2024 - IT Management - Analysis, Surveys, Trends and Opinions
  • 30 Nov 2024
  • 469 Minutes to read
  • Dark
    Light

2024 - IT Management - Analysis, Surveys, Trends and Opinions

  • Dark
    Light

Article summary

Weekly and Monthly sponsorships are available.

This curation starts in September 2023. To see our previous curation, click here.

Title/Link

Description

Category

Information Week - Why Are Organizations Still Getting Hacked?

It’s been 30 years since the introduction of the World Wide Web to the public, and it’s evident that we don’t have 80 years to only create, but also embrace, technology to enforce internet security and safety. The threats are accelerating, and neither the US Government nor free credit monitoring alone can save us.

Security

Network Computing - -Cisco Report: Enterprises Ill-prepared to Realize AI’s Potential

Companies are experiencing a real urgency from their leadership to make the most of AI within the next 18 months. Close to 85% of companies surveyed believed they only have 18 months to begin showing how AI is impacting their business. Meanwhile, close to half, or 59%, give themselves only 12 months to show AI’s impact on their organizations.

AI

TechTalks - What to know about custom evals for LLMs

Currently, providers of LLMs measure and publicize the performance of their models based on their score on public benchmarks such as MMLU, MATH, and GPQA. But most enterprise applications want to measure performance on very specific tasks.

AI/LLM

GeekWire - Beyond the Buzz: Making AI Work for Large-Scale Web Data Collection

Does all this mean that the time for creating ChatGPT analogs or copilots for specific industries has passed? Not necessarily. If you can specify the problem and envision how current AI capabilities can help solve it, there is plenty of reason to go after it. To see how this might work, we took a look at the case of web scraping and the industry’s latest AI-based innovation, OxyCopilot — an AI assistant developed by Oxylabs for building scraping and parsing pipelines with minimal coding required.

AI

Cyber Defense Magazine - Securing AI Models – Risk and Best

Data Pipeline attack – The entire pipeline of data collection to data training provides a large attack surface that can be easily exploited to obtain access, modify data, or introduce malicious inputs and cause privacy violations.

AI/Security

PCMag - The Next Hot Cybersecurity Skill for Your Resume? Empathy

Adobe’s also seeks to develop empathetic cybersecurity teams by working with nonprofit organizations. The program provides volunteer security support for nonprofits in need. “For me, empathy is the number one skill that we need in individuals that enter the field,” said Van Horenbeeck. “By having our engineers work with organizations that are so different from technology companies, I think they really get to learn about how their advice is taken in real life.”

Security

Computerworld - The biggest IT threat? That seemingly innocuous web browser

Somehow, IT permits any browser to be used in their sensitive environments. Can you imagine that being permitted for anything else? How many CIOs would tell workers they can use whichever VPN app they want, including free consumer-grade VPNs? Would an enterprise CIO be OK with someone in finance ignoring the corporate license for Excel and instead opting to put sensitive payroll details into a freeware spreadsheet found at a gaming site in China? Or maybe an employee could forego a company-paid Zoom account for discussions of that upcoming acquisition and use a freebie service no one’s ever heard of?

Security

ZDNET - Most companies will increase IT spending in 2025. But there's a twist in the tale

Most employers (57%) said they have trouble finding employees with the required expertise and potential candidates aren't very confident in some in-demand IT skills. IT talent gaps were most pronounced in cybersecurity, data analysis, scripting/coding, and conflict resolution. Looking to the future, confidence in artificial intelligence (AI) skills was also low at 57%.

IT Management

VentureBeat - Getting started with AI agents (part 2): Autonomy, safeguards and pitfalls

These rules should be defined on a case-by-case basis and can be declared in the agent’s system prompt — or in more critical use-cases, be enforced using deterministic code external to the agent. One such rule, in the case of a purchasing agent, would be: “All purchasing should first be verified and confirmed by a human. Call your ‘check_with_human’ function and do not proceed until it returns a value.”

AI

VentureBeat - Getting started with AI agents (part 1): Capturing processes, roles and connections

As they take on different tasks, agents should be allowed to talk to each other. For example, imagine your company intranet with its useful search box directing you to the apps and resources you need. If you are a large enough company, these apps owned by different departments each have their own search boxes. It makes a lot of sense to create agents, maybe by using techniques like retrieval augmented generation (RAG), to augment the search boxes.

AI

Network Computing - Take The Guesswork out of Optimizing your Processes

For example, business process management (BPM) software can aid in automating and managing complex processes, and data analytics tools can provide insights into performance and identifying improvement opportunities. And, when generative AI is incorporated into the mix, routine tasks can be automated, workflows can be optimized, and organizations can better predict outcomes.

Process Automation

CIO Influence - KnowBe4 Predicts AI Advances Will Shape Evolving Landscape of Cyber Threats and Defenses

However, cybercriminals are also adopting AI to create more advanced attack methods. For instance, AI-powered social engineering campaigns that manipulate emotions and target specific vulnerabilities more effectively will make it difficult for individuals to distinguish between real and fake content. As AI capabilities evolve on both sides, the standoff between defenders and attackers intensifies, making constant innovation and adaptation crucial.

Security

ITPro Today - IT Jobs Outlook 2025: Evolving Skills, AI, Workplace Flexibility Will Shape IT Workforce

"With AI, we can solve more problems than ever before, and that creates more opportunities for jobs and skill sets in the market," Saxena said. "I don't believe we are at the point yet where AI is impacting IT jobs because it can't write and execute code at scale."

Tech Jobs

Forbes - Tech Trends For 2025: The Rise Of Specialized AI And Trust-Based Innovation

The shift from massive, general-purpose AI platforms to specialized, focused solutions shows that businesses are starting to understand that bigger isn't always better. Those who choose to adopt micro LLMs where appropriate, leverage generative analytics to bridge capability gaps and prioritize trust and transparency will be able to succeed while maintaining the confidence of both customers and stakeholders.

AI

Network Computing - Achieving Optimal Outcomes in Security Through Platformization

Each of these solutions requires trained experts, has its own specific configurations, consoles, and rating systems, and each one gathers data into its own silo, with a corresponding unique set of reports and dashboards. This results in a disjointed patchwork of tools, making it difficult for most organizations to quickly and easily understand their security hygiene posture or how well they've deployed these security products to protect their environments.

Security

Network World - Cisco: Pressure to deploy AI is up, but only 13% feel ready

“Interestingly, a large number of respondents in our survey noted that their AI investments have not yet delivered the gains they expected. Nearly 50% of respondents reported not seeing any gains or gains below expectations in areas such as assisting, augmenting, or automating a process or operation,” the report stated.

AI

CIO Influence - Byte-Sized Battles: Top Five LLM Vulnerabilities in 2024

These silicon sages, armed with terabytes of text and algorithms sharp enough to slice through the densest topics, have turned mundane queries into epic tales and dull reports into compelling narratives. This explains why nearly 65% of organizations have reported using AI-driven solutions in at least one business function, with LLMs playing a prominent role in cybersecurity and other critical areas, according to a recent McKinsey survey.

AI/LLM

Information Week - Prioritizing Responsible AI with ISO 42001 Compliance

To combat nefarious use and promote transparency around the new technology, the International Organization for Standardization (ISO) recently released ISO/IEC 42001. The new standard guides the ethical and responsible development and deployment of artificial intelligence management systems -- effectively giving organizations a vehicle to demonstrate that their approach to AI is ethical and secure.

AI Ethics

Network Computing - Accelerating Recovery with AI-Enhanced Data Resilience

Recent research suggests that the average cost of unplanned IT downtime now averages almost $15,000 per minute, proving once again that time is money. This makes data resilience more important than ever, but it's becoming increasingly difficult to recover quickly and stem losses.

Data Management

The Hacker News - Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

As cyber threats grow more sophisticated, relying solely on PAM to secure privileged accounts is inadequate. Traditional PAM systems focus on controlling and monitoring access but often fail to address advanced tactics like lateral movement, credential theft, and privilege escalation. These tactics can bypass many of the safeguards PAM implements.

Security

CSO - 11 biggest financial sector cybersecurity threats

The majority (84%) of all security debt affects first-party code, but the majority (78%) of critical security debt comes from third-party dependencies. Researchers found that financial organizations fix half of first-party flaws in the first nine months, compared to 13 months for third-party flaws.

Security

Network Computing - Navigating the Urgent Migration to Windows 11

This cessation will create a significant technological divide between companies that have upgraded and those that still need to, potentially placing the latter at a severe disadvantage in terms of security and operational efficiency. The financial implications of delaying the migration are also steep, with costs for Microsoft’s Extended Support Updates starting at $61 per user in the first year and escalating to $244 per unit annually by the third year.

IT Management

Dark Reading - How CISOs Can Lead the Responsible AI Charge

A PwC survey highlighted a stark reality: 40% of global leaders don't understand the cyber-risks of generative AI (GenAI), despite their enthusiasm for the emerging technology. This is a red flag that could expose companies to security risks from negligent AI adoption. This is precisely why a chief information security officer (CISO) should lead in AI technology evaluation, implementation, and governance

AI/Security

Information Week - 6 Cloud Trends to Watch in 2025

“Enterprises have done little to evolve their detection and response capabilities to meet the unique aspects of the cloud environment. They are relying on processes and technology designed for securing on-prem infrastructures and it’s insufficient. It’s a combination of lack of awareness of the problem, in addition to inertia.”  

Cloud

Network World - Cloud creates network blind spots, complicates problem resolution

The findings also show that 84% of respondents “regularly learn about network issues from users,” which means end users or customers are already experiencing performance problems when IT first realizes there is an issue. Among respondents, 84% have five or more network management tools today, while 42% said they have 11 or more.

Cloud

VentureBeat - 3 leadership lessons we can learn from ethical hackers

The best hackers have mastered what I call the “hacker mindset.” It is a relentless commitment to curiosity, vision, transparency and shaping the world — despite perceived boundaries. Many of the best leaders I’ve met in my career also embody these traits, which converge as a fearlessness to disrupt the status quo. Sometimes, the best leaders are hackers.

IT Management

Network World - AI, cybersecurity drive IT investments and lead skill shortages for 2025

As new technologies emerge, IT decision-makers must also assess the skills they have in-house to make the most of the innovative tools. In this study, Skillsoft found that 19% of respondents believe there is a “high risk of organizational objectives not being met due to skills gaps.” According to Skillsoft, 65% of respondents said they continue to face skill gaps on their teams, with over half (56%) anticipating them to persist over the next one to two years.

Tech Jobs

Forbes - Demonstrating Cybersecurity ROI: How To Get The C-Suite On Board With Zero Trust

This concept can be surprisingly simple to explain to the C-suite, as it mirrors physical security: If you want to physically secure an asset like a laptop, you can lock it to a desk. Locking the laptop down physically doesn’t prevent threats from getting into the room, but it does prevent theft. That’s a concept any business executive can understand.

Security

CSO - Implementing zero trust in AI and LLM architectures: A practitioner’s guide to secure and responsible AI systems

Homomorphic encryption allows computations on encrypted data, ensuring privacy even during processing. This revolutionary approach means data can remain encrypted throughout the entire AI pipeline, from ingestion to model training and inference. While computationally intensive, advances in this field make it increasingly practical for real-world applications.

AI/Security

ZDNET - Sticker shock: Are enterprises growing disillusioned with AI?

Hitting a "data wall": The main issue enterprises are running up against is "not because the generative AI technology is bad, but because their data's bad," he explained. The challenge is "there's no easy fix for this, you're going to have to stop what you're doing, loop back, and fix your data. For many of these organizations, that particular problem hasn't been addressed for the last 20 or 30 years.

AI

ITPro Today - SolarWinds Report Reveals Surprising Trends in ITSM Efficiency

Most surprisingly, the analysis suggests that teams handling larger ticket volumes often demonstrate better performance than those with lighter workloads. The report also reveals that conventional solutions such as adding more service desk agents may be less effective than previously thought.

IT Management

CIO Influence - Palo Alto Networks Outlines the Convergence of Cybersecurity and AI with 7 Game-Changing Predictions for 2025

With AI orchestrating cyberattacks like a skilled quarterback, organizations can no longer rely on a passive zone defense. They must embrace an offensive unified platform approach to stay ahead in the game. The real advantage will go to the organizations that can centralize their data, enabling AI outcomes we have yet to see, and make the decisions now that will enable their security and success for the future.”

AI/Security

Diginomica - IFS Unleashed 2024 - 'Customer success is not go-live. It's ongoing value realization'

For many technology vendors, customer success is measured by how successfully the customer implements and adopts their products. At diginomica, we've long argued that this view is far too narrow — that what matters is whether the technology is helping the customer achieve their desired business outcomes. After all, enterprises aren't investing in technology simply for its own sake (surely not?). They're doing it to move their business forward.

Vendor Management

The Hacker News - The ROI of Security Investments: How Cybersecurity Leaders Prove It

Second, we're able to reduce the cost of third-party contractors. Traditionally, we relied heavily on external expert contractors, which can be costly and often limited in scope. With human expertise built into a platform like Pentera, we reduced our dependence on expensive service engagements. Instead, we have internal staff - analysts with less expertise - running effective tests.

Security

InfoWorld - Breaking down digital silos

To absolutely no one’s surprise, a new Gartner survey of more than 3,100 CIOs and technology executives found that 52% of digital initiatives fail. If anything, the surprise is that the number isn’t higher. Way back in 2014, I was writing about how and why big data projects fail. “Most companies simply don’t know what they’re doing when it comes to big data,” I said.

Data Management

Information Week - Retrieval-Augmented Generation Makes AI Smarter

RAG increases the odds that results are accurate and up to date by checking external sources before serving up a response to a query. It also introduces greater transparency to models by generating links that a human can check for accuracy. Then there’s the fact that RAG can trim the time required to obtain information, reduce compute overhead and conserve energy.

AI/RAG

Microsoft - Explore AI models: Key differences between small language models and large language models

An SLM focuses on specific AI tasks that are less resource-intensive, making them more accessible and cost-effective.1 SLMs can respond to the same queries as LLMs, sometimes with deeper expertise for domain-specific tasks and at a much lower latency, but they can be less accurate with broad queries.2 LLMs are an excellent choice for building your own enterprise custom agent or generative AI applications because of how capable they are.

LLM/SLM

CIO Influence - As GenAI Democratizes Bots, Cybersecurity Must Evolve to Understand Their Intent

According to Gartner, by 2026, machine customers—AI-driven bots and virtual assistants—are expected to manage $1.9 trillion in business transactions globally, a testament to their growing role in everyday business operations. This integration means that bots are no longer solely tools of cyber criminals but have become essential components in driving business efficiency and innovation.

AI/Security

The Hacker News - The ROI of Security Investments: How Cybersecurity Leaders Prove It

Security Validation is about putting your defenses to the test, not against theoretical risks, but actual real-world attack techniques. It's a shift from passive assumptions of security to active validation of what works. It tells me the degree to which our systems can withstand the same tactics cybercriminals use today.

Security

VentureBeat - Identity management in 2025: 4 ways security teams can address gaps and risks

The bottom line is that identities continue to be under siege, and adversaries’ continued efforts to improve AI-based tradecraft targeting weak identity security are fast-growing threats. The Identity Defined Security Alliance (IDSA) recent report, 2024 Trends in Securing Digital Identities, reflects how vulnerable identities are and how quickly adversaries are creating new attack strategies to exploit them.

Security

Dark Reading - Oh, the Humanity! How to Make Humans Part of Cybersecurity Design

Instead, organizations should pursue a human-centric cybersecurity (HCC) approach, focusing on processes and products that account for users' needs and motivations and incentivize secure behaviors. An HCC program includes security-awareness and anti-phishing training, adds user feedback channels to security products, and aims to reduce the security responsibility placed on the average person

Security

CognitivePath - Understanding AI Agent Hype: Promises versus Potential

In the promised future of the hype cycle, AI agents will act independently of humans to accomplish complex tasks using algorithmic “reasoning” and any frameworks governing the algorithm to determine the most probable course of action. An AI agent does not check with the human for the next steps; it simply executes against the original human-provided direction (e.g., prompt) within the confines of its governing rules and the quality of the training data it uses.

AI

Computerworld - IT certifications for cloud architects, data security engineers, and ethical hackers yield the biggest pay boosts

Pay for workers with IT certifications rose as much as $40,000 over last year, as companies seek new skillsets among their current and potential employee base. But certifications for AI skills have been slow to gain traction.

Tech Jobs

Information Week - GenAI’s Impact on Cybersecurity

“If a bad actor uses GenAI, you'll get bad results for you. If a good actor uses GenAI wisely you'll get good results. And then there is the giant middle ground of bad actors just doing dumb things [like] poisoning the well and nominally good actors with the best of intentions doing unwise things,” says Arlen. “I think the net result is just acceleration. The direction hasn't changed, it's still an arms race, but now it's an arms race with a turbo button.”

AI/Security

Fast Company - After soaring tech adoption, businesses now reckon with tech sprawl.

Nearly four years later, these businesses face pressures to cut costs and drive efficiency—all while maintaining and growing their operations. For many, the tangled web of technology systems is skyrocketing their operating costs and bogging down their productivity. Ripping and replacing technologies pose numerous other challenges and costs that many businesses can’t afford.

IT Management

The Hacker News - 9 Steps to Get CTEM on Your 2025 Budgetary Radar

Moreover, it provides continuous visibility into an organization's attack surface, allowing for real-time identification of new vulnerabilities and exposures. This proactive approach enables organizations to address threats before they can be exploited. You get the opposition's playbook, which allows for more effective risk prioritization and mitigation. It goes beyond simple vulnerability scores to provide context-aware prioritization, considering factors such as asset criticality, threat intelligence, and exploitability

IT Management

Network World - Broadcom launches VeloRAIN, using AI/ML to improve network performance

The immediate practical benefit, however, will be consuming Broadcom-built, VMware product-delivered AI technologies without the need for governance, strategies, and ethics boards to improve network operations and end-user experience. For I&O [infrastructure and operations] leaders looking to get the innovation check mark — yes, this will help future-proof you for an eventual private AI cluster.

Network Management

Information Week - Letting Neurodiverse Talent Shine in Cybersecurity

Throughout his career, Campbell has found hyperfocus to be one of his strengths. “Scrolling through tens of thousands of things, of log files, hyper-focusing on that, and being able to intuitively pattern match or detect pattern deviations was a huge benefit in both tech support and security,” he says.  

Tech Jobs

InfoWorld - Cloud providers make bank with genAI while projects fail

You don’t need to look far for the disappointing stats. Gartner estimates that 85% of AI implementations fall short of expectations or aren’t completed. I see the same thing in my practice: Projects start and then stop, many never to be resurrected. You can google all the other reports of AI bad news; the general trend is that companies are good at spending money but bad at building and deploying AI.

