Daily Tech Digest - October 20, 2022

Three Ingredients of Innovative Data Governance

The first important feature of innovative data governance is providing a data set that is statistically similar to the real data set without exposing private or confidential data. This can be accomplished using synthetic data. Synthetic data is created using real data to seed a process that can then generate data that appears real but is not. Variational autoencoders (VAEs), generative adversarial networks (GANs), and real-world simulation create data that can provide a basis for experimentation without leaking real data and exposing the organization to untenable risk. VAEs are neural networks composed of encoders and decoders. During the encoding process, the data is transformed in such a way that its feature set is compressed. During this compression, features are transformed and combined, removing the details of the original data. During the decoding process, the compression of the feature set is reversed, resulting in a data set that is like the original data but different. The purpose of this process is to identify a set of encoders and decoders that generate output data that is not directly attributable to the initial data source.

Where is Blockchain Headed?

The buildup of blockchain has led inevitably to some growing pains as the scope of the space and its big data needs amp up. “We’re trying to exist with the consequences of scale,” Hoskinson said. “We have this homogenous model that everybody is their own blockchain, everybody has a full copy. This is the idea Bitcoin brought.” He raised doubts about the continued feasibility of such a model as usage escalates exponentially. “If you have millions of users year after year, you end up having blockchains that are in the petabytes scale or the yottabytes scale,” Hoskinson said. “So how do you preserve this concept of inclusive accountability, meaning you don’t have a full copy of the blockchain, yet you’re able when an event happens to verify it with the same trust model as if you did?” He sees advancements brewing in zero-knowledge cryptography, where no extra information is shared during an interaction via blockchain to maintain privacy. Other areas of research and development of blockchain technology include getting blockchain to work on smartphones without compromising integrity, he said

4 Stakeholders Critical to Addressing the Cybersecurity Workforce Gap

HR professionals should de-emphasize the importance of certifications for interns and junior and midcareer professionals and instead focus on on-the-job training and clearly defined career paths for cybersecurity professionals. The issue with certifications has existed since before CSIS in 2010 observed, "It is the consensus of the Commission that the current professional certification regime is not merely inadequate; it creates a dangerously false sense of security." ... Compliance professionals should be aware that their security counterparts are continuously overextended and seek to automate as many compliance operations as feasible. When responding to an internal assessment or an external audit, compliance professionals regularly rely on the security team to collect evidence of internal control operation and effectiveness. Realistically, this is an "extra" job duty on the part of security professionals, and as such, these tasks may be done in a rush or put off to the last minute, due to the more pressing duties on their limited time. 

Our Law Firm Is Too Small to Be in Danger From Cyberattacks – Wrong!

You may be small, but you still hold the valuable data of many people and small businesses. If you are easy to break into, and criminals armed with your data can then attack your clients, that’s a very good payday for them. And just like all businesses, most cybercriminal groups are happy with a certain level of profit — and many of them wish to avoid the increased attention and scrutiny from law enforcement and governments that result from attacks on ‘big game’ firms. ... The long-term costs of a data breach last for months to years and very often they involve significant expenses that entities are not even thinking about or anticipating in their planning. What might this include? Lost or inaccessible data, business disruption, revenue losses from operational downtime, breach notification costs, legal liability costs and reputational damage. We would add the significant legal costs of hiring a data breach lawyer to oversee the breach response and a digital forensics company to investigate and remediate the breach.

Cross-Functional Collaboration is Becoming Essential for Security Professionals

Security is part of digital trust but just one piece of the equation. Attaining digital trust is a group project that cannot be done in silos, but unfortunately, too many companies are not yet in that mindset. In ISACA’s recent State of Digital Trust 2022 study, only 12% of respondents strongly agree that there is sufficient collaboration among professionals who work in digital trust fields. In many companies, the organizational culture reinforces a stay-in-your-lane mentality, and there’s not much sustained commitment for working cross-functionally. That needs to change, and security teams should do their part to drive toward the broader mission of advancing digital trust. There are many security professionals who are adept at specific areas: endpoint security, identity and access management and threat hunting, etc. There is certainly a place for specialization, but it is important that the team includes people who recognize the importance of sharing knowledge, learning from other teams and finding areas of overlap to approach transformation projects with a holistic approach.

