How to Select the Right Industry Cloud for Your Business
One of the biggest mistakes IT leaders make when shopping for an industry cloud
is searching for a solution without first constructing a holistic strategy,
Campbell says. He recommends focusing on areas that will maximize the overall
investment value, including data management and security operations, while
ensuring both business and IT buy-in. Due to multiple factors, including,
compliance, business continuity, customer trust, and financial health,
cybersecurity should be a central consideration when assessing industry clouds,
says Nigel Gibbons, a director and partner with cyber threat consultancy NCC
Group. ... Gibbons adds that it’s also important to be aware of data sovereignty
requirements and the impact of laws on where and how data is stored,
particularly for businesses operating internationally. To ensure tight alignment
with both present and future business goals it’s important to choose a
forward-looking provider, Gibbons says. “It’s essential to future-proof
investments by choosing a provider that regularly innovates and updates its
offerings.”
What to do when receiving unprompted MFA OTP codes
When receiving an unprompted 2FA code, the account holder should assume their
credentials were stolen and log directly into Amazon, without clicking on any
links in text messages or emails, to change their password. If that same
password is used with any of your other accounts, it should also be changed
immediately on those sites. It is also important to not think that since 2FA
protected your account you no longer need to change your password. This is a
false sense of security, as threat actors have figured out ways to bypass MFA in
the past, so there is no reason to give them the opportunity to do so with your
account. Furthermore, while SMS and email 2FA provide extra protection to your
accounts, they are the most risky MFA method to use. This is because if someone
gains access to your email or phone number, such as through a SIM swapping
attack, they'll also have access to your OTP codes. This would allow them to
reset your password without you knowing until it was too late. Instead, if a
site provides support for authentication apps, hardware security keys, or
passkeys, you should use one of these options instead as they’ll require
attackers to have access to your device to pass the multi-factor authentication
challenge.
Chilling on the Edge: Navigating the challenges of cooling Edge data centers
“In order to manage the complete value supply chain for critical Edge
applications, service support is critical for our end user customers. Our
products are designed with full consideration of service access and maintenance
processes,” he adds. With the global warming phenomenon, summer ambient
temperatures are rising globally, with the UK even seeing thermometers reaching
40 degrees Celsius in some parts in recent times. “The result is that design
considerations for standard products require a summer ambient operation up to 50
degrees ambient in most markets now. This can be exacerbated when we take into
account microclimates, where you have a large population of equipment working
together, further increasing the local ambient temperature” says Ansari.
Increasingly, he adds, greenfield sites are also abandoning raised floor designs
in favour of maximising the indoor cooling space and creating a larger
floor-to-ceiling area. “This seems to have become the norm for Edge and,
increasingly for colo,” he adds. This is ideal for our latest fan wall cooling
range, AireWall ONE™, which is a parametric design suitable for horizontal
airflow and configurable to maximise design options.
EU AI Act agreed: 5 key considerations for businesses for the road ahead
A company may use AI in a variety of ways, such uses falling into different
risk-based categories under the AI Act. Therefore, a ‘one size fits all’ AI
governance strategy may not be appropriate. When structuring an AI governance
team, businesses should consider including individuals from a range of existing
teams to ensure that the requirements of the AI Act can be fully met. For
example, although certain requirements will be familiar to privacy teams (e.g.
risk and impact assessments), when it comes to AI there is a level of technical
knowledge needed relating to testing and monitoring of systems, oversight and
transparency requirements. ... The AI Act will not exist in a vacuum and is not
the beginning and end for AI governance. It must be read alongside other laws in
the regulatory landscape e.g. GDPR. The interplay with privacy is clear, given
that data is at the heart of AI systems. This inextricable link is demonstrated
by, for example, the provisions in the GDPR on automated decision-making.
Earlier this month we saw the first judgment where the CJEU interpreted Article
22 GDPR when deciding what constitutes ‘automated decision-making’
Unpacking The Rise of AI: Its Potential, Its Disruptions, and What It Entails in the Near Future
The timely and cost-effective results produced by AI have already made a host of
businesses replace their human resources with technology, while many others have
started contemplating the same. One of the recent examples is the replacement of
humans with bots in customer service by businesses mainly to save costs and
redirect them towards their core business. AI-driven tools are also better
equipped to study customer feedback and aid businesses and business leaders in
identifying customer preferences and making informed decisions. Meanwhile, AI
has also found its way into the healthcare and finance sectors. In healthcare,
AI has improved diagnostics, personalised treatment plans, and drug discovery,
fostering more effective and targeted medical interventions. In finance, AI
algorithms analyse vast datasets to enhance decision-making, risk management,
and fraud detection. Moreover, according to Goldman Sachs, about 300 million
people could potentially lose their jobs due to automation and technologies like
generative AI. Consequently, there are concerns among professionals and aspiring
students about the potential automation within their domains and the resultant
loss of work.