AI

Forbes - The 7 Revolutionary Cloud Computing Trends That Will Define Business Success In 2025

Picture this: A world where quantum computing is as accessible as checking your email, where AI automatically optimizes your entire cloud infrastructure, and where edge computing seamlessly melds with cloud services to deliver lightning-fast responses. This could be the cloud computing landscape in 2025, and it's about to revolutionize how businesses operate.

Cloud

eWeek - AI Cost Optimization: 27% Annual AI Growth Demands Strategic Planning

It’s not just the initial investment that’s significant. In addition to hardware costs, investment in software solutions—including AI algorithms and integration platforms—adds another layer of financial commitment. Because AI solutions’ design, development, and management require highly skilled professionals with substantial salaries, enterprises must also invest in skilled talent. The list doesn’t end there. Businesses have to consider ongoing maintenance, upgrades, and scaling costs. These aspects contribute to a daunting but essential financial backdrop for long-term strategic success.

AI

Information Week - How Enterprises Use Cloud to Innovate

Cloud-delivered services enable companies to experiment more freely and execute new ideas faster and more efficiently than if they had to invest the capital expenses and time to build out on-prem IT infrastructure from scratch.

Cloud

Forbes - AMD’s CIO On AI-Driven Transformation And The Future Of IT

Assist, Action, Automate and Autonomous. Assist entails the use of chatbots, copilots and questions and answer functionality. Action fosters transactions, suggestions and alerts. Automate aids the refinement of end-to-end processes and further systematization. Finally, autonomous projects the creation of digital personas, providing self-deciding technology and supervisor-less capabilities.

AI

CIO Influence - The Identity Security Challenge

That’s why we believe in the power of community-driven identity security initiatives – platforms dedicated to tackling these tough identity security issues head-on. Professional security communities raise awareness of the importance of effective identity security posture management (ISPM) strategies, bringing together cybersecurity experts from all backgrounds. T

Security

Information Week - 5 Tips for Balancing Cost and Security in Cloud Adoption

Cloud misconfigurations can lead to vulnerabilities, such as leaving sensitive data in unprotected storage buckets. Regular reviews and automated tools designed for cloud environments can help ensure security settings, such as access to control lists and encryption policies, are properly configured and updated.

Cloud

InfoWorld - The machine learning certifications tech companies want

In a March 2024 report, the employment marketplace Upwork placed machine learning, which is an essential aspect of artificial intelligence (AI), as the second most needed data science and analytics skill for 2024, as well as one of the fastest-growing skills. The AI and ML subcategory saw 70 percent year-over-year growth in the fourth quarter of 2023, Upwork says.

Tech Jobs

Data Science Central - The Four Pillars of AI-driven Innovation

Data-driven economics focuses on understanding and maximizing the economic value of data. Unlike traditional assets that depreciate, data appreciates as it is used across different scenarios, making it a powerful driver for business transformation. This pillar emphasizes the importance of monetization, sustainable ROI, and strategic use of data to create value. By treating data as a reusable asset, organizations can prioritize initiatives that offer the most significant economic impact, ensuring that innovation efforts are financially viable and scalable.

Data Management

Computerworld - Landing a tech job is tough: here’s how to beat the challenges in today’s market

Job data over the past two years have been a mixed bag of good times and bad; 260,000 tech workers were laid off in 2023, with another 142,000 getting pink slips so far this year, according to Layoffs.fyi. At the same time, US unemployment data released last month showed unexpected growth overall for tech job listings and hiring, along with a marked shift in the kind of workers organizations need — AI talent is no longer at the top of the list.

Tech Jobs

Computerworld - Agentic AI swarms are headed your way

In an agentic AI swarm future, state-sponsored hackers will be able to create individual specialist AI agents to do each of these tasks, and enable the agents to call into play the other agents as needed. By removing the “bottleneck” of a human operator, malicious hacking can take place on a massive scale at blistering speed.

AI/Security

ITPro Today - Tech Layoffs and Cybersecurity: Why Downsizing Puts Companies at Greater Threat

Unsurprisingly, academic researchers conclude that this risk is especially prevalent when businesses inform employees about layoffs before they happen, leaving them a window of opportunity to wreak havoc before the company cuts off their access to IT systems.

Security

Information Week - Multimodal AI: The Future of Enterprise Intelligence?

Multimodal AI potentially touches chatbots, data analytics, robotics, and numerous other areas. According to research conducted by Gartner, only about 1% of companies were using the technology in 2023 but the figure is projected to jump to 40% by 2027. The technology will have a “transformational” impact on the business world, Gartner reports. “It enables use cases that previously weren’t possible,” Chandrasekaran says.

AI

Network World - Network jobs watch: Hiring, skills and certification trends

“Overall, the IT job market is characterized by a significant imbalance between supply and demand, which continues to drive salaries higher. Our data suggests that tech professionals skilled in cloud computing, security, data privacy, and risk management, as well as able to handle complex, multi-faceted IT environments, will be well-positioned for success,”

tech Jobs

Network Computing - Refreshing Your Network DR Plan

Most sites find that they need to revisit and update their DR plans. These plans have historically been directed toward the restoration of enterprise systems and, best, restoration of an entire enterprise network. They don’t necessarily address new network deployments such as subnetworks, micro networks and edge computing.

Disaster Recovery

Fedscoop - How federal IT officials are navigating the post-AI executive order ‘hype cycle’

At the Federal Deposit Insurance Corp., Zach Brown, the agency’s chief information security officer, said the approach to AI internally has focused on “fundamentals” and “the basics.” That means the FDIC is “able to do some things a little bit quicker” with the technology, but a “human in the loop” is even more necessary to provide “the reasonability and the transparency and the explainability,” he said.

AI

Information Week - 7 Things That Need to Happen to Make GenAI Useful to Business

“Productizing GenAI has proven to be incredibly illusive. Commercials for AI services insist you must adopt AI in your business processes in order to remain competitive. Meanwhile, the difficulties in actually productizing GenAI are now starting to have tangible effects on financial markets, as tech companies struggle to justify their capital expenditures on AI hardware and infrastructure.”

AI

Insurance Business - Navigating cyber risks: Forecasting the 2025 landscape

The first prediction focuses on “AI2,” or the “artificial inflation” of artificial intelligence, which is expected to see a decrease in hype across various industries. While AI will continue to be useful for basic automation and workflows, many of the “over-promised” capabilities in security will likely fall short by 2025, the analysts said. The limelight is expected to shift towards practical applications that enhance security without overwhelming organisations with marketing noise.

Security

Information Week - How To Turn an IT Disruption to Your Advantage

One of the toughest things for CIOs is to get funding for issues that haven’t yet occurred. Who among us likes paying for problems that haven’t yet happened? Cost avoidance can seem hypothetical versus solving problems that are clear and present dangers.  

IT Management

CSO - The 10 biggest issues CISOs and cyber teams face today

Moreover, Hamidi says he and other security chiefs must contend with all that rapid-fire change in ways that help the business grow and evolve; in other words, security can’t bring friction that hurts the business in the marketplace.

Security

Computerworld - Meta, Apple say the quiet part out loud: The genAI emperor has no clothes

Would a CIO ever trust a human employee with such tendencies? Not likely, but IT leaders are regularly tasked with integrating genAI tools into the enterprise environment by corporate executives expecting miracles.

AI

CSO - Security outsourcing on the rise as CISOs seek cyber relief

“The existing tools enterprises have had have become insufficient because of the increased attack surface that has come from the migration of more IT functions to the cloud,” Robinson said. “Companies are faced with too many alerts so taking advantage of outsourced technologies to handle functions such as managed detection and response [MDR] suddenly starts to make a lot of sense.”

SEcurity

Blocks & Files - High-quality data key for effective AI agents

In fact, 55 percent of organizations avoid certain GenAI use cases due to data-related issues, according to Deloitte research. The consultancy also found that 75 percent of organizations have increased their tech investments around data lifecycle management due to GenAI.

Data Management

Diginomica - IFS Unleashed '24 - 'You need an AI business plan,' says IFS CEO

Aware of the urgency of helping customers make the transition, the vendor is investing in migration technologies and accelerators that will ease the process of translating legacy data tables and structures, along with historic customizations and modifications, to the cloud platform. It's also important to provide integrations to other applications and data stores that customers have in place, or to add cloud functionality alongside ongoing on-premise instances

AI

Tom's Hardware - Linus Torvalds reckons AI is ‘90% marketing and 10% reality’

The Linux pioneer outlined his AI hype coping mechanism: "So my approach to AI right now is I will basically ignore it because I think the whole tech industry around AI is in a very bad position (grimaces)...” However, it seems like there is almost too much AI BS around for the Fin to tolerate, and it is currently “90% marketing and 10% reality.” That’s quite a ratio.

AI

AiThority - From Reactive to Proactive: How AI Can Revolutionize Identity Security

For too long, identity security has focused solely on secure authentication at the point of login or automating the user provisioning process. But what happens between access granted and access revoked? Changes in access and user profiles create a “messy middle” where security risks build up unchecked as permissions change, entitlements accumulate, and users traverse across roles and applications.

Security

ZDNET - Agentic AI is the top strategic technology trend for 2025

Gartner predicts that spending on software will increase 14% to reach $1.23 trillion in 2025, up from 11.7% growth in 2024. Meanwhile, spending on IT services is expected to grow 9.4% to $1.73 trillion in 2025, up from 5.6% in 2024.

Tech Trends

InfoWorld - A look at risk, regulation, and lock-in in the cloud

The threat here, if indeed it is a threat, is multifaceted. Firstly, financial implications can be significant. When a company heavily invests in a specific vendor’s ecosystem, the costs of migrating to a different provider, both in terms of money and resources, can be prohibitive. The reality is that any technology comes with a certain degree of lock-in. That is why I’m often amazed at enterprises that ask me for zero lock-in in any enterprise technology decision. It just does not exist.

Cloud

Network Computing - Mind the Gap: Organizations with High Cyber Risk Have These Five Security Gaps in Common

Failing to protect backups – the last line of defense – can be costly. According to Sophos, 94% of organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack. A backup strategy is important to quickly recover and lower the likelihood of paying the ransom. It also increases a business’s resilience and improves the time it takes an organization to get back on its feet.

Security

Network World - AI networking draws a crowd at ONUG summit

“We recently did a complete build out at MIT, one of the key buildings, eight stories, multiple radios interfacing with the macro towers,” Sequeira said. “After going through the initial round of configuration, we used AI/ ML techniques to then do the day one configuration, and that brought down the implementation and configuration from a matter of weeks to a matter of four or five hours.”

Network Management

techradar - AI isn’t the cyber future - it’s the present

In the face of these evolving threats, the onus is on businesses to engage all its stakeholders including C-Suite and prioritize cyber resilience to ensure business continuity. It is not a case of if an attack happens, but when. Data is every organization's most important asset and if your data is secure, your business is resilient.

AI/Security

Forbes - What’s In Store For Tech Leaders In 2025?

Financial results from service giants like Accenture and Capgemini show that bookings for large deals are up, yet many digital transformations stall due to the complexity of coordinating with business, operations, HR, and IT leaders. Successful tech leaders will need to align closely with business peers, adapt quickly to changing market dynamics, and consider switching to co-innovation partners for better value orchestration.

IT Management

Information Week - Unlocking the Full Value of One of Your Organization’s Greatest Assets

Land, equipment, inventory, cash. When a business organization considers its assets today, there is an important rising star to add to that list: data. Sometimes its value lies in buying and selling it, but its greatest worth is increasingly determined by its usefulness to internal operations. The International Federation of Accounting, for example, has suggested that data can be worth up to 30% of a company’s market capitalization.

Data Management

CIO - IT pros: One-third of AI projects just for show

“You don’t have business leaders, or even IT leaders taking some basic AI literacy classes,” he says. “There’s some fundamental misunderstanding about what problems AI solves, and there needs to be a continuous curiosity and learning, not only from the IT professionals, but from the IT leadership and then the business executives that are expecting technology solutions to be delivered.”

AI

TechRepublic -  Threat Actors Are Exploiting Vulnerabilities Faster Than Ever

A zero-day vulnerability is an exploit that hasn’t been patched, often unknown to the vendor or the public. An N-day vulnerability is a known flaw first exploited after patches are available. It is therefore possible for an attacker to exploit a N-day vulnerability as long as it has not been patched on the targeted system.

Security

AiThority - Thoughtworks Technology Radar Finds Trend in Tools to Simplify LLMs for Practical AI Applications

While AI can be a powerful asset, it’s important to watch out for pitfalls such as overreliance, code quality issues and codebase bloat. It’s essential to maintain human oversight and strong engineering practices to ensure that AI complements rather than complicates development efforts. By adopting a balanced approach, organizations can harness the full potential of generative AI while mitigating its risks.

AI

Information Week - Jumping the IT Talent Gap: Cyber, Cloud, and Software Devs

In fact, understanding tech skills gaps is something many organizations struggle with -- just a third of executives surveyed said they completely understand their organization’s skills gaps, and 68% of technologists say that business leaders aren’t aware of their IT skills gaps.

Tech Jobs

CSO - Beyond ChatGPT: The rise of agentic AI and its implications for security

Like any new tool introduced into a system, it can also introduce new vulnerabilities. If, for instance, an agentic AI system is compromised, the decisions it makes autonomously could range from troublesome to disastrous and could include downstream effects.  

AI/Security

CIO Influence - New Study: Nearly Half of Companies Exclude Cybersecurity Teams When Developing, Onboarding and Implementing AI Solutions

“But cybersecurity leaders cannot singularly focus on AI’s role in security operations. It is imperative that the security function be involved in the development, onboarding and implementation of any AI solution within their enterprise – include existing products that later receive AI capabilities.”

AI/Security

TechRepublic - Can Security Experts Leverage Generative AI Without Prompt Engineering Skills?

To address these questions, researchers gave the same assignment to three groups: security experts with ISC2 certifications, self-identified prompt engineering experts, and individuals with both qualifications. Their task was to create cybersecurity awareness training using ChatGPT. Afterward, the training was distributed to the campus community, where users provided feedback on the material’s effectiveness.

Security

CIO Influence - Data Minimization: A Strategic Approach to Mitigating Insider Threats and Cybersecurity Risks

Data minimization is a principle that involves collecting, storing, and processing only the data necessary for specific business functions. It emphasizes limiting both the quantity and the duration of data retention—helping to reduce the “data sprawl” that makes organizations more vulnerable to breaches and insider threats.

Data Management

The Hacker News - Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

The conventional view of viewing identity security as primarily concerned with provisioning and de-provisioning access for applications and services, often in a piecemeal manner, is no longer sufficient. This view was reflected as a broad theme in the Permiso Security State of Identity Security Report (2024), which finds that despite growing levels of confidence in the ability to identify security risk, nearly half of organizations (45%) remain "concerned" or "extremely concerned" about their current tools being able to detect and protect against identity security attacks.

Security

CIO Influence - Protecting APIs at the Edge

API traffic is dynamic and stateful. API traffic often involves sensitive data exchanges, authentication processes, and backend system access. Each API request can be unique, involving user-specific parameters, tokens, or business logic, which require more than just basic DDoS protection or bot filtering. Traditional CDNs, although capable of mitigating volumetric attacks like DDoS, lack the fine-grained inspection capabilities needed to detect API-specific vulnerabilities such as injection attacks or unauthorized data access.

Security

Information Week - 10 Reasons Why Multi-Agent Architectures Will Supercharge AI

Companies are eager to move beyond using GenAI in improving employee productivity to tackle complex use cases but they’re mostly hitting a wall in the process. It won’t be until most or all of an organization’s technology is fully integrated by AI bots that the real magic will occur, let alone at scale.

AI

InfoWorld - Stopping the rot in AI spending opinion

When a company elects to build an AI application, they’re placing a lot of faith in large language models (LLMs) or other tools without much (if any) visibility into how the models yield results. This can be catastrophic for a company if it turns out their algorithms are persistently prejudiced against a protected class (ethnic minorities, etc.), misprice products, or cause other mishaps. Regulators and boardrooms are therefore paying more attention to so-called “algorithm conduct” to ensure AI delivers boom, not bust.

AI

ITPro Today - How to Build a Resilient Technology Workforce Model

CIOs need an adaptive workforce model that enhances IT's ability to deliver results and execute on digital initiatives using a mix of human talent and AI. Gartner has found that 60% of nonexecutive board of directors (BoD) said implementing digital initiatives is among their top five business priorities, and 89% of BoDs no longer see digital as a separate strategy; it's implicit in all business growth strategies. The ubiquity of digital in organizations reveals a critical need for a workforce who implements a CIO's digital agenda

IT Management

eWeek - How Can Generative AI Be Used In Cybersecurity? (Ultimate Guide)

Generative AI enhances threat intelligence by helping cybersecurity teams process large volumes of data more efficiently to prioritize potential threats tailored to your organization’s specific risk profile. It reduces the noise from generic alerts so security professionals can focus on the most urgent threats. By continuously learning from user interactions, generative AI becomes increasingly adept at finding anomalies that could indicate new or evolving threats.

Security

CIO Influence - Object First Research: 93% Of IT Professionals Say Immutable Storage is Essential to Protect Against Ransomware Attacks on Backup Data

According to the survey Object First conducted, research found that outdated backup technology (34%), lack of backup data encryption (31%), and failed data backups (28%) are the top vulnerabilities to attacks. Results also highlighted the importance of prioritizing immutability as part of security investments, with 93% of IT workers agreeing that since ransomware attacks target backups, immutable backup storage built on Zero Trust principles is now a must-have.

Security

ITPro Today - State of Observability 2024: Embracing OpenTelemetry for Better Insights

"To build a leading observability practice, that organization needs complete visibility across any environment and any stack, through shared insights across ITOps, engineering, and security teams to see how a problem originated."

Data/Analytics

InfoWorld - Is data gravity no longer centered in the cloud?

Stripped of its previously invincible allure, the cloud is experiencing a migration of its own as it is no longer deemed the default destination for data. Respondents in various surveys have pointed to the higher-than-anticipated expenses tied to migrating workloads as a key reason many organizations have reverted significant portions of their operations to on-premises environments.

Data Management

VentureBeat - Skills shortage persists in cybersecurity with many jobs going unfilled

One area that is particularly impacted is cybersecurity. A new report from CyberSeek found that there are only enough workers to fill 83% of available jobs. While there are 1.25 million workers in cybersecurity roles nationwide, around 265,000 additional workers are needed to fill current staffing requirements.

