How Operating Models Need to Evolve in 2025
“In 2025, enterprises are looking to achieve autonomous and self-healing IT
environments, which is currently referred to as ‘AIOps.’ However, the use of AI
will become so common in IT operations that we won’t need to call it [that]
explicitly,” says Ruh in an email interview. “Instead, the term, ‘AIOps’ will
become obsolete over the next two years as enterprises move towards the first
wave of AI agents, where early adopters will start deploying intelligent
components in their landscape able to reason and take care of tasks with an
elevated level of autonomy.” ... “The IT operating model of 2025 must adapt to a
landscape shaped by rapid decentralization, flatter structures, and AI-driven
innovation,” says Langley in an email interview. “These shifts are driven by the
need for agility in responding to changing business needs and the transformative
impact of AI on decision-making, coordination and communication. Technology is
no longer just a tool but a connective tissue that enables transparency and
autonomy across teams while aligning them with broader organizational goals.”
... “IT leaders must transition from traditional hierarchical roles to
facilitators who harness AI to enable autonomy while maintaining strategic
alignment. This means creating systems for collaboration and clarity, ensuring
the organization thrives in a decentralized environment,” says Langley.
Cybersecurity is tough: 4 steps leaders can take now to reduce team burnout
Whether it’s about solidifying partnerships with business managers, changing
corporate culture, or correcting errant employees, peer input is golden. No
matter the scenario, it’s likely that other security leaders have dealt with
the same or similar situations, so their input, empathy, and advice are
invaluable. ... Well-informed leaders are more likely to champion and include
security in new initiatives, an important shift in culture from seeing
security as a pain to embracing security as an important business tool. Such a
shift greatly reduces another top stressor among CISO’s — lack of management
support. In a security-centric organization, team members in all roles
experience less pressure to perform miracles with no resources. And, instead
of fighting with leaders for resources, the CISO has more time to focus on
getting to know and better manage staff. ... Recognition, she says, boosts
individual and team morale and motivation. “I am grateful for and do not take
for granted having excellent leadership above me that supports me and my team.
I try to make it easy for them.” And, since personal stressors also impact
burnout, she encourages team members to share their personal stressors at her
one-on-ones or in the group meeting where they can be
supported.
Mandatory MFA, Biometrics Make Headway in Middle East, Africa
Digital identity platforms, such as UAE Pass in the United Arab Emirates and
Nafath in Saudi Arabia, integrate with existing fingerprint and
facial-recognition systems and can reduce the reliance on passwords, says
Chris Murphy, a managing director with the cybersecurity practice at FTI
Consulting in Dubai. "With mobile devices serving as the primary gateway to
digital services, smartphone-based biometric authentication is the most widely
used method in public and private sectors," he says. "Some countries, such as
the UAE and Saudi Arabia, are early adopters of passwordless authentication,
leveraging AI-based facial recognition and behavioral analytics for seamless
and secure identity verification." African nations have also rolled out
national identity cards based on biometrics. In South Africa, for example,
customers can walk into a bank and open an account by using their fingerprint
and linking it to the national ID database, which acts as the root of trust,
says BIO-Key's Sullivan. "After they verify that that person is who they say
they are with the Home Affairs Ministry, they can store that fingerprint [in
the system]," he says. "From then on, anytime they want to authenticate that
user, they just touch a finger. They've just now started rolling out the
ability to do that without even presenting your card for subsequent
business."
Acronis CISO on why backup strategies fail and how to make them resilient
Start by conducting a thorough business impact analysis. Figure out which
processes, applications, and data sets are mission-critical, and decide how
much downtime or data loss is acceptable. The more vital the data or
application, the tighter (and more expensive) your RTO and RPO targets will
be. Having a strong data and systems classification system will make this
process significantly easier. There’s always a trade-off: the more stringent
your RTO and RPO, the higher the cost and complexity of maintaining the
necessary backup infrastructure. That’s why prioritisation is key. For
example, a real-time e-commerce database might need near-zero downtime, while
archived records can tolerate days of recovery time. Once you establish your
priorities, you can use technologies like incremental backups, continuous data
protection, and cross-site replication to meet tighter RTO and RPO without
overwhelming your network or your budget. ... Start by reviewing any
regulatory or compliance rules you must follow; these often dictate which data
must be kept and for how long. Keep in mind, that some information may not be
kept longer than absolutely needed – personally identifiable information would
come to mind. Next, look at the operational value of your data.
The bitter lesson for generative AI adoption
The rapid pace of innovation and the proliferation of new models have raised
concerns about technology lock-in. Lock-in occurs when businesses become
overly reliant on a specific model with bespoke scaffolding that limits their
ability to adapt to innovations. Upon its release, GPT-4 was the same cost as
GPT-3 despite being a superior model with much higher performance. Since the
GPT-4 release in March 2023, OpenAI prices have fallen another six times for
input data and four times for output data with GPT-4o, released May 13, 2024.
Of course, an analysis of this sort assumes that generation is sold at cost or
a fixed profit, which is probably not true, and significant capital injections
and negative margins for capturing market share have likely subsidized some of
this. However, we doubt these levers explain all the improvement gains and
price reductions. Even Gemini 1.5 Flash, released May 24, 2024, offers
performance near GPT-4, costing about 85 times less for input data and 57
times less for output data than the original GPT-4. Although eliminating
technology lock-in may not be possible, businesses can reduce their grip on
technology adoption by using commercial models in the short run.
