Daily Tech Digest - July 17, 2023

EU urged to prepare for quantum cyberattacks with coordinated action plan

The narrow focus at the EU level on how to mitigate short-term quantum cybersecurity challenges, especially harvest attacks and quantum attacks on encryption, leaves member states as the frontline actors in the quantum transition, Rodr?guez said. "As of 2023, only a few EU countries have made public plans to counter emerging quantum cybersecurity threats, and fewer have put in place strategies to mitigate them, as in the case of Germany." As quantum computers develop, European action will be needed to prevent cybersecurity loopholes that can be used as attack vectors and ensure that all member states are equally resilient to quantum cyberattacks. "A Coordinated Action Plan on the quantum transition is urgently needed that outlines clear goals and timeframes and monitors the implementation of national migration plans to postquantum encryption," Rodr?guez claimed. Such a plan would bridge the gap between the far-looking objective of establishing a fully operational European Quantum Communication Infrastructure (EuroQCI) network and the current needs of the European cybersecurity landscape to respond to short-term quantum cybersecurity threats.

What the CIO role will look like in 2026

“The CIO role in 2026 will be about influencing, leading, and governing, as opposed to technology selector, integrator, configurator, and customizer. And CIOs who are not on top of this before 2026 will find themselves having to catch-up,” says Joseph Bruhin, CIO of Breakthru Beverage Group. In other words, CIOs three years out will be even farther away from the technical chief of yesteryear and closer to corporate strategist. “With every company being digital, CIOs will take on the role of the architect of the company, not just the architect of digital,” says Vipin Gupta, former chief information, strategy and digital officer at Toyota Financial Services International and the 2021 MIT Sloan CIO Leadership Award Winner. IT leaders describe the CIO of 2026 and beyond as an “influencer,” “strategic thinker,” and “eloquence communicator and leader.” They say the CIO will need to be flexible, innovative, and nimble. And they stress the need for CIOs to be even more visionary than they are today, because they’ll have a lead role in shaping the organization’s future, not just support it.

Breach Roundup: IT Worker Sentenced for Impersonation

Assigned to the investigation, Liles, an IT staff member at Oxford Biomedica, decided to manipulate the situation for personal gain. Instead of directing the ransom payment to the genuine hackers, he secretly altered the original ransom demand. Using the email account of an Oxford Biomedica board member, Liles redirected the funds to a bitcoin wallet under his control. Consequently, if the company chose to pay the ransom, the money would end up in Liles' hands rather than with the actual attackers. Liles also created an email address strikingly similar to that of the original hacker and began pressuring the employer to pay a 300,000-pound ransom. Specialists from the South East Regional Organized Crime Unit's Cyber Crime Unit became suspicious during their investigation. They identified unauthorized access to the board member's email and traced it back to Liles' home address. The charges brought against Liles included blackmail and unauthorized access to a computer with intent to commit other offenses. The court's decision is a reminder of the severe consequences that individuals who exploit their positions for personal gain may face.

Quantum Leaps: Interest and Investment in Quantum Computing

The era of quantum computing has only just begun. The pace of innovation in this nascent, emerging space is simply remarkable, experts say, especially as companies and governments around the world increase both their interest and investment in the technology. While the people working in QC (quantum computing) believe it will transform the future of computing, no one knows for sure exactly how or when, because there is simply not enough known about what today’s quantum computers can actually do. And despite its promise, quantum currently has limited applications, and only a handful of these applications are moving past research into real-life scenarios. However, with all the investment and startup activity in the quantum space, it’s safe to assume that it will reshape computing, and it may do so sooner than expected. Alan Baratz, CEO of D-Wave, points to a study from Hyperion Research, which found that more than 80% of responding companies plan to increase quantum commitments in the next 2-3 years, and one-third of those companies say they will spend more than $15 million annually on quantum computing efforts.

The biggest barrier to AI productivity is people

Most people already struggle to find the information they need, which is what led to Google’s massive search business. Within the enterprise, Roth says, roughly one-third of respondents to the 2022 Gartner Digital Worker Survey reported that they frequently struggle to find the information they need to do their jobs well. Perhaps worse, 22% have missed important updates because of the sheer volume of applications and information thrown at them. This is the state of workers in the pre-GenAI world. “Now throw in more content being produced at a quicker pace,” Roth says, “Emails that used to be short and to the point may now be inflated to full, polite corporatespeak by the AI.” A bad problem becomes dramatically worse as more people create more content of middling quality, trusting the AI to get the facts correct. And it often won’t; things like ChatGPT aren’t interested in truth—that’s not what they’re for or how they’re engineered. The solution to this machine-generated problem is to reinsert people into the mix. People are still needed to fact-check and do quality control. 

