Daily Tech Digest - July 03, 2023

5 Enterprise Architecture Principles For Digital Transformation

This involves creating the Business Architecture, which includes the Business Domains (BD) and Business Capabilities (BC). To begin, it's important to create a Business Capability Map (BC Map). This map helps assess the organization's current business capabilities and identifies the new BCs needed for the target BC map. The BC Map serves as a foundation for defining strategic areas of focus, such as improving skills, refining products, optimizing services, innovating business models, streamlining processes, setting key performance indicators (KPIs), and estimating implementation costs for Business Capabilities. ... In the realm of digital architecture, where data and application security reign supreme, the inclusion of comprehensive security measures from the very outset is imperative. Such measures need to span the entire architecture, encompassing a multitude of facets including authentication, multi-factor authentication, key management, single sign-on (SSO), authorization, auditing, logging, as well as the encryption of both data in transit and data at rest.

How CISOs can make themselves ready to serve on the board

There’s growing global momentum for public company and corporate boards to also start recruiting directors with relevant cybersecurity expertise, which is part of a broader trend of boards seeking recruits with any kind of technical expertise. A recent study from leadership consulting firm Spencer Stuart reported that about a third of ‘next-gen’ directors aged 50 and younger have technology backgrounds. Chenxi Wang, a longtime cybersecurity expert and venture capitalist is part of that wave. She was recruited to the board for MDU Resources Group, a US-based energy and construction materials firm, back in 2019. She says the company was attracted both by her cybersecurity acumen and her connections with the high-tech industry in general. “As a pretty traditional and longstanding company, they are actually very conscientious about bringing diverse mindsets and backgrounds to the boardroom,” she tells CSO. “And they wanted someone who’s connected with the West Coast high-tech industry to give them that perspective that a Midwest energy company may or may not have exposure to.”

Mobile Cyberattacks Soar, Especially Against Android Users

In terms of the types of mobile malware that's circulating out there, Kaspersky saw fewer mobile malware installers and less ransomware in the past year, but more banking Trojans, it stated in "The Mobile Malware Threat Landscape in 2022" report. "Cybercriminals are still working on improving both malware functionality and spread vectors," according to the report. "Malware is increasingly spreading through legitimate channels, such as official marketplaces and ads in popular apps. This is true for both scam apps and dangerous mobile banking malware." To put all of this into perspective, it should be noted that traditional computing platforms still attract the lion's share of the cybercrime pie. Kaspersky, for example, blocked more than 20 million malicious installers, spyware, and adware attacks on mobile devices over the last four quarters, but blocked more than 20 times that number against more common work platforms, such as Windows. However, the mobile threat vector is not as well protected. "In most cases, mobile devices represent a significant, unaddressed attack surface for enterprises," Zimperium's Keating says.

Cloud security: Sometimes the risks may outweigh the rewards

The UK National Cyber Security Centre set out 14 cloud security principles to help businesses of different sizes balance their needs to configure cloud services securely. Vendor lock-in can be a common issue for businesses. Cloud vendors will give you all the tools to make your life easier, but getting out of their systems if you decide to stop working with them will be really difficult if you rely too much on their infrastructure. Beyond the technological risks, another deciding factor is the general trust toward cloud providers and the “hyperscalers” such as AWS or Google, who can provide public and hybrid cloud services to large enterprise networks. Flexibility and the ability to configure your set-up to your specific needs could be lost on the cloud. If you are running on-premises, you have more flexibility to reconfigure things. Your commercial relationship with your cloud provider will dictate how flexible you can be with your cloud infrastructure, which can prevent you from fixing unsafe issues as they come. How much control and flexibility you want on your data storage should impact your cloud set-up.

The time to implement an internal AI usage policy is now

Due to the rapid adoption of AI, there is still a lack of national and global legislation, governance, and guidance on using it, particularly in a professional environment. And while common sense and a general understanding of IT security are good places to start, this is not sufficient to rely on. It is increasingly important therefore that organisations devote time and resource to developing internal use and misuse policies for employees using AI in the workplace so that information and integrity is protected. These policies are only possible with a commitment to staying informed through ongoing research and continuous knowledge sharing; collaboration between AI experts and cybersecurity professionals at other organisations is vital for a comprehensive and proactive approach to identifying and mitigating AI-related risks. Policies need to be reinforced with good training. This starts with regular sessions and skill development for cyber professionals on the current risks of AI and those that may emerge in the future. It is backed-up by role-appropriate education for employees throughout the organisation.