Staying Ahead: Key Cloud-Native Security Practices
NHIs represent machine identities used in cybersecurity. They are conceived by
combining a “Secret” (an encrypted password, token, or key) and the
permissions allocated to that Secret by a receiving server. In an increasingly
digital landscape, the role of these machine identities and their secrets
cannot be overstated. This makes the management of NHIs a top priority for
organizations, particularly those in industries like financial services,
healthcare, and travel. ... As technology has advanced, so too has the
need for more thorough and advanced cybersecurity practices. One rapidly
evolving area is the management of Non-Human Identities (NHIs), which
undeniably interweaves secret data. Understanding and efficiently managing
NHIs and their secrets are not just choices but an imperative for
organizations operating in the digital space and leaned towards cloud-native
applications. NHIs have been sharing their secrets with us for some time,
communicating an urgent requirement for attention, understanding and improved
security practices. They give us hints about potential security weaknesses
through unique identifiers that are not unlike a travel passport. By
monitoring, managing, and securely storing these identifiers and the
permissions granted to them, we can bridge the troublesome chasm between the
security and R&D teams, making for better-protected organizations.
3 promises every CIO should keep in 2025
To minimize disappointment, technologists need to set the expectations of
business leaders. At the same time, they need to evangelize on the value of
new technology. “The CIO has to be an evangelist, educator, and realist all at
the same time,” says Fernandes. “IT leaders should be under-hypers rather than
over-hypers, and promote technology only in the context of business cases.”
... According to Leon Roberge, CIO for Toshiba America Business Solutions and
Toshiba Global Commerce Solutions, technology leaders should become more
visible to the business and lead by example to their teams. “I started
attending the business meetings of all the other C-level executives on a
monthly basis to make sure I’m getting the voice of the business,” he says.
“Where are we heading? How are we making money? How can I help business
leaders overcome their challenges and meet their objectives?” ... CIOs should
also build platforms for custom tools that meet the specific needs not only of
their industry and geography, but of their company — and even for specific
divisions. AI models will be developed differently for different industries,
and different data will be used to train for the healthcare industry than for
logistics, for example. Each company has its own way of doing business and its
own data sets.
5G in Business: Roadblocks, Catalysts in Adoption - Part 1
Enterprises considering 5G adoption are confronted with several challenges,
key among them being high capex, security, interoperability and integration
with existing infrastructure, and skills development within their workforce.
Consistent coverage and navigating the complex regulatory landscape are also
inhibitors to adoption. Jenn Mullen, emerging technology solutions lead at
Keysight Technologies, told ISMG that business leaders must address potential
security concerns, ensure seamless integration with existing IT infrastructure
and demonstrate a strong return on investment. ... Early enterprise 5G
projects were unsuccessful as the applications and devices weren't 5G
compatible. For instance, in 2021, ArcelorMittal France conceived 5G Steel, a
private cellular network serving its steelworks in Dunkirk, Mardyck and
Florange (France) - to support its digitalization plans with high-speed,
site-wide 5G connectivity. The private network, which covers a 10 square
kilometer area, was built by French public network operator Orange. When it
turned the network on in October 2022, the connecting devices were only 4G,
leading to underutilization. "The availability of 5G-compatible terminals
suitable for use in an industrial environment is too limited," said David
Glijer, the company's director of digital transformation at the time.
Rethinking Business Models With AI
We arrive in a new era of transforming business models and organizations by
leveraging the power of Gen AI. An AI-powered business model is an
organizational framework that fundamentally integrates AI into one or more
core aspects of how a company creates, delivers and captures value. Unlike
traditional business models that merely use AI as a tool for optimization, a
truly AI-powered business model exhibits distinctive characteristics, such as
self-reinforcing intelligence, scalable personalization and ecosystem
integration. ... As an organization moves through its AI-powered business
model innovation journey, it must systematically consider the eight essentials
of AI-driven business models (Figure 3) and include a holistic assessment of
current state capabilities, identification of AI innovation opportunities and
development of a well-defined map of the transformation journey. Following
this, rapid innovation sprints should be conducted to translate strategic
visions into tangible results that validate the identified AI opportunities
and de-risk at-scale deployments. ... While the potential rewards are
compelling — from operational efficiencies to entirely new value propositions
— the journey is complex and fraught with pitfalls, not least from existing
barriers.
Increase in cyberattacks setting the stage for identity security’s rapid growth
Digital identity security is rapidly growing in importance as identity
infrastructure becomes a target for cyber attackers. Misconfigurations of
identity systems have become a significant concern – but many companies still
seem unaware of the issue. Security expert Hed Kovetz says that “identity is
always the go-to of every attacker.” As CEO and co-founder of digital identity
protection firm Silverfort, he believes that protecting identity is one of
their most complicated tasks. “If you ask any security team, I think identity
is probably the one that is the most complex,” says Kovetz. “It’s painful:
There are so many tools, so many legacy technologies and legacy infrastructure
still in place.” ... To secure identity infrastructures, security specialists
need to deal with both very old and very new technologies consistently. Kovetz
says he first began dealing with legacy systems that could not be properly
secured and could be used by attackers to spread inside the network. He later
extended to protecting and other modern technologies. “I think that protecting
these things end to end is the key,” says Kovetz. “Otherwise, attackers will
always go to the weaker part.” ... Although the increase in cyberattacks is
setting the stage for identity security’s rapid growth in importance, some
organizations are still struggling to acknowledge weaknesses in their identity
infrastructure.
Quote for the day:
"All leadership takes place through
the communication of ideas to the minds of others." --
Charles Cooley
No comments:
Post a Comment