CFO Priorities This Year: Rethinking the Finance Function
Marko Horvat, Gartner VP of research, adds CFOs must transition away from
optimization and start thinking about transformation. “Making things
faster, more accurate, and with less effort has benefits, but each round of
improvement brings diminishing returns,” he says. “CFOs must start thinking
about ways to transform the function to build and enhance capabilities, such as
advanced data and analytics, in order to truly unlock more value from the
finance function.” Sehgal says CFOs should be asking questions including,
how do we create a futuristic vision for finance? Should short-term gains
override longer-term benefits? And how do we fund digital transformation with
the current pressures? “CFOs are focused on elevating the role of finance
in the organization to be a value integrator across the enterprise, as well as
enhancing value through new strategies that not only support development but
that also promote innovations for capital allocation,” he explains.
Build Software Supply Chain Trust with a DevSecOps Platform
When building an application, developers, platform operators and security
professionals want to monitor vulnerabilities throughout the software supply
chain. The challenge comes when multiple vulnerability scanners are used at
different stages in the pipeline and different teams are notified and required
to take action without proper coordination. A security-focused application
platform can build in scan orchestration to not only detect vulnerabilities but
also to map those findings to a workload. This feature allows developers to
identify issues throughout the life cycle of their applications and help them
resolve issues, shifting left the responsibility with a higher degree of
automation. Moreover, the platform can build trust with security analysts by
showing the performance of application developers and helping them understand
the risk that teams are facing. Once a platform detects these vulnerabilities,
both at build time and at runtime, it needs to help developers triage and
remediate them.
Developers, unite! Join the fight for code quality
Writing good code is a craft as much as any other, and should be regarded as
such. You have every right to advocate for an environment and an operational
model that respect the intricacies of what you do and the significance of the
outcome. It’s important to value, and feel valued for, what you do. And not just
for your own immediate happiness—it’s also a long-term investment in your
career. Making things you don’t think are any good tends to wear on the psyche,
which doesn’t exactly feed into a more motivated workday. In fact, a study
conducted by Oxford University’s Saïd Business School found that happy workers
were 13% more productive. What’s good for your craft is ultimately best for
business—a conclusion both engineers and their employers can feel good about.
Software plays a big role at just about every level of society—it’s how we
create and process information, access goods and services, and entertain
ourselves. With the advent of software-defined vehicles, it even determines how
we move between physical locations.
Why data literacy matters for business success
Aligning data strategies with overall business strategy and operations is no
mean feat. Chief Data Officers (CDOs) are ideal candidates in marrying
together data analytics and the wider business, given their appreciation of
informed decision making, and the desire to foster a data culture where
internal information is properly managed and engaged with throughout the
organisation. Moreover, their understanding of the technology landscape will
assist when making platform and software selections. This stands to benefit
all departments, who’ll gain access to the tools and skills needed to work
with data and derive insights. CDOs also embody the “can do” approach to
professional development, believing it’s possible to train employees in
data-related skills, regardless of their technical proficiency. There’s a
well-established correlation between hiring a CDO and business success, with
research from Forrester suggesting 89% of organisations harnessing analytics
to improve operations that appointed one to oversee the process have seen a
positive business impact.
What the 'new automation' means for technology careers
AI is already playing a part in handling technology tasks. A survey released
by OpsRamp finds more than 60% of companies adopting AIOps, which applies AI
to monitor and improve IT operations themselves. The greatest IT operations
challenge for enterprises in 2023 was automating as many operations as
possible, cited by 66% of respondents. The main benefits of AIOps seen so
far include reduction in open incident tickets (65%); reduction in mean time
to detect or restore (56%), and automation of tedious tasks (52%). The
latest IT staffing data from Janco Associates finds recent layoffs affected
data center and operations staff, with business leaders looking to automate
IT processes and reporting. The apparent trend here is that those pursuing
careers in technology need to look higher up the stack -- at applications
and business consulting. However, there's still a lot of work for people
working with the plumbing and code. Unfortunately, getting to
automation-driven abstraction -- especially if it involves AI -- requires
some manual work up front.
