in DDoS Attacks
The sheer quantity of attacks in 2020 was surprising, Kaczmarek says. "We
always expect the number of attacks to increase year over year and quarter
over quarter, but we didn't expect that the quantity would increase by over
150%," he says. "This truly reflects the impact of the pandemic and the
challenging precedent the 'new normal' has set for cybersecurity." The number
of DDoS attacks that involved two or more vectors increased from 40% in 2019
to 72% in 2020, Kaczmarek added. "This means that the attackers as well as the
tools they are using are improving," he says. According to Neustar, while the
use of DDoS to try and extort ransoms is not new, these attacks grew in
persistence, sophistication, and targeting in 2020. Cyber extortionists
purporting to belong to well-known nation-state groups went after
organizations in industries they have not regularly targeted previously, such
as financial services, government, and telecommunications. "RDDoS attacks
surged in Q4 2020 as groups claiming to be Fancy Bear, Cozy Bear, and the
Lazarus Group attempted to extort organizations around the world," says Omer
Yoachimik, product manager, DDoS protection at Cloudflare, another vendor that
observed the same trend.
A better kind of cybersecurity strategy
The core of the matter involves deterrence and retaliation. In conventional
warfare, deterrence usually consists of potential retaliatory military
strikes against enemies. But in cybersecurity, this is more complicated. If
identifying cyberattackers is difficult, then retaliating too quickly or too
often, on the basis of limited information such as the location of certain
IP addresses, can be counterproductive. Indeed, it can embolden other
countries to launch their own attacks, by leading them to think they will
not be blamed. “If one country becomes more aggressive, then the equilibrium
response is that all countries are going to end up becoming more
aggressive,” says Alexander Wolitzky, an MIT economist who specializes in
game theory. “If after every cyberattack my first instinct is to retaliate
against Russia and China, this gives North Korea and Iran impunity to engage
in cyberattacks.” But Wolitzky and his colleagues do think there is a viable
new approach, involving a more judicious and well-informed use of selective
retaliation. “Imperfect attribution makes deterrence multilateral,” Wolitzky
says. “You have to think about everybody’s incentives together. Focusing
your attention on the most likely culprits could be a big mistake.”
US, China or Europe? Here's who is really winning the global race for AI
On almost all metrics, therefore, the EU seems to be taking a backseat; and
according to the researchers, there is no doubt that this is due to
stringent regulations that are in place within the bloc. "Many in Europe do
not trust AI and see it as technology to be feared and constrained, rather
than welcomed and promoted," concludes the report, recommending that the EU
change its regulatory system to be "more innovation-friendly". The General
Data Protection Regulation (GDPR), say the researchers, limits the
collection and use of data that can foster developments in AI. Proposals for
a Data Governance Act, while encouraging the re-use of public sector data,
also restrains the transfer of some information; and by creating European
data spaces, the regulation could inhibit global partnerships. Recent
reports show that the last year has seen almost a 40% increase in GDPR fines
issued by the EU compared to the previous 20 months, reaching a total of
$332 million in fines since the new laws started applying. In that context,
it is not rare to find that some firms are deterred from developing AI
systems altogether, out of fear of receiving a fine – even for the most
well-intentioned innovations.
A Guide to Find the Right IoT Module for Your Project
As more small and new module providers emerge into the IoT market, many
cheaper IoT modules are becoming available to customers with extremely
attractive tag price. If we simply look at the initial deployment cost of
using cheaper modules, it might look like that it saves a lot of money for
the customers. But is the quality of these modules guaranteed? The process
of developing a new product and making it deliverable to the market takes
long and is costly. Low-quality modules always accompany a higher risk of
malfunction and, to the worst extent, result in the failure of the whole
project. This will not help IoT companies to generate expected project
income, in reverse, it causes a greater loss in investment. From a long-term
perspective, even if the product was launched to the market, the unstable
performance of the module is likely to cause unwanted surprises and require
frequent maintenances. This will not be simply a higher operating cost to
the business, it will also harm the reputation of the brand and damage the
customers’ loyalty. For the long-term growth of the business, choosing a
reliable partner and quality-guaranteed module products is wise and
worthy.
Researchers: Beware of 10-Year-Old Linux Vulnerability
The vulnerability, called "Baron Samedit" by the researchers and officially
tracked as CVE-2021-3156, is a heap-based buffer overflow in the Sudo
utility, which is found in most Unix and Linux operating systems. Sudo is a
utility included in open-source operating systems that enables users to run
programs with the security privileges of another user, which would them give
them administrative – or superuser - privileges. The bug, which appears to
have been added into the Sudo source code in July 2011, was not detected
until earlier this month, Qualys says. "Qualys security researchers have
been able to independently verify the vulnerability and develop multiple
variants of exploits and obtain full root privileges on Ubuntu 20.04 (Sudo
1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). Other
operating systems and distributions are also likely to be exploitable," the
researchers say. After Qualys notified the authors of Sudo, a patch was
included in version 1.5.5p2, published this week. Qualys and the Sudo
authors are urging Linux and Unix users to immediately patch systems. Rob
Joyce, who was recently named director of the National Security Agency's
Cybersecurity Directorate, also flagged the alert on Twitter.
Quote for the day:
"Believe those who are seeking the
truth. Doubt those who find it." -- Andre Gide
No comments:
Post a Comment