Want people to embrace transformation? Allow them to own the change
The principles for a co-optable resource are straightforward: for starters, it
must be accessible. Accessible means it must be opt-in, no mandates, no obvious
carrots or sticks, and it is owned by those opting in. The barriers to entry
must be low, and the benefits of using the resource have to be easy to
communicate to others. Finally, it must be both impactful—that is, delivering
practical value to its users—and scalable. In each of the following examples, a
co-optable resource led to widespread uptake of a new idea or technology. The
first one shows how a small organization was able to replicate itself globally
by sharing the heavy lifting of making an idea scalable—an important lesson for
managers who are daunted by introducing new ways of working because they feel
the burden is all on them. The other two examples show how it’s possible to get
enthusiasts within organizations to scale the use of technology, transform a
business model, and change ways of working.
Weed Out Bad Data to Make Better Business Decisions
Using bad data for analytics, AI, and other apps can have catastrophic
consequences for any organization. The worst-case scenario is making poor
business decisions with that data – whether it’s investments, product changes,
or hiring moves. Ignoring and not removing bad data results in misleading
insights and misguided choices. It’s like blindly following a GPS without
verifying its accuracy or knowing its end goal. You could potentially drive
yourself into the ocean. It also has a broader chilling effect on a company.
When bad data leads to skewed or inaccurate insights, employees lose trust in
the data and systems more broadly. As a result, they stop relying on the data
to make decisions altogether and instead devolve to making decisions based on
gut feeling. At a bare minimum, bad data should be weeded out as often as you
use it to make decisions. Ideally, though, it should happen upon the ingestion
of the data. Constantly removing bad data as soon as it enters the system is
the only way to reliably avoid polluting the clean data source.
California’s Delete Act: What, CIOs, CDOs, Businesses Need to Know
The bill says consumers can delete data by using a website that will be hosted
by the California Privacy Protection Agency, which has a 2026 deadline to
create the website. In 2026, data brokers registered with the state must
process delete requests once a month and undergo third-party audits every
three years starting in 2028. Brokers who don’t comply will face daily fines.
California’s law is not the first state law to target data brokers. Vermont,
Texas, and Oregon all have laws creating broker registries. Vermont’s law has
been in effect since 2019. California’s Data Broker law defines a data broker
as “a business that knowingly collects and sells to third parties the personal
information of a consumer with whom the business does not have a direct
relationship.” While there is a federal data privacy bill, the American Data
Privacy Protection Act (ADPPA), the proposal is currently in US Congress limbo
and chances for passage are unclear. ADPPA would instruct the Federal Trade
Commission (FTC) to create a national registry of data brokers and create a
“do not collect” mechanism for individuals to opt out of personal data
collection.
Global events fuel DDoS attack campaigns
NETSCOUT’s insights into the threat landscape come from its ATLAS sensor
network built over decades of working with hundreds of Internet Service
Providers globally, gleaning trends from an average of 424 Tbps of internet
peering traffic, an increase of 5.7% over 2022. The company has observed
nearly 500% growth in HTTP/S application layer attacks since 2019 and 17%
growth in DNS reflection/amplification volumes during the first half of 2023.
“While world events and 5G network expansion have driven an increase in DDoS
attacks, adversaries continue to evolve their approach to be more dynamic by
taking advantage of bespoke infrastructure such as bulletproof hosts or proxy
networks to launch attacks,” stated Richard Hummel, senior threat intelligence
lead, NETSCOUT. “The lifecycle of DDoS attack vectors reveals the persistence
of adversaries to find and weaponize new methods of attack, while DNS water
torture and carpet-bombing attacks have become more prevalent.”
Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance
The good news is that retention increased, with a 6% drop in the number of
respondents reporting retention issues compared to the previous year. But this
improvement is more likely tied to economic uncertainty rather than work
conditions having improved. The main reasons for employees departing included
recruitment by other companies (58%). The second highest response, poor
financial incentives (e.g., salaries or bonuses), is likely the main driver,
ISACA found. Those seeking better financial compensation increased by 6% from
last year to 54%. While work stress levels dropped by two percentage points
from 2022, it remains a contributing factor at 43%, ranking fourth on the
list. Other notable reasons included limited remote work possibilities
(increased by four percentage points from 2022) and poor work
culture/environment, both potentially driven by return-to-work mandates.
"Uncertainty of any kind appears to be driving fewer job changes, and while
vacancies persist, the survey results indicate that enterprises appear to be
tightening budgets and compensation aids ahead of a potential recession," read
the report.
