Daily Tech Digest - July 28, 2025

Quote for the day:

"Don't watch the clock; do what it does. Keep going." -- Sam Levenson


Architects Are… Human

Architects are not super-human. Most learned to be good by failing miserably dozens or hundreds of times. Many got the title handed to them. Many gave it to themselves. Most come from spectacularly different backgrounds. Most have a very different skill set. Most disagree with each other. ... When someone gets online and says, ‘Real Architects’, I puke a little. There are no real architects. Because there is no common definition of what that means. What competencies should they have? How were those competencies measured and by whom? Did the person who measured them have a working model by which to compare their work? To make a real architect repeatedly, we have to get together and agree what that means. Specifically. Repeatably. Over and over and over again. Tens of thousands of times and learn from each one how to do it better as a group! ... The competency model for a successful architect is large, difficult to learn, and most of employers do not recognize or give you opportunities to do it very often. They have defined their own internal model, from ‘all architects are programmers’ to ‘all architects work with the CEO’. The truth is simple. Study. Experiment. Ask tough questions. Simple answers are not the answer. You do not have to be everything to everyone. Business architects aren’t right, but neither are software architects.


Mitigating Financial Crises: The Need for Strong Risk Management Strategies in the Banking Sector

Poor risk management can lead to liquidity shortfalls, and failure to maintain adequate capital buffers can potentially result in insolvency and trigger wider market disruptions. Weak practices also contribute to a build-up of imbalances, such as lending booms, which unravel simultaneously across institutions and contribute to widespread market distress. In addition, banks’ balance sheets and financial contracts are interconnected, meaning a failure in one institution can quickly spread to others, amplifying systemic risk. ... Poor risk controls and a lack of enforcement also encourage excessive moral hazard and risk-taking behavior that exceed what a bank can safely manage, undermining system stability. Homogeneous risk diversification can also be costly and exacerbate systemic risk. When banks diversify risks in similar ways, individual risk reduction paradoxically increases the probability of simultaneous multiple failures. Fragmented regulation and inadequate risk frameworks fail to address these systemic vulnerabilities, since persistent weak risk management practices threaten the entire financial system. In essence, weak risk management undermines individual bank stability, while the interconnected and pro-cyclical nature of the banking system can trigger cascading failures that escalate into systemic crises.


Where Are the Big Banks Deploying AI? Simple Answer: Everywhere

Of all the banks presenting, BofA was the most explicit in describing how it is using various forms of artificial intelligence. Artificial intelligence allows the bank to effectively change the work across more areas of its operations than prior types of tech tools allowed, according to Brian Moynihan, chair and CEO. The bank included a full-page graphic among its presentation slides, the chart describing four "pillars," in Moynihan’s words, where the bank is applying AI tools. ... While many banks have tended to stop short of letting their use of GenAI touch customers directly, Synchrony has introduced a tool for its customers when they want to shop for various consumer items. It launched its pilot of Smart Search a year ago. Smart Search provides a natural language hunt joined with GenAI. It is a joint effort of the bank’s AI technology and product incubation teams. The functionality permits shoppers using Synchrony’s Marketplace to enter a phrase or theme to do with decorating and home furnishings. The AI presents shoppers with a "handpicked" selection of products matching the information entered, all of which are provided by merchant partners. ... Citizens is in the midst of its "Reimagining the Bank," Van Saun explained. This entails rethinking and redesigning how Citizens serves customers. He said Citizens is "talking with lots of outside consultants looking at scenarios across all industries across the planet in the banking industry."


How logic can help AI models tell more truth, according to AWS

By whatever name you call it, automated reasoning refers to algorithms that search for statements or assertions about the world that can be verified as true by using logic. The idea is that all knowledge is rigorously supported by what's logically able to be asserted. As Cook put it, "Reasoning takes a model and lets us talk accurately about all possible data it can produce." Cook gave a brief snippet of code as an example that demonstrates how automated reasoning achieves that rigorous validation. ... AWS has been using automated reasoning for a decade now, said Cook, to achieve real-world tasks such as guaranteeing delivery of AWS services according to SLAs, or verifying network security. Translating a problem into terms that can be logically evaluated step by step, like the code loop, is all that's needed. ... The future of automated reasoning is melding it with generative AI, a synthesis referred to as neuro-symbolic. On the most basic level, it's possible to translate from natural-language terms into formulas that can be rigorously analyzed using logic by Zelkova. In that way, Gen AI can be a way for a non-technical individual to frame their goal in informal, natural language terms, and then have automated reasoning take that and implement it rigorously. The two disciplines can be combined to give non-logicians access to formal proofs, in other words.


Can Security Culture Be Taught? AWS Says Yes

Security culture is broadly defined as an organization's shared strategies, policies, and perspectives that serve as the foundation for its enterprise security program. For many years, infosec leaders have preached the importance of a strong culture and how it cannot only strengthen the organization's security posture but also spur increases in productivity and profitability. Security culture has also been a focus in the aftermath of last year's scathing Cyber Safety Review Board (CSRB) report on Microsoft, which stemmed from an investigation into a high-profile breach of the software giant at the hands of the Chinese nation-state threat group Storm-0558. The CSRB found "Microsoft's security culture was inadequate and requires an overhaul," according to the April 2024 report. Specifically, the CSRB board members flagged an overall corporate culture at Microsoft that "deprioritized both enterprise security investments and rigorous risk management." ... But security culture goes beyond frameworks and executive structures; Herzog says leaders need to have the right philosophies and approaches to create an effective, productive environment for employees throughout the organization, not just those on the security team. ... A big reason why a security culture is hard to build, according to Herzog, is that many organizations are simply defining success incorrectly.


