5 Enterprise Architecture Principles For Digital Transformation
This involves creating the Business Architecture, which includes the Business
Domains (BD) and Business Capabilities (BC). To begin, it's important to create
a Business Capability Map (BC Map). This map helps assess the organization's
current business capabilities and identifies the new BCs needed for the target
BC map. The BC Map serves as a foundation for defining strategic areas of focus,
such as improving skills, refining products, optimizing services, innovating
business models, streamlining processes, setting key performance indicators
(KPIs), and estimating implementation costs for Business Capabilities. ...
In the realm of digital architecture, where data and application security reign
supreme, the inclusion of comprehensive security measures from the very outset
is imperative. Such measures need to span the entire architecture, encompassing
a multitude of facets including authentication, multi-factor authentication, key
management, single sign-on (SSO), authorization, auditing, logging, as well as
the encryption of both data in transit and data at rest.
How CISOs can make themselves ready to serve on the board
There’s growing global momentum for public company and corporate boards to also
start recruiting directors with relevant cybersecurity expertise, which is part
of a broader trend of boards seeking recruits with any kind of technical
expertise. A recent study from leadership consulting firm Spencer
Stuart reported that about a third of ‘next-gen’ directors aged 50 and younger
have technology backgrounds. Chenxi Wang, a longtime cybersecurity expert
and venture capitalist is part of that wave. She was recruited to the board for
MDU Resources Group, a US-based energy and construction materials firm, back in
2019. She says the company was attracted both by her cybersecurity acumen and
her connections with the high-tech industry in general. “As a pretty
traditional and longstanding company, they are actually very conscientious about
bringing diverse mindsets and backgrounds to the boardroom,” she tells CSO. “And
they wanted someone who’s connected with the West Coast high-tech industry to
give them that perspective that a Midwest energy company may or may not have
exposure to.”
Mobile Cyberattacks Soar, Especially Against Android Users
In terms of the types of mobile malware that's circulating out there, Kaspersky
saw fewer mobile malware installers and less ransomware in the past year, but
more banking Trojans, it stated in "The Mobile Malware Threat Landscape in 2022"
report. "Cybercriminals are still working on improving both malware
functionality and spread vectors," according to the report. "Malware is
increasingly spreading through legitimate channels, such as official
marketplaces and ads in popular apps. This is true for both scam apps and
dangerous mobile banking malware." To put all of this into perspective, it
should be noted that traditional computing platforms still attract the lion's
share of the cybercrime pie. Kaspersky, for example, blocked more than 20
million malicious installers, spyware, and adware attacks on mobile devices over
the last four quarters, but blocked more than 20 times that number against more
common work platforms, such as Windows. However, the mobile threat vector is not
as well protected. "In most cases, mobile devices represent a significant,
unaddressed attack surface for enterprises," Zimperium's Keating says.
Cloud security: Sometimes the risks may outweigh the rewards
The UK National Cyber Security Centre set out 14 cloud security principles to
help businesses of different sizes balance their needs to configure cloud
services securely. Vendor lock-in can be a common issue for businesses. Cloud
vendors will give you all the tools to make your life easier, but getting out of
their systems if you decide to stop working with them will be really difficult
if you rely too much on their infrastructure. Beyond the technological risks,
another deciding factor is the general trust toward cloud providers and the
“hyperscalers” such as AWS or Google, who can provide public and hybrid cloud
services to large enterprise networks. Flexibility and the ability to configure
your set-up to your specific needs could be lost on the cloud. If you are
running on-premises, you have more flexibility to reconfigure things. Your
commercial relationship with your cloud provider will dictate how flexible you
can be with your cloud infrastructure, which can prevent you from fixing unsafe
issues as they come. How much control and flexibility you want on your data
storage should impact your cloud set-up.
The time to implement an internal AI usage policy is now
Due to the rapid adoption of AI, there is still a lack of national and global
legislation, governance, and guidance on using it, particularly in a
professional environment. And while common sense and a general understanding
of IT security are good places to start, this is not sufficient to rely on. It
is increasingly important therefore that organisations devote time and
resource to developing internal use and misuse policies for employees using AI
in the workplace so that information and integrity is protected. These
policies are only possible with a commitment to staying informed through
ongoing research and continuous knowledge sharing; collaboration between AI
experts and cybersecurity professionals at other organisations is vital for a
comprehensive and proactive approach to identifying and mitigating AI-related
risks. Policies need to be reinforced with good training. This starts with
regular sessions and skill development for cyber professionals on the current
risks of AI and those that may emerge in the future. It is backed-up by
role-appropriate education for employees throughout the organisation.
