The tide comes in for subsea cable networks
Our subsea networks are a victim of the problem, but they are also a contributor
- as is every industrialized sector. Nicole Starosielski, author of The Undersea
Network and subsea cable lead principal investigator for Sustainable Subsea
Networks, openly criticized the less sustainable aspects of subsea cables, while
acknowledging the difficulty that Sustainable Subsea Networks has had in
actually quantifying the sector. “It’s a difficult process, generating a carbon
footprint of the [subsea cable networks] industry. Unlike a data center which
has four walls where you can draw your boundary, the cable industry is comprised
of so many elements - from the landing station to cable annexation,” said
Starosielski. “There are all these other pieces that the industry is trying to
account for. One is obviously a marine aspect. You have a fleet of ships that
are older, and there's not a lot of overhead and margin in the supply side of
the marine sector. Google has money to build cables, but you don't see SubCom,
ASN, and NEC running around with a lot of extra cash to build new ships.”
Five Things for Risk Professionals to Put on Their 2024 To-Do List
Organizations face a critical question: how can they stay ahead of unforeseen
challenges? This requires understanding and adapting to emerging risks—like
those new, evolving threats that arise from disruptive technology and changing
regulatory landscapes. So, let’s consider this scenario: a technology firm faces
a sudden regulatory change, impacting its operations. ... This is where
organizational resilience becomes pivotal, transforming challenges into
opportunities. But how do risk professionals identify emerging risks,
particularly those associated with disruptive technologies? This lies in
fostering a mindset that emphasizes continuous learning and constant monitoring
of risks. This approach is complemented by innovative methods such as agile risk
assessments and scenario analysis. Moreover, ISACA plays an instrumental role by
providing access to a global network of expertise, supporting the risk community
with dialogue about technology-focused risk analysis, digital literacy and
understanding of the ethical and regulatory aspects of new technologies.
How C-Level Executives Can Increase Cyber Resilience
First things first: To secure your organization’s C-suite, start by putting
basic security measures in place. All executive accounts should be secured using
multifactor authentication (MFA). Avoid relying on SMS, as it can be compromised
more easily than other options. Second, a thorough audit is crucial to determine
what access privileges the CEO and other executive officers currently have.
Given the unpredictable demands on their time, senior executives might have been
granted access to key systems outside of predefined time windows. However, this
added flexibility comes with risks. Any access that senior executives have to
new products or proprietary information should be on a temporary basis to
eliminate the potential for long-term vulnerabilities. It is also vital to
implement robust monitoring, logging and alerting to oversee such access and
ensure it is used legitimately. Third, the least privilege approach should also
apply to senior executives. For example, C-level executives are more concerned
about overall sales trends than the details around each deal, so there is
generally no need for them to have write or modify permissions for the CRM or
other critical databases.
The intersection of telehealth and AI: How can they reinforce each other?
AI tools help streamline the triage process, making it more user-friendly as
well. It begins by collecting basic information like demographics and risk
factors, followed by inquiries about the patient's primary symptoms, covering
a wide age range from newborns to adults. ... Currently, AI tools are not
authorized to diagnose patients. Despite the remarkable progress in generative
AI, we must remain cautious about their practical application in healthcare.
Our blood pressure cuffs are certified medical devices, and it's noteworthy
that while AI tools possess significant capabilities, they are not subject to
the same regulatory rigor. It's critical to establish a robust regulatory
framework to guide and set standards for AI-assisted diagnosis in the future.
This includes addressing key challenges like ensuring maximum
transparency in AI decision-making processes and tackling issues related to
bias and inaccuracies. I believe the ideal path forward is to position AI
tools as optimal supporters for both patients and healthcare providers.
How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers
Privacy laws may impose notice requirements, remediation obligations and
penalties on data controllers for privacy breaches. Thus, establishing clear
sets of obligations for data processors in the case of a security breach can
allow data controllers to meet their own legal obligations. Data controllers
should expand the DPA provisions for security breach obligations to include
any security incident or misuse of the data by the data processor or its
personnel. This obligation should include both real and suspected incidents as
this allows for mitigation efforts to be deployed early on by the data
controller rather than waiting for a confirmation of a security incident,
which can take several weeks depending on the complexity of the required
forensic investigation. Data controllers should include security control
provisions in the DPA setting out the steps to be taken by a data processor to
secure sensitive data and respond to data incidents. Depending on the nature
and sensitivity of the data, data controllers may lay out more specific steps
to be taken before or after a security incident.
