5 cyber threats retailers are facing — and how they’re fighting back
Retailers are vulnerable to a range of direct e-commerce cyber threats far
beyond ransomware. They include hackers altering gift cards and/or the systems
used to activate and manage them, swapping barcodes on products to deceive
self-checkout systems, defrauding return services via online return forms to
obtain refunds for ordered items, hijacking customer accounts to steal their
personal information, and stealing credit card numbers through digital skimming.
Bot attacks on e-commerce sites are another threat that can’t be ignored. These
automated scripts can use a browser to emulate human behavior, including mouse
movements and clicks, making them difficult to detect. Advanced bots can hide
their real location by routing traffic through anonymous proxies, anonymization
networks, or through public cloud services. Bots can facilitate account
takeover, through which hackers make fraudulent purchases using data from
customer accounts such as gift cards, discount vouchers, and loyalty points, and
even saved credit card information.
Google ambushes on-prem PostgreSQL with AlloyDB Omni
Self-managed AlloyDB Omni provides a pathway to modernize legacy databases
on-premises before moving to the cloud, analysts said. “Database migrations can
be complex and costly, especially when combined with migration from on-premises
infrastructure to cloud. AlloyDB Omni provides a pathway for organizations to
modernize those workloads in-place by migrating to AlloyDB Omni on-premises,”
said Matt Aslett, research director at Ventana Research. “This move can be seen
as one step prior to a potential move to the AlloyDB managed service, or with a
view to retaining the workloads in on-premises data centers or on edge
infrastructure due to sovereignty or performance requirements,” he added.
According to Omdia’s Chief Analyst Bradley Shimmin and dbInsight’s Principal
Analyst Tony Baer, AlloyDB Omni combines the best of open-source PostgreSQL and
Google Cloud’s architecture, making it more appealing than rival services such
as AWS Aurora for PostgreSQL and Microsoft’s CitiusDB, among others.
How to Succeed As a New Chief Information Security Officer (CISO)
As a CISO, you probably have an endless to do list of vital chores that can keep
you preoccupied. FFor this reason, you may be cut off from your coworkers and
superiors, limiting your exposure to strategic and operational information
shared through informal channels such as one on ones, small group brainstorming
sessions, and, yes, even boring meetings. Stay in touch with your mentor(s) as
you make this shift. Having a clear idea of your challenges and working with a
coach can help your CISO first 90 days and adjust more smoothly. Participate in
the discussion to better understand the company’s goals, potential, and threats.
Building productive relationships with employees and other divisions is crucial
to your success as a chief information security officer. Coordinate early on
with the major players by setting up a meeting schedule. Determine which
divisions you will work with, such as legal, audit, risk, marketing, and sales.
As a result, we will be better able to establish connections to facilitate the
rollout of cybersecurity awareness campaigns and related policies. The CISO
needs to work in tandem with other executives.
Why it is time all businesses became data-driven
Encouragingly, the future of data skills is in safe hands. Data from the British
Computer Society (BCS) recently revealed that interest in computing degrees is
growing more than other courses. According to BCS data, 92,980 18-year-olds
applied to start computing degrees this year in the UK, a 9.6% rise
demonstrating the sector’s continued appeal. The Society believes that
increasing interest in the degree course was likely a result of the higher
profile of AI and a realisation about the career prospects for computing
graduates in areas like cyber security and climate change data science. For
those organisations looking to increase their data skills sooner, though,
several programmes in the market can match you with a data scientist. As the now
old adage goes – data is the new oil. With its value likely to continually
increase, those organisations that do not recognise its value will undoubtedly
be left behind, allowing competitors to overtake them. With no sign of market
conditions easing, now is the time to evolve. Not doing so could be
devastating.
Clouds vs Edges: Which Computing Wins the Race?
One of the key benefits of edge computing is its ability to reduce latency, or
the delay between a user’s request and the response. With traditional cloud
computing, data is sent to a central data center for processing, which can
result in latency that is too long for certain applications. Edge computing can
help address this issue by bringing computation closer to the source of the
data, reducing the time it takes to process the data. Another advantage of edge
computing is its ability to support real-time data processing and analysis. Edge
computing allows applications to react quickly to changes in data by processing
it closer to where it is being produced, which is crucial for applications that
require real-time data processing, like self-driving cars and industrial
automation. ... Both edge computing and cloud computing are critical components
of modern computing infrastructure, and each has its advantages and
disadvantages. Edge computing enables data processing and analysis to occur
closer to the source of data, resulting in lower latency, improved reliability,
and greater security.
