8 things that should be in a company BEC policy document
Smart boards and CEOs should demand that CISOs include BEC-specific procedures in their incident response (IR) plans, and companies should create policies that require security teams to update these IR plans regularly and test their efficacy. As a part of that, security and legal experts recommend that organizations plan for legal involvement across all stages of incident response. Legal especially should be involved in how incidents are communicated with internal and external stakeholders to ensure the organization doesn’t increase its legal liability if a BEC attack hits. “Any breach may carry legal liability, so it’s best to have the discussion before the breach and plan as much as possible to address issues in advance rather than to inadvertently take actions that either causes liability that might not otherwise have existed, or increases liability beyond what would have existed,” Reiko Feaver, a privacy and data security attorney and partner at Culhane Meadows, tells CSO. Feaver, who advises clients on BEC best practices, training and compliance, says BEC policy documents should stipulate that legal be part of the threat modeling team, analyzing potential impacts from different types of BEC attacks so the legal liability viewpoint can be folded into the response plan.
Many Employees Fear Being Replaced by AI — Here's How to Integrate It Into Your Business Without Scaring Them.
The first goal of integrating AI should be understanding the quickest way for it to start having a positive monetary benefit. While our AI project is still a work in progress, we are expecting to increase revenue anywhere from $2 million to $20 million as a result of a first round of investment of under $100,000. But to achieve that type of result, leaders need to get comfortable with AI and figure out the challenges and complexities they might encounter. ... If you are a glass-half-full kind of person, listening to the glass-half-empty kind of person offers a complementary point of view. Whenever I have ideas to really move the numbers, I tend to act fast. It is crucial that people understand that I am not fast-tracking AI integration because I am unhappy with our current process or people. It is because I am happy that I will not risk what we already have unless I am fully sold on the range of the upside — and I want to expedite the learning process to get to those benefits faster. I still want to talk to as many people as I can — employees, developers, marketing folks, product managers, external investors — both for the tone of responses and any major issues. Those red flags may be great things to consider or I need to give people more information. Either way, my response can alleviate their concerns.
The role of AI in modernising accounting practices
Accountants, like any other professionals, have varied views on AI—some see it
as a friend, appreciating its ability to automate tasks, enhance efficiency,
and reduce errors. They view AI as a valuable ally, freeing up time for
strategic and analytical work. On the flip side, others perceive AI as a
threat, fearing job displacement and the loss of the human touch in financial
decision-making. Striking a balance between leveraging AI’s benefits for
efficiency while preserving the importance of human skills is crucial for
successful integration into accounting practices. ... Notably, machine
learning algorithms and natural language processing are gaining prominence,
enabling accountants to delve into more sophisticated tasks such as intricate
data analysis, anomaly detection, and the generation of actionable insights
from complex datasets. As technology continues to evolve, the trajectory of AI
in accounting is expected to expand further. Future developments might include
more sophisticated predictive analytics, enhanced natural language
understanding for improved communication, and increased automation of
compliance-related tasks.
10 ways to improve IT performance (without killing morale)
When working to improve IT performance, leaders frequently focus on the
technology instead of zeroing in on the business process. “We are usually
motivated to change what’s within the scope of our control because we can move
more quickly and see results sooner,” says Matthew Peters, CTO at technology
services firm CAI. Yet a technology-concentrated approach can create
significant risk, such as breaking processes that lie outside of IT or
overspending on solutions that may only perpetuate the issue that still must
be resolved. ... A great way to improve IT performance while maintaining team
morale is by developing a culture of collaboration, says Simon Ryan, CTO at
network management and audit software firm FirstWave. “Encourage team members
to communicate openly — listen to their concerns and provide opportunities for
skill development,” he explains. “This strategy is advantageous because it
links individual development to overall team performance, thereby fostering a
sense of purpose.” Ignoring the human factor is the most common team-related
blunder, Ryan says. “An overemphasis on tasks and deadlines without regard for
the team’s well-being can lead to burnout and unhappiness,” he warns.
How Digital Natives are Reshaping Data Compliance
With their forward-thinking mindsets, today's chief compliance officers are
changing the perception of emerging technologies from threats to
opportunities. Rather than reacting with outright bans, they thoughtfully
integrate new tools into the compliance framework. This balances innovation
with appropriate risk management. It also positions compliance as an enabler
of progress rather than a roadblock. The benefits of this mindset are many: A
forward-thinking culture that thoughtfully integrates innovations into
business processes and compliance frameworks. This allows organizations to
harness the benefits of technology ethically. With an opportunistic mindset,
compliance teams can explore how new tools like AI, blockchain, and automation
can be used to make compliance activities more effective, efficient and data
driven. When seen as working alongside business leaders to evaluate risks and
implement appropriate guardrails for new tech, compliance teams’ collaborative
approaches enable progress and innovation. These new technologies open up
possibilities to continuously improve and modernize compliance programs. An
opportunity-driven perspective seizes on tech's potential.
