Daily Tech Digest - May 09, 2024

Red Hat delivers accessible, open source Generative AI innovation with Red Hat Enterprise Linux AI

RHEL AI builds on this open approach to AI innovation, incorporating an enterprise-ready version of the InstructLab project and the Granite language and code models along with the world’s leading enterprise Linux platform to simplify deployment across a hybrid infrastructure environment. This creates a foundation model platform for bringing open source-licensed GenAI models into the enterprise. RHEL AI includes:Open source-licensed Granite language and code models that are supported and indemnified by Red Hat. A supported, lifecycled distribution of InstructLab that provides a scalable, cost-effective solution for enhancing LLM capabilities and making knowledge and skills contributions accessible to a much wider range of users. Optimised bootable model runtime instances with Granite models and InstructLab tooling packages as bootable RHEL images via RHEL image mode, including optimised Pytorch runtime libraries and accelerators for AMD Instinct™ MI300X, Intel and NVIDIA GPUs and NeMo frameworks. 

Regulators are coming for IoT device security

Up to now, the IoT industry has relied mainly on security by obscurity and the results have been predictable: one embarrassing compromise after another. IoT devices find themselves recruited into botnets, connected locks get trivially unlocked, and cars can get remotely shut down while barreling down the highway at 70mph. Even Apple, who may have the most sophisticated hardware security team on the planet, has faced some truly terrible security vulnerabilities. Regulators have taken note, and they are taking action. In September 2022, NIST fired a warning shot by publishing a technical report that surveyed the state of IoT security and made a series of recommendations. This was followed by a voluntary regulatory scheme—the Cyber Trust Mark, published by the FCC in the US—as well as a draft regulation of European Union’s upcoming Cyber Resilience Act (CRA). Set to begin rolling out in 2025, the CRA will create new cybersecurity requirements to sell a device in the single market. Standard bodies have not stayed idle.The Connectivity Standards Alliance published the IoT Device Security Specification in March of this year, after more than a year of work by its Product Security Working Group.

Australia revolutionises data management challenges

In Australia, the importance of data literacy is growing rapidly. It is now more essential than ever to be able to comprehend and effectively communicate data as valuable information. The significance of data literacy cannot be overemphasised. Highlighting the importance of data literacy across government agencies is key to unlocking the true power of data. Understanding which data to use for problem-solving, employing critical thinking to comprehend and tackle data strengths and limitations, strategically utilising data to shape policies and implement effective programmes, regulations, and services, and leveraging data to craft a captivating narrative are all essential components of this process. Nevertheless, the ongoing challenge lies in ensuring that employees have the ability to interpret and utilise data effectively. Individuals who are inexperienced with data may find it challenging to effectively work with data, comprehend intricate datasets, analyse patterns, and extract valuable insights. Organisations are placing a strong emphasis on data literacy initiatives, aiming to turn individuals with limited data knowledge into experts in the field. 

Navigating Architectural Change: Overcoming Drift and Erosion in Software Systems

Architectural drift involves the introduction of design decisions that were not part of the original architectural plan, yet these decisions do not necessarily contravene the foundational architecture. In contrast, architectural erosion occurs when new design considerations are introduced that directly conflict with or undermine the system's intended architecture, effectively violating its guiding principles. ... In software engineering terms, a system may start with a clean architecture but, due to architectural drift, evolve into a complex tangle of multiple architectural paradigms, inconsistent coding practices, redundant components, and dependencies. On the other hand, architectural erosion could be likened to making alterations or additions that compromise the structural integrity of the house. For instance, deciding to remove or alter key structural elements, such as knocking down a load-bearing wall to create an open-plan layout without proper support, or adding an extra floor without considering the load-bearing capacity of the original walls.

Strong CIO-CISO relations fuel success at Ally

We identify the value we are creating and capturing before we kick off a technology project, and it’s a joint conversation with the business. I don’t think it’s just the business responsibility to say my customer acquisition is going to go up, or my revenue is going to go up by X. There is a technology component to it, which is extremely critical, especially as a full-scale digital-only organization. What does it take for you to build the capability? How long will it take? How much does it cost and what does it cost to run it? ... Building a strong leadership team is critical. Empowering them is even more critical. When people talk about empowerment, they think it means I leave my leaders alone and they go do whatever they want. It’s actually the opposite. We have sensitive and conflict-filled conversations, and the intent of that is to make each other better. If I don’t understand how my leaders are executing, I won’t be able to connect the dots. It is not questioning what they’re doing; it’s asking questions for my learning so I can connect and share learnings from what other leaders are doing. That’s what leads us to preserving that culture.

