The Unseen Ethical Considerations in AI Practices: A Guide for the CEO
AI’s “black box” problem is well-known, but the ethical imperative for transparency goes beyond just making algorithms understandable and its results explainable. It’s about ensuring that stakeholders can comprehend AI decisions, processes, and implications, guaranteeing they align with human values and expectations. Recent techniques, such as reinforcement learning from human feedback (RLHF) that aligns AI outcomes to human values and preferences, confirm that AI-based systems behave ethically. This means developing AI systems in which decisions are in accordance with human ethical considerations and can be explained in terms that are comprehensible to all stakeholders, not just the technically proficient. Explainability empowers individuals to challenge or correct erroneous outcomes and promotes fairness and justice. Together, transparency and explainability uphold ethical standards, enabling responsible AI deployment that respects privacy and prioritizes societal well-being. This approach promotes trust, and trust is the bedrock upon which sustainable AI ecosystems are built.Long-
Cyber resilience - how to achieve it when most businesses – and CISOs – don’t care
Organizations should ask themselves some serious, searching questions about why they are driven to keep doing the same thing over and over again – while spending millions of dollars in the process. As Bathurst put it: Why isn't security by design built in at the beginning of these projects, which are driving people to make the wrong decisions – decisions that nobody wants? Nobody wants to leave us open to attack. And nobody wants our national health infrastructure, ... But at this point, we should remind ourselves that, despite that valuable exercise, both the Ministry of Defence and the NHS have been hacked and/or subjected to ransomware attacks this year. In the first case, via a payroll system, which exposed personal data on thousands of staff, and in the second, via a private pathology lab. The latter incursion revealed patient blood-test data, leading to several NHS hospitals postponing operations and reverting to paper records. So, the lesson here is that, while security by design is essential for critical national infrastructure, resilience in the networked, cloud-enabled age must acknowledge that countless other systems, both upstream and downstream, feed into those critical ones.
Prominent Professor Discusses Digital Transformation, the Future of AI, Tesla, and More
“Customers are always going to have some challenges, and there are constant new
technological trends evolving. Digital transformation is about intentionally
moving towards making the experience more personalized by weaving new technology
applications to solve customer challenges and deliver value,” shared Krishnan.
However, as machine learning and GenAI help companies personalize their products
and services, the tools themselves are also becoming more niche. “I think we’ll
move to more domain and industry-specific generative AI and large language
models. The healthcare industry will have an LLM, consumer packaged goods,
education, etc,” shared Krishnan. “However, because companies will protect their
own data, every large organization will create its own LLM with the private
data. That’s why generative AI is interesting because it can actually get to be
more personalized while also leveraging the broader knowledge. Eventually, we
may all have our own individual GPTs.” ... Although new technologies such as
GenAI and machine learning have had an immense impact in such a short time,
Krishnan warns that guardrails are necessary, especially as our use of these
tools becomes more essential.
Enhancing Your Company’s DevEx With CI/CD Strategies
Cognitive load is the amount of mental processing necessary for a developer to
complete a task. Companies generally have one programming language that they use
for everything. Their entire toolchain and talent pool is geared toward it for
maximum productivity. On the other hand, CI/CD tools often have their own DSL.
So, when developers want to alter the CI/CD configurations, they must get into
this new rarely-used language. This becomes a time sink as well as causes a high
cognitive load. One of the ways to avoid giving developers high cognitive load
tasks without reason is to pick CI/CD tools that use a well-known language. For
example, the data serialization language YAML — not always the most loved — is
an industry standard that developers would know how to use. ... In software
engineering, feedback loops can be measured by how quickly questions are
answered. Troubleshooting issues within a CI/CD pipeline can be challenging for
developers due to the need for more visibility and information. These processes
often operate as black boxes, running on servers that developers may not have
direct access to with software that is foreign to developers.
Digital Accessibility: Ensuring Inclusivity in an Online World
"It starts by understanding how people with disabilities use your online
platform," he said. While the accessibility issues faced by people who are blind
receive considerable attention, it's crucial to address the full spectrum of
disabilities that affect technology use, including auditory, cognitive,
neurological, physical, speech, and visual disabilities, Henry added. ... The
key is to review accessibility during content creation with a diverse group of
people and address their feedback in iterations early and often. Bhowmick added
that accessibility testing should always be run according to a structured
testing script and mature testing methodologies to ensure reliable,
reproducible, and sustainable test results. It is important to run accessibility
testing during every stage of the software lifecycle: during design, before
handing over the design to development, during development, and after
development. A professional and thorough testing should take place before
releasing the product to customers, Bhowmick said, and the test results should
be made available in an accessibility conformance report (ACR) following the
Voluntary Product Accessibility Template (VPAT) format.