Surviving the cyber arms race in the age of generative AI
It's critical that industry and government continually evaluate the guardrails
in place to protect the public from unrestrained use of AI, whether by
cybercriminals or established organizations. The EO promises to develop
standards that will ensure AI systems are safe and tested against a rigorous set
of qualifications. These qualifications and standards will require refinement
over time to become truly standardized. The US Department of Commerce will also
develop guidance for watermarking and content authentication to clearly label
AI-generated content, while companies like Alphabet, Meta, and OpenAI have
already made commitments to implement such measures. This approach is resonant
with how the US Secret Service got manufacturers of color copiers and printers
to include digital watermarks on printed pages after the copiers became advanced
enough to counterfeit money. However, it does bring its own unique set of
challenges for bad actors to misuse. To ensure the responsible development and
deployment of AI technologies, the evolution of our legislative framework must
continue. With transparency, visibility, and understanding as cornerstones, the
tech industry and government can work together to mitigate risk and counteract
threats.
Building A Lasting Data Management Strategy Requires A Data-First Mindset
Without the data owners' participation, this project won't work. They're the
experts in the processes underpinned by the data, whether it’s procurement,
marketing, production or another department. They bring a functional view to the
project. The migration is just a means to an end. If you don’t do it in the
context of the business process, you’re just moving ones and zeros. There’s no
value creation. The other side of the coin is the technical people, those who
work closely with the line of business owners to execute the migration. These
are the IT people who understand the tools, the steps and what needs to happen
next. ... As IT and business teams struggle to do more with less, there'll be
increased pressure to make the ROI case even before purchasing new tools.
Historically, there's been a missing link between tool implementation and
recognition at the executive level of the tool’s importance. Data management is
a technical challenge for many enterprises, one that's primarily internal. Poor
governance and a lack of monitoring are the primary factors cited as the causes
of faulty data. As a result, the opportunity resides in a more comprehensive
grasp of data and a more potent means of driving change so that data matches up
with corporate goals.
9 ways to keep your developer team happy
Good feedback is important in any type of job, and software development is no
different. Programmers want to know how they are doing and what they could do to
improve. Developers also want to know whether the products they create are
beneficial to users and profitable for their companies. An important part of
feedback is recognition. This can be informal, such as a team leader paying a
compliment for a successful project, or formal, such as a reward or perk for
work well done. Public recognition among peers is also important. “Regular
recognition and constructive feedback for their contributions are essential for
a developer's happiness,” James says. “Feeling appreciated and acknowledged for
their hard work and expertise can significantly boost job satisfaction.” ...
Developers want to work on projects that push the edge of innovation, such as
software that leverages AI and machine learning capabilities. They also want to
build products that make a difference. Knowing that their organization stands
out in the market is a source of pride and satisfaction. Developers "feel happy
when they are allowed to work on innovative solutions,” says Vinika Garg, COO of
Webomaze, an SEO agency.
The Three Most Important Emerging AI Trends in Data Analytics
As AI-enabled applications performing analytics are spun up, it is increasingly
critical that the training and production data sets are unbiased and
incorruptible. Bad training or production data sets that are biased or just out
of date can lead the system to make bad recommendations and worse decisions.
Ensuring the safety of the data includes a legal process (asking the firm to
guarantee that the data in the repository isn’t owned by someone else who might
take exception to its use) and some form of indemnification. The use of
indemnification isn’t consistent, however, with some of the more mature firms
indemnifying their customers and some of the other firms asking for
indemnification from their customers. ... AI is very expensive to run in the
cloud because it uses substantial processing and storage resources. However, if
you can shift the load to the client, it frees up those resources and allows for
faster results with some loss of trainability and customization as, typically,
the clients use a compressed data set and inferencing that is more limited than
the capabilities of a cloud implementation.
Creating a formula for effective vulnerability prioritization
Systems should operate continuously and collect live data to drive vulnerability
prioritization efforts based on actual usage. Traditional vulnerability systems,
on the other hand, typically collect information periodically – on-demand,
weekly, and even monthly. However, the lack of current exposure context can lead
to resourcing and security gaps. This causes a significant human resource
overhead and creates security gaps since the information doesn’t present a
current map of the organization’s exposure. Automated and continuous
prioritization adapts to a dynamically changing attack surface. In turn, teams
gain greater accuracy with less reliance on manual data collection and analysis.
Automated systems allow for greater capacity to digest more (and higher
priority) data and better leverage existing resources. In parallel,
organizations should consider deploying patchless protection to reduce their
attack surface until patches are deployed. Patchless protection protects known
vulnerabilities that haven’t been patched yet while preventing unknown
vulnerabilities from causing damage.
Quote for the day:
“If you don’t value your time, neither
will others. Stop giving away your time and talents. Value what you know &
start charging for it.” -- Kim Garst
