Daily Tech Digest - August 29, 2023

The four Es of AI: Keeping up with the trend that never sleeps

You can’t wrangle AI by yourself. Your journey will be fruitful only to the extent that you can instill in those with whom you go to market a digital fluency and a confidence in your ecosystem. Accordingly, many CIOs have fashioned themselves into the de facto AI professor within their organizations—developing 101 materials and conducting roadshows to build awareness, explain how generative AI differs from other types, and discuss its risks. ... To explore is to pose the question: How can I make AI work for my organization?Since the AI landscape is both large and complex, take a two-pronged approach: analyze internally and marry that analysis to marketplace activity. Internally, start by looking at your value chain or the capabilities that deliver your value proposition. Brainstorm how generative AI could make your processes (and the people supporting those processes) more intelligent and productive. If you’re already using AI for some of the use-cases you brainstorm, no matter – record those too.

How financial institutions can reduce security and other risks from MRAs

Regardless of the cause, remediating an MRA is far more costly than strengthening a risk management process at the outset. Some of the risks and costs that a company accepts when it allows an issue to grow into an MRA include: Incident remediation costs - The average cost of a data breach or security incident in the financial industry is much higher than the cost of identifying and remediating vulnerabilities earlier. The financial institution will also need to allocate remediation resources, which could include hiring additional staff, investing in new technology, or engaging third-party consultants to provide expertise and support. Regulatory fines, penalties, and increased scrutiny - If the financial institution fails to address the MRA appropriately, it could face fines and penalties. These fines can range from a few thousand to millions of dollars. Once an MRA is issued, the financial institution may also face increased regulatory scrutiny and oversight.

Adopting and adapting to the industrial metaverse

First, to get all staff members to participate and make use of these new technologies, finding workable approaches to create sufficient incentives and motivation are necessary to get employees involved on all levels of the organisation and across generations. Second, human resources and managers need to ensure that employees will accept these novel solutions and adopt new ways of working. A long list of requirements exists to make workers and employees comfortable in using the industrial metaverse frequently. Worker motivation and the feeling of meaningfulness are important considerations that relate to social aspects of work. On the data side, safety, security, and ethics of data collection, management and sharing already play major roles, but will do so even more in advanced virtual environments. ... Third, corporate leaders need to create a conclusive strategy for employing the industrial metaverse and establishing the required capabilities for implementation, building and maintaining the digital and physical infrastructure.

Embracing Complexity and Emergence in Organisations

Each organisation has its own context and evolves in a slightly different ecosystem with varied dynamics, Hebert said. Almost any behaviour can be successful for a while given the right environment. But most behaviours that are based on a desire for collaboration, communicating better, and with reciprocity in mind seemed to do better in a way that felt more sustainable, especially when being challenged by new circumstances, Hebert added. Psychological safety is critical when dealing with complexity, Hebert said. The only way you can get into that decision-making process that people have is for them to be able to report what they find challenging, risky, difficult, or even easy. This happens when people can do that without fearing retribution or negative consequences, Hebert mentioned. That feedback making it to you also depends on them trusting that giving that information will lead to positive outcomes and will be acted on, not just that nothing bad will happen, he said.

8 Ways Aspiring Leaders Can Establish Executive Presence At Work

"First, speak the languages of the leaders above you. Do they use certain vocabulary? Learn it and use it as well. Second, dress the part, especially on recorded calls. Finally, find a mentor internally who was promoted and learn what they did. Most people are generally open to sharing their tips." ... While most of us tend to shun making mistakes, Galetti suggests that embracing them, even though uncomfortable, encourages career growth, while also fostering a culture of transparency: "Don’t be afraid to make mistakes and fail – and when you do make a mistake, own it, learn from it, and really examine it so you can understand where you can improve in the future. ... Becoming curious as a leader is essential to operating effectively, so you can have a detailed view of the business. "Leaders are never done learning, and they seek diverse perspectives. Asking questions is how we all learn," Galetti adds. Beyond this, seek to ask questions that no one has ever asked or thought of yet.

