Daily Tech Digest - August 02, 2023

Return-to-office mandates rise as worker productivity drops

In the first quarter of 2023, labor productivity dropped 2.1% in the US, even as the number of hours worked increased by 2.6%, according to the BLS. The highest levels of remote workers are in North America and Northern Europe, with lower levels in Southern Europe, and even fewer still in Asia — particularly in developing countries, according to a study by Stanford University’s Institute for Economic Policy Research (SIEPR) released in July. ... “Bosses want workers back in the office; workers want flexibility,” said Peter Miscovich, the managing director of Jones Lang LaSalle IP (JLL), a global real estate investment and management firm that tracks remote work trends. But current return-to-office mandates haven't always been effective and they risk driving employees away, according to Miscovich. "Given current low-unemployment rates — particularly in technology fields — talent has the upper hand and will have the upper hand over the next 10 to 15 years,” Miscovich said. While some companies have drawn attention for heavy-handed tactics to get employees back to the office, others are succeeding for getting buy-in for structured hybrid work policies.

IT professionals: avoiding bad days at work

The most common cause of stress is work-related, with one recent study showing that 79% of UK professionals say they frequently feel stressed and our own research revealed that over two-thirds of IT leaders(70%) reported that there is pressure to deliver security protection in a short amount of time. Whilst organisations must be able to identify the sources of stress to support their people, unfortunately, it must be noted that due to the nature of working with technology, IT professionals will encounter stressful situations – whether the solution is to turn it off and on again or something much more serious. Having the right mix of people, processes and technology will assist in minimising these situations; however, when they do occur, it is vital that leaders are able to recognise these situations and support their people This comes back to ensuring the most appropriate technology is in place, along with having clear plans and processes in place to best support the needs of the organisation, its people and its customers.

Why synthetic data is a must for AI in telecom

Synthetic data reflects real-world data both mathematically and statistically. But rather than being collected from and measured in the real world, it is created by computer simulations, algorithms, simple rules, statistical modeling, simulation and other techniques based on small, anonymized real-world samples. “While real data is almost always the best source of insights from data, real data is often expensive, imbalanced, unavailable or unusable due to privacy regulations,” Gartner VP analyst Alexander Linden said in a Q&A blog post. “Synthetic data can be an effective supplement or alternative to real data.” Artificial data can help mitigate weaknesses in real data or can be used when no live data exists, when data is highly sensitive or otherwise biased, or can’t be used, shared or moved. But it doesn’t always have to be trained on real data, however: It can be generated just by looking at domain or institutional knowledge or traces of real data. With the massive explosion in the use of data-hungry generative AI models and the necessity of privacy and security, enterprises across industry segments are recognizing the potential in synthetic data

DDoS Attacks and the Cyber Threatscape

Occasionally, DDoS attacks were carried out to extort ransom payments, colloquially known as Ransom DDoS (RDDoS) attacks. The RDDoS attack should not be mistaken for ransomware, which may be driven by similar motivations but employs different tactics, techniques, and procedures (TTPs). The operational method in ransomware requires ‘denial of data’ by a malicious script, whereas RDDoS involves denial of service, generally by a botnet. Running a ransomware operation requires access to internal systems, which is not the case in ransom DDoS attacks. In RDDoS, threat actors leverage the threat of denial of service to conduct extortion, which may include sending a private message by email demanding ransom amount to prevent the organisation from being targeted by a DDoS attack. According to a threat intelligence report, throughout the 2020–2021 global RDDoS campaigns, attacks ranged from few hours up to several weeks with attack rates of 200 Gbps and higher. The DDoS attack can also serve as a means of reconnaissance, allowing attackers to assess the target’s vulnerabilities and gauge the strength of its defenses.

MDM’s Role in Strengthening Data Governance Practices

Ensuring regulatory compliance and the trustworthiness of data is paramount. This is where a systematic process comes into play, and Gartner MDM is leading the way in providing a comprehensive solution. With the ability to configure data governance policies, capture metadata, and perform data lineage, Gartner MDM allows for a full understanding of data assets and their use. This translates into improved compliance, reduced risk, and enhanced data trustworthiness. By implementing a systematic process that includes Gartner MDM, organizations can confidently navigate the complex landscape of regulatory requirements, safeguard data integrity, and ultimately increase customer trust. ... Data Governance has become essential with the ever-increasing amount of data organizations generate. However, manually reviewing and managing such a large amount of data can be challenging and time-consuming. This is where automation techniques come into play. By automating data governance processes, organizations can streamline the process, reduce errors, and make better decisions resulting from the data. 

Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out

Our stance is clear, we think that encryption is a right – which is why it is built into our technology. As more and more aspects of our lives are carried out digitally, whether it is conducting financial transactions, accessing health care services or staying in touch with friends and loved ones, our online activity should be governed by the same rights to privacy and anonymity as our analog experiences. As part of our work, the Tor Project is currently active in the debate around the need to safeguard EE2E. We are engaged in advocacy work on the issue and have supported other organizations in their efforts to raise awareness, especially as part of the Global Encryption Coalition. ... Earlier this year, we launched the Mullvad Browser, a free, privacy-preserving browser offering similar protections as Tor Browser without the Tor network. Mullvad Browser is another option for internet users who are looking for a privacy-focused browser that doesn’t need a bunch of extensions and plugins to enhance their privacy and reduce the factors that can accidentally de-anonymize themselves.

The Debate Around AI Ethics in Australia is Falling Far Behind

In 2016, the World Economic Forum looked at the top nine ethical issues in artificial intelligence. These issues have all been well-understood for a decade (or longer), which is what makes the lack of movement in addressing them so concerning. In many cases, the concerns the WEF highlighted, which were future-thinking at the time, are starting to become reality, yet the ethical concerns have yet to be actioned. ... The WEF noted the potential for AI bias back in its initial article, and this is one of the most talked-about and debated AI ethics issues. There are several examples of AI assessing people of color and gender differently. However, as UNESCO noted just last year, despite the decade of debate, biases of AI remain fundamental right down to the core. “Type ‘greatest leaders of all time’ in your favorite search engine, and you will probably see a list of the world’s prominent male personalities. How many women do you count? An image search for ‘school girl’ will most probably reveal a page filled with women and girls in all sorts of sexualised costumes. ...”

Vigilance advised if using AI to make cyber decisions

Artificial intelligence (AI) and machine learning (ML) driven tools and technologies are on the rise to help organizations address these challenges by significantly improving their security posture efficiently and effectively. Tools using ML and AI are improving accuracy and speed of response. ... The vendor may have utilised AI in various product development stages. For instance, AI could have been employed to shape the requirements and design of the product, review its design or even generate source code. Additionally, AI might have been used to select relevant open-source code, develop test plans, write the user guide or create marketing content. In some cases, AI could be a functional product component. However, it’s important to note that sometimes an AI capability might really be machine learning (ML). Determining the legitimacy of AI claims can be challenging: the vendor’s transparency and supporting evidence are crucial. Weighing the vendor’s reputation, expertise and track record in AI development is vital for distinguishing authentic AI-powered products from “snake oil.”

3 GitOps Myths Busted

It is highly likely that as your organization embarks on its cloud native journey, there will come a point where scaling to multiclusters becomes necessary. For instance, developers may need to work on and test applications before making pull requests without having direct access to the production code, of course, for applications running in production on Kubernetes. Moreover, in certain scenarios, a team might manage multiple clusters and distribute workloads among them to ensure sufficient fault tolerance and availability. For example, when running a machine learning training workload, the team might increase the number of replicas or cluster replicas to meet specific demands. Additionally, different clusters may be deployed across various physical locations in cloud environments, whether on Amazon Web Services, Azure, GCP and others, requiring separate tools and processes to align with geographic mandates, legal restrictions, compliance requirements, and data access policies.

Simplifying IT strategy: How to avoid the annual planning panic

In developing your strategy, you have two responsibilities related to the finances of any proposed project: First, you must articulate the costs and benefits of the project; and second, you must contextualize those costs and benefits by comparing them to overall budget projections, which should include multi-year projections that align with the needs and norms of your finance organization. Not sure how to frame the numbers? Borrow revenue projections from FP&A, then layer in projected IT run-rate spend, IT project spend for each year in the forecast, and summarize total IT spend as a percentage of revenue. Hint: Be ready to explain any increase in this metric. ... What will you need from others for your plan to succeed? Dedicated resources from BUs and functions? Participation in steering committees? Incremental funding? The point is you can’t drive a transformation alone. Key to success will be clarifying roles and responsibilities and ensuring others have skin in the game. ... Once you’ve tried answering the questions, consult your deputies. Test and refine your hypothesis as a group. 

Quote for the day:

"Great leaders go forward without stopping, remain firm without tiring and remain enthusiastic while growing" -- Reed Markham

No comments:

Post a Comment