Streamlining application delivery and mitigating risks for critical infrastructure
The emphasis on cloud and edge computing introduces challenges in orchestrating
seamless application delivery—the initial hurdle in effectively packaging
applications for efficient deployment, installation, and execution across
various computing environments. For instance, food delivery platforms, such as
Zomato or Swiggy, require timely system updates for operational efficiency. The
second challenge involves addressing latency and distribution unreliability,
especially in scenarios where data transfer delays or inconsistent connectivity
may impede the seamless and efficient distribution of applications across
networks. Therefore, reliability in application upgrades becomes imperative to
counter potential disruptions caused by device issues. The third challenge
involves maintaining application reliability, which requires continuous
performance monitoring. ... The interconnectedness of supply chain
applications necessitates a proactive approach to managing complexities, such as
addressing software risks. It involves creating a comprehensive bill of
materials and recognising dependencies crucial for bundling software into
devices or applications.
How can the energy sector bolster its resilience to ransomware attacks?
For energy companies, this means undertaking systematic vulnerability
assessments and penetration testing, with a specific focus on applications that
interface between IT and OT systems. It also requires adopting a comprehensive
security strategy that includes routine security monitoring, patch management
and network segmentation, and implementing rigorous incident reporting and
response. Once the fundamentals are in place, energy providers should explore
more advanced technologies and automation opportunities that can help reduce the
time between detection and response, such as AI-powered tools that can actively
monitor the network in real-time to detect anomalies and predict potential
threat patterns. ... In addition to technological defenses, organizations should
also focus on the human element as phishing and social engineering attacks keep
targeting employees and third-party contractors and continue to be effective
methods for initial intrusion. Training programs that enhance employee awareness
of these and other tactics are essential, while regularly updated sessions can
help staff identify and respond to potential threats thereby reducing the
likelihood of a successful attack.
Implementing AI Ethics in Business Strategy
In the realm of AI ethics, monitoring and evaluation play a crucial role in
ensuring continuous improvement and alignment with ethical standards. By
consistently monitoring the outcomes of AI algorithms and evaluating their
impact on various stakeholders, organizations can proactively identify ethical
concerns and take corrective actions. This dynamic approach not only mitigates
potential risks but also fosters a culture of transparency and accountability
within the business. Ethical considerations should be integrated into all stages
of AI implementation, from design to deployment. Continuous monitoring allows
organizations to adapt to changing ethical landscapes, emerging risks, and
evolving regulations. ... Emphasizing ethical practices in business is not just
a moral obligation but a strategic imperative for long-term success. In today’s
interconnected world, consumers are becoming increasingly conscious of the
companies they support, favouring those that demonstrate a commitment to ethical
values. By prioritizing ethics in decision-making processes and embracing
transparency, businesses can build trust with their stakeholders and create
sustainable relationships that drive growth.
The 6 Traits You Need To Succeed in the AI-Accelerated Workplace
AI copilots can provide valuable support, but humans need to exercise critical
thinking skills to interpret data, make decisions and solve complex problems
effectively. For any area of study, there are various levels of understanding.
The very basic is "You don't know what you don't know," then comes "You know
what you don't know," next up is "You have the knowledge necessary to interact,"
and the final level is "You are the subject matter expert." ... Modern-day
knowledge workers need to adapt to new technologies and workflows quickly. As a
great horse rider becomes one with the animal, their movements are synchronized
naturally. In the same sense, modern-day knowledge workers need to become one
with AI assistants/bots and synchronize and adapt their style and pace of work
with all the latest tools and technologies being introduced. ... Resilience is
the most important quality amid this mist of future job landscapes. It is the
best quality an employee can have. It will equip one with the mental fortitude
to embrace innovation, learn new skills, and confidently navigate unfamiliar
territories.
Speaking Cyber-Truth: The CISO’s Critical Role in Influencing Reluctant Leadership
It’s not just about pointing out the problems, the CISO must also be a
problem-solver. They must work collaboratively with other leaders to find ways
to enable the business while protecting it — providing insights and
recommendations that allow others to make informed decisions based on the
company’s risk appetite and strategic direction. But the effectiveness of a CISO
is not just measured by the absence of breaches; it’s their ability to enable
the business to take calculated risks confidently. The CISO must work to ensure
that cyber security is built into the DNA of every project. They must advocate
and champion secure-by-design principles to ensure that security is not an
afterthought but a fundamental component of every initiative. By forcing
organizations to acknowledge and address cyber risks proactively, CISOs not only
protect the enterprise but also contribute to its resilience and long-term
success. CISOs also face the issue of risk prioritization. In an ideal world,
every vulnerability would be patched, every threat neutralized, every alert
investigated. However, resources are constrained, investments are finite, and
not all risks are created equal.
