Does AI make us dependent on Big Tech?
The assumption is that banks would find it impractical to independently develop the extensive computing power required for AI technologies. Heavy reliance on a small number of tech providers, would pose a significant risk, particularly for European banks. It is further assumed that these banks need to retain the flexibility to switch between different technology vendors to prevent excessive dependence on any one provider, a situation also known as vendor lock-in. And now they want to get the governments involved. The U.K. has proposed new regulations to moderate financial firms’ reliance on external technology companies such as Microsoft, Google, IBM, Amazon, and others. Regulators are specifically concerned that issues at any single cloud computing company could disrupt services across numerous financial institutions. The proposed rules are part of larger efforts to protect the financial sector from systemic risks posed by such concentrated dependence on a few tech giants. In its first statement on AI, the European Union’s securities watchdog emphasized that banks and investment firms must not shirk boardroom responsibility when deploying AI technologies.
How To Choose An Executive Coach? Remember The 5 C’s
A lot of people might put Congruence first, but if you don’t have Clarity the
interpersonal dynamics are a moot point—it’s not just about liking your coach.
Once you are clear on your goals and outcomes then you should seek a coach
with whom you are willing to be psychologically vulnerable. You should test
the potential coach to see if their style resonates with yours. For example,
are they direct enough for you? Are they structured and organized, if you need
that? ... You should be looking for Credibility—that is, relevant
knowledge and expertise. You’ll learn the most by asking questions to explore
the coach’s experience and track record. Has the coach worked with other
executives at your level? Do they have a frame of reference for your situation
and what you are grappling with? Have they worked in a similar environment and
successfully coached others with similar challenges? Do they understand the
corporate world and the politics of your type of organization? One thing to
keep in mind is that many executives today are not just looking for a coach to
help them with finding their own solutions, but also for “coach-sulting”—which
may include advice and counsel on leadership, strategy, organizational
development, team building and tactical problem-solving.
New Research Suggests Architectural Technical Debt Is Most Damaging to Applications
“Architectural challenges and a lack of visibility into architecture
throughout the software development lifecycle prevent businesses from reaching
their full potential,” said Moti Rafalin, CEO and co-founder of vFunction, a
company promoting AI-driven architectural observability and sponsor of the
study. “Adding to this, the rapid accumulation of technical debt hampers
engineering velocity, limits application scalability, impacts resiliency, and
amplifies the risk of outages, delayed projects, and missed opportunities.”
Monolithic architectures bear the brunt of the impact, with 57% of
organizations allocating over a quarter of their IT budget to technical debt
remediation, compared to 49% for microservices architectures. Companies with
monolithic architectures are also 2.1 times more likely to face issues with
engineering velocity, scalability, and resiliency. However, microservices
architectures are not immune to technical debt challenges, with 53% of
organizations experiencing delayed major technology migrations or platform
upgrades due to productivity concerns.
Surge in Attacks Against Edge and Infrastructure Devices
Not just criminals but also state-sponsored attackers have been exploiting
such devices, Google Cloud's Mandiant threat intelligence unit recently
warned. One challenge for defenders: Many network edge devices function as
"black boxes which are not easily examined or monitored by network
administrators," and also lack antimalware or other endpoint detection and
response capabilities, WithSecure's report says. "It is difficult for network
administrators to verify they are secure, and they often must take it on
trust. Certain types of these devices also provide edge services and so are
internet-accessible." Many of these devices don't by default produce detailed
logs that defenders can monitor using security incident and event management
tools to watch for signs of attack. "These devices are supposed to secure our
networks, but by itself, there's no way I can install an AV client on it, or
an EDR client, or say, 'Hey, give me some fancy logs about what is happening
on the device itself,'" said Christian Beek, senior director of threat
analytics at Rapid7, in an interview at Infosecurity Europe 2024.
Edge Devices: The New Frontier for Mass Exploitation Attacks
The attraction to edge devices comes from easier entry; and they provide
easier and greater stealth once compromised. Since they often provide a
continuous service, they are rarely switched off. Vendors design them for
continuity, so purposely make them difficult or impossible for administrator
control beyond predefined options. Indeed, any such individual activity can
void warranties. They frequently do not produce logs of their activity that
can be analyzed by SIEMs, and they cannot be monitored by standard security
controls. In this sense they are similar to the OT demand for continuity — why
fix something that ain’t broke? Until it is broke, by which time it is
probably too late. The result is that edge devices and services often comprise
software components that can be decades old involving operating systems that
are well beyond end of life; and they are effectively cybersecurity’s
forgotten man. Once inside, an attacker is hidden and can plan and execute the
attack over time and out of sight. “Edge services are often internet
accessible, unmonitored, and provide a rapid route to privileged local or
network credentials on a server with broad access to the internal network,”
says the report.
