In the recent past, people had the perception that HDD storage is slow and can only be used for backup. However, in the last 2 years, we have demonstrated in our European HDD laboratory how to combine multiple HDDs to test function and performance. If you have 100s of HDDs in your large-scale storage system, you also have around a billion different configuration possibilities. ... The demand for HDDs in surveillance applications continues to surge, with an increasing number of digital video recorder manufacturers entering the market. From relatively cheap surveillance systems for private homes, to medium priced surveillance systems to expensive surveillance systems for large-scale infrastructures like smart cities. The sequential nature of video surveillance data and the fact that it is over-written at some point in time, makes HDDs the uncontested choice at all levels for surveillance storage. ... At the very least, preserving a duplicate of one’s data using an alternative technology is a sensible measure. This could be a combination of cloud services or a mix of cloud and external storage, such as a USB-connected portable HDD like a Toshiba Canvio. It’s a small price to pay for peace of mind that your data is safe.
Top 3 Strategies for Leveraging AI to Transform Customer Intelligence
Transitioning from reactive to proactive engagement is one of AI's most
transformative capabilities for customer intelligence. Predictive models trained
on historical data allow organizations to anticipate customer needs, helping
them deliver timely, relevant solutions. By recognizing patterns and trends, AI
empowers businesses to forecast future customer actions — whether that's product
preferences, the likelihood of churn, or upcoming purchase intent — enabling a
more proactive approach to customer engagement. ... AI enables companies to
personalize customer interactions dynamically across multiple channels. For
instance, AI-powered chatbots can provide instant responses, creating a
conversational experience that feels natural and responsive. By integrating
these capabilities into CRM systems, companies ensure that every customer
touchpoint — chat, email, or in-app messaging — is customized based on a
customer's unique history and recent activities. This focus on personalization
also extends to effective customer segmentation, as organizations aim to provide
the right level of service to each customer based on their specific needs and
entitlements.
Who’s the Bigger Villain? Data Debt vs. Technical Debt
Although data debt and tech debt are closely connected, there is a key
distinction between them: you can declare bankruptcy on tech debt and start
over, but doing the same with data debt is rarely an option. Reckless and
unintentional data debt emerged from cheaper storage costs and a data-hoarding
culture, where organizations amassed large volumes of data without
establishing proper structures or ensuring shared context and meaning. It was
further fueled by resistance to a design-first approach, often dismissed as a
potential bottleneck to speed. ... With data debt, prevention is better than
relying on a cure. Shift left is a practice that involves addressing critical
processes earlier in the development lifecycle to identify and resolve issues
before they grow into more significant problems. Applied to data management,
shift left emphasizes prioritizing data modeling early, if possible — before
data is collected or systems are built. Data modeling allows for following a
design-first approach, where data structure, meaning, and relationships are
thoughtfully planned and discussed before collection. This approach reduces
data debt by ensuring clarity, consistency, and alignment across teams,
enabling easier integration, analysis, and long-term value from the data.
Understanding NVMe RAID Mode: Unlocking Faster Storage Performance
While NVMe RAID mode offers excellent benefits, it’s not without its
challenges. One of the most significant hurdles is the complexity of setting
it up. RAID arrays, particularly with NVMe drives, require specialized
hardware or software RAID controllers. Additionally, configuring RAID in the
BIOS or UEFI settings can be tricky for less experienced users. Another
challenge is cost. NVMe SSDs, while dropping in price over the years, are
still generally more expensive than traditional SATA-based drives. Combining
multiple NVMe drives into a RAID array can significantly increase the cost of
the storage solution. For users on a budget, this might not be the most
cost-effective option. Finally, RAID configurations that emphasize
performance, like RAID 0, do not provide any data redundancy. If one drive
fails, all data in the array is lost. ... NVMe RAID mode is ideal for users
who need extremely fast read and write speeds, high storage capacity, and, in
some cases, redundancy. This includes professionals who work with large video
files, developers running complex simulations, and enthusiasts building
high-end gaming PCs. Additionally, businesses that rely on fast access to
large databases or those that run virtual machines may benefit from NVMe RAID
configurations.
Supply chain compromise of Ultralytics AI library results in trojanized versions
According to researchers from ReversingLabs, the attackers leveraged a known
exploit via GitHub Actions to introduce malicious code during the automated
build process, therefore bypassing the usual code review process. As a result,
the code was present only in the package pushed to PyPI and not in the code
repository on GitHub. The trojanized version of Ultralytics on PyPI (8.3.41)
was published on Dec. 4. Ultralytics developers were alerted Dec. 5, and
attempted to push a new version (8.3.42) to resolve the issue, but because
they didn’t initially understand the source of the compromise, this version
ended up including the rogue code as well. A clean and safe version (8.3.43)
was eventually published on the same day. ... According to ReversingLabs’
analysis of the malicious code, the attacker modified two files: downloads.py
and model.py. The code injected in model.py checks the type of machine where
the package is deployed to download a payload targeted for that platform and
CPU architecture. The rogue code that performs the payload download is stored
in downloads.py. “While in this case, based on the present information the RL
research team has, it seems that the malicious payload served was simply an
XMRig miner, and that the malicious functionality was aimed at cryptocurrency
mining,” ReversingLabs’ researchers wrote.
