Quote for the day:
“What really matters for success is emotional intelligence, not just cognitive intelligence.” -- Daniel Goleman
🎧 Listen to this digest on YouTube Music
▶ Play Audio DigestDuration: 25 mins • Perfect for listening on the go.
CIOs want strategic PMOs. I’m not sure they know what they’re asking
As artificial intelligence automates routine coordination and reporting, Chief
Information Officers are increasingly asking that their Project Management
Offices (PMOs) become more strategic. However, most leaders struggle to define
what a strategic PMO actually looks like in practice. For a PMO to make a real
impact rather than just track tasks, companies must answer six practical
questions about their operations. First, the PMO’s purpose must shift from
simply monitoring timelines to actively protecting the value of business
investments. Second, team structures need to place humans and AI where they make
the most sense, rather than assigning work based on who is available. Third,
leaders must clearly identify the specific skills project managers will need as
AI takes over daily logistics. Fourth, project data and processes must be
organized cleanly so AI tools can use them without confusion. Fifth, procurement
teams must understand new AI pricing models, which often charge by usage rather
than per user, to avoid unexpected costs. Finally, companies must build a
culture that values human insight, ensuring employees feel supported rather than
threatened by automation. Addressing these specific areas turns vague goals into
a resilient, functioning strategy.
A Practical Guide to Temporal Workflow Design Patterns
This article outlines common programming patterns for designing reliable
distributed systems using Temporal's durable execution platform. By shifting
focus from infrastructure components like queues and database retries to
standard code structures, Temporal simplifies how engineers coordinate
complex, long-running processes. One prominent approach is the saga pattern,
which manages errors in distributed transactions by running compensating
actions in reverse order if a step fails. To interact with external systems,
developers can use frequent polling loops with activity heartbeats, or they
can rely on built-in retry policies and workflow timers for less frequent
checks. For heavy workloads, the fan-out and fan-in pattern runs child
processes in parallel, combining them with a continuation strategy to reset
execution history and prevent memory issues. Furthermore, workflows can act
like stateful entities that accept real-time external updates via signals and
allow their internal status to be checked through queries. Finally, because
Temporal requires predictable, deterministic code execution, the article
details versioning methods, particularly a branching patch mechanism, to
update live workflows safely. Mastering these architectural patterns allows
developers to build resilient software systems using straightforward control
logic rather than brittle, custom state management tools.
Linux users face a Microsoft Secure Boot headache - here's the painkiller
y
In 2026, the original Microsoft Secure Boot certificates from 2011 are set to
expire. For Linux users, this upcoming expiration creates a potential problem:
while your current system will keep running just fine, you might be unable to
install new operating systems or major updates in the future if your computer
lacks the updated 2023 certificates. Fortunately, the solution is
straightforward and entirely manageable. First, you need to update your system
firmware before the middle of 2026. You can accomplish this by checking your
hardware vendor website for the latest updates. Alternatively, you can use the
standard Linux firmware update tool, fwupd, which handles the process smoothly
from within your computer. Second, you should verify how your specific Linux
version is handling the transition. Most major providers, including Ubuntu,
Red Hat, Debian, and SUSE, are already fully prepared and successfully
including the new keys. You can easily confirm your system is ready by
downloading a current live image of your preferred Linux version to a USB
drive. If it boots cleanly with Secure Boot turned on, your setup is secure,
up to date, and prepared for the road ahead.