From Chaos to Clarity: Revolutionize

While data fabric brings numerous benefits to data management and application development, it is important to acknowledge its limitations and challenges. One limitation lies in the complexity of implementing and maintaining data fabric architectures. Integrating various data sources, ensuring data quality and consistency, and managing data governance can be intricate and time-consuming processes. Additionally, data fabric relies heavily on interoperability and compatibility between different systems and technologies, which can present challenges in heterogeneous environments. Furthermore, with data volumes continuing to grow exponentially, data fabric must efficiently handle large datasets and support high-speed data processing. It is expected that by 2025, the volume of data will increase by over 150%, hitting 181 zettabytes, making the insurance of scalability without compromising performance a more demanding task than ever. Nevertheless, data fabric has emerged as a transformative force in the realm of data management and application development. 

Motherboard Mishaps Undermine Trust, Security

The issue is the latest mishap in a stream of problems that have impacted motherboard makers in the past year. In January, a set of five vulnerabilities in firmware used by baseboard management controllers — remote management chips included on many server motherboards — could have allowed remote access over the Internet. In late May, researchers revealed that a backdoor in hundreds of models of motherboards from Gigabyte, intended to allow easier updating, left computers open to attack. ... In the most recent incident, there is not a lot for users to do but beware of using preview versions of Windows on business systems. However, in general, companies should make sure that fundamental security measures, such as Secure Boot, are enabled on their motherboards. In 2023, this should be standard for all motherboards, but at least one researcher discovered that MSI had turned off Secure Boot on some of the motherboard models. In late 2022, Polish security researcher Dawid Potocki discovered that one version of the company's motherboards shipped without Secure Boot.

Managed Apple IDs, iCloud, and the shadow IT connection

Since Managed Apple IDs are organization-owned and IT-managed, the security risks of using iCloud with Managed Apple IDs are basically a non-issue. But even with Managed Apple IDs, data can still get siloed, lost or inaccessible to users. This happens in multiple ways. On-device data gets backed up to iCloud; data can be synced across multiple devices unevenly; and data can be shared via iCloud across multiple users. Should an employee leave a company, there's little concern about them taking corporate data with them; their access to it through their Managed Apple ID is terminated along with access to other enterprise accounts. But if that departing worker is the only one who had that data, others might not know it exists or be able to access it. As users become more trusting of cloud solutions in general, and iCloud in particular, data could gradually move from central repositories to existing only on user devices and in iCloud storage. The result: that data becomes more personal, because its associated with the person doing the job as opposed to the job itself.

The perils of short links

Some link-shortening tools, such as Sniply, offer users more than just shorter links. They allow tracking the actions of link clickers on the actual destination site, which is effectively a man-in-the-middle attack: traffic passes through an intermediate service node that monitors all data exchanged between the user and the destination site. Thus, the URL shortener can intercept anything it wants: entered credentials, social network messages, and so on. ... Using such links, an attacker who already has some information about you can redirect you to a phishing site where your personal data is pre-filled. For example, to a copy of a banking site with a valid username and a request to enter your password, or to the “payment gateway” of some service with your bank card number pre-filled, asking you to enter a security code. What’s more, such links can be used for doxing and other types of tracking, especially if the URL shortener service offers advanced functionality. For instance, our recent post about protecting privacy in Twitch looked in detail at ways to de-anonymize streamers and how to counter them.

ChatGPT – IP and Privacy Considerations

Given the volume of data used to train ChatGPT it is inevitable that some personal data will be included in the dataset. In accordance with Article 6 of the GDPR, the processing of this personal data requires a legal basis to be considered lawful. Given few, if any, data subjects will have provided GDPR standard consent the only legal basis likely to apply is ‘legitimate interest’. Interestingly at the end of March the Italian data protection regulator (the Garante) temporarily blocked ChatGPT due to its inability to establish a legal justification under Article 6 GDPR. However, less than a month later the Garante were satisfied that OpenAI had addressed their immediate concerns, including by improving its privacy notice and the rights it grants to individuals. It therefore re-granted access to the Italian public. ChatGPT continues to raise concerns amongst regulators and academics regarding its data protection policies. The European Data Protection Board has established a taskforce to review ChatGPT’s GDPR compliance. 

Quote for the day:

"Most people work just hard enough not to get fired, and get paid just enough money not to quit." -- George Carlin

No comments:

Post a Comment