Quote for the day:
"Strive not to be a success, but rather
to be of value." -- Albert Einstein

Like many AI teams in the mid-2010s, Visma’s group initially relied on
traditional deep learning methods such as recurrent neural networks (RNNs),
similar to the systems that powered Google Translate back in 2015. But around
2020, the Visma team made a change. “We scrapped all of our development plans
and have been transformer-only since then,” says Claus Dahl, Director ML Assets
at Visma. “We realized transformers were the future of language and document
processing, and decided to rebuild our stack from the ground up.” ... The team’s
flagship product is a robust document extraction engine that processes documents
in the countries where Visma companies are active. It supports a variety of
languages. The AI could be used for documents such as invoices and receipts. The
engine identifies key fields, such as dates, totals, and customer references,
and feeds them directly into accounting workflows. ... “High-quality data is
more valuable than high volumes. We’ve invested in a dedicated team that curates
these datasets to ensure accuracy, which means our models can be fine-tuned very
efficiently,” Dahl explains. This strategy mirrors the scaling laws used by
large language models but tailors them for targeted enterprise applications. It
allows the team to iterate quickly and deliver high performance in niche use
cases without excessive compute costs.

Hardware-enforced physical isolation is fast becoming a cornerstone of modern
cybersecurity strategy. These physical-layer security solutions allow your
critical infrastructure – servers, storage and network segments – to be
instantly disconnected on demand, using secure, out-of-band commands. This
creates a last line of defence that holds even when everything else fails. After
all, if malware can’t reach your system, it can’t compromise it. If a breach
does occur, physical segmentation contains it in milliseconds, stopping lateral
movement and keeping operations running without disruption. In stark contrast to
software-only isolation, which relies on the very systems it seeks to protect,
hardware isolation remains immune to tampering. ... When ransomware strikes,
every second counts. In a colocation facility, traditional defences might flag
the breach, but not before it worms its way across tenants. By the time alerts
go out, the damage is done. With hardware isolation, there’s no waiting: the
compromised tenant can be physically disconnected in milliseconds, before the
threat spreads, before systems lock up, before wallets and reputations take a
hit. What makes this model so effective is its simplicity. In an industry where
complexity is the norm, physical isolation offers a simple, fundamental truth:
you’re either connected or you’re not. No grey areas. No software dependency.
Just total certainty.
We think for any complex problem, a good 60–70% of it can be solved through
innovation. That's always our first principle. Then where we see any
inefficiencies; be it in workflows or process, automation works for the other
20% of the friction. The remaining 10–20% is where the engineering plays its
important role, and it allows to touch on the scale, security and governance
aspects. In data specifically, we are referencing the last 5–6 years of
massive investments. We partner with platforms like Databricks and DataMiner
and we've invested in companies like TESL and Strike AI for securing their AI
models. ... In the cloud space, we see a shift from migration to modernisation
(and platform engineering). Enterprises are focussing on modernisation of both
applications and databases because those are critical levers of agility,
security, and business value. In AI it is about data readiness; the majority
of enterprise data is very fragmented or very poor quality which makes any AI
effort difficult. Next is understanding existing processes—the way work is
done at scale—which is critical for enabling GenAI. But the true ROI is
Agentic AI—autonomous systems which don’t just tell you what to do, but just
do it. We’ve been investing heavily in this space since 2018.

Recent work on ethics in computing has focused on artificial intelligence (AI)
with its success in solving problems, processing large amounts of data, and
with the award of Nobel Prizes to AI researchers. Large language models and
chatbots such as ChatGPT suggest that AI will continue to develop rapidly,
acquire new capabilities, and affect many aspects of human existence. Many of
the issues raised in the ethics of AI overlap previous discussions. The
discussion of ethical questions surrounding AI is reaching a much broader
audience, has more societal impact, and is rapidly transitioning to action
through guidelines and the development of organizational structure,
regulation, and legislation. ... Ethics of digital technologies in modern
societies raises questions that traditional ethical theories find difficult to
answer. Current socio-technical arrangements are complex ecosystems with a
multitude of human and non-human stakeholders, influences, and
relationships. The questions of ethics in ecosystems include: Who are members? On what
grounds are decisions made and how are they implemented and enforced? Which
normative foundations are acceptable? These questions are not easily answered.
Computing professionals have important contributions to make to these
discussions and should use their privileges and insights to help societies
navigate them.

Technically speaking, RPA isn’t intelligent in the same way that we might
consider an AI system like ChatGPT to mimic some functions of human
intelligence. It simply follows the same rules over and over again in order to
spare us the effort of doing it. RPA works best with structured data because,
unlike AI, it doesn't have the ability to analyze and understand unstructured
data, like pictures, videos, or human language. ... AI agents, on the other
hand, use language models and other AI technologies like computer vision to
understand and interpret the world around them. As well as simply analyzing
and answering questions about data, they are capable of taking action by
planning how to achieve the results they want and interacting with third-party
services to get it done. ... Using RPA, it would be possible to extract
details about who sent the mail, the subject line, and the time and date it
was sent. This can be used to build email databases and broadly categorize
emails according to keywords. An agent, on the other hand, could analyze the
sentiment of the email using language processing, prioritize it according to
urgency, and even draft and send a tailored response. Over time, it learns how
to improve its actions in order to achieve better resolutions.