In 2026, the original Microsoft Secure Boot certificates from 2011 are set to
expire. For Linux users, this upcoming expiration creates a potential problem:
while your current system will keep running just fine, you might be unable to
install new operating systems or major updates in the future if your computer
lacks the updated 2023 certificates. Fortunately, the solution is
straightforward and entirely manageable. First, you need to update your system
firmware before the middle of 2026. You can accomplish this by checking your
hardware vendor website for the latest updates. Alternatively, you can use the
standard Linux firmware update tool, fwupd, which handles the process smoothly
from within your computer. Second, you should verify how your specific Linux
version is handling the transition. Most major providers, including Ubuntu,
Red Hat, Debian, and SUSE, are already fully prepared and successfully
including the new keys. You can easily confirm your system is ready by
downloading a current live image of your preferred Linux version to a USB
drive. If it boots cleanly with Secure Boot turned on, your setup is secure,
up to date, and prepared for the road ahead.IaC Isn’t Dying. AI Makes it More Important
Despite widespread claims that artificial intelligence will soon replace
infrastructure as code entirely, the reality is quite the opposite. Artificial
intelligence actually makes these structured configurations more essential
than ever before. Because artificial intelligence generates software code
rapidly and unpredictably, organizations require a reliable system of record
to carefully manage, audit, and track these constant changes. Without a solid
foundation in place, the massive volume of generated code simply creates
costly delays in testing, security, and deployment. The primary challenge for
technology leaders is no longer determining how fast new code can be written,
but rather whether their internal systems can safely absorb and govern that
code. Companies must prioritize system quality before fully expanding their
artificial intelligence efforts. This approach involves closely monitoring
delivery processes to quickly spot where new issues arise and building clear,
sensible rules directly into the daily engineering workflow. Furthermore,
human oversight remains absolutely vital. Skilled professionals are still
needed to guide automated tools, accurately verify their outputs, and ensure
compliance across complex computing environments. Ultimately, establishing a
strong, well-managed platform ensures that artificial intelligence serves as a
helpful, manageable contributor rather than a severe source of operational
risk.Your browser tab could become encrypted storage for someone else’s files
Safecloud is a decentralized storage network developed by researcher Gregory
Magarshak that enables ordinary web browser tabs to function as encrypted
storage nodes. The system is designed to ensure that the machines holding the
data cannot read it. It relies on two main components: Drops, which are
browser tabs that store encrypted file chunks, and Jets, which serve as
routing servers to match chunks with retrieval requests. When an owner uploads
a file, it is divided into pieces of a fixed size and encrypted locally on
their device. Because the storage nodes only receive ciphertext and the
routing servers hold no encryption keys, the data remains strictly
confidential. All encryption keys derive from a single root secret, which
allows the system to securely stream media, control access to specific file
sections, and identify duplicate files while maintaining privacy. This
architecture supports a unified method for verifying data integrity. It also
features an economic layer where storage and routing nodes earn tokens for
their services, regulated by a specific challenge to ensure honest
participation. While the core encryption and routing mechanisms are fully
operational today, the payment verification and storage proof layers are still
being refined.Why governance is key to Deutsche Telekom's new AI-centric architecture
Deutsche Telekom has introduced the Magenta AI-centric Reference Architecture
(MARA) to manage the rapid and often fragmented spread of artificial
intelligence tools across its business. As different departments pilot various
AI models, the company recognized the need for a structured approach that
balances new ideas with necessary rules. MARA acts as a comprehensive
blueprint that integrates AI into the company's daily operations through
strong governance. The system maps out exactly how AI assistants should
interact with customer requests and connect to internal networks without
compromising security or data privacy. By using specific control points and
secure gateways, MARA ensures that all AI tools operate under strict
oversight, requiring them to explain their actions and follow established
guidelines. This careful supervision prevents software providers from gaining
unrestricted access to core systems and helps avoid dependence on any single
provider. While the architecture enables practical improvements like faster
customer service, network optimization, and the swift replacement of outdated
software, its primary focus remains on safety. Ultimately, MARA provides the
necessary framework to transition from isolated experiments to a reliable,
company-wide system that maintains trust, compliance, and clear
accountability.
The text discusses a roundtable with security experts about how artificial
intelligence disrupts traditional cybersecurity. Instead of keeping unknown
threats out based on human identities, companies now give AI systems direct
access to massive amounts of data, flipping decades of security practices on
their head. Because AI works so fast, a minor mistake or vulnerability can
escalate into a major data breach almost instantly. This rapid escalation
requires a proactive rather than reactive approach to digital security. The
rise of autonomous AI programs that perform tasks on their own creates a
complex identity problem, as a single employee might unknowingly launch
numerous automated tasks with overly broad permissions. Meanwhile, employees
are increasingly using unauthorized AI tools to work faster, causing a surge
in unmonitored systems hidden within corporate networks. Rather than simply
blocking these tools, industry experts advise setting up clear boundaries and
securing data at its core through encryption, strict permissions, and dividing
access into smaller, controlled segments. Ultimately, keeping systems secure
in an AI-driven environment means moving away from traditional network
defenses and focusing directly on protecting the individual tasks and the
underlying data from unauthorized access.