5G Innovations and Cybersecurity Risk

Although there are many benefits of 5G, like any emerging technology it also introduces diverse threats, and numerous facets of 5G security risk are still undergoing research. For example, 5G’s accessibility and multitudinous devices accelerate the likelihood of successful denial-of-service (DoS) attacks, saturation attacks, eavesdropping and spoofing attacks. 5G’s extensible architecture and focus on speed could diminish concerns for adequate security controls to prevent potential attacks. The National Cybersecurity Center of Excellence collaborates with vendors such as AT&T, Cisco, Intel and Palo Alto Networks and has published 5G Security Guidelines for public consultation. In addition, the European Union Agency for Cybersecurity (ENISA) has published a few 5G security-related documents. To establish a comprehensive approach for 5G cybersecurity, organizations can leverage frameworks from the International Organization for Standardization (ISO), the National Institute of Standards and Technology (NIST) and the Center for Internet Security (CIS). Experts advise that enterprises acquire intrusion detection and prevention systems to distinguish attacks.

Digital Banking Transformation Requires Back-Office Evolution

Becoming a future-ready digital banking organization requires a complete rethinking of all back-office operations. “Organizations should look for the processes that are tedious, time consuming, and have the greatest impact on both the efficiency of the organization and the customer experience,” advises Jim Perry, senior strategist at Market Insights. Automating as many ‘behind the glass’ components as possible will translate into more freedom to innovate and drive smarter decision making. Automation can lead to more fulfilling and meaningful work for existing and new employees, eliminating the fear of becoming obsolete in a digital world. At a time of low unemployment, the retention of existing employees is crucial. “The next step is using machine learning and artificial intelligence to take on more complex tasks that today require a broader range of human judgment,” states Nicols. This is also an area where collaboration with external solution providers can provide a significant advantage.

How CFOs Will Tackle Challenges Heading into 2023

Abhi Maheshwari, CFO at Aisera, says he believes it's important to get a complete 360-degree view of the buyer journey. “This can be achieved only when all key functions of the business are driving efforts towards the common end goal of building a strong pipeline and closing more business for the company,” he says. Whatever marketing technology sales technology or revenue operations technology can help him achieve this 360-degree view in our CRM is something he fully supports and backs. “Eventually, it's all about deriving business value and ROI from investing in tech that scales as you scale your business,” he adds. ... This requires an honest assessment of the problem that is being addressed and what the expected and acceptable range of outcomes would be. “Broadly speaking, a good framework would be for the CFO to breakdown the components of what exactly makes up ROI, cost, return, and risk and see if the investment reduces cost, increases returns, and/or reduces risk,” he explains.

Gartner: Hero CIOs are needed again to save businesses

Lovelock said that before the cloud, CIOs had far more flexibility in how they managed their IT budgets. “Pre-cloud, CIOs had a lot of autonomy within their IT budget,” he said. “There are now much less discretionary pieces of the budget.” For instance, if a CIO wanted to swap out an existing on-premise general ledger application, it was possible for the organisation to cut the annual maintenance fee associated with that application in preparation for the migration to the new platform. But, as Lovelock pointed out, pay-per-use subscription models reduce this flexibility. “If you are on a cloud general ledger, the minute you stop paying that bill, you stop having a general ledger,” he said. For Lovelock, rising costs are increasingly becoming a factor in the public cloud. He said: “For the first time, we have seen some pretty big increases in the prices of some cloud services. Their costs are going up. Their energy costs are going up and their server costs have gone up. Their staff costs are also going up, so they need to pass on at least some of this to clients.”

Gartner: IT matters more than ever to attract and keep the best talent

Technology is the new epicenter of corporate culture, and organizations that experiment openly with technologies that are still considered early in the Gartner Hype Cycle—the company’s depiction of technologies move from conception to widespread adoption—will attract talent candidates. “Here’s why,” Nunno said. “First, because barriers to innovation create friction. Second, organizations that innovate during tough times, stay ahead of the pack; and enterprises who innovate publicly attract the best new pack members. Now is the time to find room in your budgets to be bold.” The way organizations are handling the hybrid-work environment is a good example of how things are changing. Nunno said many CIOs have told Gartner that their world was easier when employees were all in the office or all out of the office. “Many executives are concerned that hybrid work is damaging corporate culture, so they're trying to turn back the clock by mandating employee time in physical offices,” Nunno said.

Quote for the day:

"All organizations are perfectly designed to get the results they are now getting. If we want different results, we must change the way we do things." -- Tom Northup

No comments:

Post a Comment