To defend against disruption, build a thriving workforce

To build a thriving workplace, leaders must reimagine work, the workplace, and the worker. That means shifting away from viewing employees as cogs who hit their deliverables then turn back into real human beings after the day is done. Employees are now more like elite artists or athletes who are inspired to produce at the highest levels but need adequate time to recharge and recover. The outcome is exceptional; the path to getting there is unique. ... Thriving is more than being happy at work or the opposite of being burned out. Rather, one of the cornerstones of thriving is the idea of positive functioning: a holistic way of being, in which people find a purposeful equilibrium between their physical, mental, social, and spiritual health. Thriving is a state that applies across talent categories, from educators and healthcare specialists to data engineers and retail associates. ... In this workplace, people at every level are capable of being potential thought leaders who have influence through the right training, support, and guidance. They don’t have to be just “doers” who simply implement what others tell them to. 

Tips for Controlling the Costs of Security Tools

The total amount that a business spends on security tools can vary widely depending on factors like which types of tools it deploys, the number of users or systems the tools support and the pricing plans of tool vendors. But on the whole, it’s fair to say that tool expenditures are a significant component of most business budgets. Moody’s found, for example, that companies devote about 8% of their total budget to security. That figure includes personnel costs as well as tool costs, but it provides a sense of just how high security spending tends to be relative to overall business expenses. These costs are likely only to grow. IDC believes that total security budgets will increase by more than a third over the next few years, due in part to rising tool costs. This means that finding ways to rein in spending on security tools is important not just for reducing overall costs today, but also preventing cost overruns in the future. Of course, reducing spending can’t amount simply to abandoning critical tools or turning off important features.

UK Regulator Tells Platforms to 'Tame Toxic Algorithms'

The Office of Communications, better known as Ofcom, on Wednesday urged online intermediaries, which include end-to-end encrypted platforms such as WhatsApp, to "tame toxic algorithms." Ensuring recommender systems "do not operate to harm children" is a measure the regulator made in a draft proposal for regulations enacting the Online Safety Act, legislation the Conservative government approved in 2023 that is intended to limit children's exposure to damaging online content. The law empowers the regulator to order online intermediaries to identify and restrict pornographic or self-harm content. It also imposes criminal prosecution for those whose send harmful or threatening communications. Instagram, YouTube, Google and Facebook that are among 100,000 web services that come under the scope of the regulation and are likely to be affected by the new requirements. "Any service which operates a recommender system and is at higher risk of harmful content should identify who their child users are and configure their algorithms to filter out the most harmful content from children's feeds and reduce the visibility of other harmful content," Ofcom said.

Businesses lack AI strategy despite employee interest — Microsoft survey

“While leaders agree using AI is a business imperative, and many say they won’t even hire someone without AI skills, they also believe that their companies lack a vision and plan to implement AI broadly; they’re stuck in AI inertia,” Colette Stallbaumer, general manager of Copilot and Cofounder of Work Lab at Microsoft, said in a pre-recorded briefing. “We’ve come to the hard part of any tech disruption, moving from experimentation to business transformation,” Stallbaumer said. While there’s clear interest in AI’s potential, many businesses are proceeding with caution with major deployments, say analysts. “Most organizations are interested in testing and deployment, but they are unsure where and how to get the most return,” said Carolina Milanesi, president and principal analyst at Creative Strategies. Security is among the biggest concerns, said Milanesi, “and until that is figured out, it is easier for organizations to shut access down.” As companies start to deploy AI, IT teams face significant demands, said Josh Bersin, founder and CEO of The Josh Bersin Company. 

Mayorkas, Easterly at RSAC Talk AI, Security, and Digital Defense

While acknowledging the increasingly ubiquitous use of AI in many services across the nation, Mayorkas commented about the advisory board’s conversation of leveraging that technology in cybersecurity. “It’s a very interesting discussion on what the definition of ‘safe’ is,” he said. “For example, most people now when they speak of the civil rights, civil liberties implications, categorize that under the responsible use of AI, but what we heard yesterday was an articulation of the fact that the civil liberties, civil rights implications of AI really are part and parcel of safety.” ... Technologies are shipped in ways that create risk, vulnerabilities, and they are configured and deployed in ways that are incredibly complex. “It’s eerily reminiscent of William Gibson's ‘Neuromancer,’” Krebs said. “When he talks about cyberspace, he said ‘the unthinkable complexity,’ and that’s what it's like right now to deploy and manage a large enterprise.” “We are just not sitting in place or standing in place because new technology for emerging on a regular basis,” he said. 

Quote for the day:

"Successful people do what unsuccessful people are not willing to do. Don't wish it were easier; wish you were better." -- Jim Rohn

No comments:

Post a Comment