Bias still dominates the discussion of AI adoption in business
Organisations are at last beginning to take ethical standpoints on machine
learning and its role in automated decision-making. According to HBR, companies
(including Google, Microsoft, BMW and Deutsche Telekom) are creating internal AI
policies, making commitments to fairness, safety, privacy and diversity.
Organisations must recognise machine learning as a predictive technology that
requires the application of judgement—a key part of any such policy—ensuring
interpretability and, consequently, trust. While it might be hard to remove bias
from your data entirely, you can effectively minimise the effects of that bias
by applying a layer of systemised judgement. This turns predictions into
decisions that can be trusted. To achieve this you need technology that can
efficiently and transparently automate that governance process. New platforms
enable firms to apply machine-learnt predictions safely by incorporating a layer
of automated human judgement into their systems.
Failing Fast: The Impact of Bias When Speeding Up Application Security
You have a tools bias if you're spending thousands of dollars on tools and
systems to integrate them into your development lifecycle. Not every tool needs
to cost you a lot of money. There's a great deal of amazing, free open source
tools out there. Not everyone needs to be spending that much money. Do you have
tools purchased but not properly implemented into your build pipeline? Maybe
they were put in and then they were removed because they were causing you pain.
Or maybe you got them and you put them in a learning mode, but you never got
them fully installed. That's a tool bias. You've spent the time and focus
because the tool will solve the problem, but we've not actually solved the
problem. We got halfway there and stopped. If there's no plan for maintaining,
tuning, or configuring tools post-purchase, also known as a sales-person driven
development style, then you've got a tools bias. Your tool has not made you more
secure. Your tool has given you the feeling of security, but without the actual
action.
Why regulation of tech platforms is the new game changer for strategy
Regulation is proving pivotal in conflicts created when traditional firms
compete with or participate in ecosystems dominated by big tech. How many of the
profit opportunities created by new regulation will be gobbled up by big tech,
and how much of that profit can be internalized by their partners? For instance,
regulators are asking, Is it appropriate for a dominant ecosystem orchestrator
like Apple to forbid content providers from accessing customers and demanding
payments directly? And, given the modest effort Apple put into setting up its
App Store, is its 30% cut from every app sold there a fair practice or a blatant
abuse of dominant position? Epic Games’ recent lawsuit against Apple (which
centered around how people pay for the Fortnite game) sailed bravely into these
unchartered waters; the judge ultimately ordered Apple to reverse some, if not
all, of its practices. Consider also the drama currently playing out in digital
advertising. Big tech firms, supported by their ecosystem partners, have helped
spawn a successful industry focused on understanding the profile of individual
customers and offering them tailored advertising.
Why are we still asking KBA questions to authenticate identity?
The federal government has long acknowledged the risks presented by KBAs and the
NIST’s own guidelines expressly disavows KBA for digital applications: “The ease
with which an attacker can discover the answers to many KBA questions, and the
relatively small number of possible choices for many of them, cause KBA to have
an unacceptably high risk of successful use by an attacker.” Meanwhile a study
by Google found that only 47% of people could remember what they put down as
their favorite food a year earlier – and that hackers were able to guess the
food nearly 20 percent of the time, with Americans’ most common answer (of
course) being pizza. And even when a user does remember the correct answer to
one of these questions, they sometimes forget the precise form of their answer,
all of which leads to a frustrating customer experience. Protracted verification
times inevitably lead to customer abandonment of transactions such as opening a
new account, resulting in delayed or lost business. Unsurprisingly, the longer
it takes to verify a customer’s identity, the more likely it is they will
abandon the process entirely.
Thousands Now Find Success with OKRs, Why Aren't You?
Objectives and Key Results (OKRs) is a flexible tool that helps people,
organizations achieve their goals by erecting specific and measurable actions.
It also helps them communicate and monitor progress towards them. Objectives
can either be short and inspirational. It defines the goal you want to
achieve. For companies, they are capable of creating three to five high-level
objectives per quarter of the year. This helps them increase their brand
awareness and these objectives are meant to be ambitious. Choosing the right
objective for your goal can be a challenging aspect of this practice but when
it's done correctly, you can tell if you have reached your objective. Key
Results helps you deliver each set of objectives perfectly, so you can be able
to measure your progress in achieving your goals. ... OKRs are a flexible
framework, and because of this, you can set and phrase OKRs in different ways.
Think of it as the pillar of your strategy for the next period. To come up
with good OKRs, I will advise that connect them to your day-to-day activities.
How can we eliminate gender bias in tech?
