Daily Tech Digest - February 23, 2024

When cloud AI lands you in court

In a recent legal ruling against Air Canada in a small claims court, the airline lost because its AI-powered chatbot provided incorrect information about bereavement fares. The chatbot suggested that the passenger could retroactively apply for bereavement fares, despite the airline’s bereavement fares policy contradicting this information. ... In the Air Canada case, the tribunal called it a case of “negligent misrepresentation,” meaning that the airline had failed to take reasonable care to ensure the accuracy of its chatbot. The ruling has significant implications, raising questions about company liability for the performance of AI-powered systems, which, in case you live under a rock, are coming fast and furious. Also, this incident highlights the vulnerability of AI tools to inaccuracies. This is most often caused by the ingestion of training data that has erroneous or biased information. This can lead to adverse outcomes for customers, who are pretty good at spotting these issues and letting the company know. The case highlights the need for companies to reconsider the extent of AI’s capabilities and their potential legal and financial exposure to misinformation, which will cause bad decisions and outcomes from the AI systems.

Rackspace’s MD on addressing the shortage of senior, mid-level cybersecurity talent

The Data Security Council of India (DSCI) predicts that local demand for cybersecurity professionals will reach a million positions in 2025 if the cybersecurity ecosystem continues its rapid growth. While both the government and private enterprises are taking steps to increase the number of individuals pursuing careers in cybersecurity, its impact will not be felt immediately, especially at the higher levels. As experienced professionals retire or move into more advanced roles, the industry may face a shortage of individuals with the necessary expertise and experience to fill their positions. While the increase in new graduates entering the field can fill up entry-level roles, it will take more time for them to gain the necessary experience and qualifications for senior and mid-level cybersecurity positions. Organisations will need to be innovative and creative in ensuring their cybersecurity posture in the face of a talent crunch. They will need to utilise and refine their strategies for attracting and retaining top talent, as well as upskilling existing employees, by leveraging the latest technological trends for more efficient cybersecurity practices. 

What are the main challenges CISOs are facing in the Middle East?

The skills challenge is likely going to be key as a result of the rise of disruptive technologies such as Generative AI. They will be a reshaping of the entire global workforce and skills to adequately deal with cybersecurity issues will be in short supply. The other critical challenge that will be faced has to do with regulatory changes as nation-states seek to protect their citizens from cyberattacks. This typically adds to the overall costs of cyber compliance. Lastly, cybercrime will also rise especially on digital platforms as people transact virtually. Cybersecurity Ventures expects damage costs from cybercrime to increase by about 15% each year over the next 3 years. ... The human resource base is very key both for cybersecurity professionals and the general employee. In cybersecurity, precedence is always provided for the protection of human life before anything else. It is therefore important to ensure that people are equipped with adequate and relevant knowledge about how to identify indicators of attacks and remain alert for such attacks ... The financial services sector also relies on proprietary technology hence any cyber-attacks on such could lead to huge losses and reputational damage. The sector also holds customer data and intellectual property which is typically very sensitive information and held on trust.

Practical steps on carbon accounting for data centers

Measuring the carbon and material cost of our equipment is done through lifecycle assessment (LCA). This is done by disassembling products, looking at the material content, and giving each part of this an environmental weight. This is based on where and how they were sourced and what impacts these processes have. Measuring impact using the LCA method involves drawing boundaries, making assumptions, and using estimates. These estimates are shared on platforms like EcoInvent, which give specialists shortcuts on materials and good ideas on how to fill gaps. When you read reports from manufacturers, they will state where they assume the product was delivered, where it was assembled, how long it was in use, where the materials were mined, and potentially how and where it was destroyed. They need to do this because different locations will have slightly different sets of environmental risks. There are a lot of variables in play. Because of this, there is wide variance between LCAs from different manufacturers of very similar products.

Incorporating AI and automation into cyber risk management

AI-powered systems can significantly enhance organisational cyber defence capabilities through advanced threat detection, predictive analytics, and real-time monitoring. Next-generation AI-driven tools enable organisations to establish intelligent, secure, and automated systems capable of real-time threat detection, prevention, and prediction. AI models can be trained to identify anomalies in system behaviour, serving as an effective means of detecting potential cyber risks. This capability proves invaluable in recognizing potential security breaches or operational failures. Moreover, AI-powered threat intelligence contributes to identifying emerging threats, facilitating the development of proactive mitigation strategies. Ensuring compliance with IT regulations, such as the General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI DSS), is achieved through the continuous monitoring capabilities of AI tools. These tools not only streamline compliance efforts but also enhance accuracy and efficiency. 

