Daily Tech Digest - June 03, 2025


Quote for the day:

"Keep your fears to yourself, but share your courage with others." -- Robert Louis Stevenson


Is it Time to Accept that the Current Role of the CISO Has Failed?

First of all, it was never conceived as a true C-level role. It probably originated in the minds of some organisation consultants, but it never developed any true C-level weight. Even if it may hurt some, it is my opinion that it was very rarely given to people with true C-level potential. Second, it was almost always given to technologists by trade or background, although the underlying matter is unequivocally cross-functional and has always been: You cannot be successful around identity and access management for example without the involvement of HR and business units, and the ability to reach credibly towards them. ... It has aggregated a mixed set of responsibilities and accountabilities without building up the right organisational and managerial momentum, and many CISOs are simply being set up to fail: The role has simply become too complex to carry for the profile of the people it attracts. To break this spiral, the logic is now to split the role, stripping off the managerial layers it has accumulated over the years and refocusing the role of the CISO on its native technical content so that it can lead effectively and efficiently at that level, while at the same time bringing up a CSO role able to reach across business, IT and support function to take in charge the level of corporate complexity cybersecurity is now amalgamating in large firms.


How to Fortify Your Business’s Online Infrastructure Against Downtime

The first step to protecting your online infrastructure against downtime is to assess just how much downtime risk is viable for your business. Understanding how much downtime you can realistically afford is important for developing a sound IT strategy. Your viable downtime limit will define your tolerance to risk and allow you to direct your resources toward systems that keep your systems running optimally as far as possible. The average accepted downtime rate for a website is just 0.05%. That means your systems should experience uptime at least 99.95% of the time. If you have a low risk tolerance – say, for instance, if you rely on an ecommerce platform to generate revenue – investing in IT continuity technology is essential for keeping downtime minimal. ... The first step to safeguarding your organization against cyberattacks is to regularly audit your network security measures. This helps to spot vulnerabilities and address them, ensuring your IT systems are always protected against continuously advancing threats. Begin by creating a map of your existing network infrastructure, including all of its user access points, hardware, and software. This map will allow you to keep track of changes and quickly identify unauthorized changes and additions.


Private cloud still matters—but it doesn’t matter most

Large enterprises will maintain significant on-premises footprints for the foreseeable future, for all the reasons we’ve discussed. The enterprise IT landscape in 2025 is undeniably hybrid and likely always will be. But it’s equally undeniable that the center of gravity for innovation has shifted. When a new opportunity emerges—say, deploying a breakthrough AI model or scaling a customer-facing app to millions of users overnight—companies aren’t spinning up a new on-premises cluster to meet the moment. They’re tapping the virtually unlimited resources of AWS, Azure, Google, or edge networks like Cloudflare. They’re doing so because cloud offers experimentation without hardware procurement, and success isn’t gated by how many servers you happen to own. Private clouds excel at running the known and steady. Public clouds excel at unleashing the unknown and extraordinary. As we reach a cloud/on-prem equilibrium, this division of labor is becoming clearer. The day-to-day workloads that keep the business running may happily live in a familiar private cloud enclave. But the industry-defining projects, the ones leaders hope will define the business’s future, gravitate to infrastructure that can stretch to any size, in any region, at a moment’s notice. 


Why Generative AI Needs Architecture, Not Just APIs

The root of the problem often lies in treating gen AI as an add-on to legacy systems rather than embedding it into core operations. This leads to inconsistent implementation, unclear ownership and limited returns. To deliver meaningful outcomes, organizations must start by identifying areas where gen AI can enhance decisions, such as customer engagement, service workflows and regulatory compliance. ... When the focus is only on launching siloed applications, organizations may move fast initially, but they end up with systems that are difficult to scale, integrate or adapt. That's where architecture-centric thinking becomes critical. A strong architectural foundation built on modularity, interoperability and scalability ensures that future applications don't just add features but add value as one needs to build to last. This means building platforms that support change, not just one-off projects. It's also about fostering collaboration between business and IT, so decisions can be made with both speed and stability in mind. ... The "situational layer cake" architecture enables enterprises to build applications in distinct layers, such as enterprisewide, division-specific and implementation layers, facilitating a balance between reusability and customization. This structure allows the creation of reusable components that can be tailored to specific business contexts without redundant coding, streamlining operations and reducing complexity.


Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization

The goal of a help desk scam is to get the help desk operator to reset the credentials and/or MFA used to access an account so the attacker can take control of it. They'll use a variety of backstories and tactics to get that done, but most of the time it's as simple as saying "I've got a new phone, can you remove my existing MFA and allow me to enroll a new one?" From there, the attacker is then sent an MFA reset link via email or SMS. Usually, this would be sent to, for example, a number on file — but at this point, the attacker has already established trust and bypassed the help desk process to a degree. So asking "Can you send it to this email address" or "I've actually got a new number too, can you send it to…" gets this sent directly to the attacker. ... But, help desks are a target for a reason. They're "helpful" by nature. This is usually reflected in how they're operated and performance measured — delays won't help you to hit those SLAs! Ultimately, a process only works if employees are willing to adhere to it — and can't be socially engineered to break it. Help desks that are removed from day-to-day operations are also inherently susceptible to attacks where employees are impersonated. But, the attacks we're experiencing at the moment should give security stakeholders plenty of ammunition as to why help desk reforms are vital to securing the business.


