Which cybersecurity metrics matter most to CISOs today?
Given the rapid increase in malware-free attacks, there’s a tendency on the part
of cybersecurity teams to add more metrics. Seeing more reported data as a
panacea for rising risks that aren’t immediately understood, cybersecurity teams
will turn on as many metrics as possible, looking for clues. Relying on
antivirus, SIEM (security information and event management), security ticketing
systems, vulnerability scanners, and more, CISOs’ teams generate an overwhelming
number of metrics that lack context. CISOs warn that presenting metrics straight
from tools without a narrative supporting them is a mistake. C-level executives
and the boards they report to are more focused on new insights that are
contextually relevant than a series of tactical measures. Every new high-profile
intrusion or breach drives up to a dozen or more internal user requests for new
metrics. Managing user requests by how much value they provide to contextual
intelligence and delivering business value is critical. CISOs tell VentureBeat
it’s easy to say no to additional metrics requests when there is no connection
to requested metrics that quantify the value cybersecurity delivers.
Making everything connect for smart cities
It’s a vision of how smart cities can be holistically planned by connecting the
different city domains and addressing Sustainable Development Goals (SDGs)
globally. In this way, mobility, energy, the environment, health, education,
security and the economy are not treated separately, but rather as a whole
consistent continuity of human-centric services. Smart cities need to be much
better at creating an open platform of dialogue that is accessible to all
citizens. ... These allow residents to engage with a wide array of data, as well
as completing personal tasks like paying bills, finding efficient transportation
and assessing energy consumption in the home. Smart cities also need to account
for social infrastructure that provides a cultural fabric, making the city
attractive to residents and offering a sense of local identity. It is often the
social and cultural aspects of a city that citizens find makes it most
attractive to live in – aspects such as green open spaces, a wide choice of
retail outlets, and bustling nightlife. This is particularly important for
cities that are being created ‘from scratch’ (rather than already existing) and
need to find effective ways to attract residents.
Dell gets more edge-specific with Project Frontier platform
Dell also said it is expanding its current edge portfolio in the following ways:
Edge analytics and operations - Manufacturers can optimize how they deploy edge
applications with an Dell Validated Design for Manufacturing Edge, the company
said. This now includes new Dell-validated partner applications to support
advanced edge use cases, and improve factory processes and efficiencies, while
reducing waste and raw materials usage for more sustainable operations.
Manufacturers can respond quickly to changes in demand, and enable
reconfigurable production lines with Dell's private 5G capability, Dell said.
Edge computing and analytics - The PowerEdge XR4000 is the smallest server in
the Dell lineup at about the size of a shoebox. The XR4000 is 60% shorter than
conventional data center servers, and its multiple mounting options allow it to
be installed in a rack, on walls or ceilings, saving valuable floor space. The
multi-node, 2U chassis server can survive unpredictable conditions, such as heat
waves or falls, the company said.
The White House can build on its AI Bill of Rights blueprint today
Several current uses of AI clearly violate the blueprint and should no longer
be used. The president should also stop encouraging agencies to spend American
Rescue Plan funds on ShotSpotter and other “gunshot detection” technologies,
which change police behavior but have not been shown to decrease gun violence.
These tools are in violation of the blueprint’s principles that AI tools must
be safe, effective, nondiscriminatory, and transparent. ... On the legislative
front, the AI Bill of Rights principles are embodied in both the American Data
Privacy Protection Act and the Algorithmic Accountability Act of 2022, both of
which the administration could put its support behind. There has been
substantial investment in the development and adoption of AI, but nowhere near
as much money or energy put toward safeguards or protection. We should not
repeat the same self-regulatory mistakes made with social media and online
advertising that left us in the privacy crisis we are in today.
How intelligent automation changes CI/CD
Intelligent automation addresses many of the core requirements for successful
software delivery. Basic process automation can increase devops productivity
by automating routine manual tasks through code. For example, a developer can
run a build in Jenkins that then triggers an automated task that pushes the
build to Artifactory and kicks off a delivery pipeline. However, combining
automation with AI-powered intelligence can turbocharge processes and improve
business outcomes. Intelligent automation can automate routine tasks and then
constantly improve automated decision making as the release moves through the
delivery lifecycle. Intelligence applied to the release process — when
combined with deep tools integrations that provide access not only to events
but also to all process data — can automate the detection of software risks
and automatically flag release candidates for remediation before they make it
to production. In addition to increased devops productivity and faster and
more accurate software releases, intelligent automation provides the means to
implement centralized, automated control over compliance and security.
