How SMEs in e-commerce can drive value from machine learning
It’s important to realise that implementing machine learning in processes like
customer segmentation means digging deeper into data than ever before, and
ensuring the algorithms your business uses are underpinned by a thorough
understanding of this data. Simply taking superficially similar customers and
grouping them together when recommending products won’t go far enough for it to
work successfully. The next step is to ensure the business is compatible with
machine learning in the long run. For example, business problems where machine
learning could be useful should be identified early on, and companies should get
into the habit of preparing their data so that machine learning can be
integrated without too much difficulty and disruption. Crucially, organisations
should also identify relevant machine learning experts who can drive such
projects forward, either internally or through outsourcing via external
consultants. Finally, one of the most pressing concerns in the minds of many
business leaders reluctant to implement machine learning is the threat the
technology could pose to human staff.
Are you ready for the newest era of DevSecOps?
Many organizations have shifted security left, or at least started on their
journey, in an effort to improve development velocity while also managing
security risks. When starting with their incumbent tools, many organizations
find it difficult to cobble together a variety of different security scanners
and trying to integrate them into a complex DevOps toolchain. We hear from
customers that siloed tooling has hindered collaboration. Many of our customers
turned to GitLab to simplify their DevSecOps process. GitLab is often at the
forefront of the DevSecOps and "shift security left" conversations among
developers and businesses because of the simplicity and effectiveness of
embracing security capabilities via a single platform. Developers need to find
and fix vulnerabilities within their natural workflow earlier, without friction
or distractions, while businesses must protect their IP in an age when the
stakes of security have never been higher. When security capabilities are
embedded into the end-to-end software processes, then developers can spend time
writing code instead of managing tools.
Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows
Researchers said the misconfigurations can also expose sensitive information
such as code, credentials and private container-image names (which can be used
to assist in other kinds of attacks). Intezer’s scan of the web found scads of
unprotected instances, operated by companies in several industries, including
technology, finance and logistics. “We have identified infected nodes and there
is the potential for larger-scale attacks due to hundreds of misconfigured
deployments,” according to Intezer. In one case, bad code was running on an
exposed cluster in Docker Hub for nine months before being discovered and
removed. Attacks aren’t difficult to carry out: Researchers observed different
popular Monero-mining malware being housed in containers located in repositories
like Docker Hub, including Kannix and XMRig. Cybercriminals need only to pull
one of those containers into Kubernetes via Argo or another avenue. For
instance, Microsoft recently flagged a wave of miners infesting Kubernetes via
the Kubeflow framework for running machine-learning workflows.
AI execs unpack call center automation boom
Purkayastha says that technological improvements over the past five years have
set the stage for the wider adoption of automation in the call center.
Superior automatic speech recognition and transcription are accelerating the
velocity of deploying solutions, while knowledge graphs — knowledge bases with
graph-structured data models — are extracting information pertinent to support
agents. Beyond this, automation technologies now better understand the
semantics of conversations and continuously learn, optimizing toward business
KPIs. Of course, these systems require data to train, and accumulating the
data — along with processing, normalizing, and cleaning it — can take time.
Schebella says that it’s not unusual for 30, 60, or 90 days to elapse before a
natural language processing model begins to perform satisfactorily. In the
future, he expects data collection to become less of a problem as call
automation technologies provide more real-time feedback — for example,
indicating to a customer service agent whether they’re speaking too quickly or
slowly.
A Guide to Stress-Free Cybersecurity for Lean IT Security Teams
Today's cybersecurity landscape is enough to make any security team concerned.
The rapid evolution and increased danger of attack tactics have put even the
largest corporations and governments at heightened risk. If the most elite
security teams can't prevent these attacks from happening, what can lean
security teams look forward to? Surprisingly, leaner teams have a much greater
chance than they think. It might seem counterintuitive, but recent history has
shown that large numbers and huge budgets aren't the difference-makers they
once were. Indeed, having the right strategy in place is a clear indicator of
an organization's success today. A new guide by XDR provider Cynet looks
to dispel the myth that bigger is always better and shows a smarter way
forward for lean IT security teams. The new guide focuses on helping lean IT
security teams plan strategies that can protect their organizations while
reducing the level of stress they face. Due to the rise of cyber tools that
can help level the playing field and a new generation of security
professionals, smaller organizations can now defend their organizations
equally.