CEOs feel responsible for security, but ill at ease on stepping up
This gap in perception, according to the research, lies partly in the meaning of
accountability: instead of seeing themselves as accountable – being the face of
the mistake – CEOs should assume co-responsibility for cyber resilience together
with their CISO. Second, CEOs should stay away from blindly trusting their
technology teams. Instead, they should move to a state of informed trust about
their enterprise’s cyber resilience maturity. Third, CEOs should embrace what
the authors call the “preparedness paradox” — an inverse relationship between
the perception of preparedness and resilience. The better-prepared CEOs think
their organisation is for a serious cyberattack, the less resilient their
organisation likely is, in reality. And fourth, CEOs should adapt their
communication styles to regulate pressure from external stakeholders who have
different and sometimes conflicting demands. Depending on the stakeholder and
the situation, CEOs should either be a transmitter, filter, absorber or
amplifier of pressure.
Why exams intended for humans might not be good benchmarks for LLMs like GPT-4
Exams designed for humans assume that the test-taker already possesses these
preparatory skills and knowledge, and therefore do not test them thoroughly. On
the other hand, language models have proven that they can shortcut their way to
answers without the need to acquire prerequisite skills. “Humans are presumably
solving these problems in a different, more generalizable way. Thus we can’t
make the assumptions for LLMs that we make for humans when we give them tests,”
Mitchell said. For instance, part of the background knowledge for zoology is
that each individual is born, lives for a while and dies, and that the length of
life is partly a function of species and partly a matter of the chances and
vicissitudes of life, says computer scientist and New York University professor
Ernest Davis. “A biology test is not going to ask that, because it can be
assumed that all the students know it, and it may not ask any questions that
actually require that knowledge. But you had better understand that if [you’re
going to be] running a biology lab or a barnyard,” Davis told VentureBeat.
12 Places to Intervene - Rethink FinOps Using a Systems Thinking Lens
When we analyze a problem, we often try to look for certain points or places
where we can focus our efforts to gain maximum leverage on the system to achieve
our desired outcome. For example, if you are in a situation to lift a motorbike
that’s fallen down, you don’t pull up from every part that you can hold on to.
Instead, you find the best part and a way to hold (based on the bike design and
your strengths) to pull up with the least effort and damage. Similarly, for
complex socio-technical systems, Donnella Meadows, in her book Thinking in
Systems, proposes 12 places where you can "intervene" to achieve maximum impact.
These are known as leverage points or points of intervention. A system
intervention is a deliberate effort to change or improve a system’s behavior,
processes, or outcomes. It involves identifying problems and implementing
changes to improve the overall functioning of the system. Donella Meadows
introduces the 12 leverage points in the increasing order of leverage.
Employee engagement: Why it matters
A dominant theme that emerged in Professor Heskett’s research is that
organizations “lack leadership talent with the attitude, training, and
willingness to devote time to the difficult task of engagement.” Too often, he
points out, “an annual employee survey is taken, trends analyzed and reported
back, opportunities for improvement discussed … and management returns to
handling other primary responsibilities.” Dr. Heskett’s research also suggests
that managers often put too much emphasis on “making the numbers” to the
exclusion of other goals. On the other hand, if employee engagement is the goal,
“making the numbers” would come much more easily. According to Heskett, engaged
workers are more likely to remain on the job, are more productive and
higher-performing, and foster higher levels of customer engagement – all of
which boost profits and growth. Assessing and evaluating workplace engagement
levels can be challenging, and there’s no single standard approach.
Examining key disciplines to build equity in the IT workplace
It can be difficult for women to have a sense of belonging facing these
challenges. Speaking of the senior tech leader at the leadership table, there’s
underrepresentation of women and even more underrepresentation of Black women.
So resilience, fuelled by self reliance and confidence, helps to navigate a
career path. “Being in a minority can bring self-doubt, especially if you’re in
an environment that isn’t supportive or causes doubts,” she says. “So know the
value you bring to the table and the difference you’re making. Some environments
are going to appreciate this more than others, but it’s important you don’t let
others minimize your contributions. For example, if you work hard and lead your
team to launch a tech solution that positively impacts the organization’s bottom
line, that is value you can quantify. Having said that, we still have a ways to
go about women in tech still being overlooked and passed over for promotions.
The numbers are getting better, but we’re still there.”
Quote for the day:
"Teamwork is the secret that make common
people achieve uncommon result." -- Ifeanyi Enoch Onuoha
No comments:
Post a Comment