How Cybersecurity Delays Critical Infrastructure Modernization
For critical infrastructure organizations, building a security strategy that
works from both an operational technology (OT) and consumer data perspective
is not as straightforward as it is in many other industries. Safely storing
this data while implementing the latest technology has proved to be a
significant challenge across the sector, meaning the service provided by
these companies is being hampered. These concerns have prevented a range of
technologies from being integrated quickly or at all. These technologies
include renewable energy projects, electric vehicle technology, natural
disaster contingencies and moving towards smarter grid solutions to replace
aging infrastructure. Older operational technology becomes difficult to
update and secure sufficiently while the use of third-party software also
reduces the level of control organizations have over their data. In addition
to this, a lack of automation increases the chances of human error, which
could present opportunities to cybercriminals.
What Are Foundation AI Models Exactly?
The generative AI solution can analyze input data against 175 billion
parameters and profoundly understand the written language. The smart tool
can answer questions, summarize and translate text, produce articles on a
given topic, write code, and much more. All you need is to provide ChatGPT
with the right prompts. OpenAI’s groundbreaking product is just one example
of foundation models that transform AI application development as we know
it. Foundation models disrupt AI development as we know it. Instead of
training multiple models for separate use cases, you can now leverage a
pre-trained AI solution to enhance or fully automate tasks across multiple
departments and job functions. With foundation AI models like ChatGPT,
companies no longer have to train algorithms from scratch for every task
they want to enhance or automate. Instead, you only need to select a
foundation model that best fits your use case – and fine-tune its
performance for a specific objective you’d like to achieve.
As hiring freezes and layoffs hit, tech teams struggle to do more with less
There are a number of organizational hurdles holding back employees’
learning and development, Pluralsight found. For HR and L&D directors,
budget restraints and costs were identified as the biggest barriers to
upskilling (30%). This was also true for technology leaders, with 15%
blaming financial restraints for getting in the way of employee upskilling.
For technology workers themselves, finding time to invest in their own
training was identified as the main issue: 42% of workers said they were too
busy to upskill, with 18% saying their manager didn’t allow any time during
the week to learn new skills. As a result, 21% of tech workers feel
pressured to learn outside of work hours. ... However, the report added that
giving employees time to invest in their training, address skills gaps and
gain valuable growth opportunities are key factors in retention. “Upskilling
during work hours will hinder short-term productivity, and managers often
bear the brunt of this stress. But don’t sacrifice short-term productivity
for long-term success,” the report said.
CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws
CISA says it will seek out affected systems using existing services, data
sources, technologies, and authorities, including CISA's Cyber Hygiene
Vulnerability Scanning. CISA initiated the RVWP by notifying 93
organizations identified as running instances of Microsoft Exchange Service
with a vulnerability called "ProxyNotShell," widely exploited by ransomware
actors. The agency said this round demonstrated "the effectiveness of this
model in enabling timely risk reduction as we further scale the RVWP to
additional vulnerabilities and organizations." Eric Goldstein, executive
assistant director for cybersecurity at CISA, said, "The RVWP will allow
CISA to provide timely and actionable information that will directly reduce
the prevalence of damaging ransomware incidents affecting American
organizations. We encourage every organization to urgently mitigate
vulnerabilities identified by this program and adopt strong security
measures consistent with the U.S. government's guidance on
StopRansomware.gov."
A Simple Framework for Architectural Decisions
Technology Radar captures techniques, platforms, tools, languages and
frameworks, and their level of adoption across an organization. However,
this may not cover all the needs. Establishing consistent practices for
things that apply across different parts of the system can be helpful. For
example, you might want to ensure all logging is done in the same format and
with the same information included. Or, if you’re using a REST API, you
might want to establish some conventions around how it should be designed
and used, like what headers to use or how to name things. Additionally, if
you’re using multiple similar technologies, it can be useful to guide when
to use each one. Technology Standards define the rules for selecting and
using technologies within your company. They ensure consistency, reduce the
risk of adopting new technology in a suboptimal way, and drive consistency
across the organization.
Quote for the day:
"Leadership is not about titles,
positions, or flow charts. It is about one life influencing another."
-- John C. Maxwell