Adapting To Software Testing's Future: Success Factors

Risk-based testing is a strategic approach that prioritizes testing efforts based on the potential risk of failure and its impact on the project or business. By identifying the most critical areas of the application in terms of functionality, user impact, and likelihood of failure, teams can allocate their limited testing resources more effectively. ... Test selection techniques, such as test case prioritization and minimization, help teams focus on the tests that are most likely to detect defects. Prioritization involves ordering test cases so that those with the highest importance or likelihood of finding bugs are executed first. Minimization seeks to reduce the number of test cases to a necessary subset, eliminating redundancies without sacrificing coverage. ... By automating repetitive and time-consuming tests, teams can significantly reduce the time required for test execution. Automation is particularly effective for regression testing, where the same tests need to be run repeatedly against successive versions of the software. Automated tests can be executed faster and more frequently than manual tests, providing quicker feedback and freeing up human testers to focus on more complex and exploratory testing tasks.

5 Tips for Developer-Friendly DevSecOps

Many security tools are built for security professionals, so simply bolting them onto existing developer workflows can create friction. When looking to integrate a new tool into the SDLC, consider extracting the desired data from the security tool and natively integrating it into the developer’s workflow — or even better, look to a tool that’s already embedded within the flow. This reduces context switching, and helps developers detect and remediate vulnerabilities earlier. Additionally, leveraging AI tools within integrated development environments (IDEs) streamlines the process further, allowing developers to address security alerts without leaving their coding environment. ... A barrage of alerts, especially false positives, can erode a developer’s trust in the tool and compromise their productivity. A well-integrated security tool should have an alert system that surfaces high-priority alerts directly to developers — for example, alert settings based on custom and automated triage rules, filterable code scanning alerts and the ability to dismiss alerts contribute to a more effective alert system. This ensures developers can swiftly address urgent security concerns without being overwhelmed by unnecessary noise, and helps to ultimately clean up an organization’s security debt.

Leveraging automation for enhanced cyber security operations

A practical approach to refining automation logic involves leveraging experiences from cyber exercises, penetration tests or red teaming. Analyzing the defensive strategies of the “blue team” during various attack scenarios helps identify their response algorithms and steps. This process starts with differentiating between true and false positive alerts, identifying hacker attributes and evaluating compromised resources. Such insights enable the automation of defenses by validating logged events, ensuring a more effective and streamlined response to modern cyber threats. The first step in enhancing incident response is to automate the collection of contextual data that informs decision-making. This includes information about the particular machine or another asset involved in the security incident, user account details and intelligence on external threat elements like domain names. This foundational data is important for understanding the scope and impact of security incidents, enabling quicker and more effective responses. If an attack still evolves, the context gathered initially assists in correlating future defensive measures with a pre-established hypothesis regarding the attack’s propagation.

Innovation in IT: A Blueprint for Digital Evolution

Success requires a methodical approach. Digital Business Methodology (DBM) provides insight into the "What" that shapes your approach, with the "How" contingent on tools, ecosystem, leadership support, and team skill set. DBM is a comprehensive strategy that empowers companies to embrace and implement digital business practices. It provides a well-defined path orchestrating data, technology, and personnel alignment. This approach yields results across the enterprise, emphasizing speed, consistency, and scalability through an outcome-driven, incremental process. This methodology's core is a business-led, agile digital culture focused on achieving bite-sized outcomes essential for accelerating business growth. Under the DBM umbrella, businesses lead in collaboration with key stakeholders throughout the entire process, from ideation to deployment. The primary focus lies in simplifying end-to-end workflows and establishing a single source of truth (SSOT). This guided and adaptable ideation-to-deployment ecosystem facilitates seamless collaboration among business owners, engineers, analysts, scientists, and operational teams, driving innovative solutions and achieving desired outcomes.

The Psychology of Cybersecurity Burnout

The cybersecurity landscape is incredibly complex, and the cybersecurity procedures implemented by a given organization are likely to vary significantly. However, a number of factors have emerged as being likely contributors to this mental health phenomenon. ... Anticipating developing threats is a further problem. Staff simply don’t have time to stay on top of the news and devise procedures that can deal with novel ransomware attacks or whatever else may be brewing in the attack space. “If I don’t get on top of this, it’s gonna be a problem for me and my team,” Gartland says. “So, we’re just trying to figure out: How do I learn something on the weekend or late at night?” Cybersecurity professionals must be highly attentive to their work and conspicuous failures can often be traced to a single error, increasing the burden of responsibility on even low-level employees. The vigilance required of the job is equivalent to that required of air traffic controllers and medical professionals. People who strongly identify with those responsibilities are more likely to suffer burnout due to intense internal motivation to fulfill them even when it is not realistic.

Quote for the day:

"Go as far as you can see; when you get there, you'll be able to see farther." -- J. P. Morgan

No comments:

Post a Comment