Why Your Current Job May Be Holding Back Your IT Career
Failing to pursue professional development opportunities and not maintaining a
current and relevant skillset are both great ways to shift a career into
neutral. “This includes not keeping up with the latest industry trends and
technologies, not networking with other professionals, and not pursuing
additional training or education opportunities,” Delfine says. “IT professionals
need to continually develop their skillsets and be aware of and learn new
methods and tools that can be applied across multiple industries.” Another
mistake is spending too little or too much time in a particular role. Knowing
when to stay and when to move on is a skill within itself, says Erin Goheen,
vice president of technology at freight and logistics services firm XPO. “I've
seen cases where job-hopping can be detrimental to one's career because it
prohibits technologists from maximizing the amount of learning and skill
development gained in a particular role,” she explains. “Conversely, if you’re
in a role for too long and you're no longer learning and expanding your
professional capabilities, other professionals who are actively growing in
similar roles will pass you in their career trajectories.”
Top risks and best practices for securely offboarding employees
Shadow IT and information systems that aren’t part of a business’s identity and
access management (IAM) architecture are a huge risk to successful, secure
offboarding, says Richard Jones, global CISO at Orange Cyberdefense. This is
magnified for cloud and SaaS systems/applications that don’t require specific
network access or physical presence in an office, with IT teams often unaware of
the extent of employees’ SaaS usage. ... Another challenge is managing software
asset licenses. If employees aren’t properly offboarded from cloud system
licenses this can lead to excessive IT costs as well as security risks, as
licenses are often changed per user, per month, Jones says. It’s not just the
risks of outgoing employees themselves that CISOs need to consider. “In most
cases, mass layoffs cause remaining employees to be concerned about their job
security, which can increase insider threats and introduce security gaps caused
by unintentional negligence,” says Mohan Koo, CTO at DTEX Systems.
How Cybersecurity Leaders Can Capitalize on Cloud and Data Governance Synergy
In today’s modern organizations, explosive amounts of digital information are
being used to drive business decisions and activities. However, both
organizations and individuals may not have the necessary tools and resources
to effectively carry out data governance at a large scale. I’ve experienced
this scenario in both large private and public sector organizations: trying to
wrangle data in complex environments with multiple stakeholders, systems, and
settings. It often leads to incomplete inventories of systems and their data,
along with who has access to it and why. Cloud-native services, automation,
and innovation enable organizations to address these challenges as part of
their broader data governance strategies and under the auspices of cloud
governance and security. Many IaaS hyperscale cloud service providers offer
native services to enable activities such as data loss protection (DLP). For
example, AWS Macie automates the discovery of sensitive data, provides
cost-efficient visibility, and helps mitigate the threats of unauthorized data
access and exfiltration.
Seven Tips for Achieving Dynamic Professional Transformation with Framework Modeling
Framework modeling can be a significant differentiator and can empower
professionals with rich knowledge repositories of best practices derived from
frameworks. The modeling of the framework offers a big-picture approach and
life cycle perspective for achieving goals. This can aid professionals as
existing and emerging technologies impact which professional skills are
relevant and required in the market. Innovative technologies continue to
emerge and create an impact on employment due to new services made possible
through innovation and automation. For example, there is much speculation
about how ChatGPT will impact employment opportunities in various lines of
work. There is also widespread concern that management will prefer to harness
technology rather than employees when considering value delivery in the
future. Hence, professionals as knowledge workers can benefit by upgrading
their skills by adapting the framework modeling approach. ... Framework
modeling can be considered the skill of carving the required knowledge from
the structure and contents of a framework per an enterprise’s needs.
FBI and FCC warn about “Juicejacking” – but just how useful is their advice?
The idea is simple: people on the road, especially at airports, where their
own phone charger is either squashed away deep in their carry-on luggage and
too troublesome to extract, or packed into the cargo hold of a plane where it
can’t be accessed, often get struck by charge anxiety. Phone charge anxiety,
which first became a thing in the 1990s and 2000s, is the equivalent of
electric vehicle range anxiety today, where you can’t resist plugging in for a
bit more juice right now, even if you’ve only got a few minutes to spare, in
case you hit a snag later on in your journey. But phones charge over USB
cables, which are specifically designed so they can carry both power and data.
So, if you plug your phone into a USB outlet that’s provided by someone else,
how can you be sure that it’s only providing charging power, and not secretly
trying to negotiate a data connection with your device at the same time?
What’s if there’s a computer at the other end that’s not only supplying 5
volts DC, but also sneakily trying to interact with your phone behind your
back?