Data and AI Programs Are Effective When You Take Advantage of the Whole Ecosystem — The AIAG CDAO

What set the Wiki system apart was its built-in intelligence to personalize the experience based on user roles. Kashikar illustrated this with a use case: “If I’m a marketing analyst, when I click on anything like cross-sell, upsell, or new customer buying prediction, it understands I’m a marketing analyst, and it will take me to the respective system and provide me the insights that are available and accessible to my role.” This meant that marketing, engineering, or sales professionals could each have tailored access to the insights most relevant to them. Underlying the system were core principles that ensured the program’s effectiveness, says Kaahikar. This includes information, accessibility, and discoverability, and its integration with business processes to make it actionable. ... AI has become a staple in business conversations today, and Kashikar sees this growing interest as a positive sign of progress. While this widespread awareness is a good starting point, he cautions that focusing solely on models and technologies only scratches the surface, or can provide a quick win. To move from quick wins to lasting impact, Kashikar believes that data leaders must take on the role of integrators. He says, “The data leaders need to consider themselves as facilitators or connectors where they have to take a look at the entire ecosystem and how they leverage this ecosystem to create the greatest business impact which is sustainable as well.”


Designing the Future of Data Center Physical Security

Security planning is heavily shaped by the location of a data center and its proximity to critical utilities, connectivity, and supporting infrastructure. “These factors can influence the reliability and resilience of data centers – which then in turn will shift security and response protocols to ensure continuous operations,” Saraiya says. In addition, rurality, crime rate, and political stability of the region will all influence the robustness of security architecture and protocols required. “Our thirst for information is not abating,” JLL’s Farney says. “We’re doubling the amount of new information created every four years. We need data centers to house this stuff. And that's not going away.” John Gallagher, vice president at Viakoo, said all modern data centers include perimeter security, access control, video surveillance, and intrusion detection. ... “The mega-campuses being built in remote locations require more intentionally developed security systems that build on what many edge and modular deployments utilize,” Dunton says. She says remote monitoring and AI-driven analytics allow centralized oversight with minimizing on-site personnel, while compact, hardened enclosures with integrated access control, surveillance, and environmental sensors Emphasis is also placed on tamper detection, local alerting, and quick response escalation paths.


The legal minefield of hacking back

Attribution in cyberspace is incredibly complex because attackers use compromised systems, VPNs, and sophisticated obfuscation techniques. Even with high confidence, you could be wrong. Rather than operating in legal gray areas, companies need to operate under legally binding agreements that allow security researchers to test and secure systems within clearly defined parameters. That’s far more effective than trying to exploit ambiguities that may not actually exist when tested in court. ... Active defense, properly understood, involves measures taken within your own network perimeter, like enhanced monitoring, deception technologies like honeypots, and automated response systems that isolate threats. These are defensive because they operate entirely within systems you own and control. The moment you cross into someone else’s system, even to retrieve your own stolen data, you’ve entered offensive territory. It doesn’t matter if your intentions are defensive; the action itself is offensive. Retaliation goes even further. It’s about causing harm in response to an attack. This could be destroying the attacker’s infrastructure, exposing their operations, or launching counter-attacks. This is pure vigilantism and has no place in responsible cybersecurity. ... There’s also the escalation risk. That “innocent” infrastructure might belong to a government entity, a major corporation, or be considered critical infrastructure. 


What Is Data Trust and Why Does It Matter?

Data trust can be seen as data reliability in action. When you’re driving your car, you trust that its speedometer is reliable. A driver who believes his speedometer is inaccurate may alter the car’s speed to compensate unnecessarily. Similarly, analysts who lose faith in the accuracy of the data powering their models may attempt to tweak the models to adjust for anomalies that don’t exist. Maximizing the value of a company’s data is possible only if the people consuming the data trust the work done by the people developing their data products. ... Understanding the importance of data trust is the first step in implementing a program to build trust between the producers and consumers of the data products your company relies on increasingly for its success. Once you know the benefits and risks of making data trustworthy, the hard work of determining the best way to realize, measure, and maintain data trust begins. Among the goals of a data trust program are promoting the company’s privacy, security, and ethics policies, including consent management and assessing the risks of sharing data with third parties. The most crucial aspect of a data trust program is convincing knowledge workers that they can trust AI-based tools. A study released recently by Salesforce found that more than half of the global knowledge workers it surveyed don’t trust the data that’s used to train AI systems, and 56% find it difficult to extract the information they need from AI systems.


Six reasons successful leaders love questions

A modern way of saying this is that questions are data. Leaders who want to leverage this data should focus less on answering everyone’s questions themselves and more on making it easy for the people they are talking to—their employees—to access and help one another answer the questions that have the biggest impact on the company’s overall purpose. For example, part of my work with large companies is to help leaders map what questions their employees are asking one another and analyze the group dynamics in their organization. This gives leaders a way to identify critical problems and at the same time mobilize the people who need to solve them. ... The key to changing the culture of an organization is not to tell people what to do, but to make it easy for them to ask the questions that make them consider their current behavior. Only by making room for their colleagues, employees, and other stakeholders to ask their own questions and activate their own experience and insights can leaders ensure that people’s buy-in to new initiatives is an active choice, and thus something they feel committed to acting on. ... The decision to trust the process of asking and listening to other people’s questions is also a decision to think of questioning as part of a social process—something we do to better understand ourselves and the people surrounding us.

Posted by at
Labels: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)