Three Ingredients of Innovative Data Governance
The first important feature of innovative data governance is providing a data
set that is statistically similar to the real data set without exposing private
or confidential data. This can be accomplished using synthetic data. Synthetic
data is created using real data to seed a process that can then generate data
that appears real but is not. Variational autoencoders (VAEs), generative
adversarial networks (GANs), and real-world simulation create data that can
provide a basis for experimentation without leaking real data and exposing the
organization to untenable risk. VAEs are neural networks composed of encoders
and decoders. During the encoding process, the data is transformed in such a way
that its feature set is compressed. During this compression, features are
transformed and combined, removing the details of the original data. During the
decoding process, the compression of the feature set is reversed, resulting in a
data set that is like the original data but different. The purpose of this
process is to identify a set of encoders and decoders that generate output data
that is not directly attributable to the initial data source.
Where is Blockchain Headed?
The buildup of blockchain has led inevitably to some growing pains as the scope
of the space and its big data needs amp up. “We’re trying to exist with the
consequences of scale,” Hoskinson said. “We have this homogenous model that
everybody is their own blockchain, everybody has a full copy. This is the idea
Bitcoin brought.” He raised doubts about the continued feasibility of such a
model as usage escalates exponentially. “If you have millions of users year
after year, you end up having blockchains that are in the petabytes scale or the
yottabytes scale,” Hoskinson said. “So how do you preserve this concept of
inclusive accountability, meaning you don’t have a full copy of the blockchain,
yet you’re able when an event happens to verify it with the same trust model as
if you did?” He sees advancements brewing in zero-knowledge cryptography, where
no extra information is shared during an interaction via blockchain to maintain
privacy. Other areas of research and development of blockchain technology
include getting blockchain to work on smartphones without compromising
integrity, he said
4 Stakeholders Critical to Addressing the Cybersecurity Workforce Gap
HR professionals should de-emphasize the importance of certifications for
interns and junior and midcareer professionals and instead focus on
on-the-job training and clearly defined career paths for cybersecurity
professionals. The issue with certifications has existed since before CSIS
in 2010 observed, "It is the consensus of the Commission that the current
professional certification regime is not merely inadequate; it creates a
dangerously false sense of security." ... Compliance professionals should be
aware that their security counterparts are continuously overextended and
seek to automate as many compliance operations as feasible. When responding
to an internal assessment or an external audit, compliance professionals
regularly rely on the security team to collect evidence of internal control
operation and effectiveness. Realistically, this is an "extra" job duty on
the part of security professionals, and as such, these tasks may be done in
a rush or put off to the last minute, due to the more pressing duties on
their limited time.
Our Law Firm Is Too Small to Be in Danger From Cyberattacks – Wrong!
You may be small, but you still hold the valuable data of many people and
small businesses. If you are easy to break into, and criminals armed with
your data can then attack your clients, that’s a very good payday for them.
And just like all businesses, most cybercriminal groups are happy with a
certain level of profit — and many of them wish to avoid the increased
attention and scrutiny from law enforcement and governments that result from
attacks on ‘big game’ firms. ... The long-term costs of a data breach last
for months to years and very often they involve significant expenses that
entities are not even thinking about or anticipating in their planning. What
might this include? Lost or inaccessible data, business disruption, revenue
losses from operational downtime, breach notification costs, legal liability
costs and reputational damage. We would add the significant legal costs of
hiring a data breach lawyer to oversee the breach response and a digital
forensics company to investigate and remediate the breach.
Cross-Functional Collaboration is Becoming Essential for Security Professionals
Security is part of digital trust but just one piece of the equation. Attaining digital trust is a group project that cannot be done in silos, but unfortunately, too many companies are not yet in that mindset. In ISACA’s recent State of Digital Trust 2022 study, only 12% of respondents strongly agree that there is sufficient collaboration among professionals who work in digital trust fields. In many companies, the organizational culture reinforces a stay-in-your-lane mentality, and there’s not much sustained commitment for working cross-functionally. That needs to change, and security teams should do their part to drive toward the broader mission of advancing digital trust. There are many security professionals who are adept at specific areas: endpoint security, identity and access management and threat hunting, etc. There is certainly a place for specialization, but it is important that the team includes people who recognize the importance of sharing knowledge, learning from other teams and finding areas of overlap to approach transformation projects with a holistic approach.