5 ways to step outside your comfort zone at work, according to business leaders

Simon Langthorne, head of customer relationship management at Virgin Atlantic, says the biggest transformational steps he's taken during his career are when he's stepped outside his comfort zone to embrace new opportunities. "Every time there's been something new, it's been about, 'How do you go out and find exciting things?'" he says. "It's about looking for opportunities that take you outside the space of your expertise and take you into a place where actually you can lead and grow." Langthorne says one of the big challenges that comes from moving outside your comfort zone is thinking about how you'll deal with senior manager-level conversations. "They're not your peers; they're the guys that you really look up to. But you're also trying to guide and steer them. They're excited by things like artificial intelligence, but they'll look to you as the subject matter expert," he says. Embracing new challenges -- such as taking the lead on emerging technology -- will mean you suddenly have new gravitas in an organization, even if it feels uneasy at first.

How new AI tools like ChatGPT can transform human productivity in the enterprise

Data serves as the lifeblood of modern enterprises, yet extracting meaningful insights from vast amounts of data can be a daunting task. Here, AI technologies such as machine learning and natural language processing come into play, enabling the analysis of data at scale, uncovering valuable patterns and providing actionable insights. For example, AI-powered analytics platforms can process customer data to identify trends, preferences and purchasing patterns, allowing businesses to deliver personalized experiences. ... AI has the potential to augment human decision-making by offering real-time, data-driven recommendations. Business leaders can use AI-powered predictive analytics models to forecast market trends, optimize inventory management and enhance supply chain efficiency. ... AI technologies play a vital role in facilitating seamless collaboration and knowledge sharing among employees, transcending geographical boundaries. For instance, AI-powered virtual assistants can schedule meetings, transcribe conversations and facilitate information retrieval, thereby enhancing teamwork and productivity.

8 problematic IT team members — and how to deal with them

When advising companies on digital transformations, Maura Charles, a product and leadership coach, often encounters managers who are unwilling to address toxic employees — and without intervention, the problem grows. “I see bad behavior swept under the rug regularly,” Charles says. “In technology, this often happens because companies hire solely on the basis of technical skills and experience and don’t consider the importance of communication, emotional intelligence, and growth mindset. These so-called soft skills are what make technology initiatives and products successful, though.” Her advice? Seek some outside perspective from another capable manager or other trusted source. “Seeing the impact of all of these types of behaviors on team productivity and morale, I often find that team or leadership retrospectives can help shine a light on challenges,” she says. “When leaders ignore these issues, they tend to fester, and the teams and outcomes suffer. By tackling the issues, you may avoid losing talented employees by showing that the people and their work environment matter.”

Will Your Business Soar With an Industry Cloud?

Campbell advises enterprises to begin their cloud journey by carefully studying their business strategy. “Understand where the most critical differentiation is necessary,” he suggests. “Industry clouds offer an opportunity to build differentiation around the most important capabilities.” An industry cloud can also provide a way to achieve faster time to value in less critical sectors to differentiate capability areas while reducing the amount of focus required. “It’s important to remember that the evaluation is iterative as the strategy and the market evolves, so continuous monitoring is important,” Campbell warns. Singh recommends looking for an industry cloud that’s tailored to a specific field from a provider with deep area expertise. “Find a provider that not only offers a cutting-edge functional footprint in your industry, but also supports components and best practices from other industries to help create true differentiation,” he suggests. Besides enterprise-wide support, an industry cloud can also be used to address a specific need. 

Why companies should consider having a chief trust officer

Should an internal review detail the absence of trust in engagements (internal or external), then perhaps boldness is needed to affect change from within. CISOs and CSOs need to ask the questions posited by Stewart and Harkins, both of whom were at the vanguard of the CTO evolution. Hitch up those pants and either work to expand your own role as necessary or push for the creation of the role for someone else. Regardless of the path taken internally, the CTO's role must be sufficiently broad in scope to encompass the necessary visibility across the entire entity's landscape. In a recent MIT Technology Review piece, Elena Kvochko, chief trust officer at SAP, highlighted that "trust is a clear competitive differentiator -- having a recognized awareness that this is an important function and this is an important direction for the company -- it was critical for our success." In closing, and as noted by Stewart, the role must include demonstrable responsibilities, accountabilities and above all the necessary authorities. 

Quote for the day:

"The greatest good you can do for another is not just share your riches, but reveal to them their own." -- Benjamin Disraeli

No comments:

Post a Comment