Daily Tech Digest - August 13, 2022

CEOs need to start caring about the cybersecurity talent gap crisis, new report shows

The focus on cybersecurity needs to start in the boardroom, Morgan argues. CEOs at every Fortune 500 company and midsize to large organization should advocate to have those with cybersecurity experience on their board, he says. “That could be the [chief information security officer (CISO)] or an outside executive with real-world cybersecurity experience,” he says. “Do it now to protect your organization, not after a breach or hack to protect your reputation.” By 2025, 35% of Fortune 500 companies will have board members with cybersecurity experience, according to the Cybersecurity Ventures report, and by 2031 that will climb to more than 50%. By comparison, last year just 17% of Fortune 500 companies had board members with this type of background. The thought is that if cybersecurity is a regular boardroom discussion, then the importance of it will trickle down to the rest of the organization, Morgan says, becoming a part of the company’s DNA. He encourages executives to take cybersecurity as seriously as profit and loss discussions.

5 elements of a successful digital platform

“Data is everything for us,” Rotenberg said. Making sure you have high quality data and that you can constantly iterate on it and improve it should be a priority when building a platform. “That’s something that we spend a lot of time on because it’s such an important foundation,” she said. One way the company uses it is to personalize the experience for clients. For example, this might mean using digital credentials. It may sound simple, but having the right mobile phone number means that Fidelity can interact with clients in the way they want. “Sometimes it’s the most basic things that actually make the biggest difference,” she said. ... There are a lot of different ways that fintechs and Fidelity could work with or against each other. “A fintech could be our competitor, our vendor, [or] we could be a client as well, and vice versa,” she said. Successful fintechs, in particular, usually have gotten something right in understanding a “customer friction” that other firms haven’t figured out. “They go deep in understanding the friction, they create success, and then they scale outward,” Rotenberg said. 

Top cybersecurity products unveiled at Black Hat 2022

Software composition analysis (SCA), static application security testing (SAST), and container scanning are the latest capabilities in the new update to the Cycode supply chain security management platform. All new components will add to Cycode’s knowledge graph, which structures and correlates data from the tools and phases of the software development life cycle to allow programmers and security professionals to understand risks and coordinate responses to threats. A key function of the knowledge graph includes the ability to coordinate security tools on the platform to do tasks such as identifying when leaked code contains secrets like API keys or passwords, in order to reduce risk. Support for vulnerability detection and protection across runtime environments including Java Virtual Machine (JVM), Node.js, and .NET CLR, has been added to the Application Security Module in the Dynatrace software and infrastructure monitoring platform. Additionally, Dynatrace has extended its support to applications running in Go, a fast-growing, open-source programming language developed at Google.

Google Cloud and Apollo24|7: Building Clinical Decision Support System (CDSS) together

For any health organization that wants to build a CDSS system, one key block is to locate and extract the medical entities that are present in the clinical notes, medical journals, discharge summaries, etc. Along with entity extraction, the other key components of the CDSS system are capturing the temporal relationships, subjects, and certainty assessments. ... The advantage of AutoML Entity Extraction is that it gives the option to train on a new dataset. However, one of the prerequisites to keep in mind is that it needs a little pre-processing to capture the input data in the required JSONL format. Since this is an AutoML model just for Entity Extraction, it does not extract relationships, certainty assessments, etc. ... The major advantage of these BERT-based models is that they can be finetuned on any Entity Recognition task with minimal efforts. However, since this is a custom approach, it requires some technical expertise. Additionally, it does not extract relationships, certainty assessments, etc. This is one of the main limitations of using BERT-based models.

In a hybrid workforce world, what happens to all that office space?

Amy Loomis, a research director for IDC's worldwide Future of Work market research service, said her research isn't showing an overall reduction in square footage, but said more companies my be subleasing unused space or reconfiguring it to better suit hybrid work. The key phrase is "space optimization," which is being done to attract new employees and for environmental sustainability. In North America, 34% of companies surveyed by IDC said that was a key driver in real estate investments. “What we’re seeing is repurposing of office space,” Loomis said. “Organizations are investing in office spaces and making them as dynamic, reconfigurable, and sustainable as possible. "So, yes they left that building during the pandemic and predominantly went remote and hybrid, but as people are going forward into the new office space, it’s more likely to be multi-purpose, multifunction, multi-tenant,” Loomis added. Many real estate developers now see the value in repurposing spaces to include not only room for commercial use, but also space for retail and even residential housing.