7 keys to controlling serverless cloud costs
Overprovisioning memory and CPU allocation are two culprits often found behind
serverless computing cost overruns. When you execute a serverless function in
your cloud application, your CSP allocates resources according to the
function’s configuration. Then when billing time comes around, your CSP bases
your billing on the amount of resources your application consumes. It makes
good business sense to spend the extra time during the design phase to
determine the appropriate amount of resources that each serverless function
requires, so you’re minimizing costs. Train your cloud developers to use
compute only when necessary, advises CloudZero. They give the example of using
step functions to call APIs instead of Lambda functions, meaning you only pay
for the step functions. The major CSPs and cloud management platforms include
key performance indicator (KPI) monitoring dashboards of one form or another.
You can also use observability tools, such as Datadog, for KPI monitoring.
Monitoring your serverless KPIs should figure prominently in your project and
deployment plans.
New DDoS attacks on Israel’s enterprises, infrastructure should be a wake-up call
“Generally speaking, all these attacks happen with more or less sophisticated
forms, either abusing different vulnerabilities and systems or brute force
DDoS,” Izrael said. “What’s different about these is that an unsophisticated
DDoS tactic would be to blast a website with traffic and take it down. What’s
happening here is that attackers have been targeting a lot of weak spots where
they are taking down services.” Izrael added that the attackers have also
managed to hobble, albeit briefly, smart IoT functionality at individual
homes, buildings and other structures. Justin Cappos, professor of computer
science and engineering at the NYU Tandon School of Engineering, said network
provisioning operators need to pay attention to any new group launching
large-scale DDoS attacks. ... Izrael said the combination of direct attacks by
the Iranian government and indirect attacks by affiliated groups achieves two
goals: keeping the provenance of the attacks very murky and making the attack
seem bigger because the origin of the attacks is unclear.
Rising to the challenge: the role of boards in effective bank governance
Effective governance has been a priority of our supervision for several years,
and will continue to be in the years to come. As part of our work on this priority, we are carrying out an update of our
supervisory expectations on governance. Today’s seminar is an important opportunity to listen to the industry as we
fine-tune those expectations, and marks one of many milestones along the way.
Particularly in the current climate, it is essential for banks to have strong
and effective governance. A bank needs a board that can steer it through calm
and stormy waters alike, setting the compass on the strategy for the bank,
while ensuring a sustainable business model and monitoring risks in a
forward-looking manner. In today’s environment, backward-looking indicators of
risk might be misleading. It is therefore more important than ever for boards
to be vigilant. Boards need to take a proactive approach to identifying
emerging risks and trends, assessing potential impacts on the bank, and taking
appropriate actions to mitigate them.
Unlocking the power of a multigenerational workforce
Those organisations that don’t innovate die a slow death; those who are not
open to change and not forward-looking will not be far behind. Organisations
have to constantly employ different ‘listening methods’ to gauge the pulse
of employees across generations, check on new trends and keep revisiting
their programs and policies to imbibe what’s new, instead of sticking to the
‘tried and tested’. ... Learning only happens when one’s thoughts and
opinions are challenged by those people from entirely different backgrounds
or have a very different thought process from that of one’s own. The influx
of talent from diverse groups, especially from across generations hence
continues being very essential for the organisation. The early-age talent
brings enthusiasm and challenge; the older age group folks infuse
much-needed wisdom and experience! Sensitising managers and leaders: Since
they hold the staff for taking the organisation ahead, especially in
turbulent times. ‘How to lead a team with members across generations’ is a
learning module that organisations must learn to invest in – incorporating
elements like empathy, situational leadership and leaving one’s ego
behind.
CIO Fletcher Previn on designing the future of work
The network that can properly support hybrid work needs to be more
distributed, porous and has a very different attack surface than when we
were all in the office. Technologies like Zero Trust become even more
important, along with split tunnel VPNs and having the right endpoint
security strategy so you don’t have to backhaul all the traffic in order to
inspect it. You need carrier and path diversity at your carrier neutral
facilities and network points of presence, and you want to have a good
peering strategy so you can bring applications closer to the end users and
take traffic off the public internet. Full-stack observability becomes more
urgent in a hybrid world. How do we really understand our employee
experience our employees are having when they are connecting from across all
sorts of networks that we don’t manage? We need to understand the
performance of the public internet and various SaaS tools in order to really
know what our hybrid work experience is going to be for our people. We also
need tools that provide valuable observability that lets us detect and fix
problems before our employees even know there is an issue brewing.
Quote for the day:
"Leadership should be born out of
the understanding of the needs of those who would be affected by it. " --
Marian Anderson