Tech Jobs

Network World - Has the time come for integrated network and security platforms?

“The message I got from the survey was that customers are operating in a world where there’s a massive proliferation of products, or applications, and that’s really translating into complexity. Complexity is equal to risk, and that complexity is happening in multiple places,” said Extreme Networks CTO Nabil Bukhari.

Network Security

CIO Influence - Deloitte’s Survey Shows Organizations Are Enhancing the CISO Role and Focusing on Cyber-Savvy Boards to Tackle Growing Security Threats.

The findings from Deloitte Global’s largest cyber-related survey to date show how decision-makers are shifting their responses to cyber threats. Among other strategies, businesses are increasing the responsibility and strategic influence assigned to chief information security officers (CISOs), promoting further involvement from the board on cybersecurity-related matters, and turning to measures like artificial intelligence (AI).

Security

Information Week - 6 Underutilized Cloud Services That Offer Benefits for IT

Consider an on-premises system deployment. You integrated and installed a new system, and you then would fine-tune it for performance and resource optimization. Automated cloud installations do some of the same things, but the automation doesn’t fully relieve you from finishing your own fine tuning. The “catch” is that you have to use cloud-furnished tools to do the fine-tuning. This means that your staff has to learn them.

Cloud

VentureBeat - The AI edge in cybersecurity: Predictive tools aim to slash response times

There are wide-reaching benefits to integrating AI into an operation’s cybersecurity posture. The lengthy list, which we’ll briefly cover here, does have one central theme — reaction time. The bedrock of the thought leadership behind using AI in the data protection sector involves reducing how long it would otherwise take to detect and expel hackers.

AI/Security

Network Computing - 6 Strategies for Maximizing Cloud Storage ROI

Deloitte analyzed anonymized data from several FinOps engagements to assess optimization efforts, finding that businesses can save up to 45% (15% on average) on cloud costs by optimizing across waste management, consumption management, and purchasing best practices levers.

Cloud

Information Week - How Cloud-Focused Upskilling Drives Business Growth

Recent data shows that roughly 90% of tech workers under the age of 25 are considering new career opportunities, underscoring the need for skilled cloud professionals. Without strategic intervention, organizations risk missing out on the talent and innovation required to thrive in today’s cloud-driven world.

Cloud

CIO - CIOs under pressure to deliver AI outcomes faster

The enterprise landscape is littered with Version 1.0 generative AI proof of concept projects that did not materialize into business value and have been dumped. While the industry remains in the early stages of uncovering and implementing AI use cases into business workflows, the blueprint for success remains elusive for many CIOs.

AI

The Hacker News - Acronym Overdose – Navigating the Complex Data Security Landscape

Take, for instance, the recent surge in AI development. Companies investing heavily in AI technology rely on their proprietary algorithms, data models, and research to maintain a competitive position. Losing control of this critical data can result in competitors gaining access to sensitive information, leading to lost revenue and diminished market share. As a result, protecting IP has become a key driver of data security initiatives.

Data Management

Network Computing - Domain-specific GenAI is Coming to a Network Near You

For example, while nearly one-third (32%) of organizations turned to Microsoft to implement AI-driven workflow automation, two-thirds (67%) used Mistral to drive security operations. And a staggering 92% relied on open-source models for content creation.

Network Management

CIO Influence - How to Stop AI From Fueling Insider Risk

Almost every major AI assistant was recently shown to be susceptible to attacks as well. Essentially, adversaries can see all data that passes between the algorithm and the user, even if it’s encrypted. Hackers can also infiltrate the large language models (LLM) that power generative AI. Feeding a model inaccurate data can lead to inaccurate outputs, which is known as data poisoning. The data used to train AI models may also be biased, which can negatively impact outputs as well.

AI/Security

VentureBeat - The human factor: How companies can prevent cloud disasters

The AWS operational review is a weekly meeting open to the entire company. Every meeting, a “wheel of fortune” is spun to select a random AWS service from hundreds for live review. The team under review has to answer pointed questions from experienced operational leaders about their dashboards and metrics. The meeting is attended by hundreds of employees, dozens of directors and several VPs.

Cloud

Geeky Gadgets - ChatGPT vs Copilot : AI Tools for Business Compared

Microsoft Copilot offers robust enterprise data security, which may be a deciding factor for businesses prioritizing data protection, whereas ChatGPT complies with GDPR and CCPA regulations

Automation & Productivity

TechRepublic - IBM: Enterprise IT Facing Imminent AI Agent Revolution

“We have a long way to go to get AI to allow us to do all these routine tasks and do it in a way that is reliable, and then do it in a way that you can scale it, and then you can explain it, and you can monitor it,” Ruiz told the crowd. “But we’re going to get there, and we’re going to get there faster than we think.”

AI

ZDNET - CIOs must also serve as chief AI officers, according to Salesforce survey

Even though the majority of chief information officers believe AI is a game changer, only 11% say they've fully implemented the technology, citing security and data infrastructure as their top impediment.

AI

Information Week - How to Reduce IT Downtime

It’s equally important to automate testing for infrastructure and application changes as much as possible. Ashmore suggests implementing real-time monitoring of telemetry data through security information and event management (SIEM) tools to actively identify issues and threats.  

IT Management

ITPro Today - Today's Most Valuable Network Certifications for IT Professionals

CCIE distinguishes itself as a practical, hands-on certification, proving a candidate's aptitude to manage challenging networking problems, Hartman says. "Globally, certified experts are regarded as top-notch personnel with the ability to construct and oversee most advanced networks."

Network Management

TechRepublic - Microsoft: Ransomware Attacks Growing More Dangerous, Complex

According to the report, attackers most often exploit social engineering, identity compromises, and vulnerabilities in public-facing applications or unpatched operating systems. Once inside, they often install remote monitoring tools or tamper with security products. Notably, 70% of successful attacks involved remote encryption, and 92% targeted unmanaged devices.

Security

Network World - Global cybersecurity talent gap widens

There are just enough workers to address 83% of the available cybersecurity jobs in the U.S., according to CyberSeek. While cybersecurity job demand has stabilized to pre-pandemic levels, AI-driven technology changes are altering the professional landscape for security professionals.

Tech Jobs

Information Week - Security at the Edge Needs More Attention

“I think we need to be very cognizant of the security principles that come into play in a cloud environment. Things like role-based access, least privilege, allowing people in the organization the ability to do things that may present risk to us, like creating a computer, a server and exposing it to the internet, adding services that are public exposed, or creating a storage bucket that we put that in that's exposed to everyone on the internet by default.”

Security

Forbes - Eliminating Zombie Servers Could Save Billions

“Digital twins" in this context simulate the characteristics and performance of data centers operating in the real world. Of course, just having an exact physical or digital replica of a complex system isn't enough. A twin becomes transformational when it can be paired with computer simulations of physical systems and when it is used to drive institutional change. With data centers adding power-hungry GPUs to run AI, the timing of the data center twin couldn’t be better.

Data Management

Microsoft Digital Defense Report 2024

Chapter 1 highlights the increasing complexity of the global cyber threat landscape, driven by sophisticated nation-state actors, rising ransomware attacks, evolving fraud tactics, persistent phishing threats, and new challenges in identity security. Insights from this chapter underscore the urgent need for proactive and multi-faceted cybersecurity strategies.

Security

The Washington Post - Government agencies should embrace the cloud; here’s how they can do it

Just like riding a bus, rather than driving a car, the cloud uses less energy per occupant and achieves the same result. The cloud model also allows agencies to scale compute resources up or down, depending on demand. This not only provides a cost benefit, it can reduce energy waste. “It allows the government to be a good steward of the environment,” s

Cloud

Forbes - Revolutionizing Cyber Awareness: How Human Risk Management Will Break The Plateau Of The Cyber Awareness Space

These challenges have driven analysts to rethink the approach to managing human risk, leading to the emergence of a new space recently named "human risk management (HRM)," as highlighted by Forrester. This new paradigm shifts away from the outdated S&T risk model. It emphasizes the need for a more adaptive approach that aligns risk mitigation with individual behaviors rather than applying a generic, one-size-fits-all solution to address human-inflicted risk.

Security

Dark Reading - Why Your Identity Is the Key to Modernizing Cybersecurity

Today, those technologies are coalescing around a modern vision for what is, at its heart, one of our most ancient security solutions: our own unique identity. Let's take a look at how a modern version of this ancient solution can help protect our digital lives.  

Security

Network Computing - User Experience and IT Automation: 3 Enduring Lessons from Apple’s MDM Journey

IT automation is at the top of many enterprises' minds today. Implementing it efficiently can be challenging. However, enterprises may be able to get some guidance from an unlikely source. Specifically, what can we learn from Apple's own automation journey in mobile device management (MDM), the invisible yet critical technology that enables enterprise organizations to seamlessly manage, secure, and update thousands of devices remotely?

Mobile Management

Dark Reading - Why Your Identity Is the Key to Modernizing Cybersecurity

If your organization doesn't have this kind of identity-centric zero-trust model in place today, moving to an AI future is going to be risky and challenging. When you deploy a large language model (LLM) assistant, it becomes incredibly easy for employees to find content from across all your  documents and files, even the ones you didn’t know they had rights to access.  

Security

InfoWorld - Why are we still confused about cloud security?

A prevalent issue is publicly exposed storage, which often includes sensitive data due to excessive permissions, making it a prime target for ransomware attacks. Additionally, the improper use of access keys remains a significant threat, with a staggering 84% of organizations retaining unused highly privileged keys. Such security oversights have historically facilitated breaches, as evidenced by incidents like the MGM Resorts data breach in September 2023.

Cloud

sdxCentral - Will AI demand cause a cloud religion war?

This architectural shift will happen as enterprises look to bolster those foundational models with more specific data to fine tune their AI platforms. This will move from running AI enhancement models within an enterprise firewall to running inferencing at the network edge.

AI/Cloud

CIO Influence - AI Report Finds 74 Percent of Cybersecurity Leaders Aware of Sensitive Data Risks

According to a newly released report from Swimlane, a concerning 74% of cybersecurity decision-makers are aware of sensitive data being input into public AI models despite having established protocols in place. The report, “Reality Check: Is AI Living Up to Its Cybersecurity Promises?”, reveals that the rush to embrace AI, especially generative AI and large language models, has outpaced most organizations’ ability to keep their data safe and effectively enforce security protocols.

AI/Data

VentureBeat - What open-source AI models should your enterprise use? Endor Labs analyzes them all

Endor Labs’ new platform uses 50 out-of-the-box metrics that score models on Hugging Face based on security, activity, quality and popularity. Developers don’t have to have intimate knowledge of specific models — they can prompt the platform with questions such as “What models can classify sentiments?” “What are Meta’s most popular models?” or “What is a popular voice model?”

AI

CIO Influence - Gigamon Survey Reveals CISO Priorities for 2025 Amid Budget Pressures and Rising Cyber Threats

Despite global information security spending projected to reach $215 billion in 2024, nearly half (44 percent) of CISOs surveyed reported they were unable to detect a data breach in the last 12 months using existing security tools. CISOs identified blind spots as a key issue, with 70 percent of CISOs stating their existing security tools are not as effective as they could be when it comes to detecting breaches due to limited visibility.

Security

ITPro Today - How to Bridge the Data Skills Gap Through Self-Service Analytics

Empowering employees, not just those with just technical backgrounds, to use self-service analytics tools is vital. Data literacy is essential for everyone to truly enable informed decision-making that aligns with the business' goals.

Data & Analytics

Network Computing - How NaaS is Reshaping Enterprise Connectivity

In the ever-evolving landscape of enterprise technology, a seismic shift is underway. Network as a Service (NaaS) is not just another IT trend; it's a fundamental reimagining of enterprise connectivity that's reshaping the digital landscape. As a veteran with over a decade in networking, I've witnessed numerous technological shifts, but none as transformative as the rise of NaaS.

Network Management

InfoWorld - How to leverage APIs for IT-enabled information capability

In the past, discovering existing APIs within an organization often felt like archaeology — digging through legacy systems, documentation, and code bases to unearth reusable components. Some have (maybe just me) even referred to themselves as the resident chief archaeologist, sifting through layers of code in search of hidden treasures. This manual approach is time-consuming and inefficient, akin to wandering the mall without a map.

IT Management

CIO Influence - Simplifying IT Operations with AI Triggers Windfall for Enterprises

When you have dozens or even hundreds of storage arrays and you have tens to hundreds of petabytes in your environment, you need AI intelligence within the infrastructure, along with intelligent pieces that plug into broader management tools, as part of broader AIOps capabilities. The more you can get automated and the more you can use AIOps to not think about the mechanics of your organization’s infrastructure, the better off you and your enterprise will be.

IT Management

Information Week - IT Versus OT: Do CIOs Have To Do Both?

These user systems are known as OT, or operational technology, because they are intended to meet a specific operational need in the business. They may even do it in “standalone,” non-integrated fashion. They are not intended to be broad-based information repositories for systems that everyone needs, and that require IT involvement.

IT Management

Computerworld - More than one-third of cloud environments are critically exposed, says Tenable

A breakdown of exposed storage telemetry revealed that 39% of organizations have public buckets, 29% have either public or private buckets with overprivileged access, and 6% have public buckets with overprivileged access.

Security

CIO Influence - Automating Web App Security to Combat Rising Cyber Threats

Automating application security has become a strategic necessity in the face of increasingly sophisticated cyber-attacks and security incidents. By integrating automation into your security processes, such as using automated penetration testing tools, organizations can proactively combat evolving cyber threats, accelerate application development, ensure compliance with regulatory standards, and optimize the use of internal resources.

Security

AiThority - How Federal Agencies Are Achieving Zero Trust With Automation

Oak Ridge has over 6,000 employees worldwide and highly sensitive initiatives within its remit, making security foundational to its operations. By employing no-code tools, ORNL was able to increase the number of team members who could manage automations and reduce the mean time to resolution for security incidents — an especially important requirement, given that active-duty and reserve personnel were often deployed for months at a time.

Security

Dark Reading - Building Cyber Resilience in SMBs ​With ​Limited Resources

The most successful cyberattacks exploit the gaps in an organization's cyber-risk strategy. For SMBs, these gaps frequently are the result of constrained resources, limited access to skilled talent, and a reactive approach to cybersecurity. In my conversations with customers and business partners, it's clear that while the concern for cyber-risk is universal, SMBs are often the least equipped to address these risks independently.  

Security

Computerworld - Big shift in IT employment shows new skills are needed

More than 78,000 IT pros were hired in September, cutting into the backlog of unemployed. “IT Pros who were unemployed last month found jobs more quickly than was anticipated, as CIOs rushed to fill open positions,” said Janco CEO Victor Janulaitis. “Our analysis predicts the same will be the case for the next several months.”

Tech Jobs

TechRadar - Navigating cloud migrations: entering the multi-cloud era

Given how prevalent it is, you might be forgiven for thinking that everything is in the cloud today. But according to the latest research from the Cloud Industry Forum (CIF), the average amount of IT infrastructure hosted in the cloud by any one company is currently hovering around 50%. In fact, only 7% of organizations currently have more than 80% of their infrastructure in the cloud – but at the other end of the spectrum, only 8% of businesses have less than 20% of their IT in the cloud.

Cloud

Dark Reading - CISO Paychecks: Worth the Growing Security Headaches?

The average CISO now earns $403,000 in annual compensation — including salary, bonuses for reaching specific goals, and equity, such as stock options — representing a 6.4% increase over the past 12 months, according to IANS Research's "2024 CISO Compensation Report" published on Oct. 2. However, changes to the threat landscape frequently put business operations under attack, the responsibility for which falls on the shoulders of the CISO, especially following rules issued by the Securities and Exchange Commission (SEC) that requires CISOs to determine whether a breach is material within four days of discovery.

Security

Network Computing - Top 5 Container Security Mistakes and How to Avoid Them

Containers are like Pandora’s box – powerful but packing unpredictable dangers inside. One cracked lid is all it takes to unleash chaos from compromised environments into business-critical systems. And yet, most rush towards containers to accelerate deployment without planning for the insecurities they introduce. Don’t be like the careless majority – avoid the pitfalls that have led other container adopters into the breach headlines again and again.

Security

SiliconANGLE - Microsoft highlights escalating cyber risks in education: 2,507 attacks per week

The report, based on telemetry data from Microsoft Defender for Office 365 and 78 trillion daily security signals processed by Microsoft across various platforms, found that educational institutions face an alarming average of 2,507 cyberattack attempts each per week. The number places education as the third most-targeted industry in the second quarter of this year

Security

CIO Influence - CIOs Sound Alarm on Network Security as a Top Priority as AI Fuels New Risks and Challenges

More organizations are transitioning their network to the cloud to help streamline IT efficiency and lower TCO with 36% of respondents listing a seamless transition to cloud networking as one of their top three priorities. In tandem, there is a growing trend toward platformization, reflecting the need for a unified and scalable solution that can integrate multiple embedded components within a single, manageable user experience. CIOs overwhelmingly desire a single platform to incorporate GenAI and security into their network operations.

IT Management

CIO Dive - AI adoption drives ‘unmanageable’ spike in cloud costs

Nearly three-quarters of respondents said the AI boom has made cloud bills “unmanageable,” the report found. “The cloud’s hidden costs and unpredictable invoices can become the silent killer of GenAI,” said Chris Ortbals, chief product officer at Tangoe.

Cloud

InfoWorld - Embracing your inner on-premises self

In a significant development in the cloud computing industry, AWS, a leading hyperscaler, has recently acknowledged considerable competition from on-premises IT solutions. This admission counters the longstanding belief that enterprises seldom revert to on-premises systems once they transition to the cloud.

Cloud

Diginomica - Public sector, health and education lead CIO recruitment

There appear to be plenty of opportunities available to digital leaders with a track record of delivering implementations and change. It will be interesting to watch whether the momentum continues or if the final big election of 2024 will slow appointments down.

Tech Jobs

Computerworld - Google Workspace vs. Microsoft 365: What’s the best office suite for business?

That’s where this piece comes in. We offer a detailed look at every aspect of the office suites, from an application-by-application comparison to how well each suite handles collaboration, how well their apps integrate, their AI capabilities, pricing, support, and more. Our focus here is on how the suites work for businesses, rather than individual use.

Automation & Productivity

Information Week - It’s Different IT: Tech Support for Remote Users

Last year, six of the 10 most common security breaches that were cited by Splunk required end-user engagement for them to happen.  Phishing, malware injections, social engineering, and the creation and sharing of weak passwords were among them.

