Security breaches push digital trust to the fore
Digital trust needs to be integrated within the organization and isn’t
necessarily owned by a single department or job title. Even so, cybersecurity,
and the CISO, have an important role to play, according to the World Economic
Forum’s 2022 Earning Digital Trust report, in protecting interconnectivity that
support business, livelihoods of people and society generally as people’s
reliance on digital interactions grows. As governments and regulators implement
stricter requirements for ensuring data privacy and security, CISOs face a
renewed need to prioritize digital trust or risk fines, lawsuits, significant
brand damage and revenue loss to the organization. Thomas suggests that for
CISOs digital trust could become the measurable metrics and outcome of security
initiatives. “Organizations are not only secure to be compliant and protect
information. The outcome of this is the trust that customers have, and that is
what's going to change the way we measure how well security is being
implemented,” he says. “If you want to ensure your customers trust you, you need
to look at it as an organizational goal, or have it as a part of the strategy.
...”
Preparing the Mindset for Change: Five Roadblocks That Lead Digital Transformation to Failure
The absence of effective advocacy may have significantly contributed to the
failure of many digital transformation progress. However, it is the
responsibility of the stakeholders to be the advocates of the change. The goal
to change cannot be just a business decision it needs to be believed in. A
business that is generational, often sees the founders married to legacy
processes, they find it difficult to break the norm and adapt to automation
irrespective of disparate systems restricting the growth and scale. ... A lack
of strategic planning before and after implementation can lead to severe
consequences for an organization. Conflicting priorities can arise, and
critical objectives may not be effectively communicated or achieved due to a
disconnect between business and technology plans.
Unfortunately, many
organizations fail to recognize the importance of pre-and post-implementation
planning and instead focus solely on the implementation process. This
shortsighted approach can lead to poor customer and stakeholder engagement, as
well as employee dissatisfaction.
Don't overlook attack surface management
Let’s look at three aspects of ASM that you should consider today: ...
Visibility and discovery. Attack surface management should provide a
comprehensive view of the cloud environment, allowing organizations to
identify potential security weaknesses and blind spots. It helps uncover
unknown assets, unauthorized services, and overlooked configurations, offering
a clearer picture of potential entry points for attackers. ... Risk assessment
and prioritization. By understanding the scope and impact of vulnerabilities,
organizations can assess the associated risks and prioritize them. Attack
surface management empowers businesses to allocate resources efficiently,
focusing on high-risk areas that could have severe consequences if
compromised. ... Remediation and incident response. When vulnerabilities are
detected, ASM management provides the necessary insights to remediate them
promptly. It facilitates incident response by helping organizations take
immediate action, such as applying patches, updating configurations, or
isolating compromised resources.
One on One with Automated Software Testing Expert Phil Japikse
A common misconception is that creating automated testing increases the
delivery time. There was a study done at Microsoft some years ago that looked
at different teams. Some were using a test-first strategy, some were using a
test-eventual strategy, and some groups were using traditional QA departments
for their testing. Although the cycle time was slightly higher for those doing
automated testing, the throughput was much higher. This was because the
quality of their work was much higher, and they had much less rework. We all
know it’s more interesting to work on new features and tedious and boring to
fix bugs. If you aren’t including at least some automated testing in your
development process, you are going to spend more time fixing bugs and less
time building new features. ... The more complex or important the system is,
the more testing it needs. Software that controls airplanes, for example, must
be extremely well tested. One could argue that game software doesn’t need as
much testing. It all depends on the business requirements for the
application.
The Work Habits That Are Blocking Your Ideas, Dreams and Breakthrough Success
A reactive mind prevents us from responding productively to the moment. Any
time we are reactive, because we are not effectively relating to ourselves in
the moment, we cannot be present with others. Those who have been tasked with
carrying out our objectives can sense our lack of clarity and misalignment.
They may perceive us as "confused," for instance, and then our reactivity
triggers their self-protective belief structures. Miscommunication becomes the
norm when a reactive individual is leading a team. ... Your colleague's
negativity is not only self-destructive; it is also destructive to the
organization and the morale of their co-workers. But your own disconnection
from the truth of the moment is also destructive. By prejudging a colleague,
you are missing out on the opportunity to positively interact with them or
influence their behavior, and both of these things matter. A healthy yet
skeptical outlook is helpful. Would you want a contract written by your lawyer
that only foresaw favorable outcomes? The invitation is to transform
negativity into a healthy dynamic so that co-creativity and joy are both
possible. You need to be open to the possibilities that each of us
possesses.