Data Governance Defying Gravitas
When it comes to formalizing data governance in a complex organization,
there’s often an expectation of gravitas — a sense of seriousness, authority,
and weight that makes the effort seem formidable and unyielding. But let’s be
honest: Too much gravitas can weigh down your data governance program before
it even begins. Enter the Non-Invasive Data Governance approach, which flips
the script on gravitas by delivering effectiveness without the unnecessary
posturing, proving that you can have impact without the drama. ... Complex
organizations are not static, and neither should their data governance
approach be. NIDG defies the traditional concept of gravitas by embracing
adaptability. While other frameworks crumble under the weight of
organizational change, NIDG thrives in dynamic environments. It’s built to
flex and evolve, ensuring governance remains effective as technologies,
priorities, and personnel shift. This adaptability fosters a sense of trust.
People know that NIDG isn’t a rigid set of rules, but a living framework
designed to support their needs. It’s this trust that gives NIDG its gravitas
— not the false authority of inflexible mandates, but the real authority that
comes from being a program people believe in and rely on.
Weaponized AI: Hot for Fraud, Not for Election Interference
"Criminals use AI-generated text to appear believable to a reader in
furtherance of social engineering, spear phishing and financial fraud schemes
such as romance, investment and other confidence schemes, or to overcome
common indicators of fraud schemes," it said. More advanced use cases
investigated by law enforcement include criminals using AI-generated audio
clips to fool banks into granting them access to accounts, or using "a loved
one's voice to impersonate a close relative in a crisis situation, asking for
immediate financial assistance or demanding a ransom," the bureau warned. Key
defenses against such attacks, the FBI said, include creating "a secret word
or phrase with your family to verify their identity," which can also work well
in business settings - for example, as part of a more robust defense against
CEO fraud (see: Top Cyber Extortion Defenses for Battling Virtual Kidnappers).
Many fraudsters attempt to exploit victims before they have time to pause and
think. Accordingly, never hesitate to hang up the phone, independently find a
phone number for a caller's supposed organization, and contact them directly,
it said.
Data Assurance Changes How We Network
Today, the simplest way to control the path data takes between two points is
to use a private network (leased lines, for example). But today’s private
networks are extremely expensive and don’t offer much in the way of
visibility. They also take months to provision, which slows business agility.
Even with MPLS, IGP shortest path routing will always follow the shortest IGP
path. If alternate paths are available, traffic engineering (TE) with segment
routing (SR) can utilize non-shortest paths. However, if the decision is made
within the Provider Edge (PE) router in the service provider's network, it
will necessitate source-based routing, which is not sustainable due to the
challenges of implementing source routing on a per-customer basis within the
service provider network. This approach will not scale effectively in an MPLS
environment, and moreover, 99% of MPLS private networks do not encrypt
traffic, leading to significant performance and scalability issues. Another
option is to move your operations to a public cloud that can guarantee you
meet data assurance goals. This, too, can be prohibitively expensive and also
lacks visibility.
Spotting the Charlatans: Red Flags for Enterprise Security Teams
Sadly, by the time most people catch on that there is a charlatan in the team,
grave damage has been done to both the morale and progress of the security
team. That being said, there are some clues that charlatans leave behind from
time to time. If we are astute and perceptive, we can pick up on these clues
and work to contain the damage that charlatans cause. ... Most talented
security professionals I’ve worked with have a healthy amount of self-doubt
and insecurity. This is completely normal, of course. Charlatans take
advantage of this, cutting down talented professionals that they see as a
threat. This causes those targeted to recoil in a moment of thought and
introspection, which is all the charlatan needs to retake the spotlight. ...
One of the strategies of a charlatan is to throw their perceived threat off
their game. One way in which they do this is by taking pot shots. Charlatans
throw subtle slights, passive-aggressive insults, and unpredictable surprises
at their targets. If the targeted individual reacts to the tactic or calls the
charlatan out, the target then seems like the aggressor. The best response is
to ignore the pot shots and try to stay focused. In many cases, when the
charlatan realizes they cannot rattle you, they will slowly lose interest.
Why ICS Cybersecurity Regulations Are Essential for Industrial Resilience
As the cybersecurity landscape becomes increasingly complex, industrial
companies, especially those managing industrial control systems (ICS), face
heightened risks. From protecting sensitive data to safeguarding critical
infrastructure, compliance with cybersecurity regulations has become
essential. Here, we explore why ICS cybersecurity is crucial, the risks
involved, and key steps organizations can take to meet regulatory demands
without compromising operational efficiency. ... Cybersecurity risks are no
longer a secondary concern but a primary focus, especially for industries
managing critical infrastructure such as energy, water, and transportation.
Cyber threats targeting ICS environments have become more sophisticated,
posing risks not only to individual companies but also to the broader economy
and society. Regulatory adherence ensures these vulnerabilities are managed
systematically, reducing potential downtime, data breaches, and even physical
threats. ... Cybersecurity in ICS environments isn’t merely about meeting
regulatory requirements; it’s a strategic priority that protects both assets
and people. By focusing on identity management, automating updates, aligning
with industry standards, and bridging IT-OT security gaps, organizations can
enhance resilience against emerging threats.
Quote for the day:
“Identify your problems but give your
power and energy to solutions.” -- Tony Robbins
No comments:
Post a Comment