IT Management

ITPro Today - IT Pros Weigh Salary, Flexibility, and Mental Health as Burnout Looms

Somewhat surprisingly, especially considering how much IT pros said they value a flexible work schedule, overall work-life balance, at 24%, didn't even break into the top 10 priorities for IT pros. In comparison, last year, at 45%, work-life balance held the top spot, ahead of even base pay.

Tech Jobs

Network Computing - How Are AI and Automation Impacting Modern Network Demands?

With the black box models, we really don't know what they carry. There has been a lot of emphasis on open-source predictive AI models, including open-source GenAI models. We don't know where they get injected with what.

Network Management

Information Week - Avoiding GenAI Disillusionment to Make Magic in the Cloud

AI shortcomings are often caused by cloud infrastructure that just isn’t capable of powering GenAI research and development. With the right resources, you can cull value from unstructured data to strengthen decision-making, fortify product quality, bolster marketing, raise customer experiences and identify industry trends. The potential is endless -- as long as the organization’s environment is optimized for AI.

AI

VentureBeat - How open-source LLMs enable security teams to stay ahead of evolving threats

Open-source models gaining traction in cybersecurity include Meta’s LLaMA 2. LLaMA 3.2, Technology Innovation Institute’s Falcon, Stability AI’s StableLM, and those hosted by Hugging Face, including BigScience’s BLOOM. All of these models are seeing growing adoption and use, thanks in large part to their greater cost-effectiveness, flexibility and transparency.

AI/Security

Information Week - CIOs Lessons From Disney’s Post-Breach Decision To Leave Slack

In July, hacking group NullBulge leaked 1.1 terabytes of data that it claims to have gained from Disney via Slack. Business Insider reported recently -- based on an internal Disney memo -- the entertainment giant intends to make a switch in response. The company is reportedly moving to Microsoft Teams.  

Security

VentureBeat - Why MFA alone won’t protect you in the age of adversarial AI

One of the greatest threats to MFA is social engineering or more personalized psychological tactics. Because people put so much of themselves online — via social media or LinkedIn — attackers have free reign to research anyone in the world.

Security

InfoWorld - Why cloud security outranks cost and scalability

As businesses integrate cloud computing, they grapple with escalating complexity and cyberthreats. To remain agile and competitive, they embrace cloud-native design principles, an operational model that allows for independence and scalability through microservices and extensive API usage. However, this does not come without its challenges.

Cloud

FedScoop - Federal cyber officials search for funding solutions to keep up with growing demands

“That’s really where we’re trying to go in the future,” she continued, “where you might only be able to make an incremental investment based on your budget situation, working with the program so that these things are working in concert. And that we’re helping build towards your own cyber stack and not a competing set of tooling that’s tied into CDM.”

Security

ITPro Today - We’re Worried About Deepfake Voice Scams. How Do We Protect Employees?

Interestingly, a phone scammer doesn’t need to impersonate a specific person to hide their identity. There are tools designed originally for video editing that can make the user’s voice sound totally different. A voiceover artist, for example, might use such a tool to give themselves distinct accents or disguise their age and gender, making themselves sound like a 6-year-old girl or an older man.

Privacy/Security

Forbes - Tech Experts Explain How To Maximize SaaS Investments

There are two key principles in SaaS selection: Less is more, and make room for innovation. Make the trade-off of giving in to a little vendor lock-in for consolidating your stack, simplifying operations, maximizing your investment and reducing complexity. This strategic consolidation frees up resources, allowing your business to reserve alternative cutting-edge products for your most innovative departments.

Vendor Management

TechBullion - How to Choose the Right Cybersecurity Certification Based on Your Career Goals

By following these guidelines and taking a strategic approach, you can find the certification that aligns with your aspirations. Whether you aim to work in network security, ethical hacking, or another area of cybersecurity, there is a certification that can help you achieve your goals. Don’t forget to consider certifications like OffSec, especially if you are interested in hands-on penetration testing and offensive security skills.

Tech Jobs

Infosecurity Magazine - Cybersecurity Spending on the Rise, But Security Leaders Still Feel Vulnerable

The more technologies an organization deploys, the more it must protect. This provides more opportunities for attackers to find gaps in defenses. According to Red Canary’s research, 73% of security leaders say their attack surface has widened in the past two years, by an average of 77%.

Security

Information Week - Dust Bunnies on the Attack: Datacenter Maintenance Issues Pose Security Threats

It’s more fun to wield artificial intelligence and other advanced security tools against headline-making security threats. But it’s more common that the boring, everyday stuff will take down a company’s datacenters and networks. For example, InformationWeek’s new 2024 Cyber Resilience Survey Report revealed hidden security threats like “aging tech, dirty environments, especially dust” lurking in datacenters.

Security

Network Computing - Is Network-as-a-Service Your Golden Ticket?

It is a management process when you're talking about wide area networks and local area networks and devices on the networks. Figure out where these people are and make sure that when somebody leaves, all their equipment comes back, and those lines get shut down.

Network Management

cyberdaily - The industry speaks: Cyber Security Awareness Month 2024

Automation will change the IT workforce for the better by leading to reduced human error, lowering burnout rates, and improving work/life balance. For example, most patching today needs to happen outside of regular working hours due to systems having to be shut down for hours at a time. With automated patching, this would no longer be the case, leading to happier, more productive teams that are less likely to make mistakes that could cost their company millions.

Security

Dark Reading - Overtaxed State CISOs Struggle With Budgeting, Staffing

Among all 51 US state CISOs surveyed in the Deloitte/NASCIO report, many report an expansion of their responsibilities with regard to protecting data privacy, risk management, and more. At the same time, plenty report having insufficient funds and personnel for actually handling those responsibilities.

Security

Network World - Network jobs watch: Hiring, skills and certification trends

There’s a new genAI certification from Certiport, a Pearson VUE business. This week the provider unveiled its Generative AI Foundations certification, which is designed to equip professionals and students with the skills needed to work with genAI technologies.

Tech Jobs

Information Week - How to Rein in Cybersecurity Tool Sprawl

Cybersecurity tools are often highly privileged, and threat actors are wise to the potential value in targeting security vendors. The consequences of a successful breach of a security vendor can spill outward and impact its customers. Three-quarters of third-party breaches focus on the software and technology supply chain, according to cybersecurity ratings company SecurityScorecard.  

Security

Network Computing - Everyone Has a Service Recovery Plan Until They Don’t

That situation is starting to change as enterprises (and users) look to the sky. Specifically, there is growing interest in the use of satellite services to support offices and users in remote locations not served by terrestrial broadband services. Those services can also play a critical role in disasters.

Network Management

The Hacker News - 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

The e-guide addresses the growing concern that unrestricted GenAI usage could lead to unintentional data exposure. For example, as highlighted by incidents such as the Samsung data leak. In this case, employees accidentally exposed proprietary code while using ChatGPT, leading to a complete ban on GenAI tools within the company. Such incidents underscore the need for organizations to develop robust policies and controls to mitigate the risks associated with GenAI.

AI/Security

InfoWorld - How to succeed with Kubernetes

Incorporating testing, experimentation, and learning stages allows organizations to evaluate the cloud-native computing landscape and find optimal tools and workflows to meet their needs. “No one wants to find themselves in the position of having to, say, swap their container network provider on a production cluster with a live service,” says Killen.

Cloud

CSO - Cyber resilience becoming extremely difficult amid Gen AI upgrades

The study found that the top four cyber threats observed as most concerning by the enterprises, which include cloud-related threats, hack-and-leak operations, third-party breaches, and attacks on connected devices, are the ones they admitted to be the least prepared for.

AI/Security

TechBullion - Understanding CNAPP: A Comprehensive Guide to Cloud-Native Application Protection Platforms

CNAPP is an integrated set of security and compliance capabilities designed specifically for protecting cloud-native applications throughout their lifecycle. It combines various security functions, including cloud security posture management (CSPM), cloud workload protection platforms (CWPP), and application security, into a unified platform.

Security

Network Computing - SOC Automation for Incident Response

SOC automation is fast becoming a business necessity. Modern SOCs manage a vast number of alerts, tools, and endpoints, and security teams simply cannot keep up. This has a significant impact on organizational security: a 2024 study from IBM found that nearly half of security professionals say the average time to detect and respond to an incident has increased over the past two years.

Security

Information Week - What Will Be the Next Big Thing in AI?

A major upgrade from current chatbots, autonomous AI agents can use digital tools to access databases, deploy various software applications, and analyze real-time data. "This allows them to interact with different environments, adapt to new situations, and make a broad range of decisions autonomously," Meyzin says. Current AI agents require some level of human feedback and oversight. "In the future, as agents become even more advanced, they will approach complete autonomy."

AI

Diginomica - Tercera 30 offers a snapshot of technology services in flux

A static, value-conscious market where contract sizes are getting smaller isn't healthy for established players. But it's not necessarily bad news if you're looking for growth opportunities. Back in the mid-2000s, the contraction after the dot-com bust actually helped Salesforce get established, because enterprises were looking for low-cost ways to improve their sales performance, and its cloud offering did the job. The trick now is to identify similar needs and get on board with the up-and-coming vendors that will serve them best

Vendor Management

Network Computing - Preparing the Network for the Surge in AI Workloads

Yes, that's what all that talk about repatriation really means. If workloads are coming home, they need a place to stay and hallways to roam around in the middle of the night. Our own research indicates a significant rise (from 13% in 2021 to 50% in 2024) of organizations that have or plan to repatriate workloads.  

Network Management

Diginomica - How enterprises are reducing generative AI hallucinations

One of the most interesting aspects of the event was the diversity of ways of infusing gen AI capabilities into new app experiences. Some examples include improving product content management, financial service experiences, customized tour guides, collaborative whiteboards, recruiting, and better tutors. Across all of these use cases, it's sometimes used to generate new content. It's also used to summarize and customize the display of specific content elements for different users or personas.

AI

SiliconANGLE - From LLMs to SLMs to SAMs, how agents are redefining AI

Moreover, we see LLMs and SLMs evolving to become agentic, hence SAM – small action models. In our view, it’s the collection of these “S-models,” combined with an emerging data harmonization layer, that will enable systems of agents to work in concert and create high-impact business outcomes. These multi-agent systems will completely reshape the software industry generally and, more specifically, unleash a new productivity paradigm for organizations globally.

AI

Fast Company - The confidence crisis in cybersecurity departments

But if the attack landscape looks so threatening, why are 74% of security professionals still confident in their ability to detect and respond to cyberattacks in real time? What’s more startling: Confidence rises the closer you get to the corner office. Eighty-one percent of C-suite security leaders report a high degree of faith in their current cyber posture compared with only 66% of their frontline security managers.

Security

VentureBeat - AI’s middle layer still needs powerful hardware

The answer is that hardware’s role is to support frameworks like LangChain and the databases that bring applications to life. Enterprises need to have hardware stacks that can handle massive data flows and even look at devices that can do a lot of data center work on device.

AI

Network World - 10-year forecast shows growth in network architect jobs while sysadmin roles shrink

“The growth of computer and mathematical occupations is expected to stem from demand for upgraded computer services, continued development of artificial intelligence (AI) solutions, and an increasing amount of data available for analysis,” the BLS stated. “In addition, the number and severity of cyberattacks and data breaches on U.S. businesses is expected to lead to greater demand for information security analysts.”

Tech Jobs

InfoWorld - Is it possible to save money and run on a public cloud?

Based on the hype, you would think that enterprises are scurrying off cloud platforms like rats from a sinking ship. The reality is much more nuanced. According to Andover Intel research, only about 9% of enterprises have moved applications out of the cloud. They also found that less than 3% of enterprises see any reason for cloud repatriation other than cost, although more than half expressed some disappointment with higher than-anticipated cloud costs.

Cloud

CIO Influence - SettleTop Report Reveals Only 5Percent of Companies Employ a Senior Software Risk Leader Reporting to Management

Software has been fundamental in driving productivity and revenues for many years. Yet, challenges can arise when software is not properly assessed, monitored and maintained. This creates an enormous burden on an organization to gain visibility into the ever-changing risk profile within one’s software supply chain, particularly as an organization’s technology stack becomes increasingly more complex with new technologies being introduced such as artificial intelligence (AI) and machine-learning (ML) tools. Even with data breaches and ransomware events on the rise, most organizations today still prioritize revenues and capabilities over risk.

Risk Management

The Hacker News - Cybersecurity Certifications: The Gateway to Career Advancement

The financial rewards of cybersecurity certifications are tangible and significant. The report indicates that 37% of respondents received a salary increase after obtaining certifications, with 58% rewarded within three months of certification. Moreover, 35% reported raises of more than 20%, illustrating that the value of certifications is recognized and rewarded by employers in a relatively short timeframe.

Tech Jobs

yahoo!news - The evolution of phishing: How AI is reshaping digital deception in 2024

Spear phishing targets specific individuals or organizations. AI has enhanced this technique, allowing hackers to employ data analytics to create detailed profiles of potential victims. AI then scrapes public information from social media, professional sites and other accounts. The end result: messages virtually identical to those from trusted sources.

Security

Forbes - Cyber Solutions Are Not One-Size-Fits-All: Create A Personalized Strategy

According to Mimecast’s recent Threat Intelligence Report, attackers are diversifying their hacking tactics to better convince users to act. This includes using branding to fool users into trusting spam and phishing attacks and taking advantage of the popularity of QR codes to send users to malicious websites or download faulty files—creating an entry point to execute their attacks.

Security

VentureBeat - Cloud, edge or on-prem? Navigating the new AI infrastructure paradigm

As they face this conundrum, more and more enterprises are seeing hybrid models as the way forward, as they can exploit the different advantages of what cloud, edge and on-prem models have to offer. Case in point: 85% of cloud buyers are either deployed or in the process of deploying a hybrid cloud, according to IDC.

AI/Cloud

Computerworld - Kandji offers up its take on AI to Apple

The best way to understand this AI tool is as an intelligent machine that works with Kandji’s Prism, which provides insights into device fleets using syntax-based query search. What Kai adds is that admins can ask questions in ordinary language to generate responses or reports as needed. “It’s built to understand what you need,” said Dodd.

IT Manageemnt

VentureBeat - Building and securing a governed AI infrastructure for the future

Any business looking to scale AI safely must continually look for new ways to strengthen the core infrastructure components. Just as importantly, cybersecurity, governance and compliance must share a common data platform that enables real-time insights.  

AI

Network World - Network jobs watch: Hiring, skills and certification trends

Recent data from the U.S. Bureau of Labor Statistics (BLS) shows that while there will be growth for many IT positions between now and 2033, some network and computer systems administrator roles are expected to decline. The number of computer network architects will climb 13.4%, and computer network support specialists will see a 7.3% gain in jobs. Network and computer systems administrators will see a decline of 2.6%, however.

Tech Jobs

Information Week - How Can CIOs Prepare for AI Data Regulation Changes?

They also want to safeguard people’s privacy and security and basic human rights. For example, the EU’s Artificial Intelligence Act bans emotional recognition in the workplace and schools, preventing employers from possibly using AI to assess if workers are happy with their jobs or planning to leave. Social scoring mechanisms, like those rumored to be used in parts of China, are also outlawed.

Data Governance

ITPro Today - ERP Skills Outpace AI in 2024 as Demand for IT Strategy Soars

"The range of projects we see includes everything from leading a full-scale implementation and transformation to platform evaluations and strategic assessments to configuration and optimization of specific modules within the platforms," she said.

Tech Jobs

InfoWorld - What you need to know about AI governance

“You can use whatever AI tool you want to experiment in any way you want, using whatever data you want,” said no company executive ever. Executive leaders are focused on ensuring AI efforts target business opportunities while avoiding risks. Even the most cautious leaders are reluctant to ban AI outright, however, because failing to deliver AI-driven transformational outcomes risks business disruption.

AI Ethics

VentureBeat - Adversarial attacks on AI models are rising: what should you do now?

HiddenLayer’s earlier study found that 77% of the companies identified AI-related breaches, and the remaining companies were uncertain whether their AI models had been attacked. Two in five organizations had an AI privacy breach or security incident of which 1 in 4 were malicious attacks.

AI/Security

Network World - Gartner: Network automation to increase threefold by 2026

The research firm also noted in its latest Hype Cycle for I&O Automation that during the same timeframe, 50% of enterprises will use AI functions to automate “day 2” network operations, compared with fewer than 10% in mid-2023. Day 2 operations include tasks that are performed following a software deployment and are focused on maintaining software reliability, availability, and performance—such as monitoring performance, installing upgrades, updating systems, and performing routine maintenance.

Network Management

The Hacker News - Passwordless AND Keyless: The Future of (Privileged) Access Management

SSH keys are access credentials in the Secure Shell (SSH) protocol. In many ways, they're just like passwords but functionally different. On top of that, keys tend to outnumber passwords, especially in long-standing IT environments, by the ratio of 10:1. While only some passwords are privileged, almost all SSH keys open doors to something valuable.

Security

TechStartups - Aembit Unveils 2024 Survey Report Highlighting Major Gaps in Securing Non-Human Identities

Aembit, the non-human identity and access management (IAM) company, today released its 2024 Non-Human Identity Security Report, a definitive survey highlighting how organizations currently manage and protect non-human identities (NHIs) – such as applications, scripts, and service accounts. The report reveals a stunning, widespread reliance on outdated methods and manual practices that fail to provide adequate protection against the reality of increased NHI-focused breaches.

Security

CSO - Companies skip security hardening in rush to adopt AI

Security analysis of assets hosted on major cloud providers’ infrastructure shows that many companies are opening security holes in a rush to build and deploy AI applications. Common findings include use of default and potentially insecure settings for AI-related services, deploying vulnerable AI packages, and not following security hardening guidelines.

AI/Security

Information Week - How to Avoid Common AI Newbie Mistakes

Underestimating AI's complexity generally results in projects that fail to deliver expected results. "This can lead to wasted resources, both in terms of time and money, and can create a sense of disillusionment with AI technologies within the organization," Rodriguez warns. "Additionally, this failure can erode trust in AI initiatives and make it more difficult to secure buy-in for future projects."

AI

Tech Startups - SpyCloud Unveils Massive Scale of Identity Exposure Due to Infostealers, Highlighting Need for Advanced Cybersecurity Measures

“Our latest findings reveal a critical shift in the cybersecurity landscape,” said Damon Fleury, chief product officer at SpyCloud. “Infostealers have become the go-to tool for cybercriminals, with their ability to exfiltrate valuable data in a matter of seconds, creating a runway for cyberattacks like ransomware off the vast amounts of stolen access to SSO, VPN, admin panels, and other critical applications.”

Security

ZDNET - The best secure browsers for privacy: Expert tested

The best secure browsers provide you with privacy tools, third-party ad blockers, VPNs, and a pledge never to sell your data. Here are the best options on the market.