Dialectic Thinking: The Secret to Exceptional Mindful Leadership
The paradox of acceptance and change may very well be the toughest one we
grapple with. Whether this is in our own meditation practice and
self-development, or leading an organization it’s vital to take a dialectic
approach. For genuine change to occur, there must first be acceptance of the
current state. This acceptance forms the bedrock of reality, a foundation that
is crucial for creating meaningful change. It's a truth that can't be obscured
or sugarcoated. With acceptance, there's an opportunity to see things as they
are and then to envisage something different. However, we can often
misconstrue acceptance as passivity or complacency. It can be seen as an
excuse to “do nothing”, to shy away from bold action, or to remain comfortably
entrenched in the status quo. On the flip side, a relentless push for change
can create a sense of perpetual dissatisfaction, hindering our ability to
appreciate what already is. This can also foster a short-term, transactional
mindset, particularly in relationships.
How to explain data meshes, fabrics, and clouds
“A data mesh is a decentralized approach to managing data, where multiple
teams within a company are responsible for their own data, promoting
collaboration and flexibility,” he said. There are no complex words in this
definition, and it introduces the problems data meshes aim to solve, the type
of solution, and why it’s important. Expect to be asked for more technical
details, though, especially if the executive has prior knowledge of other data
management technologies. For example, “Weren't data warehouses and data lakes
supposed to solve the data management issue?” This question can be a trap if
you answer it with the technical differences between data warehouses, lakes,
and meshes. Instead, focus your response on the business objective. Satish
Jayanthi, co-founder and CTO of Coalesce, offers this suggestion: “Data
quality often affects the accuracy of business analytics and decision-making.
By implementing data mesh paradigms, the quality and accuracy of data can be
enhanced, resulting in increased trust among businesses to utilize data more
extensively for informed decision-making.”
Has the Cloud Forever Changed Disaster Recovery?
For today’s organisations, resilience is paramount to a successful data
protection plan, mentioned Lawrence Yeo, Enterprise Solutions Director, ASEAN,
Hitachi Vantara. Being resilient entails having the flexibility to quickly
restore data and applications to both existing and new cloud accounts. We
believe that traditional backup and disaster recovery systems focused on data
centres are becoming outdated. Instead, we need a data protection strategy
that prioritises IT resilience and can protect data anywhere, including public
clouds and SaaS applications. Resilience is the key to a robust data
protection strategy as a slow disaster recovery or data restoration can
negatively impact business processes. To be resilient, you need a data
protection solution that encompasses backup and disaster recovery across
on-premises and public clouds, allowing you to restore data and applications
quickly, either to existing or new cloud accounts.
IOT Sensors - Sensing the danger
How can an operator establish integrity and accuracy within a sensor and
mitigate potential vulnerabilities? This is where Root of Trust (RoT) hardware
plays a crucial role. Hardware such as a Device Identifier Composition Engine
(DICE) can supply a unique security key to each firmware layer found in a
sensor or connected device. ... Should an attack on your systems be
successful, and a layer become exposed, the unique key accessed by a hacker
cannot be used to breach further elements. This can help reduce the risk of a
significant data breach and enables operators to trust the devices they
utilise in a network. A device can also easily be re-keyed should any
unauthorised amendments be discovered within the sensor’s firmware, enabling
users to quickly identify vulnerabilities throughout the system’s update
process. For organisations with smaller devices and an even smaller budget,
specifications such as the Measurement and Attestation Roots (MARS) can be
deployed to instil the necessary capabilities of identity, measurement
storage, and reporting in a more cost-effective manner.
Data hoarding is bad for business and the environment
The findings suggest young consumers are unaware of the impact of their own
carbon footprint. From the report, 44% said it’s wrong for businesses to waste
energy and cause pollution by storing unneeded information online. ... The
fallout? The Veritas study found that 47% of consumers would stop buying from
a company if they knew it was willfully causing environmental damage by
failing to control how much unnecessary data it was storing. Meanwhile, 49% of
consumers think it’s the responsibility of the organizations that store their
information to delete it when it’s no longer needed, the report said. ... It
is incumbent upon leaders to pay attention to this issue. Srinivasan cautioned
that organizations should not underestimate the environmental impact of poor
data management practices – even if they are outsourcing their storage to
public cloud providers. Some good data management practices would be to make
consumers aware of the costs of all this data, especially the negative
externalities on our overheating planet.
Quote for the day:
"Management is about arranging and
telling. Leadership is about nurturing and enhancing." --
Tom Peters
No comments:
Post a Comment