AI turns decades of cybersecurity upside down
The text discusses a roundtable with security experts about how artificial
intelligence disrupts traditional cybersecurity. Instead of keeping unknown
threats out based on human identities, companies now give AI systems direct
access to massive amounts of data, flipping decades of security practices on
their head. Because AI works so fast, a minor mistake or vulnerability can
escalate into a major data breach almost instantly. This rapid escalation
requires a proactive rather than reactive approach to digital security. The
rise of autonomous AI programs that perform tasks on their own creates a
complex identity problem, as a single employee might unknowingly launch
numerous automated tasks with overly broad permissions. Meanwhile, employees
are increasingly using unauthorized AI tools to work faster, causing a surge
in unmonitored systems hidden within corporate networks. Rather than simply
blocking these tools, industry experts advise setting up clear boundaries and
securing data at its core through encryption, strict permissions, and dividing
access into smaller, controlled segments. Ultimately, keeping systems secure
in an AI-driven environment means moving away from traditional network
defenses and focusing directly on protecting the individual tasks and the
underlying data from unauthorized access.Identity is the foundation of trust. That makes it everyone’s problem
Digital identity has evolved far beyond simple login screens and basic
passwords, fundamentally shifting to become the essential core of modern
security, privacy, and artificial intelligence governance. Today, simply
proving who a user is no longer covers the entire scope of the challenge. The
rapid adoption of autonomous artificial intelligence systems makes this
especially clear, as these non-human agents act on behalf of users, demanding
precise rules for how authority is safely handed off, tracked, and revoked. As
a result, deciding what a user or system is permitted to do requires careful
attention to constantly shifting contexts rather than relying on rigid, fixed
roles. While incorporating a wider range of behavioral and environmental clues
can help establish trust, these extra details must remain clear and practical
to prevent systems from becoming unmanageable. Furthermore, technical
standards enable different networks to communicate smoothly, but they do not
replace the fundamental need for thoughtful, human-led oversight. Ultimately,
a reliable identity framework must maintain clear accountability under
pressure. Organizations must ensure that every action, whether driven by a
person or a machine, is traceable, properly restricted, and easily explained
when unexpected problems arise.The Alignment Gap: Why It Exists, and How Enterprise Architecture Closes It
Technology initiatives frequently fail not due to flawed software or poor
implementation, but because of a fundamental disconnect between business
strategy and technology execution. This misalignment often stems from adopting
new technologies too quickly, managing competing demands from various
departments, and lacking proper oversight. Enterprise architecture serves as
the structural framework to close this ongoing gap. Rather than simply
choosing software platforms or writing endless documentation, architects
create an environment where clear, informed decisions can be made
consistently. The practical process begins with a thorough understanding of
the organization's current challenges before any solutions are ever proposed.
Architects then engage directly with stakeholders to uncover their actual
underlying needs, carefully distinguishing them from mere surface-level
requests. By developing specific visual representations of the system, they
address the distinct concerns of different groups, such as balancing strict
security requirements with overall system performance. Because no single
design can perfectly satisfy every competing need, the architect's most
valuable role involves facilitating necessary trade-offs. They ensure that all
risks and consequences are transparently evaluated, replacing isolated
technical choices with conscious decisions that keep the company's
capabilities completely aligned with its long-term goals.Designing Continuous Authorization for Sensitive Cloud Systems
/articles/continuous-authorization-cloud/en/smallimage/continuous-authorization-cloud-thumbnail-1781599988842.jpg)
Traditional cloud security often relies on a single authorization check when a
person first logs in. Once inside, users typically have broad access based on
their assigned role, meaning they can view or download large amounts of
sensitive information without further scrutiny. This approach creates
significant vulnerabilities, as it fails to account for unusual behavior, like
a support agent suddenly exporting thousands of patient records. To address
this vulnerability, systems can use continuous authorization. This method
treats every interaction with sensitive data as a new decision point. Instead
of relying solely on static roles, the system constantly evaluates the context
of each request, considering factors like the user's location, the time of
day, their device, and their normal behavior patterns. By doing so, the system
can quickly flag or block risky actions in real time, rather than waiting for
an audit to uncover a problem hours later. To keep things running smoothly,
standard requests from familiar devices can use fast, pre-approved checks,
while unusual requests trigger a deeper evaluation. This steady, ongoing
approach ensures that data access remains secure throughout the entire
session, effectively minimizing the risk of unauthorized large-scale data
exposure in modern cloud environments.
/vnd/media/media_files/2026/04/21/from-pilots-to-platforms-2026-04-21-12-07-28.jpg)