Privacy

CIO Influence - Top Trends in Mobile Technology for 2025: Shaping the Future of Connectivity and Innovation in Workforces

AI will become central to mobile devices, making them smarter and more intuitive. By 2025, AI will understand user habits and preferences, offering personalized experiences and transforming how we interact with technology. AI will automate routine tasks, enhance decision-making, and increase productivity in the workplace.

Mobility

SiliconANGLE - API and bot attacks cost businesses $186M annually, new report finds

Enterprises with revenue of more than $1 billion were found to be two to three times more likely to experience automated API abuse by bots than small or mid-size businesses. Large companies were found to be particularly vulnerable to security risks associated with automated API abuse by bots because of complex and widespread API ecosystems that often contain exposed or insecure APIs.

Security

Network Computing - Harnessing Packet Data to Stop Evolving AI Cyber Threats

Compared with traditional packet filters, advanced NDR technology explores a much wider range of information, including not just the header but also the data or payload that the packet is carrying, and requires packet probes to monitor access of both internal (East-West traffic) and external (North-South traffic) communication paths. These paths include all the data routes within an enterprise's network (internal) and those that connect the enterprise to the outside world (external).

Security

Forbes - The Enduring Impact Of AI On The Cybersecurity Market Rebound

“We created something that doesn’t care about the vector or file of attacks,” Weingarten said. “This was novel back in the day—no payloads, no files—that’s where behavioral analysis was boring. But our thesis was simple: if you’re a malicious hacker, you can hide all you want but you will exhibit malicious behaviors that will eventually be detected.”

Security

InfoWorld - Overcoming AI hallucinations with RAG and knowledge graphs

For example, imagine you have implemented a chatbot service that can call on your product data to answer customer queries. You have turned your catalog of widgets into vector data, but those widgets are all very similar. When your customer queries the chatbot, how can you make sure that the response you deliver is accurate, even with RAG in play? What if your catalog contains links to other documents with additional context? Making a recommendation or serving up a query that is inaccurate will affect that customer interaction.

AI

eWeek - 6 Best LLMs (2024): Large Language Models Compared

A note on parameters: Though greater parameter size does typically signal higher accuracy of an LLM, remember that you can fine-tune most of these AI tools on your own company-, task-, and industry-specific data. Also, some AI companies offer several LLM models, differing in size, with the lower-parameter versions on the lower end of the pricing scale.

AI/LLM

AiThority - Risk in Focus: What Enterprises Should Implement, Before Adopting Open-Source AI

But while the magnifying potential of AI and OSS converges productively across most use cases and concerns, this nexus is a critical focus for risk management as data breaches are top of mind for consumers. According to the U.S. Internet Crime Complaint Center, the reported number of data breaches tripped between 2021 and 2023, suggesting recent trailblazing technological developments have not hampered malicious activity.

AI

Information Week - Take a Look at Follow-the-Sun IT

“The follow-the-sun development approach worked great for us,” he said. “By the time we came to work in the morning, all of the fresh code from the outsource company was sitting on our desktops, ready to be reviewed and QA’d. This saved us man-hours of tedious work, and really uplifted staff morale.”

IT Management

InfoWorld - 3 common misconceptions around biometrics and authentication

FIDO2 is an open authentication standard that enables passwordless login to online services using public key cryptography. This decentralized authentication model uses public-private key pairs to verify a user’s identity with what-you-have-or-are methods like hardware keys, passkeys, and biometrics.

Security

CIO Influence - The Cloud + Remote Access Platforms = Your Key for Securing Generative AI

When paired together, building a solution that isolates your organization from Generative AI tools is possible, and the solution starts to resemble browser isolation, which many organizations implement today. This article looks at the parallels between AI isolation and browser isolation, and how the considerations used to design successful implementation of that latter inform design decisions for the former, to help organizations implement stringent security and safeguard data.

AI/Security

InfoWorld - When your cloud strategy is ‘it depends’

The company’s commitment to Azure didn’t actually slow their pace of AWS adoption. Partly because of technology: Developers within the company needed the services AWS provided, so even as they invested in Azure for some workloads, they kept spending on AWS for others. Partly because of people: Those same developers were more familiar with AWS services and so they kept building with it.

Cloud

CIO Influence - How to Balance Trust and Risk in Modern Identity Management

Traditional security measures like multi-factor authentication (MFA) and encryption are foundational, but they are not foolproof. Adversaries are increasingly leveraging AI-driven attacks to exploit identity data, conducting large-scale identity theft, phishing, and credential-stuffing attacks at unprecedented speeds. Organizations need to employ AI and machine learning to detect and respond to these anomalies in real time, adapting to threats before they exploit vulnerabilities.

Security

VentureBeat - Microsoft’s Windows Agent Arena: Teaching AI assistants to navigate your PC

Windows Agent Arena provides a reproducible testing ground where AI agents interact with common Windows applications, web browsers, and system tools, mirroring human user experiences. The platform includes over 150 diverse tasks spanning document editing, web browsing, coding, and system configuration.

IT Management

Network Computing - The Impact of AI on The Ethernet Switch Market

Enterprises investing in new infrastructure to support AI will have to choose which technology is best for their particular needs. InfiniBand and Ethernet will likely continue to coexist for the foreseeable future. However, it’s highly likely that Ethernet will remain dominant in most network environments.

Network Management

VentureBeat - Kubernetes attacks are growing: Why real-time threat detection is the answer for enterprises

Despite many DevOps teams’ opinions of Kubernetes not being secure, it commands 92% of the container market. Gartner predicts that 95% of enterprises will be running containerized applications in production by 2029, a significant jump from less than 50% last year.

Security

Forbes - The Financial Pitfalls Of Cloud Computing And How To Avoid Them

First, there's the issue of data redundancy. For data availability, cloud services frequently copy your data in multiple places. This is fantastic for reliability, but it can result in unforeseen storage expenditures. For example, Amazon's S3 Standard storage class replicates data in at least three availability zones. This can virtually triple your storage usage.

Cloud Computing

Network World - 3% IT budget increases fueled by AI, security, networking

How they plan to spend their IT dollar is also of note, with respondents indicating they will invest in technologies ranging from AI to data center automation, according to Avasant. More than 68% of companies report they plan to increase their IT spending on AI, as well as two infrastructure areas that power AI—the network and data analytics.

IT Management

Network Computing - Choosing the Right Interconnect for Tomorrow’s AI Applications

As artificial intelligence (AI) continues to evolve, the demand for high-performance computing infrastructure becomes more critical. The Peripheral Component Interconnect Express (PCIe) 5.0 standard offers significant advancements in data transfer speeds and system performance. Similarly, Compute Express Link (CXL) 2.0 enhances memory sharing and reduces latency, making it an invaluable tool for AI workloads.

Infrastructure

SiliconANGLE - Hardware industry confronts challenges and embraces opportunities from AI juggernaut

Chipmakers are also seeking to build technology that will facilitate robust communications between GPUs and networks. Executives at Broadcom Inc. have emphasized the importance of distributed computing solutions to drive AI, and Ethernet is the company’s solution of choice to address unique requirements for high bandwidth, intermittent data surges and massive traffic demands for bulk data transfers.

AI

TechRepublic - Cybersecurity Hiring: How to Overcome Talent Shortages and Skills Gaps

There’s also an issue of companies failing to offer competitive salaries, noted Houser. Cybersecurity jobs tend to come with a salary bump compared with other IT positions, but some HR departments don’t account for these expectations in their listings. Government positions, in particular, often struggle to match private-sector pay.

Tech Jobs

Blocks & Files - WEKA report finds storage a challenge for AI projects

88 percent of organizations are actively investigating GenAI, far outstripping other applications such as prediction models (61 percent), classification (51 percent), expert systems (39 percent), and robotics (30 percent).

AI/Data

Infosecurity Magazine - Cybersecurity Workforce Gap Rises by 19% Amid Budget Pressures

The study also highlighted a particular lack of entry-level roles in security teams. Around a third (31%) of respondents said their teams had no entry-level professionals on their teams, with 15% reporting they had no junior-level professionals.

Tech Jobs

Information Week - Skills-Based Hiring in IT: How to Do it Right

"Skills-based hiring allows the development and growth of diverse candidate pools, providing a competitive advantage and enabling organizations to fill open roles faster than ever before."

Tech Jobs

Network World - Kyndryl: AI interest is driving mainframe modernization projects

“In 2024, more respondents confirmed they are focusing on modernizing on the mainframe or integrating with cloud, and fewer are choosing to move workloads off the mainframe as their primary strategy—a five percentage point drop from last year (30% to 25%). Additionally, 53% of respondents saw their usage on the mainframe increasing this year, with 49% saying their mainframe usage will increase again in the next 12 months,” Kyndryl stated.

IT Management

CIO Influence - Industries Under Siege: The Rising Threat of Cyberattacks in 2024

Critical Start’s Threat Intelligence Report found that manufacturing and industrial products remained the top targeted industries by cyber threat actors, with 377 confirmed reports of ransomware and database leak hits in H1 2024. The most common tactics, techniques, and procedures used by threat actors in the sector were spearphishing attachments, exploitation of remote services, and public-facing applications.

Security

InfoWorld - Finding the right large language model for your needs

Though generative AI is relatively new compared with other artificial intelligence technologies, it is already being used to support tasks ranging from vetting job applicants to diagnosing and recommending treatments for illnesses. IDC predicts that by 2028, 80% of chief information officers will rely on generative AI tools to accelerate analysis, boost decision-making, improve customer service, and more.

AI/LLM

VentureBeat - How much are your enterprise’s gen AI products costing you? DigitalEx launches new expense tracking solution

The solution offers a centralized “single pane of glass” view of expenses across different LLM platforms including AWS Bedrock, Azure OpenAI, OpenAI, and Groq, enabling enterprises to gain visibility into one of the most pressing concerns in the AI space—cost management.

GenAI

eWeek - Small Language Models: A Game-Changer for Enterprise AI

The open source community has also played a pivotal role in driving the advancement and adoption of lean AI and SLMs. Platforms and tools such as Meta’s Llama 3.1, Stanford’s Alpaca, Stability AI’s StableLM, and offerings from Hugging Face and IBM’s Watsonx.ai are making SLMs more accessible, reducing entry barriers for enterprises of all sizes. This democratization of AI capabilities signifies a game-changing trend, as more organizations can incorporate advanced enterprise AI without relying on proprietary and expensive solutions.

AI

Network World - AIOps certifications to elevate your IT career

The demand for AI skills is growing – along with salary expectations. As many as 92% of employers believe their IT departments will be the biggest beneficiaries of AI, and they’re willing to pay an average of 47% more for IT workers with AI skills. However, nearly three in four said that they can’t find the talent they need, according to a survey conducted by Access Partnership and Amazon Web Services.

Tech Jobs

GeekWire - ‘They’re attractive targets’: Cybersecurity attacks on schools are becoming more frequent and severe

The attackers are mostly based in foreign countries that are not allied with the U.S., Levin said. The criminals extort payments in order for them to release control of the computer system and/or to prevent them from publishing or selling personal information from staff and students. That data can be used for identity theft, and includes private mental and physical health records and academic details for students.

Security

Government Technology - Cybersecurity Spending Is Slowing With the Economy

Security budget growth hits 8%, up from 2023: Nearly two-thirds of CISOs report increasing budgets. The average growth has risen from 6% in 2023 to 8% this year, but this is only about half of growth rates in 2021 (16%) and 2022 (17%). A quarter of CISOs experienced flat budgets while 12% faced declines.

AiThority - OutSystems and KPMG Announce New Survey Exploring AI and the Future of Software Development

Early adopters are planning to increase their use of AI in other stages of the SDLC, such as user interface design, code generation, DevOps optimization, and application maintenance. Nearly all respondents are planning to increase their investment in AI-augmented SDLC management over the next two years, indicating that AI will play a central role in driving innovation and competitive advantage in the software industry.

DevOps

Network World - Getting your enterprise ready for the real AI

If you’re a CxO or tech planner, I’d be willing to bet that your attitudes on AI have changed over just the last couple of months. You no longer carefully watch your GPU chips for signs of hostile intent, you don’t expect generative AI services offered by the giants to turn you into the email/text equivalent of a Hemingway, and you don’t expect those services to boost your overall profits and stock price. That doesn’t mean you’ve given up on AI, just that you’ve faced reality. But what, in terms of actions, does reality look like? What is the “real” AI?

AI

Information Week - Determining Your Staff’s Cloud Role

IT determines which applications, data and other services it requires to move to the cloud, and then right-sizes the cloud resources to support the stack. Unfortunately, few IT departments think about the in-house staff resources that will be needed to work with the cloud on an ongoing basis. These realizations come up later, after the cloud service is already up and running.

IT Management

Network Computing - Inside the Mind of a Hacker: How Scams Are Carried Out

In this article, I venture into the hacker’s mind to uncover the motivations and goals behind their dubious actions. I will then hone in on scamming, one of hackers’ most distasteful acts, and examine the process in more detail. By the time you’re through, you should have a better understanding of what makes hackers tick and, more importantly, how to apply that understanding to bolster your cybersecurity defenses.

Security

Network World - Network jobs watch: Hiring, skills and certification trends

“According to the latest BLS data analyzed, there are now approximately 4.18 million jobs for IT professionals in the US. Layoffs at big tech companies continued to hurt overall IT hiring. Large high-tech firms continue to lay off to have better bottom lines. Included in that group of companies that have recently announced new layoffs are Intel, Microsoft, and Google,

Tech Jobs

ZDNET - Understanding RAG: How to integrate generative AI LLMs with your business knowledge

Traditional LLMs are trained on vast datasets, often called "world knowledge". However, this generic training data is not always applicable to specific business contexts. For instance, if your business operates in a niche industry, your internal documents and proprietary knowledge are far more valuable than generalized information.

AI/LLM

Network Computing - Using Linux at the Endpoint: Taking Zero Trust to a New Level

Linux has long been associated with servers and enterprise environments, but its adoption at the endpoint is on the rise. According to a report by IDC, the market for Linux-based desktops and laptops is expected to grow by 12% annually through 2025. This growth is driven by the increasing recognition of Linux’s security benefits and the need for more secure operating systems in the face of rising cyber threats.

Security

Forbes - Navigating Risk Management In IT Projects

Our roles as IT program managers have expanded beyond overseeing timelines and budgets. We now need to understand the latest technologies deeply to effectively anticipate and mitigate risks. This requires a commitment to continuous learning and adaptation.

Risk Management

DarkReading - How CISOs Can Effectively Communicate Cyber-Risk

More than half of chief information security officers (CISOs) struggle to effectively communicate cyber-risk to their leadership teams, according to FTI Consulting. If you're part of this majority, you're not alone. I spend countless hours each month in conversation with CISOs, talking about their concerns and challenges. Time and again, I hear the same frustration: translating complex cyber-risks into a digestible narrative for leadership is an uphill battle.

Security

Forbes - Differentiating The Best IT And Cybersecurity Providers: Authenticity Vs. Pretense

In the crowded field of IT and cybersecurity providers, the best stand out through their expertise, proactive approach, customized solutions, transparent communication and commitment to continuous improvement. They pay attention to the details that matter rather than seeking attention for their own sake.

Vendor Management

Information Week - Contractual Lessons Learned From the CrowdStrike Outage

“For one, almost all software licenses, those pages of text that users mindlessly scroll through, disclaim the producer’s liability. In addition, there exists no widely recognized legal standard that demarcates secure from insecure software development practices

Vendor Management

Computerworld - GenAI vendors’ self-destructive habit of overpromising

Not only are corporate execs dealing with disappointment and a lack of meaningful ROI, but the same senior non-tech leaders (think CFOs, CEOs, COOs, and some board members) who pushed for the technology before it was ready are the ones who will quickly resist deployment efforts down the road. The irony is that those later rollouts will more likely deliver on long-promised benefits. A little “AI-sales-rep-who-cried-wolf” goes a long way.

AI

Information Week - Leading as a Future-Ready CIO in an AI-Driven World

Data: Organizations also often sit on volumes of existing, highly valuable data -- or intellectual property (IP) -- as it’s unstructured and difficult to extract via traditional approaches and legacy technologies. Individual organizations’ data are often siloed, primarily existing on their part of a value chain, narrowing the value of the information able to be gleaned.  

IT Management

InfoWorld - Dealing with ‘day two’ issues in generative AI deployments

From a day one perspective, RAG deployments can face problems around how your data is prepared. For example, the initial phase for data preparation involves turning all your unstructured and structured data into one format that the generative AI system can work with. This involves creating a set of document objects that represent all your company data and contain both the text and any associated metadata.

GenAI

InfoWorld - Cloud application portability remains unrealistic

In 2017 I pointed out that cloud application portability was science fiction. Today it is still complex and costly for most of the same reasons. Of course, anything is possible in IT if you accept that money answers every question and if your enterprise is prepared to spend it in great quantities. Few of us have open checkbooks, so the core issue is that cloud-to-cloud application portability takes much more work than many people were promised.

Cloud

Network Computing - What Is Cloud Virtual Desktop Infrastructure (VDI)?

Cloud VDI is gaining in popularity because companies see the potential for cost savings in hardware, networks, and software, as well as in the IT staff hours needed to support desktops. Additionally, a cloud-based VDI gives companies more flexibility in scaling resources upward or downward.

Cloud Computing

Information Week - 6 Ways AI Could Improve Network Management

Networking devices are among the most complex pieces of equipment to manage. IT managers often spend great amounts of time setting different configuration and operating parameters. Much of the work is manual and often subject to errors.

Network Management

VentureBeat - Forrester’s CISO budget priorities for 2025 focus on API, supply chain security

CISOs must double down on threats and controls to get application security rights, secure business-critical infrastructure and improve human risk management.  Forrester sees software supply chain security, API security and IoT/OT threat detection as core to business operations and advises CISOs to invest in these areas.

Security

Information Week - Unified Data: The Missing Piece to the AI Puzzle

On the other hand, dispersed cloud platforms also make centralized data security solutions difficult, increasing cyber security risk and increasing compliance costs. “AI-powered multi-cloud solutions accelerate and scale the multi-cloud journey of an enterprise and enable organizations to harness their own data estates more quickly,” Senan says.  

AI/Data

InfoWorld - The future of Kubernetes and cloud infrastructure

What’s holding Kubernetes back? As the CNCF survey finds year after year, the top challenges organizations face in using containers continue to be complexity, security, and monitoring, which were joined in the latest survey by lack of training and cultural changes in development teams. These challenges are hardly surprising in the dramatic, monolith-to-microservices journey that Kubernetes represents

Cloud

Information Week - The Limits of New AI Technology in the Security Operations Center

As the advent of the AI singularity is still a possibility, I cannot say that a fully autonomous, AI-powered SOC will never exist. But claiming that the current wave of AI capabilities will lead to it is naive at best and, often, dishonest marketing from tech vendors.  