4 Patterns for Microservices Architecture in Couchbase
One of the key characteristics of microservices is their loose coupling, so
that they can be developed, deployed, access-controlled and scaled on an
individual basis. Loose coupling requires that the underlying database
infrastructure supports isolating the data for the individual microservices.
That could be either by running individual database instances per microservice
or by controlling access to the relevant parts of the data. While traditional
relational databases support isolation using database schemas, they are often
difficult to scale, they lack the flexibility of a JSON data model, and most
importantly, they become the single point of failure in case of an outage of
your database infrastructure. This is an important aspect to consider when
designing your microservice architecture, as an outage has severe consequences
for all microservices sharing the same database. Couchbase is designed for
microservices. It’s a highly scalable, resilient and distributed database. It
offers great flexibility and provides multiple levels of isolation to support
up to one thousand microservices in the same Couchbase cluster.
Moving OT to the cloud means accounting for a whole new host of security risks
In addition to using attacks that all cloud platforms are vulnerable to,
Team82 said one of its approaches involves gaining unauthorized access to an
operator account "using different methods." Again, these different methods are
likely similar to other attacks used to steal credentials, like phishing,
which has been on the rise as more organizations move to cloud-based models to
enable remote work. Team82 detailed two different approaches to gaining access
to OT networks and hardware: A top-down approach that involves gaining access
to a privileged account and thus a cloud dashboard, and a bottom-up approach
that starts by attacking an endpoint device like a PLC from which they can
execute malicious remote code. Regardless of the method, the end result for
the attacker is the same: Access to, and control of, an OT cloud management
platform and the ability to disrupt devices and businesses. An attacker could
stop a PLC program responsible for temperature regulation of the production
line, or change centrifuge speeds as was the case with Stuxnet.
Why Going Digital Isn’t Enough to Meet the New Customer Experience (CX) Imperative
Traditional silos are directed by functional leaders—service, marketing,
commerce—but customers expect a unified approach to CX. Building a
customer-centered organization requires operational innovation, and existing
models don’t scale. CDOs, CMOs, CIOs, and CxOs—supported by CEOs, CFOs, COOs,
and board members—must build an alliance: a working group or steering
committee that is responsible and accountable for centralized, unified, and
collaborative customer understanding and engagement. Ultimately, a
customer-centered organization needs a leader who is probably not the chief
executive officer but a chief experience officer: an orchestrator with
day-to-day leadership, accountability, and tireless focus on the personal
touch in a reimagined analog, digital, and hybrid customer journey. It takes
day-to-day leadership, accountability, and tireless focus. Companies leading
in CX are more than twice as likely to have a chief experience officer than
those that have made less progress.
The role of tech in the future of keeping the workforce well post-pandemic
The bigger picture is that a ‘return to work’ doesn’t mean back to the office.
It might not even mean remote working. The talk of the rise of the ‘third
workplace’, where employees can work from wherever they choose, means that a
modern day workforce needs a completely mobile infrastructure. So what does
this look like? Firstly, using an integrated company news feed as part of your
communications platform allows remote workers to cut past the often-laborious
task of checking their emails and get to the priorities of the day. While
emails can be easily overlooked, a news feed that highlights urgent issues and
offers real-time updates which remote workers can receive across different
channels helps boost a culture of openness and inclusion. Having the tools to
communicate health and safety updates results in transparency around important
matters like the risk of transmission and the safety measures implemented. A
key question for organisations post-pandemic has to be how they leverage tech
beyond workforce optimisation.
Questions that help CISOs and boards have each other’s back
An accountability approach should dictate who takes ownership of what. The
vice president of human resources is responsible for organizing vetting; the
chief information officer must be held responsible for IT security; and the
chief financial officer must have plans for combating many forms of fraud,
which include strategies for combating phishing and business email compromise,
scenarios for handling ransomware attacks and efforts to harden the tools and
processes utilized by accounts payable. The deeper you follow the
accountability way of thinking, the more inclusive your leadership must be
when it comes cybersecurity. This can’t be a lone-wolf operation. The purpose
of a security team is to become an ally for your executive team, not to
passivate them. A proper security leader must determine—and share with the CEO
and the board of directors, if necessary—whether the responsible persons are
up to their tasks and committed to reaching security objectives.
Quote for the day:
"Leaders know the importance of having
someone in their lives who will unfailingly and fearlessly tell them the
truth." -- Warren G. Bennis
No comments:
Post a Comment