How Cloud-Native Development Benefits SaaS
Cloud-native practices, patterns, and technologies enhance the benefits of SaaS
and COTS while reducing the inherent negatives by:Providing an extensible
framework for adding new capabilities to commercial applications without having
to customize the core product. Leveraging API and event-driven architecture to
bypass the need for custom data integrations. Still offloading the
complexity of most infrastructure and security concerns to a provider while
gaining additional flexibility in scale and resilience
implementation. Enabling opportunities to innovate core business systems
with emerging technologies such as generative AI. Enterprises relying on SaaS or
COTS still need the flexibility to meet their ever-evolving business
requirements. As we have seen with advances in AI over the past year, change and
opportunity can arrive quickly and without warning. Chances are that your
organization is already on a journey to cloud-native maturity, so take advantage
of this effort by implementing technologies and patterns, like leveraging
event-driven architectures and serverless functions to extend your commercial
applications rather than customizing or replacing them.
Cybersecurity as a Service Market: A Domain of Innumerable Opportunities
Although traditional cybersecurity differs from cybersecurity as a service. As
per the budget, size, and regulatory compliance requirements, several
approaches are required. Organizations are finding it tedious to rely
completely on themselves. The conventional method of fabricating an internal
security team is to hire an experienced security staff who are dedicated to
performing cyber security duties. While CSaaS is an option where the company
outsources the security facility. A survey found that almost 72.1% of
businesses find CSaaS solutions critical for their customer strategy. Let us
now understand cyber security as a service market growth aspect. ... Some of
the challenges in the market growth are lack of training and inadequate
workforce, limited security budget among SMEs, and lack of interoperability
with the information. The market in North America currently accounts for the
maximum share of the revenue of the worldwide market. The growth of the market
can be attributed to the high level of digitalization and the surge in the
number of connected devices in the countries is projected to remain
growth-propelling factors.
Top 5 (EA) Services Every Team Lead Should Know
The topic of sustainability is on everyone’s priority list these days. It has
become an integral part of sociopolitical and global concepts. Not to mention,
more and more customers are asking for sustainable products and services. Or
alternatively, they only want to buy from companies that act and operate
sustainably themselves. Sustainability must therefore be on the strategic
agenda of every company. ... To effectively collaborate with your enterprise
IT and ensure the best possible support while you’re making IT-related
investment decisions, your IT service providers require feedback. For this,
your list of software applications must be known. Deficits and opportunities
for improvement need to be identified and, above all, a coordinated investment
strategy for your IT services is a must. It has to be clear how you can use
your IT budget in the most efficient way. ... What do all these different
services have to do with EA? A lot. If the above-mentioned services are
understood as EA services, their results form a valuable contribution to the
creation of a holistic view of your company – the enterprise architecture.
Ensuring Comprehensive Data Protection: 8 NAS Security Best Practices
NAS devices are convenient to use as shared storage, which means they should
be connected to other nodes. Normally, those nodes are the machines inside an
organization’s network. However, the growing number of gadgets per employee
can lead to unintentional external connections. Internet of Things (IoT)
devices are a separate threat category. Hackers can target these devices and
then use them to propagate malicious codes inside corporate networks. If you
connect such a device to your NAS, you risk compromising NAS security and then
suffering a cyberattack. ... Malicious software remains a ubiquitous threat to
any node connected to the network. Malware can steal, delete, and block access
to NAS data or intercept incoming and outgoing traffic. Furthermore, the
example of Stuxnet shows that powerful computer worms can disrupt and disable
IT hardware or even entire production clusters. Insider threats. When planning
an organization’s cybersecurity, IT experts reasonably focus on outside
threats.
How to design the right type of cyber stress test for your organisation
The success of a cyber stress test largely depends on the realism and relevance
of the scenarios and attack vectors used. These should be based on a thorough
understanding of the current threat landscape, industry-specific risks, and
emerging trends. Scenarios may range from targeted phishing campaigns and
ransomware attacks to sophisticated, state-sponsored intrusions. By selecting
scenarios that are plausible and aligned with your organisation’s risk profile,
you can ensure that the stress test provides valuable insights and prepares your
team for real-world challenges. ... A well-designed cyber stress test should
encompass a range of activities, from table-top exercises and digital
simulations to red team-blue team engagements and penetration testing. This
multi-faceted approach allows you to assess the organisation’s capabilities
across various domains, including detection, investigation, response, and
recovery. Additionally, the stress test should include a thorough evaluation
process, with clearly defined success criteria and mechanisms for gathering
feedback and lessons learned.
Quote for the day:
“I'd rather be partly great than
entirely useless.” -- Neal Shusterman
.jpg?width=850&auto=webp&quality=95&format=jpg&disable=upscale)