Prompt Engineering in Software Automation
While these problems can’t be ignored, there is still a lot of justifiable
excitement about how these programs can help democratize software development
by supporting technical and non-technical teams alike. Perhaps the most
impressive thing to consider is that tools like ChatGPT can produce functional
code very quickly. With the right prompt, engineers can reduce the time it
takes to program certain types of code, ensuring a swifter software
development life cycle. At the end of 2022, the popular programming hub Stack
Overflow banned AI-generated answers on its forum. They cited the high error
rate and inaccuracies associated with the application. However, the technology
is in a nascent stage; furthermore, the dissatisfaction with AI-generated
output owes as much to poor prompt engineering as it does to the technology
itself. Despite the misgivings over the tech, a recent piece by McKinsey
highlights the impact that prompt engineering is already having in the world
of programming. The consulting firm’s
Hackers Impersonate Meta Recruiter to Target Aerospace Firm
The attack is part of an ongoing campaign tracked as "Operation DreamJob," in
which fake recruiters reach out through LinkedIn. Attackers convince victims
to self-compromise their systems by employing different strategies such as
luring the target to execute a malicious PDF viewer to see the full contents
of a job offer. Or, they encourage the victim to connect with a Trojanized
SSL/VPN client. "The most worrying aspect of the attack is the new type of
payload, LightlessCan, a complex and possibly evolving tool that exhibits a
high level of sophistication in its design and operation, representing a
significant advancement in malicious capabilities compared to its predecessor,
BlindingCan," researchers said. Eset says is observed victims receiving two
malicious executables, Quiz1.exe and Quiz2.exe, which were delivered via .iso
images hosted on a third-party cloud storage platform. "The first challenge is
a very basic project that displays the text 'Hello, World!'" researchers said.
"The second prints a Fibonacci sequence up to the largest element smaller than
the number entered as input."
Technology is Crack and We are the Dealers
What is actually going on though is not really sinister, it is just stupid.
For years most technology did not really impact lives outside of military,
reactors, planes, infrastructure and the like… then medicine, electrical
grids, and finances joined the group. And so forth. But most technology was
just corporate enablement. No one was going to die if the order management
system went down for an hour. Maybe get fired but not die. Thus we chose to
use standards and review (governance) as our primary mechanism for quality
decisions. And even these were flaky at best and pretty easy to get around
(please like I can’t game a governance review board? hahahaha). The people
reviewing had their checklists and the delivery folks knew how to make them
happy enough. Or just go to the executive sponsor who goes to the executives
and gets a ‘pass’. Oh well, it’s just a bit of technical debt! The future is
coming to humanity. That much is certain. But at what rate? What is acceptable
loss? How will society get a handle on run-away technology? And which
organizations will survive?
The dark arts of digital transformation — and how to master them
“If you’re in a leadership role in Engineering, you aren’t going to succeed
unless you have a strong ally in Product,” says Etkin. “Developers sometimes
have this idea that management isn’t necessary, or they have disdain for the
nontechnical side of things. That’s a terrible idea that will get you
absolutely nowhere.” Etkin, an early employee at Atlassian who was the
original architect of Jira, admits that he wasn’t always good at building
alliances with his peers. He had to figure out how to get on the same page
with people who often had very different ideas about how to proceed. That
meant asking a lot of questions and listening to the answers. ... A key thing
to remember is that the dark forces you’re attempting to subdue may not be the
individuals opposing you, but the systems in which they themselves are
trapped. Organizations that have found success operating in a certain way may
see little reason to shake things up. Even when the changes are necessary,
such as in the case of increased competition from disruptive new entrants or
the emergence of transformative technologies, the effort required to overcome
internal inertia could exhaust all your magic powers.
Regulations Push Firms to Boost AI, ML Spend
Unlike some industries, though, financial services are highly regulated, given
the industry’s stature as the modern economy’s backbone. “The industry as a
whole must be cautious about adopting new technologies given the myriad of
rules and regulations at play,” cautions Joe Robinson, CEO, Hummingbird.
“Financial institutions can plan to leverage the opportunities that AI
presents but must do so carefully.” He says by using explainable algorithms,
auditable decision-making processes, and/or human-in-the-loop reviews, they
can take advantage of the potential of AI while ensuring that regulatory
obligations are met. “As with many new technologies, it's best to start small,
observe outcomes, and scale up thoughtfully and pragmatically,” he says.
Cullen adds it’s critical to ensure the needed talent infrastructure is in
place. “Determine where you should hire and where you may need to augment,
especially in relation to the evolving regulatory landscape,” she says.
Quote for the day:
”Taking a step back can often be the
quickest way forward.” — Tim Fargo
No comments:
Post a Comment