5 ways to step outside your comfort zone at work, according to business leaders
Simon Langthorne, head of customer relationship management at Virgin Atlantic,
says the biggest transformational steps he's taken during his career are when
he's stepped outside his comfort zone to embrace new opportunities. "Every
time there's been something new, it's been about, 'How do you go out and find
exciting things?'" he says. "It's about looking for opportunities that take
you outside the space of your expertise and take you into a place where
actually you can lead and grow." Langthorne says one of the big challenges
that comes from moving outside your comfort zone is thinking about how you'll
deal with senior manager-level conversations. "They're not your peers; they're
the guys that you really look up to. But you're also trying to guide and steer
them. They're excited by things like artificial intelligence, but they'll look
to you as the subject matter expert," he says. Embracing new challenges --
such as taking the lead on emerging technology -- will mean you suddenly have
new gravitas in an organization, even if it feels uneasy at first.
How new AI tools like ChatGPT can transform human productivity in the enterprise
Data serves as the lifeblood of modern enterprises, yet extracting
meaningful insights from vast amounts of data can be a daunting task. Here,
AI technologies such as machine learning and natural language processing
come into play, enabling the analysis of data at scale, uncovering valuable
patterns and providing actionable insights. For example, AI-powered
analytics platforms can process customer data to identify trends,
preferences and purchasing patterns, allowing businesses to deliver
personalized experiences. ... AI has the potential to augment human
decision-making by offering real-time, data-driven recommendations. Business
leaders can use AI-powered predictive analytics models to forecast market
trends, optimize inventory management and enhance supply chain
efficiency. ... AI technologies play a vital role in facilitating
seamless collaboration and knowledge sharing among employees, transcending
geographical boundaries. For instance, AI-powered virtual assistants can
schedule meetings, transcribe conversations and facilitate information
retrieval, thereby enhancing teamwork and productivity.
8 problematic IT team members — and how to deal with them
When advising companies on digital transformations, Maura Charles, a product
and leadership coach, often encounters managers who are unwilling to address
toxic employees — and without intervention, the problem grows. “I see bad
behavior swept under the rug regularly,” Charles says. “In technology, this
often happens because companies hire solely on the basis of technical skills
and experience and don’t consider the importance of communication, emotional
intelligence, and growth mindset. These so-called soft skills are what make
technology initiatives and products successful, though.” Her advice? Seek
some outside perspective from another capable manager or other trusted
source. “Seeing the impact of all of these types of behaviors on team
productivity and morale, I often find that team or leadership retrospectives
can help shine a light on challenges,” she says. “When leaders ignore these
issues, they tend to fester, and the teams and outcomes suffer. By tackling
the issues, you may avoid losing talented employees by showing that the
people and their work environment matter.”
Will Your Business Soar With an Industry Cloud?
Campbell advises enterprises to begin their cloud journey by carefully
studying their business strategy. “Understand where the most critical
differentiation is necessary,” he suggests. “Industry clouds offer an
opportunity to build differentiation around the most important
capabilities.” An industry cloud can also provide a way to achieve faster
time to value in less critical sectors to differentiate capability areas
while reducing the amount of focus required. “It’s important to remember
that the evaluation is iterative as the strategy and the market evolves, so
continuous monitoring is important,” Campbell warns. Singh recommends
looking for an industry cloud that’s tailored to a specific field from a
provider with deep area expertise. “Find a provider that not only offers a
cutting-edge functional footprint in your industry, but also supports
components and best practices from other industries to help create true
differentiation,” he suggests. Besides enterprise-wide support, an industry
cloud can also be used to address a specific need.
Why companies should consider having a chief trust officer
Should an internal review detail the absence of trust in engagements
(internal or external), then perhaps boldness is needed to affect change
from within. CISOs and CSOs need to ask the questions posited by Stewart and
Harkins, both of whom were at the vanguard of the CTO evolution. Hitch up
those pants and either work to expand your own role as necessary or push for
the creation of the role for someone else. Regardless of the path taken
internally, the CTO's role must be sufficiently broad in scope to encompass
the necessary visibility across the entire entity's landscape. In a recent
MIT Technology Review piece, Elena Kvochko, chief trust officer at SAP,
highlighted that "trust is a clear competitive differentiator -- having a
recognized awareness that this is an important function and this is an
important direction for the company -- it was critical for our success." In
closing, and as noted by Stewart, the role must include demonstrable
responsibilities, accountabilities and above all the necessary
authorities.
Quote for the day:
"The greatest good you can do for
another is not just share your riches, but reveal to them their own." --
Benjamin Disraeli
No comments:
Post a Comment