How to choose the right NoSQL database
Before choosing a NoSQL database, it's important to be certain that NoSQL is
the best choice for your needs. Carl Olofson, research vice president at
International Data Corp. (IDC), says "back office transaction processing,
high-touch interactive application data management, and streaming data
capture" are all good reasons for choosing NoSQL. ... NoSQL databases can
break down data into segments—or shards—which can be useful for large
deployments running hundreds of terabytes, Yuhanna says. “Sharding is an
essential capability for NoSQL to scale databases,” Yuhanna says. “Customers
often look for NoSQL solutions that can automatically expand and shrink nodes
in horizontally scaled clusters, allowing applications to scale dynamically.”
... Some NoSQL databases can run on-premises, some only in the cloud, while
others in a hybrid cloud environment, Yuhanna says. “Also, some NoSQL has
native integration with cloud architectures, such as running on serverless and
Kubernetes environments,” Yuhanna says. “We have seen serverless as an
essential factor for customers, especially those who want to deliver good
performance and scale for their applications, but also want to simplify
infrastructure management through automation.”
What’s Coming in Analytics (And How We’ll Get There)
The notion of composability is not just a buzzword; it's the cornerstone of
modern application development. The industry is gradually moving towards a
more composable enterprise, where modular, agile products integrate insights,
data, and operations at their core. This transition facilitates the creation
of innovative experiences tailored to user needs, significantly lowering
development costs, accelerating time to market and fostering a thriving
generative AI ecosystem. This more agile application development environment
will also lead to a convergence of AI and BI, such that AI-powered embedded
analytics may even supplant current BI tools. This will lead to a more
data-driven culture where the business uses real-time analytics as an integral
part of its daily work, enabling more proactive and predictive
decision-making. ... As we advance into the future, the analytics industry is
poised on the edge of a monumental shift. This evolution is akin to
discovering a new, uncharted continent in the realm of data processing and
complex analysis. This exploration into unknown territories will reveal
analytics capabilities far beyond our current understanding.
Businesses banning or limiting use of GenAI over privacy risks
Organizations recognize the need to reassure their customers about how their
data is being used. “94% of respondents said their customers would not buy
from them if they did not adequately protect data,” explains Harvey Jang,
Cisco VP and Chief Privacy Officer. “They are looking for hard evidence the
organization can be trusted as 98% said that external privacy certifications
are an important factor in their buying decisions. These stats are the highest
we’ve seen in Cisco’s privacy research over the years, proving once more that
privacy has become inextricably tied to customer trust and loyalty. This is
even more true in the era of AI, where investing in privacy better positions
organizations to leverage AI ethically and responsibly.” Despite the costs and
requirements privacy laws may impose on organizations, 80% of respondents said
privacy laws have positively impacted them, and only 6% said the impact has
been negative. Strong privacy regulation boosts consumer confidence and trust
in the organizations where they share their data. Further, many governments
and organizations implement data localization requirements to keep specific
data within a country or region.
4 ways to help your organization overcome AI inertia
The research suggests the tricky combination of a fearful workforce and the
unpredictability of the current regulatory environment means many
organizations are still stuck at the AI starting gate. As a result, not only
are pilot projects thin on the ground, but so are the basic foundations -- in
terms of both data frameworks and strategies -- upon which these initiatives
are created. About two-fifths (41%) of data leaders said they have little or
no data governance framework, which is just a percentage higher than the
previous year's Maturity Index, when 40% of data leaders said they have little
or no data governance framework, which is a set of standards and guidelines
that enable organizations to manage their data effectively. Just over a
quarter of data leaders (27%) said their organization has no data strategy at
all, which is only a slight improvement on the previous year's figure (29%).
"I get why not everybody's quite there yet," says Carruthers, who, as a former
CDO, understands the complexities involved in strategy and governance. ... The
good news is some digital leaders are making headway. Andy Moore, CDO at
Bentley Motors, is focused on building the foundations for the exploitation of
emerging technologies, such as AI.
Data Lineage in Modern Data Engineering
There are generally two types of data lineage, namely forward lineage and
backward lineage. Forward Lineage - It is known as downstream lineage; it
tracks the flow of data from its source to its destination. It outlines the
path that data takes through various stages of processing, transformations,
and storage until it reaches its destination. It helps developers understand
how data is manipulated and transformed, aiding in the design and improvement
of the overall data processing workflow and quickly identifying the point of
failure. By tracing the data flow forward, developers can pinpoint where
transformations or errors occurred and address them efficiently. It is
essential for predicting the impact of changes on downstream processes.
... Backward Lineage - It is also known as upstream lineage; it
traces the path of data from its destination back to its source. It provides
insights into the origins of the data and the various transformations it
undergoes before reaching its current state. It is crucial for ensuring data
quality by allowing developers to trace any issues or discrepancies back to
their source. By understanding the data's journey backward, developers can
identify and rectify anomalies at their origin.
Quote for the day:
“Nobody talks of entrepreneurship as
survival, but that’s exactly what it is.” -- Anita Roddick