Quantum Computing and AI: A Perfect Match?
Quantum AI is already here, but it's a silent revolution, OrĂºs says. "The
first applications of quantum AI are finding commercial value, such as those
related to LLMs, as well as in image recognition and prediction systems," he
states. More quantum AI applications will become available as quantum
computers grow more powerful. "It's expected that in two-to-three years there
will be a broad range of industrial applications of quantum AI." Yet the road
ahead may be rocky, Li warns. "It's well known that quantum hardware suffers
from noise that can destroy computation," he says. "Quantum error correction
promises a potential solution, but that technology isn't yet available." ...
GenAI and quantum computing are mind-blowing advances in computing technology,
says Guy Harrison, enterprise architect at cybersecurity technology company
OneSpan, in a recent email interview. "AI is a sophisticated software layer
that emulates the very capabilities of human intelligence, while quantum
computing is assembling the very building blocks of the universe to create a
computing substrate," he explains.
How to Offboard Departing IT Staff Members
Some terminations are not amicable, however, and those cases require immediate
action. The IT department must implement an emergency revocation procedure
that involves the instantaneous deactivation of all of the employee’s access
credentials across all systems. Immediate action minimizes the risk of
retaliatory actions or data breaches, which are heightened concerns in such
scenarios. ... Departing employees often leave behind a trail of licenses and
subscriptions for various software and online services used during their
tenure. IT departments must undertake a thorough assessment of these digital
assets to determine which licenses remain necessary, which can be reallocated
and which should be terminated, based on current and anticipated needs. ...
Hardware retrieval is an aspect of offboarding that requires at least as much
diligence as digital access revocation — and often more, given the number of
remote employees that many businesses have. All devices issued to employees —
laptops, tablets, smartphones, ID cards and more — must be returned,
thoroughly inspected and wiped of sensitive information before they are
reassigned or decommissioned.
Integrating Transfer Learning and Data Augmentation for Enhanced Machine Learning Performance
Concretely, the first step consists of applying data augmentation techniques,
including flipping, noise injection, rotation, cropping, and color space
augmentation, to augment the volume of target domain data. Secondly, a
transfer learning model, utilizing ResNet50 as the backbone, extracts
transferable features from raw image data. The model’s loss function
integrates cross-entropy loss for classification and a distance metric
function between source and target domains. By minimizing this combined loss
function, the model aims to simultaneously improve classification accuracy on
the target domain while aligning the distributions of the source and target
domains The experiments compared an enhanced transfer learning method with
conventional ones across datasets like Office-31 and pneumonia X-rays.
Different models, including DAN and DANN, were tested using various techniques
like discrepancy-based and adversarial approaches. The enhanced method,
incorporating data augmentation, consistently outperformed others, especially
when source and target domains were more similar.
OIN expands Linux patent protection yet again (but not to AI)
Keith Bergelt, OIN's CEO, emphasized the importance of this update, stating,
"Linux and other open-source software projects continue to accelerate the pace
of innovation across a growing number of industries. By design, periodic
expansion of OIN's Linux System definition enables OIN to keep pace with OSS's
growth." Bergelt explained that this update reflects OIN's well-established
process of carefully maintaining a balance between stability and incorporating
innovative core open-source technologies into the Linux System definition. The
latest additions result from OIN's consensus-driven update process. "OIN is
also trying to make patent protection more accessible," he added. "We're
trying to make it easier for people to understand what's in there and why it's
in there, what it relates to, what projects it relates to, and what it means
to developers and laymen as well as lawyers." Looking ahead, Bergelt said, "We
made this conscious decision not to include AI. It's so dynamic. We wait until
we see what AI programs have significant usage and adoption levels." This is
how the OIN has always worked. The consortium takes its time to ensure it
extends its protection to projects that will be around for the long haul.
Beyond Sessions: Centering Users in Mobile App Observability
The main use case for tracking users explicitly in backend data is the
potential to link them to your mobile data. This linkage provides additional
attributes that can then be associated with the request that led to slow
backend traces. For example, you can add context that may be too expensive to
be tracked directly in the backend, like the specific payload blobs for the
request, but that is easily collectible on the client. For mobile
observability, tracking users explicitly is of paramount importance. In this
space, platforms, and vendors recognize that modeling a user’s experience is
essential because knowing the totality and sequencing of the activities around
the time a user experiences performance problems is key for debugging. By
grouping temporally related events for a user and presenting them in a
chronologically sorted order, they have created what has become de rigueur in
mobile observability: the user session. Presenting telemetry this way allows
mobile developers to spot patterns and provide explanations as to why
performance problems occur.
Quote for the day:
“Every adversity, every failure, every
heartache carries with it the seed of an equal or greater benefit.” --
Napoleon Hill
No comments:
Post a Comment