Unconventional Recruiting Methods That Can Help Fill The Tech Talent Gap

Partnering with local schools and nonprofit organizations can help build talent pipelines. Providing learning opportunities for students of all ages—from elementary school through college—by exposing them to various technology disciplines can generate interest and encourage them to consider professions in the field. Teaching and mentoring the next generation are crucial for employers who want to grow future talent pools organically. Speaking at schools and nonprofit organizations allows you to meet and handpick potential employees rather than simply waiting for responses to job postings. ... Another solution for expanding talent pools is creating entry-level “bench” or “evergreen” positions that allow individuals to expand their strengths and work experience by rotating through different IT disciplines. The positions are general and designed to get talented individuals into an organization with the idea that they’ll move into more permanent roles as the right fits become available.

Panic about overhyped AI risk could lead to the wrong kind of regulation

The demand for AI stories has created a perfect storm for misinformation, as self-styled experts peddle exaggerations and fabrications that perpetuate sloppy thinking and flawed metaphors. Tabloid-style reporting on AI only serves to fan the flames of hysteria further. These types of common exaggerations ultimately detract from effective policymaking aimed at addressing both immediate risks and potential catastrophic threats posed by certain AI technologies. For instance, one of us was able to trick ChatGPT into giving precise instructions on how to build explosives made out of fertilizer and diesel fuel, as well as how to adapt that combination into a dirty bomb using radiological materials. If machine learning were merely an academic curiosity, we could shrug this off. But as its potential applications extend into government, education, medicine, and national defense, it’s vital that we all push back against hype-driven narratives and put our weight behind sober scrutiny.

Want to make cybersecurity much stronger? Become a mentor

Those who have been around the world of cybersecurity for a while have long realized the importance of the chief information security officer's (CISO) role in leading teams charged with maintaining the security of corporate data and much, much more. But both freshly minted and veteran CISOs can sometimes feel they're stranded on a desert island for several reasons. They may be new to the role and acclimating to the responsibility and, of course, the accountability they are now shouldering. Others may find themselves having to rapidly garner knowledge and perspective when a situation about which they lack familiarity lands on their plate. This is where mentors and mentorship can be invaluable. So, I set out to determine what that looks like today and how accessible CISOs are to one another. ... "Mentorship in the cybersecurity field is an invaluable tool in both an individual's and an organization's maturity. CISOs who have been through the wringer have considerable wisdom to share about everything from ransomware remediation to dealing with recalcitrant CFOs," shared Craig Burland, CISO of Inversion6. 

Tales from Production: How Real-World Coders Are Using AI

Some programmers on Hacker News were using AI tools for debugging — and even “rubber duck” debugging, where describing a code’s function (and its bugs) sometimes produces crucial insights into problems. “I’ve found rubber duck debugging to be an exceptionally effective use case for ChatGPT,” one developer posted. “Often it will surprise me by pinpointing the solution outright, but I’ll always be making progress by clarifying my own thinking.” But just how good is AI at debugging its own code? One commenter complained that at the end of the day, “Sometimes it’d give completely wrong answers. It’s just not code I’d commit or let pass a code review.” Another doubted AI’s ability to fix those bugs. “They can approximate the syntax of things in their training corpus, but logic? The lights are off and nobody’s home.” But another commenter believes in AI’s potential. “I’ve already had the GPT3.5-Turbo model walkthrough and step-by-step isolate and diagnose errors. They 100% can troubleshoot and correct issues in the code..." 

DevOps and Cloud InfoQ Trends Report – July 2023

In the accompanying cloud and DevOps trends podcast discussion, the participants address the state of cloud innovation and DevOps. They agree that cloud innovation has slowed down, moving from "revolution" to "evolution". While large numbers of organizations have adopted cloud technologies, there are many enterprises that want to migrate and re-architect workloads. As for DevOps, it is still alive but has reached a stage of stagnancy in some organizations. The concept of DevOps, which aims to provide access and autonomy to create business value, is still alive, but the implementation has faced challenges. The panelists mentioned their interest in Value Stream management to unlock DevOps’s flow and value realization. The public cloud vendors have evolved from their original goal of providing on-demand access to scalable resources to focus more on offering managed services. This evolution has made cloud computing more ubiquitous. However, technology is changing rapidly around existing services, new business requirements are being discovered, and new challenges are emerging.

Quote for the day:

"Leadership is a journey, not a destination. It is a marathon, not a sprint. It is a process, not an outcome. " -- John Donahoe

No comments:

Post a Comment