Treat AI-generated content like a highly caffeinated first draft – full of
energy, but possibly a little messy and prone to making things up. Your job
isn’t to just hit “generate” and walk away unless you enjoy explaining AI
hallucinations or factual inaccuracies to your boss (or worse, your audience).
Always, always edit aggressively, proofread and, most critically, fact-check
every single output. This process isn’t just about catching AI’s mistakes; it
actively engages your critical thinking skills, forcing you to verify
information and refine expression. Think of it as intellectual calisthenics.
... Don’t settle for the first answer AI gives you. Engage in a dialogue.
Refine your prompts, ask follow-up questions, request different perspectives
and challenge its assumptions. This iterative process of refinement forces you
to think more clearly about your own needs, to be precise in your
instructions, and to critically evaluate the nuances of the AI’s response. ...
The MIT study serves as a crucial wake-up call: over-reliance on AI can indeed
make us “stupid” by atrophying our critical thinking skills. However, the
solution isn’t to shun AI, but to engage with it intelligently and
responsibly. By aggressively editing, proofreading and fact-checking AI
outputs, by iteratively refining prompts and by strategically choosing the
right AI tool for each task, we can ensure AI serves as a powerful enhancer,
not a detrimental crutch.
The EU’s PQC roadmap is broadly aligned with that from NIST; both advise a
phased migration to PQC with hybrid-PQC ciphers and hybrid digital
certificates. These hybrid solutions provide the security promises of brand
new PQC algorithms, whilst allowing legacy devices that do not support them,
to continue using what’s now being called ‘classical cryptography’. In the
first instance, both the EU and NIST are recommending that non-PQC encryption
is removed by 2030 for critical systems, with all others following suit by
2035. While both acknowledge the ‘harvest now, decrypt later’ threat, neither
emphasise the importance of understanding the cover time of data; nor
reference the very recent advancements in quantum computing. With many now
predicting the arrival of cryptographically relevant quantum computers (CRQC)
by 2030, if organizations or governments have information with a cover time of
five years or more, it is already too late for many to move to PQC in time.
Perhaps the most significant difference that EU organizations will face
compared to their American counterparts, is that the European roadmap is
more than just advice; in time it will be enforced through various directives
and regulations. PQC is not explicitly stated in EU regulations, although that
is not surprising.

“The CIO is going to be very, very busy for the next three, four years, and
that’s going to be the biggest impact,” he says. “All of a sudden,
businesspeople are starting to figure out that they can save a ton of money with
AI, or they can enable their best performers to do the actual job.” Davidov
doesn’t see workforce cuts matching AI productivity increases, even though some
job cuts may be coming. ... “The costs of building out AI infrastructure will
ultimately fall to enterprise users, and for CIOs, it’s only a question of
when,” he says. “While hyperscalers and AI vendors are currently shouldering
much of the expense to drive adoption, we expect to see pricing models evolve.”
Bhathena advises CIOs to look beyond headline pricing because hidden costs,
particularly around integrating AI with existing legacy systems, can quickly
escalate. Organizations using AI will also need to invest in upskilling
employees and be ready to navigate increasingly complex vendor ecosystems. “Now
is the time for organizations to audit their vendor agreements, ensure contract
flexibility, and prepare for potential cost increases as the full financial
impact of AI adoption becomes clearer,” he says. ... Baker advises CIOs to be
careful about their purchases of AI products and services and tie new
deployments to business needs.

Instead of building everything on one platform, IT leaders are spreading out
their workloads, said Joe Warnimont, senior analyst at HostingAdvice. "It's no
longer about chasing the latest innovation from a single provider. It's about
building a resilient architecture that gives you control and flexibility for
each workload." Cost is another major factor. Even though hyperscalers promote
their pay-as-you-go pricing, many enterprises find it difficult to predict and
manage costs at scale. This is true for companies running hundreds or thousands
of workloads across different regions and teams. "You'd think that pay-as-you-go
would fit any business model, but that's far from the case. Cost predictability
is huge, especially for businesses managing complex budgets," Warnimont said. To
gain more control over pricing and features, companies are turning to
alternative cloud providers, such as DigitalOcean, Vultr and Backblaze. These
platforms may not have the same global footprint as AWS or Azure but they offer
specialized services, better pricing and flexibility for certain use cases. An
organization needing specific development environments may go to DigitalOcean.
Another may chose Vultr for edge computing. Sometimes the big players just don't
offer what a specific workload requires.

While Abousselham champions a personalized, hands-on approach to developing
talent, other CISOs are building more formal pathways to support emerging
leaders at scale. For others like PayPal CISO Shaun Khalfan, structured
development was always part of his career. He participated in formal leadership
training programs offered by the Department of Defense and those run by the
American Council for Technology. ... Structured development is also happening
inside companies like the insurance brokerage firm Brown & Brown. CISO Barry
Hensley supports an internal cohort program designed to identify and grow
emerging leaders early in their careers. “We look at our – I’m going to call it
newer or younger – employees,” he explains. “And if you become recognized in
your first, second, or third year as having the potential to [become a leader],
you get put in a program,” he explains. ... Khalfan believes good CISOs should
be able to dive deep with engineers while also leading boardroom conversations.
“It’s been a long time since I’ve written code,” he says, “but I at least
understand how to have a deep conversation and also be able to have a board
discussion with someone.” Abousselham agrees that technical experience is only
one part of the puzzle.
No comments:
Post a Comment