Banking on intelligence: How AI is powering the next evolution of financial services

With constantly evolving regulations, financial institutions need stringent compliance measures to avoid penalties and disruptions. AI steps in as a powerful ally, automating compliance tasks to slash manual workloads and boost reporting accuracy. AI agents digest regulatory data, churn out compliance reports, and handle KYC/AML validations—cutting errors while speeding up the process. While implementing the changes, financial institutions must comply with data localisation mandates and ensure AI solutions are hosted within India. To mitigate data privacy risks, personally identifiable information (PII) is anonymised, and AI is deployed within Virtual Private Cloud environments. AI systems automate document verification, ensuring consistent validation and improving audit readiness. ... AI-enabled Underwriting Workbench is an immensely helpful tool for streamlining documentation and offering a single-window interface. GenAI further enhances credit assessments by analysing alternative data—like transaction history, social media, and employment records—offering a comprehensive view of an applicant’s financial health. This enables banks to make inclusive, risk-aware lending decisions. Agentic AI further calibrates the process by automating tasks like application assessments and borrower information verifications, enabling near-instant loan decisions with minimal human intervention.


Why the end of Google as we know it could be your biggest opportunity yet

Now, before you think I'm writing Google's obituary, let me be clear. Like I've said before, I'm confident they'll figure it out, even if that means changing their business model. That said, if your business depends on Google in any way, whether it's your business profile, reviews, SEO, or products like Ad Manager to drive traffic, you need to pay attention to what's happening. ... The Department of Justice and several states are suing Google's parent company, Alphabet, arguing that its exclusive deals with companies like Apple are anticompetitive and potentially monopolistic. Basically, Google is paying billions to be the default search engine on Apple devices, effectively shutting out any real competition. The ruling in this case could break up their reported $20 billion-a-year agreement. ... Long story short, the way people discover, research, and choose businesses is changing one AI update at a time, but it's essential to note that people are still searching, just not in the same places they used to. That nuance is critical to understanding your next move. As more users turn to AI tools like ChatGPT and Perplexity for answers, traditional search engines are no longer the only gateway to your business. This shift in behavior over time will result in less traffic to your product or service. 


How global collaboration is hitting cybercriminals where it hurts

Collaboration and intelligence sharing is at the heart of our approach to tackling the threat within the NCA, and we enjoy relationships with partners across the public and private sector both nationally and internationally. We’re united and motivated, in many ways, by a common mission. Some of these are formalised law enforcement relationships that we have had for a long time – for example, I was the NCA’s embed to the FBI in Washington DC for a number of years. But, it is not just limited to the US – the NCA is lucky to enjoy brilliant relationships with the ‘five eyes’ countries and partners across Europe and beyond in the fight against cybercrime. ... In the NCA, we are predominantly focused on financially motivated cybercrime, with ransomware as a main area of focus given how significant the threat it poses to the UK. We recognise that some cybercrime groups have connections to the Russian State, but assess that these type of deep-rooted relationships are likely to be the exception as opposed to the norm. When targeting the cybercrime threat, we have been focused on associating cost and risk to the threat actors who seek to cause harm to us and our allies, and we achieve this in a number of different ways. The NCA-led disruption of LockBit in 2024 was successful in undermining trust between members of the group, as well as any trust that victims might have had in LockBit keeping their word. 


Future-Proofing AI: Repeating Mistakes or Learning From the Past?

Are the enterprises rushing to deploy new open source AI projects taking the necessary security measures to isolate them from the rest of their infrastructure? Or are they disregarding recent open source security history and trusting them by default? Alarmingly, there are also reports that China-, North Korea- and Russia-based cybercriminal groups are actively targeting both physical and AI infrastructure while leveraging AI-generated malware to exploit vulnerabilities more efficiently. ... Next-generation AI infrastructure cannot be beholden to performance penalties that arise from using today’s solutions to create true, secure, multitenant environments. By combining the best aspects of bare-metal performance with container-like deployment models, organizations can build systems that deliver both speed and convenience. ... We cannot build a solid future if we ignore the wisdom of the past. The foundations of computing security, resource management and operational efficiency were laid decades ago by pioneers who had to make every CPU cycle and memory byte count. Their lessons are more relevant now than ever as we build systems that consume unprecedented computational resources. The organizations that will outlast in the AI era won’t necessarily be those with the largest infrastructure investments or the trendiest technology stacks. 


Eight ways storage IT pros can evolve in the age of analytics and AI

Large organizations are spending millions of dollars annually on data storage, backups, and disaster recovery. On balance, there’s nothing wrong with that since data is the center of everything today – but all data should not be treated the same. Using cost modeling tools, the storage manager can enter actual storage costs to determine upfront new projected storage costs and actual usable capacity, based on data growth rates. These costs must factor in backups and disaster recovery, which can be 3X of storage spending, and should compare on-premises versus cloud models. An unstructured data management system that indexes all data across all storage can supply metrics on data volumes, costs, and predicted costs, and then model plans for moving less-active data to lower-cost archival storage, such as in the cloud. ... Storage teams must mitigate ransomware risks associated with file data. One way to do this is by implementing hybrid tiering strategies that offload infrequently accessed (cold) files to immutable cloud storage, which reduces the active attack surface by as much as 70 or 80 percent. Immutable storage ensures that once data is written, it cannot be altered or deleted, providing a robust defense against ransomware attempts to encrypt or corrupt files.

No comments:

Post a Comment