4 Lessons We Learned From The Change Healthcare Cyberattack
Given the massive scale of the Change Healthcare attack, it goes without saying
that the aftermath has been chaotic. Providers and pharmacies were forced to
expend time and resources on manual claims processing, and many continue to face
payment delays that are hurting their cash flow. Change Healthcare’s parent
company, insurance giant UnitedHealth Group, has faced widespread criticism for
its handling of the attack. The American Hospital Association has been one of
the biggest voices in this regard. In the organization’s March 13 letter to the
Senate Finance Committee, the AHA wrote that UnitedHealth has done nothing to
materially address “the chronic cash flow implications and uncertainty that our
nation’s hospitals and physicians are experiencing” as a result of the attack.
The long recovery time indicates a potentially poor business continuity plan
(BCP), Kellerman noted. In his eyes, every healthcare organization needs a BCP
in case of a potential cybersecurity event. “[The plan] should address business
continuity in case of crisis or disaster, including backups and the ability to
restore them in a timely manner.
Is HR ready for generative AI? New data says there's a lot of work to do
The potential risks for AI in HR are rooted in a lack of trust and potential
bias in AI delivering recommendations or suggestions based on models that may
have been unintentionally trained on datasets that reinforce biases. Core HR
functions could also be impacted by data compromises, AI hallucinations, bias,
and toxicity. The common theme across all these areas of potential risk is the
human steps that can mitigate them. AI adoption in HR is on the rise. Valoir
research found that 50% of organizations are either currently using or
planning to apply AI to recruiting challenges in the next 24 months, followed
closely by talent management and training and development. ... Valoir
recommends that HR leaders not only select vendors and technologies that can
be trusted, but put in place the appropriate policies, procedures, safeguards,
and training for both HR staff and the broader employee population. HR
departments will need to consider how they communicate those policies and
training to both their internal HR teams and the broader population.
The Complexity Cycle: Infrastructure Sprawl is a Killer
From imperative APIs that required hundreds of individual API calls to
configure a system to today’s declarative APIs that use only one API call.
It’s easier, of course, but only the interface changed. The hundreds of calls
mapped to individual configuration settings still need to be made, you just
don’t have do it yourself. The complexity was abstracted away from you and
placed firmly on the system and its developers to deal with. Now, that sounds
great, I’m sure, until something goes wrong. And wrong something will go;
there’s no avoiding that either. Zero Trust has an “assume breach” principle,
and Zero Touch infrastructure (which is where the industry is headed) ought to
have a similar principle, “assume failure.” It’s not that complexity evolves.
Complexity comes from too many tools, consoles, vendors, environments,
architectures, and APIs. As an enterprise evolves, it adds more of these
things until complexity overwhelms everyone and some type of abstraction is
put in place. We see that abstraction in the rise of multicloud networking to
address the complex web of multiple clouds and microservices networking, which
is trying to unravel the mess inside of microservices architectures.
Solar Spider Spins Up New Malware to Entrap Saudi Arabian Financial Firms
JSOutProx is well known in the financial industry. Visa, for example,
documented campaigns using the attack tool in 2023, including one pointed at
several banks in the Asia-Pacific region, the company stated in its Biannual
Threats Report published in December. The remote access Trojan (RAT) is a
"highly obfuscated JavaScript backdoor, which has modular plugin capabilities,
can run shell commands, download, upload, and execute files, manipulate the
file system, establish persistence, take screenshots, and manipulate keyboard
and mouse events," Visa stated in its report. "These unique features allow the
malware to evade detection by security systems and obtain a variety of
sensitive payment and financial information from targeted financial
institutions. JSOutProx typically appears as a PDF file of a financial
document in a zip archive. But really, it's JavaScript that executes when a
victim opens the file. The first stage of the attack collects information on
the system and communicates with command-and-control servers obfuscated via
dynamic DNS.
Biggest AI myths in customer experience
Recent months have seen numerous examples of chatbots going rogue and
tarnishing the reputation of the organisations that implemented them. From
incorrect refund policies costing a Canadian airline hundreds of dollars to a
parcel delivery firm swearing at customers, GenAI is not ready to take off the
training wheels just yet. Large language models (LLMs) such as ChatGPT are
subject to hallucinations which, without safeguards, could negatively impact
the customer experience. Customers would quickly lose patience with brands if
they were misled during interactions. A tool that should vastly improve
first-contact resolution could achieve the opposite, with customers needing
further support to correct previous mistakes. That said, it is possible to
reduce the likelihood of egregious chatbot errors through appropriate
optimisation techniques. ... The implementation of AI in CX should be a
gradual process. If phase one of AI development was to streamline
communications before, during and after interactions, future phases should
focus on expanding the scope of the contact centre, encompassing more
traditionally back-office and professional roles and creating a hub for
communications, relationship building and data orchestration.
Quote for the day:
"To have long-term success as a coach
or in any position of leadership, you have to be obsessed in some way." --
Pat Riley
