3 keys to making data democratization a reality
The complexity of the modern data stack presents too many opportunities for data
sets to fail users, and compromise users’ trust in their data. Companies are
using an ever-increasing number of disparate data tools, which in turn increases
the number of transformations that data go through. A user accessing data that’s
been through multiple transformations needs to know that they can trust that the
data is both accurate and true to the data that was originally captured in
source systems. Clearly, this is an issue that must be addressed—especially when
we consider that this lack of trust eats away at that 32% metric we saw earlier.
In reality, that figure is even lower if business users don’t feel that they can
trust the data available to them. Ensuring users can trust their data requires a
multi-pronged approach that should involve implementing automated data quality
software, providing strong data lineage, and establishing data governance
policies. As companies work toward data democratization, providing transparency,
auditing abilities, and strong data governance can give users greater confidence
in the data being analyzed and the insights being derived from it—leading to
more widespread data use.
Cybersecurity insurance is missing the risk
The problem is with the nature of the threat. Cyber attackers escalate and adapt
quickly, which undermines the historical-based models that insurance companies
rely on. Attackers are continually shifting their maneuvers that identify
victims, cause increasing loss, and rapidly shift to new areas of impact. Denial
of service attacks were once popular but were superseded by data breaches, which
cause much more damage. Recently, attackers expanded their repertoire to include
ransomware-style attacks that increased the insurable losses ever higher. Trying
to predict the cornerstone metrics for actuary modelers – the Annual Loss
Expectancy and Annual Rate of Occurrence – with a high degree of accuracy is
beyond the current capabilities of insurers. The industry currently conducts
assessments for new clients to understand their cybersecurity posture to
determine if they are insurable, what should be included/excluded from policies,
and to calculate premiums. The current process is to weigh controls against best
practices or peers to estimate the security posture of a policyholder.
The Real Business Value of Platform Engineering
One of the biggest obstacles to managing cloud costs is understanding the
business context behind resource consumption. Since the platform is the source
of all deployments, it can provide end-to-end visibility into environments
launched across all phases of the software development life cycle (SDLC). On its
own, cloud billing data lacks transparency. Some platforms, however, can expose
how cloud costs are incurred. Integrating application infrastructure into a
platform can automate tagging as part of the deployment process. This ties usage
back to the specific applications, pipelines, stages and teams that they pertain
to. Tracking real-time configurations with this kind of business context can
help engineering and technology teams make informed decisions about cost
optimization and resource consumption. For example, they may be able to pinpoint
a person or team that often leaves environments running, and incurring costs,
over the weekends or holidays when they are not being used. These insights can
inform the implementation of cost-management guardrails and consumption
policies.
Beyond talent war: Transform employer-employee relations with tech and innovation
Based on Microsoft's Work Trend Index Annual Report, 51% of Gen-Z employees show
a greater inclination towards prioritising health and well-being over work.
Their top three priorities include a positive workplace culture, mental health
and well-being benefits, and a sense of purpose or meaning. Despite these
preferences, many employers have yet to prioritise wellness and purpose
effectively. This situation prompts the question: How can HR professionals take
action to engage Gen-Z employees who perceive less support and encouragement in
their growth? As this lack of support is causing this demographic to reassess
the role they envision work playing in their lives. According to the Head HR of
Cummins India one must actively address the challenge of Gen-Z feeling less
supported. After all, the ultimate outcome we aim for is building a strong sense
of connectedness with our employees. However, it's essential to emphasise that
connectedness isn't determined by whether interactions are virtual or physical.
This challenge stems from the fact that connectedness is highly
personal.
SmokeLoader Trojan Deploys Location-Tracking Malware
The malware scans for a WiFi every 60 seconds and captures geolocation data that
could allow threat actors to track the compromised system, according to a report
by the researchers at cybersecurity firm Secureworks, who uncovered the novel
malware on Aug. 8. "It is unclear how the threat actors use this data.
Demonstrating access to geolocation information could be used to intimidate
victims or pressure them to comply with demands," researchers said. Google's
geolocation API is a service that accepts an HTTPS request with the cell tower
and WiFi access points that a mobile client can detect and returns
latitude-longitude coordinates. The malware checks for the WLANSVC service on
the compromised system that indicates the presence of a wireless capability on a
Windows system. "The malware only checks for the service name and does not
confirm the service is operational. If the service name does not exist, then the
scanner exits. Whiffy Recon persists on the system by creating the wlan.lnk
shortcut in the user's Startup folder.
