GenAI Won’t Work Until You Nail These 4 Fundamentals
Too often, organizations leap into GenAI fueled by excitement rather than
strategic intent. The urgency to appear innovative or keep up with competitors
drives rushed implementations without distinct goals. They see GenAI as the
“shiny new [toy],” as Kevin Collins, CEO of Charli AI, aptly puts it, but the
reality check comes hard and fast: “Getting to that shiny new toy is expensive
and complicated.” This rush is reflected in over 30,000 mentions of AI on
earnings calls in 2023 alone, signaling widespread enthusiasm but often without
the necessary clarity of purpose. ... The shortage of strategic clarity isn’t
the only roadblock. Even when organizations manage to identify a business case,
they often find themselves hamstrung by another pervasive issue: their
data. Messy data hampers organizations’ ability to mature beyond
entry-level use cases. Data silos, inconsistent formats and incomplete records
create bottlenecks that prevent GenAI from delivering its promised value. ...
Weak or nonexistent governance structures expose companies to various ethical,
legal and operational risks that can derail their GenAI ambitions. According to
data from an Info-Tech Research Group survey, only 33% of GenAI adopters have
implemented clear usage policies.
Inside the AI Data Cycle: Understanding Storage Strategies for Optimised Performance
The AI Data Cycle is a six-stage framework, beginning with the gathering and
storing of raw data. In this initial phase, data is collected from multiple
sources, with a focus on assessing its quality and diversity, which establishes
a strong foundation for the stages that follow. For this phase, high-capacity
enterprise hard disk drives (eHDDs) are recommended, as they provide high
storage capacity and cost-effectiveness per drive. In the next stage, data is
prepared for ingestion, and this is where insight from the initial data
collection phase is processed, cleaned and transformed for model training. To
support this phase, data centers are upgrading their storage infrastructure –
such as implementing fast data lakes – to streamline data preparation and
intake. At this point, high-capacity SSDs play a critical role, either
augmenting existing HDD storage or enabling the creation of all-flash storage
systems for faster, more efficient data handling. Next is the model training
phase, where AI algorithms learn to make accurate predictions using the prepared
training data. This stage is executed on high-performance supercomputers, which
require specialised, high-performing storage to function optimally.
Buy or Build: Commercial Versus DIY Network Automation
DIY automation can be tailored to your specific network and, in some cases, to meet security or compliance requirements more easily than vendor products. And they come at a great price: free! The cost of a commercial tool is sometimes higher than the value it creates, especially if you have unusual use cases. But DIY tools take time to build and support. Over 50% of organizations in EMA’s survey spend 6-20 hours per week debugging and supporting homegrown tools. Cultural preferences also come into play. While engineers love to grumble about vendors and their products, that doesn’t mean they prefer DIY. In my experience, NetOps teams are often set in their ways, preferring manual processes that do not scale up to match the complexity of modern networks. Many network engineers do not have the coding skills to build good automation, and most don't think about how to tackle problems with automation broadly. The first and most obvious fix for the issues holding back automation is simply for automation tools to get better. They must have broad integrations and be vendor neutral. Deep network mapping capabilities help resolve the issue of legacy networks and reduce the use cases that require DIY. Low or no-code tools help ease budget, staffing, and skills issues.
How HR can lead the way in embracing AI as a catalyst for growth
Common workplace concerns include job displacement, redundancy, bias in AI
decision-making, output accuracy, and the handling of sensitive data. Tracy
notes that these are legitimate worries that HR must address proactively. “Clear
policies are essential. These should outline how AI tools can be used,
especially with sensitive data, and safeguards must be in place to protect
proprietary information,” she explains. At New Relic, open communication about
AI integration has built trust. AI is viewed as a tool to eliminate repetitive
tasks, freeing time for employees to focus on strategic initiatives. For
instance, their internally developed AI tools support content drafting and
research, enabling leaders like Tracy to prioritize high-value activities, such
as driving organizational strategy. “By integrating AI thoughtfully and
transparently, we’ve created an environment where it’s seen as a partner, not a
threat,” Tracy says. This approach fosters trust and positions AI as an ally in
smarter, more secure work practices. The key is to highlight how AI can help
everyone excel in their roles and elevate the work they do every day. While it’s
realistic to acknowledge that some aspects of our jobs—or even certain roles—may
evolve with AI, the focus should be on how we integrate it into our workflow and
use it to amplify our impact and efficiency,” notes Tracy.
Cloud providers are running out of ‘next big things’
Yes, every cloud provider is now “an AI company,” but let’s be honest —
they’re primarily engineering someone else’s innovations into cloud-consumable
services. GPT-4 through Microsoft Azure? That’s OpenAI’s innovation. Vector
databases? They came from the open source community. Cloud providers are
becoming AI implementation platforms rather than AI innovators. ... The root
causes of the slowdown in innovation are clear. Market maturity indicates that
the foundational issues in cloud computing have mostly been resolved. What’s
left are increasingly specialized niche cases. Second, AWS, Azure, and Google
Cloud are no longer the disruptors — they’re the defenders of market share.
Their focus has shifted from innovation to optimization and retention. A
defender’s mindset manifests itself in product strategies. Rather than
introducing revolutionary new services, cloud providers are fine-tuning
existing offerings. They’re also expanding geographically, with the
hyperscalers expected to announce 30 new regions in 2025. However, these
expansions are driven more by data sovereignty requirements than innovative
new capabilities. This innovation slowdown has profound implications for
enterprises. Many organizations bet their digital transformation on
cloud-native architectures with continuous innovation.