EU’s AI Act: Europe’s New Rules for Artificial Intelligence
Developers of AI systems deemed to be high risk will have to meet certain
obligations set by European lawmakers, including mandatory assessment of how
their AI systems might impact the fundamental rights of citizens. This applies
to the insurance and banking sectors, as well as any AI systems with
“significant potential harm to health, safety, fundamental rights,
environment, democracy and the rule of law.” AI models that are considered
high-impact and pose a systemic risk – meaning they could cause widespread
problems if things go wrong – must follow more stringent rules. Developers of
these systems will be required to perform evaluations of their models, as well
as “assess and mitigate systemic risks, conduct adversarial testing, report to
the (European) Commission on serious incidents, ensure cybersecurity and
report on their energy efficiency.” Additionally, European citizens will have
a right to launch complaints and receive explanations about decisions made by
high-risk AI systems that impact their rights. To support European startups in
creating their own AI models, the AI Act also promotes regulatory sandboxes
and real-world-testing.
SEI platforms empower managers to gain real-time insights into their team’s
progress, eliminating unnecessary meetings and constant check-ins. By breaking
down silos and providing a clear view of everyone’s workload, SEI platforms
foster greater team autonomy, allowing them to receive assistance when needed
so they can operate more efficiently. ... Even in highly efficient and
high-performing organizations, some projects may experience delays or budget
overruns, and it can be hard to understand and communicate why. SEI platforms
can help leaders spot recurring bottlenecks or inefficiencies and work with
their teams to improve the relevant processes. They also make it possible to
test the efficacy of process changes. ... Specific metrics provided by SEI
platforms allow engineering leaders to assess the quality of their team’s
work, evaluate code review practices, and maintain stability and efficiency in
software delivery. Visualizations of trends, patterns, and correlations from
these metrics offer valuable insights to engineering leaders, leading to
informed decision-making.
Shifting data protection regulations show why businesses must put privacy at their core
It isn’t just legislators pressuring businesses to take their data privacy
responsibilities seriously. Public awareness of how data is collected,
utilized and shared is on the rise, affecting consumer behavior accordingly.
Publicity around the EU General Data Protection Regulation (GDPR) played a
very important role in educating consumers in the UK about data privacy, with
79% of UK consumers saying that transparency about how their data is collected
and used is important to them. But they also recognize the value of their
data, with 61% of UK consumers viewing their personal information as an asset
that can be used to negotiate better prices and offers with companies. And
there is growing evidence that US consumers are increasingly privacy aware.
According to DataGrail’s Privacy Trends 2023 report, DSRs – privacy requests
submitted by data subjects to access or modify the data a company holds on
them – grew by 72% year-on-year between 2021 and 2022. Of these requests, 52%
came from people living in states without enacted privacy laws.
Hiring sentiment seems positive for Q4 after witnessing sluggishness in Q3
Consumer and retail companies will see a resurgence in Q4 from muted demand in
semi-urban and rural areas in the festive season in Q3. While the report
carries positive sentiment for the financial services sector, we would observe
cautious moves from banks, NBFCs and Fintechs with increased regulatory
pressure from the RBI on lending norms for riskier credits. According to the
report findings, H2 is projecting positive incremental hiring, including
workforce expansion, new hiring, and replacement hiring. This surge in
workforce expansion can be attributed to government policies and initiatives
aimed at fortifying employment opportunities and cultivating a
business-friendly environment. Notably, India experienced a remarkable 7.8%
surge in GDP during the first quarter of the fiscal year 2023-24 (Q1 FY24).
This robust GDP growth underscores a potent economic rebound, driving the
acceleration in incremental hiring across the nation. The report dives into
the multifaceted factors that influence employment in India. According to the
data, economic conditions significantly impact the employment environment, as
cited by 69% of respondents.
Is the UK-US data bridge doomed to fail?
While experts agree that improvements have been made compared to previous
efforts, concerns about the legislation remain. The Open Rights Group has
argued that the data breach will “betray UK democratic values, and position
the UK as a data-laundering heaven pushing for a global privacy race to the
bottom”. “This approach doesn’t only fail to provide a long-term, pragmatic
solution to international data transfers, but would further the UK’s
reputation as an ‘international rogue actor’ that recent UK Governments have
advanced throughout the years,” writes Mariano delli Santi, a data protection
expert at ORG. The ICO has also been quick to highlight specific areas that
could pose risks to data subjects in the UK. The watchdog has raised concerns
about certain terminology used and also recommends monitoring the
implementation of the UK-US data bridge generally, to ensure it operates as
intended. For example, the ICO points out that the UK-US data bridge does not
name all the special category data defined in Article 9 of UK GDPR, such as
biometric, genetic, criminal offense, or sexual orientation data.
Quote for the day:
'Leadership occurs any time you
attempt to influence the thinking, development of beliefs of somebody
else.'' -- Dr. Ken Blanchard
No comments:
Post a Comment