Security

Network Computing - We Need to Talk About the Security Posture of Your Network Operations

Because we did some more research and, well, it’s not looking good. I’m worried about your operational security posture. Most organizations (over 65%) are automating operational workflows and using APIs to do it. But most of your peers aren’t applying any security to those workflows.

Network Management

Dark Reading - Why End of Life for Applications Is the Beginning of Life for Hackers

Other applications may be tied to specific operating systems or hardware that cannot be replaced without spending out hugely on a complete replacement that would run into the millions of dollars. Couple this with the old adage "if it's not broken, don't try to fix it," and you can see why security teams can face problems in getting fixes made to these software assets.

Security

Information Week - The Growing IT Skills Gap: A Looming Crisis for 2025

The IT skill gap represents the disparity between the skills employers need and what the workforce can offer. This gap spans various technology areas, including cybersecurity, data analytics, and cloud computing. Identifying these shortcomings through an effective IT skill gap analysis can guide educational institutions and training programs to align their offerings with industry demands.

Tech Jobs

AiThority - Uplink Traffic for AI Will Break the 5G Network

The mobile network is designed to handle much higher “downlink” traffic (from the tower to the phone) than “uplink” traffic (from the phone to the tower). This arrangement works well for streaming video and web surfing, but new AI-Assistants such as Siri, Google Assistant, and others will drive an increase in uplink traffic that is unprecedented. The anticipated release of Gen-AI enhancements of Siri during the next few weeks could be a turning point.

Network Management

AiThority - Pervasive, Data-Driven Decisions: The Promise of Integrating BI and AI

For example, when Foundry surveyed CIOs for its 2024 State of the CIO report, they asked what their priorities were for becoming more data-driven. The No. 3 response was to make their data more available. But data transformation projects that unify data and break down silos can take years and millions of dollars to complete. Those organizations that can figure out how to 1) provide actionable data to frontline workers on demand and 2) empower pervasive data-driven decision-making will gain a significant competitive advantage over their competitors.

Data Management

ComputerWeekly - Global cyber spend to rise 15% in 2025, pushed along by AI

“The continued heightened threat environment, cloud movement and talent crunch are pushing security to the top of the priorities list and pressing chief information security officers to increase their organisation’s security spend,” said Upadhyay.

Security

Network Computing - Zero-Touch Provisioning for Power Management Deployments

At the heart of ZTP lies Dynamic Host Configuration Protocol (DHCP), a foundational network protocol that assigns IP addresses to devices (clients) on a network, facilitating their communication within the network and with external systems. DHCP is an essential network protocol used in IP networks to dynamically assign IP addresses and other network configuration parameters to devices, thereby simplifying network administration.

Network Management

TechRepublic - Nearly 1/3 of Companies Suffered a SaaS Data Breach in Last Year

Nearly half of firms who use Microsoft 365 believe they have fewer than 10 applications connected to the platform, but the report’s aggregated data shows that the average number of connections is over a thousand. A third admitted that they don’t know how many SaaS apps are deployed in their organisation.

Security

InfoWorld - Quantum computing attacks on cloud-based systems

For cybersecurity and data protection lawyers, evolving standards will likely influence regulatory frameworks and vendor management practices, necessitating updates to cryptographic strategies. As the interplay between quantum computing and AI intensifies, organizations must strengthen their defenses and prepare their legal teams to adeptly manage privacy and security challenges related to these technological changes.

Security

VentureBeat - How AI is helping cut the risks of breaches with patch management

I.P. scanners and exploit kits designed to target specific CVEs associated with widely used software across enterprises are sold on the dark web by cybercriminals. Exploit kits are constantly updated with new vulnerabilities, a key selling point to attackers looking to find systems that lack current patches to stay protected.

Security

Network Computing - 4 Reasons Why Network Detection and Response is the Future of Cybersecurity

The real question is: how can organizations protect their assets without sacrificing the flexibility afforded by the latest technologies? Coupling Endpoint Detection Response (EDR) with Security and Information Event Management (SIEM) systems is one well-established answer, but ultimately, EDR and SIEM represent just two prongs of a three-pronged approach.

Network Management

Information Week - The Deeper Issues Surrounding Data Privacy

However, data privacy is also defined by IBM as: “the principle that a person should have control over their personal data, including the ability to decide how organizations collect, store and use their data.”  

Data Privacy

eWeek - 13 Best Generative AI Tools (2024): Creative Powerhouses

Whether you’re looking to enhance your writing, create stunning visuals, or generate engaging videos, here are our picks for the 13 best GenAi apps and tools on the market in 2024

GenAI

Data Science Central - Enterprise AI trends in 2024: What businesses need to know

By 2024, AI will be seamlessly integrated into tools like Microsoft 365, Google Workspace, Salesforce, and Atlassian. This means automated tasks, smarter suggestions, and better decision-making. Hence, the enterprise is preparing itself for an AI-powered office revolution.

AI

Network World - Network jobs watch: Hiring, skills and certification trends

According to Indeed’s Hiring Lab, “on a three-month average basis, the unemployment rate has risen .55 percentage points since its low of 3.5% in January 2023.” The adjusted BLS numbers suggest weak hiring and a cooler market than previously projected, but Indeed says there are reasons for “cautious optimism” about the U.S. labor market. For instance, the amount of available job postings and growth in wages could continue to attract more workers to the labor force.

Tech Jobs

CIO Influence - Malicious Links, AI-Enabled Tools and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report

Messaging attacks continue to evolve, with hackers moving away from pushing malware to using malicious links as the preferred method of delivering payloads to victims’ systems. In fact, Mimecast’s analysis found malicious links surged by 133% in the first quarter of 2024 and 53% in the second quarter, compared to the same period in 2023.

Security

Computerworld - Enterprise buyer’s guide: Remote IT support software

Buying for the first time? Know what your options are. Considering replacing what you have? You might just save 25% or more on licensing costs. Here's what to look for and 12 leading remote support tools to consider.

IT Management

CIO Influence - DDoS Attacks Surge 106 Percent from H2 2023 to H1 2024, Reveals New Zayo Data

The report also found that an average DDoS attack now lasts 45 minutes—an 18% increase from this time last year—costing unprotected organizations approximately $270,000 per attack at an average rate of $6,000 per minute.

Security

CIO Dive - Executives expect complying with AI regulations will increase tech costs

“Each company must execute a compliance roadmap that is specific to the amount and combination of use cases they have,” Iannopollo said in an email. “Virtually, every company will have a compliance roadmap that looks like nobody else’s.”

AI

InfoWorld - Revolutionizing cloud security with AI

Adaptive frameworks enable real-time monitoring and automatically adjust security protocols based on identified threats. AI systems can ingest vast amounts of network data, learn standard behavior patterns, and accurately detect anomalies. This capacity to adapt and respond dynamically to threats shifts security paradigms from reactive to proactive.

AI/Security

CIO - How leading CISOs build business-critical cyber cultures

With its end-to-end view of the enterprise, the cybersecurity organization is in a unique position to anticipate issues and needs, influence business strategy, and proactively drive business change and impact. Yet many cyber professionals remain head-down in the weeds, lacking perspective on the role they play in advancing the business mission.

Security

Information Week - Managing Technical Debt in the Midst of Modernization

Prioritizing debt based on type and severity is just as important as determining an acceptable level. There may be some debt that has to be eliminated at all costs, such as security vulnerabilities. On the other hand, other types of debt may be postponed, such as design debt. Prioritization allows focus on the repayment efforts in critical areas while still bringing down the overall debt within acceptable limits.

IT Management

CIO - Is the gen AI bubble due to burst? CIOs face rethink ahead

Gen AI projects can cost millions of dollars to implement and incur huge ongoing costs, Gartner notes. For example, a gen AI virtual assistant can cost $5 million to $6.5 million to roll out, with a recurring annual budget hit of $8,000 to $11,000 per user.

AI

Blocks & Files - HYCU report suggests many SaaS apps are open windows for malware attacks

More than 200 SaaS apps are used by a typical small-to-medium organization and such organizations may not realize the scope of their SaaS app use, nor that their SaaS app data needs protecting. This is intuitively clear, as SaaS app use is meant to be easy and is not necessarily controlled by any IT department decisions and processes.

Security

Datanami - Pluralsight Finds 56% of Security Professionals Concerned About AI-Driven Threats

In response to the increasing prevalence of AI-driven threats, there is a growing urgency for professionals to upskill and acquire specialized knowledge in order to effectively safeguard against these evolving challenges. Over 75% of respondents indicated that threat intelligence and reverse engineering are the most valuable advanced cybersecurity skills of today, while 24% noted threat hunting among these skills.

AI/Security

Blocks & Files - Building blocks of AI: How storage architecture shapes AI success

Leveraging technologies such as Non-Volatile Memory Express (NVMe) can be a game-changer to handle such massive volumes of data. NVMe offers superior performance, compared to traditional storage interfaces by reducing latency and increasing data transfer speeds. For AI workloads, this means faster data ingestion, real-time analytics, and more efficient training of machine learning models.

Data Management

Information Week - Reshaping the CIO's Playbook for the AI Age

One of the most significant shifts is the CIO’s evolving role in fostering innovation. GenAI tools, capable of producing everything from code to copy, are opening new avenues for creativity and efficiency across departments. CIOs are now tasked with helping identify and implement those solutions that will help move the dial most quickly. This requires a delicate balance of technological enthusiasm and practical caution.

AI

Network Computing - Harnessing AI for 6G: Six Key Approaches for Technology Leaders

The evolution from traditional, hardware-centric networks towards intelligent, sensing, self-training, and self-learning systems promises a leap into an unprecedented era of digital communication. This transformation, driven by the potent capabilities of 6G coupled with the adaptive power of AI, is poised to redefine the technological ecosystem.  

Network Management

Computerworld - GenAI compliance is an oxymoron. Ways to make the best of it

The classic example of how this can go wrong is when HR feeds a genAI tool a massive number of job applications and asks it to evaluate the five candidates whose background most closely resembles the job description. In this example, genAI analyzes all current employees; finds patterns in age, gender, and demographics; and extrapolates that that must be the kind of applicant the enterprise wants. It’s then only a short walk to regulators accusing the enterprise of age, racial, and gender discrimination.

AI

InfoWorld - iPaaS in an AI-driven world

Historically, iPaaS solutions have been the backbone of cloud transformation strategies, enabling businesses to integrate disparate applications and data sources across their digital ecosystems. These platforms were designed for a pre-cloud era, optimized for connecting and automating workflows in a relatively static technological landscape. However, the AI revolution demands agility, speed, and an intelligence layer that traditional iPaaS cannot provide

IT Management

Network Computing - The Role of Zero Trust in Cybersecurity Risk Mitigation

According to the latest IBM Cost of Data Breach survey, a whopping 24% of data breaches are attributed to those sneaky, negligent insiders—those who inadvertently click on malicious links or leave the door wide open for cyber-criminals. It's like realizing the biggest threat to your cybersecurity isn't a villainous hacker, but rather your colleague who hasn't updated their antivirus since 2008.

Security

Information Week - The Tug of War Between Biometrics and Privacy

“Ultimately, enterprises and organizations centrally storing biometric data, in any form, are faced with the constant challenge, risk, and expense of building higher walls to protect the storage of the user’s sensitive biometric information,” says Srivastava.  

Privacy

Diginomica - AI projects don't come cheap - how CIOs are carving out budgets

Against this backdrop, enterprises are also turning to various data and AI processing techniques to help add structure to their data. The latest large language models transform raw text, images, and video into vectors for better semantic search in vector databases. Knowledge graphs and graph databases help connect the dots across entities, events, and processes mentioned in documents.

AI/Data

Forbes - Plan Your Tech Budget Now To Succeed With AI In 2025

This optimism is rooted in four strategic priorities: 1) enhancing personnel capabilities to meet future work demands; 2) expanding software investments to drive innovation; 3) ensuring infrastructure stability to support business performance; and 4) leveraging outsourcing to bridge skills gaps and enhance resilience.

IT Management

Computerworld - How to train an AI-enabled workforce — and why you need to

“Am I getting the right development opportunities from my employer? Am I being upskilled?” Alba said. “How upfront are we about leveraging some of these innovations? Am I using a private LLM at my employer? If not, am I using some of the public tools, i.e. OpenAI and ChatGPT? How much on the cutting edge am I getting and how much are we innovating?”

AI

Forbes - Avoiding The FOMO Trap: Strategic Integration Of AI And Cybersecurity

While my earlier article critiques the broader issue of AI hype as potentially undermining cybersecurity practices, here I would like to offer specific guidance for CISOs on how to navigate an increasingly AI-driven business landscape while still effectively integrating cybersecurity considerations.

AI/Security

Information Week - How To Get Rid of Technical Debt for Good

It has been steadily increasing due to a proliferation of customizable SaaS tools with evolving out of the box functionality, cloud development, fragmented workloads and most recently, GenAI. Left unchecked, technical debt impedes development velocity, performance and troubleshooting of production issues and/or bugs.

IT Management

CIO Influence - LevelBlue: CISOs Face Cybersecurity, AI, Budget Challenges

While CISOs are often responsible for technology implementation, they are not getting the support they need at a strategic level. The Accelerator found that 73% of CISOs expressed concern over cybersecurity becoming unwieldy, requiring risk-laden tradeoffs, compared to only 58% of both CIOs and CTOs. Additionally, 73% of CISOs feel more pressure to implement AI strategies versus just 58% of CIOs and CTOs. These pressures pair with the fact that 66% of CISOs believe reactive budgets cause a lack of proactive cybersecurity measures, compared to 55% of CIOs and 53% of CTOs feeling the same way.

Security

Network Computing - Why the Network Matters to Generative AI

So, it will not be a surprise when I point out the importance of the network to such a distributed computing complex. The speed, security, and paths across that network matter to the performance and capacity of whatever instruction—API calls between applications—is making its way to the right component for execution.

AI

Network World - Network jobs watch: Hiring, skills and certification trends

Network and infrastructure roles continue to shift as enterprises adopt technologies such as AI-driven network operations, multicloud networking, zero trust network access (ZTNA), and SD-WAN. Here’s a recap of some of the latest industry research, hiring statistics, and certification trends that impact today’s network professionals, infrastructure and operations (I&O) leaders, and data center teams

Tech Jobs

SiliconANGLE - Cybersecurity tool sprawl is out of control – and it’s only going to get worse

Another factor is the rapidly changing cyberattack landscape. New threats emerge constantly, leaving CISOs little time to craft overarching strategies. Cloud, mobile and artificial intelligence-fueled attacks are all relatively recent, each demanding different defense strategies. The chaotic nature of the threat surface forces security teams to play constant defense with little chance to come up for air.

Security

ZDNet - These experts believe AI can help us win the cybersecurity battle

"When the SEC [US Securities and Exchange Commission] announced that it expects public companies to report within four days about a major breach, everybody had an 'Oh, crap' moment," he said. He noted the security team can't even close routine IT tickets from that day: "They're looking for a needle in a haystack."

AI/Security

SiliconANGLE - How organizations can optimize generative AI costs

Information technology leaders should create an AI model garden and offer multiple, diverse models for users to safely experiment. Make the model costs transparent to the users via reporting tools, which enables them to make better economical choices without jeopardizing their accuracy, performance and other selection metrics.

AI

Network World - Security platforms offer help to tame product complexity, but skepticism remains

The biggest factor in complexity growth, say users, is that very multiplicity of layers and products. Vendors fear complexity might eventually stall security budget growth. To combat complexity, vendors are starting to emphasize the “security platform,” but users are divided over whether the platform concept is a benefit or simply another vendor revenue-raising ploy, a hero or a villain. Said one, “I’m not sure if [my vendor] is Gandalf or is forging the One Ring,” a reference to Tolkien’s fantasy classic.

Security

Forbes - 17 Generative AI Data Analytics Tools Everyone Should Know About

Here, AI has proven very useful. For the past decade, we’ve used deep learning algorithms to crunch numbers far quicker than any human, spotting patterns and pulling out insights. It also allows us to find clues hidden in unstructured data, such as text, video and sound.

Data & Analytics

ZDNet - AI can mean big business benefits. But these obstacles must be cleared first

However, it's not a case of IT leaders not being as enthusiastic as their bosses about AI -- they are. Nearly three-quarters (73%) say they're excited about AI initiatives in their organization, and almost half (49%) say they feel inspired. Only a minority of IT leaders cite negative feelings like nervousness (16%) or being overwhelmed (12%).

AI

VentureBeat - Tech giants: AI will transform 92% of ICT jobs; we must upskill now

In business and management, for instance, 62.5% of roles were identified as high transformation and 37.5% as moderate. In day-to-day work, AI can help create product strategies, provide predictive analytics, develop reports, manage large-scale projects and automate numerous processes.

Automation & Productivity

Computerworld - These are the skills you need to get hired in tech

“In real time, we’re seeing a steady-as-they-go job market where demand remains strong, but it is softening in some sectors,” said Becky Frankiewicz, ManpowerGroup’s president of North America Region. “While tech hiring isn’t as robust as it used to be, software developers and IT generalists are the most in-demand roles in the US today.

Tech Jobs

VentureBeat - Five takeaways from Forrester’s 2024 state of application security

BairesDev’s recent survey of more than 500 software engineers finds that 72% of them are leveraging gen AI as part of the software development process today, and nearly half, or 48%, are using it every day. Eighty-one percent are using gen AI-based tools to write code they used to write manually. Nearly one in four developers, 23%, using gen AI, are seeing a productivity increase of 50 percent or more. OpenAI’s ChatGPT, GitHub’s Copilot, Microsoft Copilot and Google Gemini are the four most popular chatbots with the software engineers interviewed.

AI/Security

Information Week - 10 Hottest AI Jobs

Not surprisingly, AI hiring is skyrocketing. At the time of writing, Indeed.com had listings for 14,188 AI jobs. And pay is also on the rise as organizations compete for the best talent.

Tech Jobs

ZDNet - AI-powered 'narrative attacks' a growing threat: 3 defense strategies for business leaders

This blending of AI-powered misinformation and disinformation alongside traditional hacking techniques has given rise to a new breed of cyber threat - the narrative attack. These multipronged assaults weaponize manufactured stories to manipulate our perceptions, influence our behavior, and ultimately magnify the impact of technical intrusion, leaving organizations and individuals vulnerable.

AI/Security

Reuters - But really, what cybersecurity requirements and standards does my company need to follow and why?