Historical Warfare’s Parallels with Cyber Warfare
In 1942, the British considered Singapore nearly impregnable. They fortified
its coast heavily, believing any attack would come from the sea. Instead, the
Japanese stunned the defenders by advancing overland through dense jungle
terrain the British deemed impassable. This unorthodox approach using bicycles
in great numbers and small tracks through the jungle enabled the Japanese
forces to hit the defences at the weakest point and well ahead of the
projected time catching the British defences off guard. In cybersecurity, this
corresponds to zero-day vulnerabilities and unconventional attack vectors.
Hackers exploit flaws that defenders never saw coming, turning supposedly
secure systems into easy marks. The key lesson is to never to grow complacent
because you never know what you can be hit with and when. ... Cyber
attackers also use psychology against their targets. Phishing emails appeal to
curiosity, trust, greed, or fear thus luring victims into clicking malicious
links or revealing passwords. Social engineering exploits human nature rather
than code and defenders must recognise that people, not just machines, are the
frontline. Regular training, clear policies, and an ingrained culture of
healthy scepticism which is present in most IT staff can thwart even the most
artful psychological ploys.
Insider Threat: Tackling the Complex Challenges of the Enemy Within
Third-party background checking can only go so far. It must be supported by
old fashioned and experienced interview techniques. Omri Weinberg,
co-founder and CRO at DoControl, explains his methodology “We’re primarily
concerned with two types of bad actors. First, there are those looking to
use the company’s data for nefarious purposes. These individuals typically
have the skills to do the job and then some – they’re often overqualified.
They pose a severe threat because they can potentially access and exploit
sensitive data or systems.” The second type includes those who oversell
their skills and are actually under or way underqualified. “While they might
not have malicious intent, they can still cause significant damage through
incompetence or by introducing vulnerabilities due to their lack of
expertise. For the overqualified potential bad actors, we’re wary of
candidates whose skills far exceed the role’s requirements without a clear
explanation. For the underqualified group, we look for discrepancies between
claimed skills and actual experience or knowledge during interviews.” This
means it is important to probe the candidate during the interview to gauge
the true skill level of the candidate. “it’s essential that the person
evaluating the hire has the technical expertise to make these
determinations,” he added.
Raise your data center automation game with easy ecosystem integration
If integrations are the key, then the things you look for to understand
whether a product is flashy or meaningful should change. The UI matters, but
the way tools are integrated is the truly telling characteristic. What APIs
exist? How is data normalized? Are interfaces versioned and maintained
across different releases? Can you create complex dashboards that pull
things together from different sources using no-code models that don't
require source access to contextualize your environment? How are workflows
strung together into more complex operations? By changing your focus, you
can start to evaluate these platforms based on how well they integrate
rather than on how snazzy the time series database interface is. Of course,
things like look and feel matter, but anyone who wants to scale their
operations will realize that the UI might not even be the dominant
consumption model over time. Is your team looking to click their way through
to completion? ... Wherever you are in this discovery process, let me offer
some simple advice: Expand your purview from the network to the ecosystem
and evaluate your options in the context of that ecosystem. When you do that
effectively, you should know which solutions are attractive but incremental
and which are likely to create more durable value for you and your
organization.
Why Scrum Masters Should Grow Their Agile Coaching Skills
More than half of the organizations surveyed report that finding scrum
masters with the right combination of skills to meet their evolving demands
is very challenging. Notably, 93% of companies seek candidates with strong
coaching skills but state that it’s one of the skills hardest to find.
Building strong coaching and facilitation skills can help you stand out in
the job market and open doors to new career opportunities. As scrum masters
are expected to take on increasingly strategic roles, your skills become
even more valuable. Senior scrum masters, in particular, are called upon to
handle politically sensitive and technically complex situations, bridging
gaps between development teams and upper management. Coaching and
facilitation skills are requested nearly three times more often for senior
scrum master roles than for other positions. Growing these coaching
competencies can give you an edge and help you make a bigger impact in your
career. ... Who wouldn’t want to move up in their career into roles with
greater responsibilities and bigger impact? Regardless of the area of the
company you’re in—product, sales, marketing, IT, operations—you’ll need
leadership skills to guide people and enable change within the
organization.
Scaling penetration testing through smart automation
Automation undoubtedly has tremendous potential to streamline the
penetration testing lifecycle for MSSPs. The most promising areas are the
repetitive, data-intensive, and time-consuming aspects of the process. For
instance, automated tools can cross-reference vulnerabilities against known
exploit databases like CVE, significantly reducing manual research time.
They can enhance accuracy by minimizing human error in tasks like
calculating CVSS scores. Automation can also drastically reduce the time
required to compile, format, and standardize pen-testing reports, which can
otherwise take hours or even days depending on the scope of the project. For
MSSPs handling multiple client engagements, this could translate into faster
project delivery cycles and improved operational efficiency. For their
clients – it enables near real-time responses to vulnerabilities, reducing
the window of exposure and bolstering their overall security posture.
However – and this is crucial – automation should not be treated as a silver
bullet. Human expertise remains absolutely indispensable in the testing
itself. The human ability to think creatively, to understand complex system
interactions, to develop unique attack scenarios that an algorithm might
miss—these are irreplaceable.
Quote for the day:
"Don't judge each day by the harvest
you reap but by the seeds that you plant." --
Robert Louis Stevenson
