Daily Tech Digest - June 30, 2024

The Unseen Ethical Considerations in AI Practices: A Guide for the CEO

AI’s “black box” problem is well-known, but the ethical imperative for transparency goes beyond just making algorithms understandable and its results explainable. It’s about ensuring that stakeholders can comprehend AI decisions, processes, and implications, guaranteeing they align with human values and expectations. Recent techniques, such as reinforcement learning from human feedback (RLHF) that aligns AI outcomes to human values and preferences, confirm that AI-based systems behave ethically. This means developing AI systems in which decisions are in accordance with human ethical considerations and can be explained in terms that are comprehensible to all stakeholders, not just the technically proficient. Explainability empowers individuals to challenge or correct erroneous outcomes and promotes fairness and justice. Together, transparency and explainability uphold ethical standards, enabling responsible AI deployment that respects privacy and prioritizes societal well-being. This approach promotes trust, and trust is the bedrock upon which sustainable AI ecosystems are built.Long-


Cyber resilience - how to achieve it when most businesses – and CISOs – don’t care

Organizations should ask themselves some serious, searching questions about why they are driven to keep doing the same thing over and over again – while spending millions of dollars in the process. As Bathurst put it: Why isn't security by design built in at the beginning of these projects, which are driving people to make the wrong decisions – decisions that nobody wants? Nobody wants to leave us open to attack. And nobody wants our national health infrastructure, ... But at this point, we should remind ourselves that, despite that valuable exercise, both the Ministry of Defence and the NHS have been hacked and/or subjected to ransomware attacks this year. In the first case, via a payroll system, which exposed personal data on thousands of staff, and in the second, via a private pathology lab. The latter incursion revealed patient blood-test data, leading to several NHS hospitals postponing operations and reverting to paper records. So, the lesson here is that, while security by design is essential for critical national infrastructure, resilience in the networked, cloud-enabled age must acknowledge that countless other systems, both upstream and downstream, feed into those critical ones.


Prominent Professor Discusses Digital Transformation, the Future of AI, Tesla, and More

“Customers are always going to have some challenges, and there are constant new technological trends evolving. Digital transformation is about intentionally moving towards making the experience more personalized by weaving new technology applications to solve customer challenges and deliver value,” shared Krishnan. However, as machine learning and GenAI help companies personalize their products and services, the tools themselves are also becoming more niche. “I think we’ll move to more domain and industry-specific generative AI and large language models. The healthcare industry will have an LLM, consumer packaged goods, education, etc,” shared Krishnan. “However, because companies will protect their own data, every large organization will create its own LLM with the private data. That’s why generative AI is interesting because it can actually get to be more personalized while also leveraging the broader knowledge. Eventually, we may all have our own individual GPTs.” ... Although new technologies such as GenAI and machine learning have had an immense impact in such a short time, Krishnan warns that guardrails are necessary, especially as our use of these tools becomes more essential.


Enhancing Your Company’s DevEx With CI/CD Strategies

Cognitive load is the amount of mental processing necessary for a developer to complete a task. Companies generally have one programming language that they use for everything. Their entire toolchain and talent pool is geared toward it for maximum productivity. On the other hand, CI/CD tools often have their own DSL. So, when developers want to alter the CI/CD configurations, they must get into this new rarely-used language. This becomes a time sink as well as causes a high cognitive load. One of the ways to avoid giving developers high cognitive load tasks without reason is to pick CI/CD tools that use a well-known language. For example, the data serialization language YAML — not always the most loved — is an industry standard that developers would know how to use. ... In software engineering, feedback loops can be measured by how quickly questions are answered. Troubleshooting issues within a CI/CD pipeline can be challenging for developers due to the need for more visibility and information. These processes often operate as black boxes, running on servers that developers may not have direct access to with software that is foreign to developers. 


Digital Accessibility: Ensuring Inclusivity in an Online World

"It starts by understanding how people with disabilities use your online platform," he said. While the accessibility issues faced by people who are blind receive considerable attention, it's crucial to address the full spectrum of disabilities that affect technology use, including auditory, cognitive, neurological, physical, speech, and visual disabilities, Henry added. ... The key is to review accessibility during content creation with a diverse group of people and address their feedback in iterations early and often. Bhowmick added that accessibility testing should always be run according to a structured testing script and mature testing methodologies to ensure reliable, reproducible, and sustainable test results. It is important to run accessibility testing during every stage of the software lifecycle: during design, before handing over the design to development, during development, and after development. A professional and thorough testing should take place before releasing the product to customers, Bhowmick said, and the test results should be made available in an accessibility conformance report (ACR) following the Voluntary Product Accessibility Template (VPAT) format.