There’s clear evidence of professional prejudice against working mothers —
women are passed up for job progression and prevented from exploring other
opportunities. This is called the ‘motherhood penalty’. On average, women lose
4% of hourly earnings when they start a family; a significant amount when
taken as a proposition of lifetime earnings. Compared to men who gain an
average pay rise of 6% after becoming fathers. Moving forward, employers must
make clear to female staff that they will be judged purely on performance, not
on their working schedules – opening the door to more flexible working
options, letting women advance professionally without jeopardising family
commitments. Likewise, the stigma around shared parental leave must be
addressed, normalising a man’s role as equal caregiver when tending to a
new-born. With more equitable paternity policies, female staff will be better
enabled to pursue senior leadership roles.
The Crypto Industry Isn’t Too Thrilled About Biden’s Big Policy Moves
Despite some heavy lobbying by crypto lobbyists back in August to clarify the
definition of “broker” as it applies to digital assets, the proposed bill
passed the Senate without any amendments. The bill was introduced and voted
through the Senate within a week in August. While the bill was awaiting House
approval, I spoke to some crypto tax lawyers in the U.S. about how things
might play out if it is signed into law without amendments. Nathan Giesselman,
a partner at Skadden, Arps, Slate, Meagher & Flom LLP, told me that, as it
is written in the bill, the provision runs the risk of capturing folks like
miners and developers who don’t have the same customer information that a
traditional broker might have, putting them in the awkward position of not
being able to comply with the required reporting. Now that the House has
passed the bill, it’s clear that much will depend on how the U.S. Treasury
Department interprets the definition of broker.
Six AI and Big Data Trends in Banking for 2022
Big data and AI requires intense computing horsepower, so banks and credit
unions are increasingly turning to the cloud to host data and applications.
Not only is the cloud able to scale to handle high computing demands, but
does it cost effectively. IDC states that global spending on cloud services
— including hardware and software — will surpass $1.3 trillion by 2025,
growing at a CAGR of 16.9%. Both shared (pubic) cloud and dedicated
(private) cloud are slated to grow, says IDC, with private cloud growing at
a faster rate. Since bank legacy systems weren’t designed for distributed
computing environments, moving them to the cloud is challenging. However,
banks and credit unions are softening up to the idea of moving legacy
systems not just to the cloud but transforming them to cloud-native
platforms, although few have made the leap to a fully cloud-based
environment. JPMorgan Chase and Arvest Bank, have both announced that they
will switch portions of their core systems to a cloud-native
platform.
The cyber insurance dilemma: The risks of a safety net
Every company owner should be aware of what they are looking for when it
comes to cyber insurance. They should always read the fine print and
understand the specifics of coverage, deductibles, and exclusions. This
safety net can be highly effective if the policy is correctly written and
the business is fully aware of its coverage. According to Dan Burke, the
Vice President at Woodruff Sawyer (a national insurance provider), cyber
insurance typically doesn’t cover three types of losses: potential future
lost profits, loss of value due to the theft of intellectual property, and
betterment (i.e., the cost to improve internal technology systems after the
attack, such as IT upgrades after a cyber event). That said, losses other
than the initial ransom are not likely to be covered by insurance. Today,
most ransomware attacks do not stop at the initial breach. Take the
SolarWinds incident as an example: instead of locking SolarWind’s IT
systems, attackers planted malicious code into the company’s Orion
technology platform, which is used by more than thirty thousand customers,
including the U.S.
Why organisations need to take charge of Office 365 backup and recovery
No matter the size of your organisation, if you’ve automated the backup
process for your Office 365 environments, then you’ve taken a big first step
to protect your data and ensure its quick recovery. Keep in mind that access
to regularly backed up files significantly improves the chances of
recovering from a system outage or malware attack. Find a solution that will
let you effortlessly pinpoint SaaS data and records. Organisations need to
be able to perform targeted restores, preserve critical data sets, and
manage production and sandbox environments with ease. Some of this will come
down to granular search and restore, but it’s also a good idea to implement
point-in-time and version-level recovery tools and immediate restores.
Staying secure means that it’s easier to stay compliant. Look for a solution
that offers stringent standards, privacy protocols, and zero-trust access
controls — this could also include isolated, air-gapped backups from source
data, built-in GDPR compliance, and encrypted data when at rest or
in-flight. Multi-layering your security also means you can add role-based,
SSO, SAML authentication controls too.
Quote for the day:
"Curiosity is the thing that sparks
a step into an adventure." -- Annie Lennox
No comments:
Post a Comment