Business Impact: The Power of Data Experiences
Creating a great data experience means having the ability to access pertinent
data at any time and from any location. This entails having an ample amount of
data to provide meaningful insights, while also ensuring that data access is
restricted to what is necessary. These experiences have the potential to greatly
minimise manual labour and significantly reduce the amount of additional work
required. The relevance of data varies for each individual within an
organisation. As an example, field offices dedicate several hours each week to
compile data, which is then sent to headquarters where additional time is spent
on overall data compilation. By automating data processes, it will liberate
numerous hours throughout the entire organisation. Most importantly, there is
greater real-time visibility into the operational aspects of the business.
Similarly, the speed and method of accessing data will differ among employees.
For example, a hybrid worker or frequent traveler may prefer accessing relevant
data on a mobile device, while an office-based employee might opt for a
laptop.
Why generative AI is a double-edged sword for the cybersecurity sector
With this technology, bad actors will generate unique payloads or attacks
designed to evade security defenses that are built around known attack
signatures. One way attackers are already doing this is by using AI to develop
webshell variants, malicious code used to maintain persistence on compromised
servers. Attackers can input the existing webshell into a generative AI tool and
ask it to create iterations of the malicious code. These variants can then be
used, often in conjunction with a remote code execution vulnerability (RCE), on
a compromised server to evade detection. ... In most cases, attackers have tools
or plugins written to automate this process. They’re also more likely to use
open-source LLMs, as these don’t have the same protection mechanisms in place to
prevent this type of malicious behavior and are typically free to use. The
result will be an explosion in the number of zero-day hacks and other dangerous
exploits, similar to the MOVEit and Log4Shell vulnerabilities that enabled
attackers to exfiltrate data from vulnerable organizations.
Product Thinking For Data
Using data products is not just a question of buying a new platform. It has big
implications for your organisation’s culture, governance, value delivery, and
team structure. The starting point for the culture change is for everyone to
think of data in terms of products. This is a big step. A hundred years ago, no
one thought of anything in terms of products. Neil H McElroy is credited with
inventing the concept of product management at Procter & Gamble in 1931.
Since then, the advantages of this way of thinking, as a better way of giving
people the material goods that they need, have become clear. Now we are applying
this concept to data, but people often don’t naturally think this way about
something that is not material. Thinking of data as products encourages a wider
perspective on the data asset throughout its full lifecycle, starting from the
point of conception all the way towards retirement and decommissioning. It also
unlocks access to an expansive repertoire of tools, methodologies and techniques
that have been tested and proven to optimise value delivery.
What African CIO clubs do to foster digital talent
More initiatives are springing up to raise awareness of digital technology,
which he believes is now part of daily lives. The CIO clubs are certainly a way
to help solve the problem. “It’s not uncommon to see these initiatives go even
to remote areas in several African countries,” Simba says, adding that CESIA
regularly organizes awareness-raising workshops. “The African cybersecurity
barometer we publish every year enables us to take stock of the situation, but
also to raise awareness across the continent on related issues and thus fight
against this digital divide.” For Ebondzo, president of the Congolese CIO Club,
this problem is real, but it doesn’t just affect the African continent in
particular. “Many countries, including in Europe, are no exception, even if it
must be acknowledged that the scale of the phenomenon is not the same
everywhere,” she said, reporting that her club trains and supports young people
in digital professions, with or without a diploma. “We act by participating as a
player in government initiatives to reduce the digital divide such as the
Project of Digital Transformation Acceleration Program (PATN), the Universal
Electronic Communications Access and Service Fund (FASUCE) and private
initiatives.”
The AI Problem We’re Not Taking Seriously Enough
Like a lot of people who have degrees in manpower management, I think unions
only result when management loses the trust of their employees. I have belonged
to and had to fight unions over the years, so I’m not a fan, but I recognize
that when management misbehaves against employees, unions are one of the only
powerful defenses that can work at scale. Using the actors and writers strikes
as an example, the reasons unions are a problem is that they create a second
chain of command not aligned with the business and can drive initiatives that
destroy the companies and industries they operate in because their primary tool
to elicit a favorable management response is to temporarily shut the business
down. This is bad in a competitive environment because customers can’t do
business with companies that cannot keep their doors open. Much of
manufacturing’s move offshore was the direct result of union actions making
labor too expensive domestically. The quickest way to get a union to form is to
convince that they are being treated unfairly. Having them train AI tools to
replace them would be perceived as incredibly unfair.
Quote for the day:
“None of us can afford to play small
anymore. The time to step up and lead is now.” -- Claudio Toyama