How Cloud-Native Development Benefits SaaS

Cloud-native practices, patterns, and technologies enhance the benefits of SaaS and COTS while reducing the inherent negatives by:Providing an extensible framework for adding new capabilities to commercial applications without having to customize the core product. Leveraging API and event-driven architecture to bypass the need for custom data integrations. Still offloading the complexity of most infrastructure and security concerns to a provider while gaining additional flexibility in scale and resilience implementation. Enabling opportunities to innovate core business systems with emerging technologies such as generative AI. Enterprises relying on SaaS or COTS still need the flexibility to meet their ever-evolving business requirements. As we have seen with advances in AI over the past year, change and opportunity can arrive quickly and without warning. Chances are that your organization is already on a journey to cloud-native maturity, so take advantage of this effort by implementing technologies and patterns, like leveraging event-driven architectures and serverless functions to extend your commercial applications rather than customizing or replacing them.


Cybersecurity as a Service Market: A Domain of Innumerable Opportunities

Although traditional cybersecurity differs from cybersecurity as a service. As per the budget, size, and regulatory compliance requirements, several approaches are required. Organizations are finding it tedious to rely completely on themselves. The conventional method of fabricating an internal security team is to hire an experienced security staff who are dedicated to performing cyber security duties. While CSaaS is an option where the company outsources the security facility. A survey found that almost 72.1% of businesses find CSaaS solutions critical for their customer strategy. Let us now understand cyber security as a service market growth aspect. ... Some of the challenges in the market growth are lack of training and inadequate workforce, limited security budget among SMEs, and lack of interoperability with the information. The market in North America currently accounts for the maximum share of the revenue of the worldwide market. The growth of the market can be attributed to the high level of digitalization and the surge in the number of connected devices in the countries is projected to remain growth-propelling factors. 


Top 5 (EA) Services Every Team Lead Should Know

The topic of sustainability is on everyone’s priority list these days. It has become an integral part of sociopolitical and global concepts. Not to mention, more and more customers are asking for sustainable products and services. Or alternatively, they only want to buy from companies that act and operate sustainably themselves. Sustainability must therefore be on the strategic agenda of every company. ... To effectively collaborate with your enterprise IT and ensure the best possible support while you’re making IT-related investment decisions, your IT service providers require feedback. For this, your list of software applications must be known. Deficits and opportunities for improvement need to be identified and, above all, a coordinated investment strategy for your IT services is a must. It has to be clear how you can use your IT budget in the most efficient way. ... What do all these different services have to do with EA? A lot. If the above-mentioned services are understood as EA services, their results form a valuable contribution to the creation of a holistic view of your company – the enterprise architecture.


Ensuring Comprehensive Data Protection: 8 NAS Security Best Practices

NAS devices are convenient to use as shared storage, which means they should be connected to other nodes. Normally, those nodes are the machines inside an organization’s network. However, the growing number of gadgets per employee can lead to unintentional external connections. Internet of Things (IoT) devices are a separate threat category. Hackers can target these devices and then use them to propagate malicious codes inside corporate networks. If you connect such a device to your NAS, you risk compromising NAS security and then suffering a cyberattack. ... Malicious software remains a ubiquitous threat to any node connected to the network. Malware can steal, delete, and block access to NAS data or intercept incoming and outgoing traffic. Furthermore, the example of Stuxnet shows that powerful computer worms can disrupt and disable IT hardware or even entire production clusters. Insider threats. When planning an organization’s cybersecurity, IT experts reasonably focus on outside threats.


How to design the right type of cyber stress test for your organisation

The success of a cyber stress test largely depends on the realism and relevance of the scenarios and attack vectors used. These should be based on a thorough understanding of the current threat landscape, industry-specific risks, and emerging trends. Scenarios may range from targeted phishing campaigns and ransomware attacks to sophisticated, state-sponsored intrusions. By selecting scenarios that are plausible and aligned with your organisation’s risk profile, you can ensure that the stress test provides valuable insights and prepares your team for real-world challenges. ... A well-designed cyber stress test should encompass a range of activities, from table-top exercises and digital simulations to red team-blue team engagements and penetration testing. This multi-faceted approach allows you to assess the organisation’s capabilities across various domains, including detection, investigation, response, and recovery. Additionally, the stress test should include a thorough evaluation process, with clearly defined success criteria and mechanisms for gathering feedback and lessons learned.



Quote for the day:

“I'd rather be partly great than entirely useless.” -- Neal Shusterman

No comments:

Post a Comment