A Big Threat for SMBs: Why Cybersecurity is Everyone’s Responsibility
It impacts everyone across every department and every element of operations.
Cybersecurity is a collective responsibility. During this Cybersecurity
Awareness Month, let’s debunk the pervasive misconception that cybersecurity
is strictly an IT issue. To avoid becoming a statistic, SMBs need to develop a
security culture that reinforces the idea that cybersecurity is the
responsibility of every team member. From the founder who sets a
security-focused tone to the specific teams that implement the policies, to
the HR department responsible for onboarding new employees, to the IT team
setting system password requirements, and to every employee that can
potentially open a phishing email triggering a security incident, it’s a
collective effort to stay aware. All individuals need to be trained, vigilant,
and engaged. The devil is in the details, as it’s the tools, tasks, and
routine activities each team member performs that will protect the company.
Seeing electron movement at fastest speed ever could help unlock next-level quantum computing
Seeing electrons move in increments of one quintillionth of a second could
help push processing speeds up to a billion times faster than what is
currently possible. In addition, the research offers a “game-changing” tool
for the study of many-body physics. “Your current computer’s processor
operates in gigahertz, that’s one billionth of a second per operation,” said
Mackillo Kira, U-M professor of electrical engineering and computer science,
who led the theoretical aspects of the study published in Nature. “In quantum
computing, that’s extremely slow because electrons within a computer chip
collide trillions of times a second and each collision terminates the quantum
computing cycle. ... To see electron movement within two-dimensional quantum
materials, researchers typically use short bursts of focused extreme
ultraviolet (XUV) light. Those bursts can reveal the activity of electrons
attached to an atom’s nucleus. But the large amounts of energy carried in
those bursts prevent clear observation of the electrons that travel through
semiconductors—as in current computers and in materials under exploration for
quantum computers.
New data protection bill must enable a progressive data governance framework
The robust framework that vowed to safeguard the privacy of an individual’s
data would have made the privacy design of the bill even more redundant.
Consent and notice framework in the new Bill should be dealt with in such a
way that it addresses the right to informational privacy while avoiding
consent fatigue for consumers. For instance, individuals may receive
innumerable privacy notifications causing consent fatigue; this issue was
considered and acknowledged by the Justice Srikrishna committee report.
Besides, from a business perspective, the cost of compliance, especially for
small businesses, will be huge and may result in additional costs. The new
personal data governance framework should focus on simplifying the consent and
notice framework in such a manner that individuals can easily understand how
and for what purpose is their personal data being processed. Besides, the new
Bill must lay out better means and ways to obtain consent, which is inclusive,
less tiresome, and efficient.
Emotional intelligence: How to create psychological safety for your IT team
The best leaders understand the complexities and imperfections of being human
and are not afraid to present their true selves in the workplace. These
leaders emanate compassion and encourage their team members to embrace and
express their unique gifts and talents. Compassion cuts through mental
constructs and perceptions. It begins when leaders examine and undo
traditional rules, roles, and narratives that limit their thinking,
decision-making, and worldview. Freedom from outdated narratives enables
release, self-acceptance, and permission to bring one’s whole self to the
workplace. Leaders who are driven by the needs of the ego struggle to let go
of outdated competence, values, and skills. Marshall Goldsmith, one of the
world’s foremost thought leaders on executive coaching, explains this
perfectly in the title of his book, What Got You Here Won’t Get You There. The
compulsive need to be right becomes more important than discovering new
horizons, untapped potential, and possibilities. Self-righteousness creates a
division between the self and the team, eroding trust.
Smart buildings may be your cybersecurity downfall
With the rise of IoT, a wave of adoption of IT and IoT solutions at all levels
of building system architecture poses a serious cyber security issue. As it
becomes increasingly difficult to distinguish between building automation
systems and other systems used in companies and their infrastructures, more
“cyber holes” tend to be left unmonitored. The use of insecure industrial
protocols is another vulnerability that attackers take advantage of to disrupt
smart buildings operations. This is especially the case for building
automation systems. Popular protocols like BACnet and LonWorks are not
implicitly secure and, like those used in the industrial production sector,
tend to have their own vulnerabilities. ... As the cyber-physical equipment
within buildings becomes increasingly distributed, especially due to the new
trend of supervising building complexes from a central location, cyberattacks
on smart buildings, as well as attacks on cities and other smart city
infrastructures, can have a significant security impact for users.
Quote for the day:
"Personal leadership is the process of
keeping your vision and values before you and aligning your life to be
congruent with them." -- Stephen R. Covey
No comments:
Post a Comment