Required disclosures must include the nature, scope, and timing of the incident, along with a description of the actual or reasonably likely impact, including the effects on the company's financial condition and operations. Specifically, when was the incident discovered and is it ongoing; a brief description of the nature and scope of the incident; whether any data was stolen, altered, accessed, or used for any other unauthorized purpose; the effect on the company's operations; and whether the company has remediated or is currently remediating the incident.

Security

Information Week - Salary Report: IT in Choppy Economic Seas and Roaring Winds of Change

But even if IT pros do find a legit opening to apply for, they may find themselves ghosted somewhere during the interview process. According to the FlexJobs survey, “nearly half (48%) of people said they have been “ghosted” by an employer at least once (15%) or more than once (33%) during the interview process.”

Tech Jobs

Blocks & Files - GenAI only as good as its data and platforms

The pairing of vector database and RAG is a popular combination. Research from Databricks found that use of vector databases soared 376 percent year over year, suggesting that a growing number of companies are using RAG to incorporate their enterprise data into their models.

AI/Data

InfoWorld - Who should own cloud costs?

The exponential growth of AI and generative AI initiatives are often identified as the true culprits. Although packed with potential, these advanced technologies consume extensive cloud resources, increasing costs that organizations often struggle to manage effectively. The main issues usually stem from a lack of visibility and control over these expenses.

Cloud

Network World - IBM: Cost of an enterprise data breach hit post-pandemic high

Customer PII was involved in more breaches than any other type of record (46% of breaches).  IP may grow even more accessible as gen AI initiatives bring this data out in the open. With critical data becoming more dynamic and available across environments, businesses will need to assess the specific risks of each data type and their applicable security and access controls, Zorabedian wrote.

Security

InfoWorld - How to choose the right low-code, no-code, or process automation platform

A recent Gartner Magic Quadrant ranks 17 low-code platforms targeting application and software development. Forrester’s Wave on low-code platforms for citizen developers ranked 12, and their report on digital process automation ranked another 13 platforms. G2 lists 85 low-code development platforms and 364 no-code development platforms.

Automation & Productivity

The Wall Street Journal - A Clamor for Generative AI (Even If Something Else Works Better)

For example, Sharma said, for three years Mr. Cooper has been using nongenerative AI to spot whether information, such as a signature, stamp or notary date, is missing from a given document. The company has also tested whether generative AI might have solved the problem more effectively—and found that it couldn’t.

AI

Network Computing - The True Cost of a Major Network or Application Failure

In fact, according to our recent survey of IT leaders, 97% of enterprise-level organizations suffered at least one major outage or incident with a unified communications as a service (UCaaS) platform in 2023. Additionally, a majority of enterprises (51%) experienced at least four incidents, impacting 4,000 employees on average. In 24% of cases, resolution took at least a few days.

Network Management

CSO - CrowdStrike meltdown highlights IT’s weakest link: Too much administration

The most unsafe part of our technology ecosystem isn’t the number of unpatched systems we have. Nor is it shadow IT, whether it’s homegrown software or the burgeoning bring-your-own-SaaS ecosystem. The shared responsibility model, and the impossible complexity of safely configuring systems isn’t even in the running. It’s not even the insider threat, whether we mean the extremely rare hostile insider, the compromised end-point with too many permissions, or the well-meaning user and the unsafe software they’re forced to use every day.

Security

Infosecurity Magazine - Most IT Leaders Say Severity of Cyber-Attacks has Increased

Cybersecurity investment has increased, according to 97% of leaders. However, many of those surveyed felt like this investment is failing to make the right impact. Over half (55%) said they felt less secure today than a year ago.

Security

CIO - Barriers and benefits: How CIOs are navigating the AI whirlwind

However, though AI deployment is an urgent issue, most CIOs don’t believe their organizations are ready. Less than half of CIOs say they possess the required technical skills, only 4 in 10 believe they have the required security infrastructure, and just one-third think their organizations possess the right computing infrastructure. Just as concerning, less than a quarter of CIOs say their organizations have an adequate corporate policy around ethical use.

AI

Information Week - What’s Real About AI in Cybersecurity?

Deepfake technology powered by AI can create fake videos or audio recordings that impersonate real people, tricking victims into revealing sensitive information. Somewhere between 70% and 90% of successful cyberattacks leverage social engineering. A recent study by Proofpoint revealed that AI-generated phishing emails had a success rate of over 60%, compared to just 3% for traditional phishing attempts.

AI/Security

Diginomica - US Government officials express concern over malicious use of AI for state-backed attacks

But all of those things can be turned into dual use applications, either by a state or non-state adversary. When it comes to regulation, perhaps the best idea is not to try to regulate AI, but instead to look at some of the regulatory regimes we have around the physical transition of what might be developed in an in silico AI environment.

AI/Security

CIO Influence - Mastering Network Monitoring: Key Strategies for Uninterrupted Connectivity and Optimal Performance

One of the primary hurdles faced by organizations is the scarcity of skilled network engineers. In recent discussions, I’ve emphasized the fact that the IT talent gap is complicating day-to-day operations and hindering the ability to implement and maintain effective monitoring strategies. It underscores the need for solutions – like artificial intelligence (AI) – that not only automate routine tasks but also provide actionable insights to bridge this expertise gap effectively.

Network Management

Information Week - An IT Leaders’ Playbook for Creating an Effective AI Policy

The consensus among visionary leaders -- from CEOs to IT experts and legal professionals -- is clear: Deploying AI successfully at an organization requires a comprehensive AI policy. This is the ethos behind a proactive approach to AI integration, ensuring that organizations leverage AI’s many benefits while addressing the associated challenges head-on.

AI

Federal News Network - Federal contractors get some guidance on using AI when hiring

Federal contractors have new advice for using artificial intelligence in the hiring process. A new guide — from the Labor Department's Office of Federal Contract Compliance programs — aims to mitigate potentially harmful effects of AI in employment decisions. The publication answers common questions, shares best practices and clarifies contractors' legal obligations enforced by OFCCP.

HR Tech

Information Week - 9 Ways CISOs Can Stay Ahead of Bad Actors

“[Organizations] have less money to spend, the users are busier than ever, [the CISO is] more prone to frustration, and there are more threats than ever before. So, the role of a CISO is honestly becoming harder very quickly. And I don't think as an industry, we're doing enough to equip them with new tools and an easier adoption path for those organizations to stay ahead.”

Security

SiliconANGLE - Exploring the sixth data platform: How AI is shaping the future of enterprise data management

“I think AI is stealing not only mind share, but also wallet share and resources away from these other projects. People are delaying some of their other IT projects, focusing resources on AI. That’s what the data says.”

AI/Data

Information Week - How to Avoid a GenAI Proof of Concept Graveyard

One key reason POCs falter is that they are based on a poorly chosen use case. Don't get caught up in the hype by building a POC for the sake of creating one. Select a business-led use case with a clear return on investment (ROI) and align it to your core business performance metrics.

AI

Computerworld - Want ROI from genAI? Rethink what both terms mean

“I see genAI being applied in non-core processes that won’t directly affect the core business, such as chatbots or support agents. These projects lack support and long-term engagement from the organization,” Fernandes said. “I see genAI not bringing the promised ROI because people moved their priorities from making better decisions to building conversational interfaces or chatbots.”

AI

AiThority - Aiming for GenAI Success? Pay Your Technical Debts First, Shows New SnapLogic Research

SnapLogic, the leader in generative integration, today published new research revealing legacy technology is costing businesses nearly $3 million ($2,955,000) on average and causing substantial technical debt across organizations. The research reveals that spending on updating legacy systems has dramatically increased over the last five years, with almost two-thirds (65%) of businesses now investing more than $2 million on maintaining or upgrading their legacy systems, twice as many as five years prior.

IT Management

Network World - Gartner: AI spurs 25% surge in data center systems spending

Service providers are projected to spend nearly $100 billion on AI-specific servers this year, and the supply of GPUs appears to be the main limiting factor in this market, with demand expected to outstrip supply for several years to come, he said. Lovelock emphasized that this surge in AI server spending is creating a substantial foundation for generative AI capacity, which will have flow-through effects across other IT categories.

AI

Information Week - What New CIOs Act On First and Why

The typical challenges faced in establishing and improving the IT baseline may be the existing IT culture that resists change, proliferation of shadow IT that impedes improvement progress, stakeholder apathy toward IT caused by long periods of unresponsive, or misaligned IT. It might also be the absence of a specific component such as architecture, data hygiene or change audits that take enormous effort to create and may not have budget support for, and sometimes misallocated or missing budgets.

IT Management

Forbes - Powering AI Success With An Advanced Information Management Strategy

On the other side of the coin, data security continues to be a concern for businesses across every industry. As we’re still in the early stages of widespread AI adoption, employees are increasingly using open-source tools like ChatGPT, Gemini and Copilot to speed up their work – without being aware of the security risks this could pose to their company. In fact, in 2023, Samsung banned the use of open-source AI tools altogether – as employees accidentally shared sensitive code with ChatGPT.

AI

Information Week - How, When, and Why to Hire a Chief AI Officer

That means organizations might want to consider a hierarchy and have the CAIO report to the CIO or CTO early on before making the jump. “This could reduce confusion as to who is doing what as the three need to be united,” Elms says.

AI

Forbes - Insider Secrets: A Tech Leader’s Guide For Building A Strong, High-Performing Team

A Glassdoor study indicates that "organizations with strong onboarding practices improve employee retention by 82% and productivity by more than 70%." A comprehensive onboarding program helps new hires acclimate quickly, understand their roles and feel valued from day one. Remember, the goal is to integrate new team members seamlessly, ensuring they're ready to contribute to the team’s success.

Tech Jobs

Infosecurity Magazine - Half of SMEs Unprepared for Cyber-Threats

However, concerns about AI’s impact on cybersecurity remain prevalent, with 61% agreeing that AI is outpacing their organization’s ability to protect against threats. A quarter (25%) reported experiencing AI-generated attacks in the first half of 2024.

Security

InfoWorld - 7 reasons analytics and ML fail to meet business objectives

Foundry’s State of the CIO 2024 reports that 80% of CIOs are tasked with researching and evaluating possible AI additions to their tech stack, and 74% are working more closely with their business leaders on AI applications. Despite facing the demand for delivering business value from data, machine learning, and AI investments, only 54% of CIOs report IT budget increases. AI investments were only the third driver, while security improvements and the rising costs of technology ranked higher.

IT Management

Information Week - Encryption as a Cloud-to-Cloud Network Security Strategy

At first glance, the discrepancy between moving more sensitive data to the cloud and ensuring the data's safe point-to-point transit would seem to be the “stuff” of security and governance analysts. But when bad things like security breaches happen, companies inevitably look to their network groups to address them.

Data Management

Plurasight - How to land 2024's top in-demand tech leadership roles

Yes, this is a real role, and not someone mangling a goodbye in Italian. CAIO is the hottest new role in tech, and fast becoming a new staple in the C-suite. Companies across the board are trying to leverage AI for a wide range of business functions, and someone needs to make this happen. As such, compensation packages for CAIO roles can reach well above $1 million according to Forbes research.

Tech Jobs

CIO Dive - CIOs resist vendor-led AI hype, seeking out transparency

“I can just feel from the vendor community right now enormous amounts of pressure,” said Jason Strle, CIO at Discover Financial Services, told CIO Dive. “It’s now showing up not just in how they’re trying to engage with us, but also how generative AI is mentioned.”

AI

AiThority - 87 Percent of C-Suite Executives Feel Pressured to Implement Gen AI Solutions Now, RWS Research Reveals

However, this excitement is tempered by more than a third (36%) of executives who raised concerns that there is an extreme danger of enterprise resources – which could be better deployed elsewhere – being diverted toward Gen AI.

AI

Network Computing - How to Know When It's Time to Bring in a Network Consultant

"Teams can be change-adverse and set in their ways," he observes. "Even if the team is open to new ideas and solutions, they just don't have insight into what options are available." Hiring a network consultant, who isn't tied to existing solutions or processes and brings insights and experience from across the industry, can help organizations reach an objective decision.

Network Management

Information Week - Making the Transition to Artificial Intelligence

It’s also clear that it will be up to CIOs to shoulder major responsibilities for AI deployment, whether the AI comes into the company through a dedicated data science department, or through a user function. Why? Because only IT has a comprehensive, enterprise-wide knowledge of data, applications and infrastructure, and how AI could affect them.

AI

AiThority - Survey Reveals Only 20 Percent of Senior IT Leaders Are Using Generative AI in Production

Senior IT leaders will be bold with their Generative AI initiatives over the next 12 months, as nearly three quarters (73%) plan to spend more than $500,000 and around half (46%) will spend over $1 million. Findings also confirm IT stacks across organizations are not comparable to modern infrastructure standards to maximize effectiveness and manage runaway costs.

AI

Information Week - How to Find a Qualified IT Intern Among Candidates

"We also look for continuous learners who embrace a growth mindset, are creative, and adaptable," Ferreira notes via email. "We generally recruit rising sophomores and juniors in the process of obtaining relevant educational degrees, as well as sourcing through code schools, partnerships, and apprenticeship programs."

Tech Jobs

Network World - Network jobs watch: Hiring, skills and certification trends

Data from IT employment trackers shows that the technology industry added more than 7,500 new workers in June, while at the same time the overall unemployment rate for IT pros increased.

Network Management

VentureBeat - AI stack attack: Navigating the generative tech maze

Technical considerations collide with a minefield of strategic concerns. Data privacy looms large, as does the specter of impending AI regulations. Talent shortages add another wrinkle, forcing companies to balance in-house development against outsourced expertise. Meanwhile, the pressure to innovate clashes with the imperative to control costs.

AI

Government Technology - Boom or Bust? Deciphering Mixed Messages on the Tech Job Market

“'It’s like they’re all using the same AI algorithm to say, ‘Write this person a rejection letter,’ said Savidge, who graduated from Kenyon College, a small liberal arts college 50 miles from Columbus, Ohio, with a major in environmental science. A classic refrain is 'We can tell you really want to change the world, but we’ve gone for more qualified candidates,' she said. 'They always add an environmental quip.'"

Tech Jobs

yahoo!tech - Tech workers look like the real winners of the AI talent war

Those with experience in machine learning, engineering, and deep learning are securing impressive salaries. The median total compensation for a machine learning or AI software engineer is $140,823, according to Levels.fyi.

Tech Jobs

CIO Influence - The Top Five Must-Haves for Picking an AI Security Solution

For instance, VirusTotal Code Insight, an integral component of Google’s Cloud Security AI Workbench, employs natural language summaries of code snippets. This feature aids security experts in comprehending and elucidating the behavior of malicious scripts, thereby bolstering their capacity to detect and counter potential attacks.

AI/Security

VentureBeat - Three critical steps to close the cybersecurity talent gap, once and for all

Cybersecurity pays well and offers meaningful opportunities for development. While we should continue to highlight this fact, pay and career trajectory are not the primary obstacles to recruitment. A lack of awareness about the actual job functions of cyber professionals, as well as how to break into the field altogether, discourage bright people from pursuing these opportunities. Removing these obstacles should be priority number one.

Security

SC Media - Nine best practices for secrets management in the cloud

Encryption: Always encrypt secrets both at rest and in transit. Use strong encryption standards to ensure that even if the storage medium becomes compromised, the secrets remain protected.

Security

Network World - AI success: Real or hallucination?

Everyone likes to save their own labor, to unload repetitive and boring tasks, and so there’s a lot of interest in this sort of AI application. The problem is that this kind of worker assistance doesn’t seem to monetize. I was told by CIOs who audited the use of generative AI in their companies that generative AI tools to help workers with documents, emails, etc. almost never actually saved money. However, the tools their companies were trying were either free or very cheap, and the CIOs said they might save a bit of time or improve results a bit.

AI Adoption

The Hacker News - The Secrets of Hidden AI Training on Your Data

Wing's research indicates that an astounding 99.7% of organizations utilize applications embedded with AI functionalities. These AI-driven tools are indispensable, providing seamless experiences from collaboration and communication to work management and decision-making. However, beneath these conveniences lies a largely unrecognized risk: the potential for AI capabilities in these SaaS tools to compromise sensitive business data and intellectual property (IP).

AI/Data

VentureBeat - Exclusive: Zip’s AI procurement platform drives $4.4 billion in savings, reshaping enterprise spending

“We make it really easy for somebody to actually follow the right path, which means that a team like procurement or a strategic sourcing team can actually get looped in earlier.” This early involvement allows for more strategic purchasing decisions and better negotiation opportunities.

Automation & Productivity

AiThority - Vero AI Releases Report on AI and Data Privacy Legislation Trends to Aid Enterprise Compliance Planning

Vero AI’s in-depth analysis highlights common themes in both existing and emerging legislation, including the need for data transparency, documentation of AI safety and security to ensure fair and unbiased AI use, full disclosure of model limitations, and user consent revocation.

AI/Data Privacy

Network Computing - Building a Bulletproof Disaster Recovery Plan

What’s secure and safe today won’t be secure and safe in a month’s time. The average downtime from a ransomware attack takes 23 days and can cost $1.54 million - not just payments but the labor, lost opportunities, and device replacements that have to take place to fix everything. To add insult to injury, 75% of ransomware attacks target SMBs, which means the organizations that can afford it the least are the ones that end up paying the most.

Data Management

Security InfoWatch - Optiv report shows nearly 60% increase in security budgets as cyber breaches rise

Security Tool Overload — While organizations are investing in more technologies, 40% of respondents believe they have too many, hindering overall effectiveness. By contrast, only 29% feel that they have the right number of tools. This underscores the need for a strategic approach to cybersecurity investment, focusing on streamlining existing tools and ensuring a seamless technology stack integration

Security

Information Week - Top Career Paths for New IT Candidates

The shift to skills-based talent management has cast a shadow of doubt over the value of having a degree, given the amount of online and certification options available. While there are IT professionals who lack a traditional four-year degree, a forthcoming survey report of 800 IT decision makers by insurance company MetLife reveals that 83% believe higher education is necessary to succeed in today’s workforce.

Tech Jobs

Diginomica - Cyber resilience - how to achieve it when most businesses – and CISOs – don’t care

In that light, the Netskope research reveals some intriguing findings. For example, just 36% of CISOs see themselves as playing a ‘protector’ security role, defending the organization from hostile attack. By contrast, 59% of CISOs now believe themselves to be ‘business enablers’, with over two-thirds (67%) saying they want to play a more active role in the enterprise moving forward. Indeed, they wish they could say “yes” to the business more often, found the survey.

Security

Data Science Central - Computing: Where should AI safety for superintelligence and AGI start?