6 Myths About the Cloud That You Should Stop Believing

Cloud migration is an enticing prospect, but you’ve probably heard what happens when you have too much of a good thing. Going the cloud route and cloud data integration doesn’t have to mean dumping your entire business at once. Despite the recognized short and long-term benefits, the expense alone would be too daunting a concept for many. Cloud migration can take many forms. Implementing a hybrid approach to cloud technology is considerably more common, with many people starting with a particular area or application (such as email) and working their way up. ... True, virtualization is a vital technology for cloud computing, but virtualization doesn’t equally cloud computing. While virtualization is mainly concerned with workload and server consolidation to reduce infrastructure costs, Hadoop in cloud computing encompasses much more. Consider that, according to an IOUG (Independent Oracle User Group) study of its members, cloud clients are embracing Platform as a Service faster than Infrastructure as a Service.

Department of Health investigates bias in medical devices and algorithms

As part of an independent review on equity in medical devices, led by Margaret Whitehead, WH Duncan chair of public health in the Department of Public Health and Policy, the government is seeking to tackle disparities in healthcare by gathering evidence on how medical devices and technologies may be biased against patients of different ethnicities, genders and other socio-demographic groups. For instance, some devices employing infrared light or imaging may not perform as well on patients with darker skin pigmentation, which has not been accounted for in the development and testing of the devices. Experts are being asked to provide as much information as possible about biases in medical devices. Along with information about the device type, name, brand or manufacturer, the independent review is also looking to gather as much detail as possible about the intended use of medical devices that may be discriminatory, the patient population on which they are used, and how and why these devices may not be equally effective or safe for all the intended patient groups.

Event-Driven Architectures & the Security Implications

It’s never easy to crush a rock, but it is far from impossible. Taking an existing application from traditional architecture to EDA requires extensive resources and development time. Also, while building something new can be exciting, reworking the old may be unstimulating, especially when it still seems functional. This can sometimes result in postponing such a drastic transition. However, this transformation can be quite enlightening—both from a technical and an operational viewpoint. Developers perceive EDA to be inherently complex, especially for businesses with intricate processes. There is the concern that EDA does not effectively capture critical aspects of a company and that monitoring and debugging the system is more challenging because of the lack of a centralized structure. However, this complexity does not simply disappear by opting for a different architecture. Monitoring and debugging are easier with suitable tracing tools that are tailor-made for distributed systems, proper encapsulation of individual services, and an in-depth understanding of the functions of individual services and the events that should trigger them. 

Composing the future of banks

The biggest challenge for any bank is how do they reach such a vision of composable banking when over decades of investment in technology automation they have hundreds or thousands of systems, with some sharing data through extraction, some integrated through technical bridges and maybe a few more modern solutions through APIs? Integration is one of the biggest headaches a bank has, so the idea of composable banking would be simpler if every system had APIs, but that just isn’t the real world. In addition to this, not every process is based around system-to-system interaction. There are processes that require human intervention, often managed by business process automation software. Sometimes these processes are necessary because systems integration may not be possible without them: the swivel chair problem of keying data from one system into another. In the last few years, artificial intelligence (AI) has been added to the mix to make the routing of flows smarter. As always, technologists are great at solving individual processes, but business tends to be more complex, and it is only much later we start to see a bigger picture.

How to Hire the Best AI & Machine Learning Consultants

AI and machine learning consultants consist of qualified and experienced AI designers, developers, and other experts that help design, implement, and integrate AI solutions into the company’s business environment. They can provide, develop, and advise on a wide range of AI capabilities like predictive analytics, data science, natural language processing (NLP), computer vision, process automation, voice-enabled technology, and much more. These consultants can evaluate the potential of data, software infrastructure, and technology to effectively deploy AI systems and workflows. When bringing on the best AI and machine learning consultants, you should look for specialists that go beyond just data science. Most AI and machine learning projects involve far more than data science. For example, they involve engineering and aggregating data and formatting it to teach an AI system. These types of projects also often involve hardware, wireless, and networking, meaning the consultant should be an expert in the cloud and the Internet of Things (IoT).

Quote for the day:

"The great leaders are like best conductors. They reach beyond the notes to reach the magic in the players." -- Blaine Lee

No comments:

Post a Comment