Bringing IT and Business Closer Together: Aiming for Business Intimacy
“Businesses today are looking to drive new value from software, to increase competitiveness, open new revenue streams, and increase efficiencies,” he explains. “As part of this, the business often drives the software decisions, proof-of-concepts, vendor selection, and more.” It’s not until the end of the process that IT is brought in to “sign off and deploy”, and this siloed approach results in teams working separately, often producing poor results and driving animosity between the groups. “Instead, if the business and IT teams work together for the entire project, requirements are surfaced and expertise from across the organization is brought in to make the best possible decisions,” Maxey says. From his perspective, there are several best practices that can ensure closer alignment between IT and businesses. “Embed IT into the business unit, versus in a separate department and ask IT to project manage business software projects so they are always in discussions and aware of the process,” he says.
IT leadership: Seven spectrums of choice for CIOs in 2023
Purpose is the first thing that we want people to be thinking about in light of the office shock that they have been going through. It’s a question for organizational leaders - what is the purpose of your organization? On the spectrum, we say that a purpose ranges from the individual to the collective. And it’s important to think about that because for an individual first starting out in the workplace, their purpose may be very straightforward in terms of supporting themselves and their family. But as they get further into their career, they can enlarge their thinking about a purpose that actually can make the world better. And the same thing is true for organizations – they may start out very focused on getting their business going, but later can think about how they can contribute to the world. And in that sense, another spectrum – outcomes – is very closely related. You may start out with your primary outcome being profit, but then once you’re established and comfortable, you can think much larger, like bringing prosperity to the world, whether that world is local or much larger.
The risks of 5G security
With 5G-enabled automated communications, machines and devices in homes,
factories and on-the-go will communicate vast amounts of data with no human
intervention, creating greater risk. Kayne McGladrey, field CISO at HyperProof
and a member of IEEE, explained the dangers of such an approach. “Low-cost,
high-speed and generally unmonitored networking devices provide threat actors a
reliable and robust infrastructure for launching attacks or running command and
control infrastructure that will take longer to detect and evict,” he said.
McGladrey also pointed out that as organizations deploy 5G as a replacement for
Wi-Fi, they may not correctly configure or manage the optional but recommended
security controls. “While telecommunications providers will have adequate budget
and staffing to ensure the security of their networks, private 5G networks may
not and thus become an ideal target for a threat actor,” he said. 5G virtualized
network architecture opens every door and window in the house to hackers because
it creates — in fact, requires — an extraneous supply chain for software,
hardware and services.
Fujitsu: Quantum computers no threat to encryption just yet
Fujitsu said its researchers also estimate that it would be necessary for such
a fault-tolerant quantum computer to work on the problem for about 104 days to
successfully crack RSA. However, before anyone gets too complacent, it should
be noted IBM's Osprey has three times the number of qubits that featured in
its Eagle processor from the previous year, and the company is aiming to have
a 4,158-qubit system by 2025. If it continues to advance at this pace, it may
well surpass 10,000 qubits before the end of this decade. And we'd bet our
bottom dollar intelligence agencies, such as America's NSA, are or will be all
over quantum in case the tech manages to crack encryption. Quantum-resistant
algorithms are therefore still worth the effort, even if the NSA is ostensibly
skeptical of quantum computing's crypto-smashing powers. Fujitsu said that
although its research indicates the limitations of quantum computing
technology preclude the possibility of it beating current encryption
algorithms in the short term, the IT giant will continue to evaluate the
potential impact of increasingly powerful quantum systems on cryptography
security.
State of DevOps: Success happens through platform engineering
The platform engineering team takes responsibility for designing and building
self-service capabilities to minimise the amount of work developers need to do
themselves. This, according to the report’s authors, enables fast-flow
software delivery. Platform teams deliver shared infrastructure platforms to
internal software development teams. The team responsible for the platform
treats it as a product for its users, not just an IT project. ... Ronan
Keenan, research director at Perforce, said the concepts behind platform
engineering have been used on a small scale at large technology organisations
for many years, but platform engineering provides a more concrete focus. “The
concept is about building self-service capabilities which engineers and
developers can use. This reduces their workload as they do not have to build
these capabilities themselves,” he said, adding that a platform’s team builds
and maintains shared IT infrastructure. By having such a shared
infrastructure: “The software development process can run quicker since you
are lightening the load on the developers and engineers. Platform engineering
also offers a more consistent process.”
How Can Big Tech Layoffs be a Boon for the Quantum Computing Cloud?