5G Innovations and Cybersecurity Risk
Although there are many benefits of 5G, like any emerging technology it also
introduces diverse threats, and numerous facets of 5G security risk are
still undergoing research. For example, 5G’s accessibility and
multitudinous devices accelerate the likelihood of successful
denial-of-service (DoS) attacks, saturation attacks, eavesdropping and
spoofing attacks. 5G’s extensible architecture and focus on speed could
diminish concerns for adequate security controls to prevent potential
attacks. The National Cybersecurity Center of Excellence collaborates with
vendors such as AT&T, Cisco, Intel and Palo Alto Networks and has
published 5G Security Guidelines for public consultation. In addition, the
European Union Agency for Cybersecurity (ENISA) has published a few 5G
security-related documents. To establish a comprehensive approach for
5G cybersecurity, organizations can leverage frameworks from the
International Organization for Standardization (ISO), the National Institute
of Standards and Technology (NIST) and the Center for Internet Security
(CIS). Experts advise that enterprises acquire intrusion detection and
prevention systems to distinguish attacks.
Digital Banking Transformation Requires Back-Office Evolution
Becoming a future-ready digital banking organization requires a complete
rethinking of all back-office operations. “Organizations should look for the
processes that are tedious, time consuming, and have the greatest impact on
both the efficiency of the organization and the customer experience,”
advises Jim Perry, senior strategist at Market Insights. Automating as many
‘behind the glass’ components as possible will translate into more freedom
to innovate and drive smarter decision making. Automation can lead to more
fulfilling and meaningful work for existing and new employees, eliminating
the fear of becoming obsolete in a digital world. At a time of low
unemployment, the retention of existing employees is crucial. “The next step
is using machine learning and artificial intelligence to take on more
complex tasks that today require a broader range of human judgment,” states
Nicols. This is also an area where collaboration with external solution
providers can provide a significant advantage.
How CFOs Will Tackle Challenges Heading into 2023
Abhi Maheshwari, CFO at Aisera, says he believes it's important to get a
complete 360-degree view of the buyer journey. “This can be achieved only
when all key functions of the business are driving efforts towards the
common end goal of building a strong pipeline and closing more business for
the company,” he says. Whatever marketing technology sales technology or
revenue operations technology can help him achieve this 360-degree view in
our CRM is something he fully supports and backs. “Eventually, it's all
about deriving business value and ROI from investing in tech that scales as
you scale your business,” he adds. ... This requires an honest assessment of
the problem that is being addressed and what the expected and acceptable
range of outcomes would be. “Broadly speaking, a good framework would be for
the CFO to breakdown the components of what exactly makes up ROI, cost,
return, and risk and see if the investment reduces cost, increases returns,
and/or reduces risk,” he explains.
Gartner: Hero CIOs are needed again to save businesses
Lovelock said that before the cloud, CIOs had far more flexibility in how
they managed their IT budgets. “Pre-cloud, CIOs had a lot of autonomy within
their IT budget,” he said. “There are now much less discretionary pieces of
the budget.” For instance, if a CIO wanted to swap out an existing
on-premise general ledger application, it was possible for the organisation
to cut the annual maintenance fee associated with that application in
preparation for the migration to the new platform. But, as Lovelock pointed
out, pay-per-use subscription models reduce this flexibility. “If you are on
a cloud general ledger, the minute you stop paying that bill, you stop
having a general ledger,” he said. For Lovelock, rising costs are
increasingly becoming a factor in the public cloud. He said: “For the first
time, we have seen some pretty big increases in the prices of some cloud
services. Their costs are going up. Their energy costs are going up and
their server costs have gone up. Their staff costs are also going up, so
they need to pass on at least some of this to clients.”
Gartner: IT matters more than ever to attract and keep the best talent
Technology is the new epicenter of corporate culture, and organizations that
experiment openly with technologies that are still considered early in the
Gartner Hype Cycle—the company’s depiction of technologies move from
conception to widespread adoption—will attract talent candidates. “Here’s
why,” Nunno said. “First, because barriers to innovation create friction.
Second, organizations that innovate during tough times, stay ahead of the
pack; and enterprises who innovate publicly attract the best new pack
members. Now is the time to find room in your budgets to be bold.” The way
organizations are handling the hybrid-work environment is a good example of
how things are changing. Nunno said many CIOs have told Gartner that their
world was easier when employees were all in the office or all out of the
office. “Many executives are concerned that hybrid work is damaging
corporate culture, so they're trying to turn back the clock by mandating
employee time in physical offices,” Nunno said.
Quote for the day:
"All organizations are perfectly
designed to get the results they are now getting. If we want different
results, we must change the way we do things." -- Tom Northup