The good news is that a skilled classical engineer can obtain the necessary
knowledge from a variety of places, including online and short courses, to
collaborate effectively with quantum physicists. Therefore, consider the
possibility of recruiting someone with experience in conventional computing
for those quantum organizations that are in desperate need of personnel to aid
them in carrying out their goals. Not only might you discover that it’s
simpler than you thought for these people to become productive in your
organization, but they might also be able to use their prior experience
working for traditional computing companies to their advantage and offer
original solutions to any technical issues that arise there. However, the
cloud may have a bright spot. The issue for quantum enterprises in finding
appropriate people has frequently come up at conferences for the industry.
Some of that was brought on in recent years by the fierce competition from the
traditional computer companies, who increased their development efforts during
the Covid years and also implemented work-from-home policies to make it
simpler for someone to join an organization with its headquarters in a
different city.
Attackers use portable executables of remote management software to great effect
The phishing emails are help desk-themed – e.g., impersonate the Geek Squad or
GeekSupport – and “threaten” the recipient with the renewal of a pricy
service/subscription. The goal is to get the recipient to call a specific
phone number manned by the attackers, who then try to convince the target to
install the remote management software. “CISA noted that the actors did not
install downloaded RMM clients on the compromised host. Instead, the actors
downloaded AnyDesk and ScreenConnect as self-contained, portable executables
configured to connect to the actor’s RMM server,” the agency explained.
“Portable executables launch within the user’s context without installation.
Because portable executables do not require administrator privileges, they can
allow execution of unapproved software even if a risk management control may
be in place to audit or block the same software’s installation on the network.
Threat actors can leverage a portable executable with local user rights to
attack other vulnerable machines within the local intranet or establish long
term persistent access as a local user service.”
The Anticipation Game: Spotlight on Data Backups
Regardless of how reliable a storage platform is, keeping all critical data
stored in one place is a disaster waiting to happen for any organisation. To
avoid the pains of security breaches, ransom payments, and data leaks,
companies should aim to create and distribute backup copies across multiple
onsite and offsite storage destinations. Another way to truly keep ransomware
at bay is to apply immutability for backup data. Immutability means data is
stored in such a way that it cannot be altered, deleted, or encrypted by
ransomware. The ideal data backup solution should have a well-rounded set of
ransomware protection and recovery features, allowing customers to achieve
near-zero downtime and avoid paying ransom in return for access to the data.
For example, the capability to store backups in ransomware-resilient Amazon S3
buckets and hardened Linux-based local repositories to prevent data deletion
or encryption by ransomware. Ideally, IT admin teams would be able to leverage
a backup to tape functionality to create air-gapped backups on tape to reduce
the chance of ransomware encryption.
B2B integration is the backbone of a resilient supply chain: OpenText study
Advanced supply chain integration capabilities can help support more efficient
and effective current approaches as well as new models that translate directly
to business performance. ... B2B integration capabilities and processing align
with top business priorities of reducing operational and logistical costs,
faster time to market, improving data quality/accuracy and progressing
visibility. Recognizing the need for a seamless B2B integration and a
future-proof supply chain, OpenText offers a portfolio of end-to-end solutions
through the OpenText Business Network Cloud. This network provides users with
the ability to automate business processes and facilitate efficient, secure,
and compliant collaboration between people, systems, and things – providing a
true foundation for establishing an advanced digital backbone to help support
business growth and transformation initiatives. By connecting to OpenText’s
powerful suite of cloud applications via our secure, scalable and highly
reliable OpenText Trading Grid platform, users can allow internal and external
stakeholders to collaborate seamlessly across this single and central network
to exchange transactions such as purchase orders, shipment notices and payment
instructions.
Five steps to build a business case for data and analytics governance
The causal relationship between poor data and analytics and poor business
performance must be highlighted if a compelling business case for governance
is to be made. Initially, look to identify the business processes and process
owners that are critical in addressing the problem statement. These will often
span multiple business areas, so look to focus on key processes rather than on
lines of business. This will help break down the silos that have led to the
insular and disconnected governance of data and analytics. Determine the most
impactful key performance indicators (KPIs) and key risk indicators (KRIs) for
business success, and then identify the specific data and analytics assets
that are used in the KPIs and KRIs. These assets are the ones that must fall
within the scope of the data and analytics governance proposal. A key
characteristic of highly successful D&A governance initiatives is their
ability to effectively define and manage scope. Be clear on what is in scope
and what is out of scope for governance while identifying the key stakeholders
needed in the D&A governance steering group.
Quote for the day:
"The litmus test for our success as
Leaders is not how many people we are leading, but how many we are
transforming into leaders" -- Kayode Fayemi
No comments:
Post a Comment