Currently, what are the available technical options to fight deepfakes? Mostly guardrails, digital hashing, watermarks, authentication, encryption, identity verification, and others. While they hold potency in many aspects, they may not be thorough enough for the safety needs against several voice cloning or impersonation techniques, as well as deepfake images, videos, and misinformation reaches.

AI/Security

yahoo!finance - Bots Compose 42% of Overall Web Traffic; Nearly Two-Thirds Are Malicious, Reports Akamai

There are no existing laws that prohibit the use of scraper bots, and they are hard to detect due to the rise of artificial intelligence (AI) botnets, but there are some things companies can do to mitigate them.

Security

InfoWorld - A balanced approach to AI platform selection

Remember 10 years ago when the “cloud only” gang led the parade? Many enterprises in their thrall applied cloud computing to every problem. Unfortunately, those square-peg clouds fit into square-hole problems only about half the time.

AI

FEDSCOOP - Acquisition officials highlight need for transparency in AI discussions with industry

“What I’m seeing as a buyer of this type of technology is I’m being sold the world, and when I go to look at it, it’s not really the world. It’s this little dirt path on the corner,”

AI

Information Week - Getting a Handle on IT Change Management

"An early change readiness and impact assessment is the true superpower for technology adoption," she suggests. "The assessment helps project teams see around the corner to what might be showstoppers to a seamless implementation."

IT Management

Information Week -Multimodal AI: Turning a One-Trick Pony into Jack of All Trades

Today, however, there’s a new entrant into the world of AI, a true jack of all trades in the form of multimodal AI. This new class of AI involves the integration of multiple modalities -- such as images, videos, audio, and text, able to process multiple data inputs.

AI

Forbes - Emerging Tech Trends CEOs And CTOs Can't Ignore In 2024

In 2024, the integration of AI, blockchain and quantum computing is reshaping industries and creating new possibilities. The convergence of these technologies is expected to enhance their capabilities, leading to efficiency and innovation in various sectors.

Emerging Tech

CIO Influence - Top Misconceptions Around Data Operations and Breaking Down the Role of a VP of Data Ops

DataOps is Just DevOps for Data: One common misconception is that DataOps is merely an extension of DevOps but focused on data. While both share the goal of streamlining processes, DataOps specifically targets the challenges in data management, such as data quality, lineage, and governance.

Data Management

ZDNet - 81% of workers using AI are more productive. Here's how to implement it

Most, 57%, expect to see ROI within three months of a software purchase -- especially for their AI tools. Three in four (75%) of AI-savvy companies expect even faster ROI than for typical software purchases.

AI

Information Week - 10 Ways Employees Are Sabotaging Your Cybersecurity Stance

“To address this threat, employees need training on IT policies, emphasizing the risks of shadow IT and the importance of consulting IT before adopting new tools. Enterprises can deploy cloud access security brokers (CASBs) to monitor and control unauthorized cloud services, ensuring adherence to security policies,”

Security

Network Computing - AI Applications Put More Focus on the Network

Our most recent research indicates organizations are allocating, on average, 18% of their IT budget just for AI. Of that, 18% is going to models, and 9% is being spent on GPUs. Organizations are clearly investing in building out their AI capabilities, with a healthy percentage (60%) buying up GPUs to put on-premises. That implies some rather significant changes to the data center.

Network Management

Information Week - 3 Questions Facing the Tech Industry Right Now (And How to Answer Them)

Despite public perception, however, these increasing layoffs are not solely driven by economic necessity but instead are influenced by market expectations and the need to demonstrate cost discipline to shareholders. In fact, recent studies have shown that there has been a phenomenon called “the herding effect” where companies will lay off employees, even admit of cash, because it seems to be the practice in this environment.

IT Management

CSO - Deepfakes: Coming soon to a company near you

Since 2015, however, the AI-based technologies used for deepfakes have not only gotten better by magnitudes, but they also have become widely available, he notes. The main factor holding back widespread use of deepfakes by cybercriminals is the absence of a packaged, easy-to-use tool to create faked audio and video, Hasse says.

AI/Security

Information Week - Measure Success: Key Cybersecurity Resilience Metrics

Strengthening a company’s cyber resilience is an ongoing exercise as attackers launch more sophisticated attacks nearly every day. It’s getting tougher to cope now that bad actors have added malicious AI to their arsenal. But surviving these attacks rests almost entirely on the competence and reliability of the cyber resilience strategy.

Security

AiThority - New NINJIO Report Provides Insights on Rapidly Growing Threat of AI-powered Social Engineering

“The threat is already here, and security leaders must remain one step ahead of ever-shifting cybercriminal tactics. The latest NINJIO report demonstrates how cybersecurity awareness training can adapt to the evolving cyberthreat landscape with real-world examples of AI-powered cyberattacks and individual behavioral interventions that will help employees address psychological vulnerabilities.”

AI/Security

ComputerWeekly - Digital leaders spending more on tech for efficiency gains

According to Nash Squared, digital leaders are looking to increase the impact of technology through technology, such as using artificial intelligence (AI) for code development and customer support, and are currently cautious about adding people. “We want to grow our impact, not our headcount,” one respondent said.

IT Management

CIO Influence - Catchpoint’s Internet Resilience Report: Internet Outages Cost Companies Upwards of $10 Million a Month

The Internet’s complexity and its vital role in connecting businesses and customers necessitate a holistic resilience strategy. Companies rely on the Internet for connectivity and digital experiences, and outages can add up to many millions of dollars, making the need for Internet Resilience a board-level discussion. In 2024, any business, whether involved in eCommerce or operating with a distributed or remote workforce, must ensure strong Internet resilience.

Automation & Productivity

Information Week - The Impact of AI Skills on Hiring and Career Advancement

Some 32% of survey respondents indicated AI and machine learning were among their top three skills for career advancement, up from 14% who responded in kind the prior year. (It was the number one response.) However, the response to skills that were the most important to doing their jobs, soft skills such as training and managing staff ranked at the top.

AI

Forbes - 10 High-Paying Remote Jobs In Tech Hiring Now In 2024

Despite news that remote jobs are on the decline this year, there is still hope. Employers such as Microsoft, and new technology start-ups, are fearlessly reinventing the office and hiring for fully remote and hybrid-remote jobs, with some even extending "work-from-anywhere" policies.

Tech Jobs

Network Computing - The Intersection of AI and Wi-Fi 7

The often-cited 46 Gbps speed for Wi-Fi 7 needs clarification. Published Wi-Fi speeds reflect the RF PHY rate of all transmitting antennas, not a single device's capability. The IEEE 802.11be specification (aka Wi-Fi 7) defines a maximum number of 16 transmit and 16 receive streams per radio. Commercial Wi-Fi 7 systems usually have four streams, offering a total speed of 11.530 Gbps on a 320 MHz channel at QAM 4K. Achieving this speed requires a client that has four antennas to reach the 11.530 Gbps speed

Network Management

CSO - Bootstrapping: The best AI strategy is to avoid learning today’s AI tech

At a minimum, CISOs must be wary of applying big conceptual ideas about AI to their organization’s doctrine based on near-term experiences alone. After all, first-movers who bank on big ideas about new technology risk a great deal and often end up with solutions that fit yesterday’s conditions more than they reflect today’s opportunities.

AI/Security

Information Week - Enterprise Cost Optimization: Strategies for CIOs

He points to the FinOps Foundation as a source for best practices for doing just this. The three-phase approach begins with understanding the organization’s current spend, drivers, and effective savings rate. In the second phase, the CIO identifies opportunities for optimization among critical cost driving workloads, and in the final phase, uses software and automation to drive optimization outcomes.

IT Management

government technology - Midyear Check-In: Top Cybersecurity Predictions for 2024

The predictions that cyber insurance will grow has hit snags, with many state and local governments I have spoken with deciding to self-insure due to costs. But the market is definitely evolving

Security

Computerworld - What is a CAIO — and what should they know?

By last October, 11% of midsize and large organizations had already filled a CAIO role, according to research firm IDC — and another 21% were actively seeking one. Just over half of 97 CIOs surveyed last fall said their organization had plans to have an individual leader responsible for AI and about half of those CIOs expect that person to be part of the C-Suite, IDC said.

AI

Information Week - 11 Ways Cybersecurity Threats are Evolving

“By the time you’re doing an annual audit, quarterly penetration tests or any number of things that are supposed to be proactive in corporate security, by the time you test again, even if it’s literally weeks -- which is what it takes to generate the report -- somebody’s been hired, somebody’s been fired. It’s as simple as that,”

Security

CIO Influence - Security as a Business Enabler: How Collaboration Between IT and Business Teams Strengthens Data Protection

The core of the disconnect stems from the fragmentation of data systems within companies. Traditionally, IT and business teams have operated separately, each with distinct priorities, goals, and methods. This often transcends operational issues to encompass communication obstacles (such as IT professionals using technical terminology with their business counterparts). Conversely, business teams may struggle to express their data requirements in a way that IT can practically implement.

Data Management

ZDNet - Enterprises are preparing to build their own LLMs - why that's a smart move

Constructing these foundational models "is complex and expensive," said Vin, who pointed out that internal enterprise models would build upon the capabilities of these models. "These models will leverage the basic skills of foundational models -- such as language understanding and generation, reasoning, and general knowledge. But they need to extend and specialize them to the industry, enterprise and activity context."

AI

CIO Influence - Redefine IT Security Paradigms with Zero Trust Architecture

Implementing ZTA is complex but offers numerous benefits that outweigh the challenges. By segmenting networks and enforcing granular access controls, organizations can significantly reduce their attack surface and mitigate the risk of data breaches and insider threats. Furthermore, ZTA enhances visibility and analytics, enabling real-time monitoring and swift incident response, ultimately strengthening an organization’s security posture.

Security

Information Week - Changes on the Network Could Drive Application Demand

Wi-Fi 6 breaks technology barriers by enabling internal corporate networks to handle more simultaneous network traffic than ever before from many more servers and devices. Wi-Fi 6 also hardens network security. By enabling more secure, broader, and faster communications for a plethora of devices and workstations that are all working at once, Wi-Fi 6 is perfectly suited to the evolutions in enterprise applications

Network Management

Forbes - Cloudy Lessons: What Shadow IT Can Teach Us About Shadow AI

By setting up centralized and shared AI systems and aligning efforts early, organizations can avoid many future problems. Ideally, one department or organization oversees the AI remit and collaborates with different business units to improve tasks, such as marketing teams using AI to analyze customer data for insights. This central team can better understand the benefits and risks of these uses and prioritize the highest priority cases for proofs-of-concept.

AI Management

ITPro Today - Generative AI's Impact on ITSM: Is It a Game-Changer for IT Engineers?

One reason is that, for the most part, the productivity and efficiency gains that generative AI can bring to ITSM are marginal. For example, although the ability to summarize tickets might increase the rate at which IT engineers can review tickets by perhaps 30% or 40%, its overall impact on the entire IT ticketing process is lower. Why? Because reading tickets is only one step in ticket management. Someone still must decide how to respond to the ticket, carry out the response, review the results, and then close the ticket. Generative AI can help only with some of those tasks.

IT Management

AiThority - Taking Generative AI from Proof of Concept to Production

POCs are frequently developed using datasets that are not representative of real-world conditions, leading to unrealistic expectations about performance in a production environment. Additionally, the technology used in the POC phase may not be mature enough to support scalable deployment. Ensuring high-quality, prepared data and selecting technologies capable of scaling are essential steps in mitigating these risks.

AI

SiliconANGLE - Report finds enterprise SIEM tools are underperforming in cyberthreat detection

The findings are noted as shining a light on there being no “one-size-fits-all” principle that can be applied to implementing SIEM detections. Since every organization is different when it comes to information technology environments, regulatory requirements, team structures and SIEM processes, copy-and-paste, out-of-the-box detection content from SIEM vendors, managed service security providers, open-source communities and marketplaces doesn’t always work.

Security

InfoWorld - A CISO game plan for cloud security

The cloud introduces unique risks, including limited visibility, dynamic attack surfaces, identity proliferation, and misunderstandings around shared responsibility, compliance, regulation, and sovereignty. And this is just the tip of the iceberg.

Security

Information Week - The Most Crucial Elements of Any Cyber-Resilience Testing Plan

That must change. If the business can afford it, hiring a dedicated individual to oversee data recovery is the most effective option. This person should spend their time talking to employees across the business to figure out what IT tools are critical to their jobs. Then, the company can begin to categorize applications by their necessity. Naturally, the more vital the system, the quicker it will need to be restored.

Security

State Tech Magazine - Firewall as a Service Fortifies State and Local Governments in the Cloud

“FWaaS is deployed between your network and the internet to inspect traffic entering the network for threats and can help simplify IT infrastructure,” Mehat says, noting that it is a foundational component of SASE, specifically cloud-delivered security services or security service edge (SSE). “FWaaS protects users and endpoints no matter their location.”

Security

Network World - Backup lessons learned from 10 major cloud outages

So, what’s the most critical lesson here? Back up your cloud data! And I don’t just mean relying on your provider’s built-in backup services. As we saw with Carbonite, StorageCraft and OVH, those backups can evaporate along with your primary data if disaster strikes. You need to follow the 3-2-1 rule religiously: keep at least three copies of your data, on two different media, with one copy off-site.

Cloud

Forbes - 18 Best Practices For Optimizing AI And Cloud Computing Efficiency

A quantum future is approaching, and leaders need to prepare now. It has the potential to drive massive productivity on its own, but when paired with AI, it can create a powerhouse of efficiency and security. Leaders need to start removing silos now to inform all teams about how strategic adoption can drive long-term success

AI/Cloud

CIO Influence - How CIOs Can Simplify CRM Transformation

Regarding productivity, this trend of short-term spikes followed by longer-term declines after product updates is why CIOs are increasingly turning to digital adoption platforms (DAPs). These tools support employees as they learn new software and processes by providing in-app, real-time teaching that guides them as they interact with the software.

Automation & Productivity

AiThority - F5 Study: Enterprises Plowing Ahead with AI Deployment Despite Gaps in Data Governance and Security Concerns

Although the use of generative AI is on the rise, the most common use cases often serve less strategic functions. The most common use cases that respondents say they’ve already deployed include copilots and other employee productivity tools (in use by 40% of respondents) and customer service tools such as chatbots (36%). Tools for workflow automation (36%) were named the highest priority AI use case, however.

AI

ZDNet - Businesses' cloud security fails are 'concerning' - as AI threats accelerate

Asked how they were monitoring risk across their cloud infrastructure, 47.7% of businesses pointed to automated security tools while 46.5% relied on native security offerings from their providers. Another 44.7% said they conducted regular audits and assessments, according to a report from security vendor Bitdefender.

AI/Security

Datanami - Unlocking the Full Potential of Data: The Crucial Role of Data Governance in Integrated Analysis

Balancing data accessibility with security needs careful consideration. While allowing authorized users to access data for decision-making is vital, it’s equally important to protect it from unauthorized access and breaches. Achieving this balance poses challenges but implementing access controls helps ensure that sensitive data remains secure while still being accessible to those who need it.

Data Management

Network Computing - Encryption as a Cloud-to-Cloud Network Security Strategy

Over the same time period, 40% of companies said that the data they were moving to the cloud was sensitive in nature, and 39% acknowledged that they had experienced a cloud security breach that affected their data. Yet, only 45% said that the data they were sending to and from the cloud was encrypted.

Data Management

Computerworld - GenAI might be the least-trustworthy software that exists. Yet IT is expected to trust it.

But before we even need to consider how trustworthy genAI results are, let’s start with how trustworthy the executives running the companies that create AI algorithms are. This is a serious issue because if enterprise IT executives can’t trust the people who make AI products, how can they trust the products? How can you trust what AI tells your people, trust what it will do with their queries, or be OK with whatever AI wants to do with all of your sensitive data.

AI

Network Computing - Tape Backup Remains Relevant as New Benefits Emerge

The proof: in late May, the LTO Program Technology Provider Companies (TPCs), which includes Hewlett Packard Enterprise, IBM, and Quantum Corporation, released their annual tape media shipment report for total shipments in 2023. The report found that 152.9 Exabytes of total tape capacity shipped in the year. (Note: That capacity represents the amount of compressed data the tapes could hold). The amount represented a 3.14% increase year-over-year compared to 2022 shipments.

Data Management

Information Week - Should IT Treat Users Like Clients?

Users are fighting against what they perceive as poor IT service by hiring their own IT vendors and starting their own citizen IT groups. They’re developing their own mini-IT budgets, signing up with their own cloud services, and budgeting for new systems that IT isn’t even aware of.

IT Management

SiliconANGLE - Forescout report finds network infrastructure attacks have overtaken endpoint security risks

IT devices were found to account for 58% of vulnerabilities so far this year, down from 78% in 2023. Over the same period, IoT vulnerabilities increased to 33% from 14%. Wireless access points, routers, printers, voice-over-internet-protocol equipment and IP cameras were found to be the most vulnerable device types, with unmanaged devices such as VoIP equipment, networking equipment and printers noted as highly exposed.

Security

Blocks & Files - IT pros rush to cloud-native Kubernetes platforms to speed app development

Traditional VM infrastructure is said to be at an “inflection point” with more than half (58 percent) of organizations planning to migrate some of their VM workloads to Kubernetes, and 65 percent planning to migrate VM workloads within the next two years.

Cloud

Network Computing - 12 Network Metrics and KPIs You Should Probably Care About

One of the simplest metrics, bandwidth usage, impacts the performance of applications and end-user response times. With it, IT can find areas of the network that are saturated with traffic and address those places with network upgrades, traffic redirection, load balancing, or bandwidth shaping. This can support end-user and application experience goals.

Network Management

Network World - Network jobs watch: Hiring, skills and certification trends

Network and infrastructure roles continue to shift as enterprises adopt technologies such as AI-driven network operations, multicloud networking, zero trust network access (ZTNA), and SD-WAN. Here’s a recap of some of the latest industry research, hiring statistics, and certification trends that impact today’s network professionals, infrastructure and operations (I&O) leaders, and data center teams

Tech Jobs

Network Computing - Multi-Modal AI in Action and Key Considerations for the Next Wave of Data Intelligence

While single-modal AI excels at specific tasks related to one data type, multi-modal AI enables more comprehensive understanding and interaction by leveraging cross-modal information. This allows for more context-aware, adaptive, and human-like AI behaviors, unlocking new possibilities for applications that require understanding across modalities. However, multi-modal AI also brings increased complexity in model development, data integration, and ethical considerations compared to single-modal systems.

AI/Data

CIO Influence - Decoding the Impact of Quantum computing on Data Security: What CIOs Need to Know

There is no doubt that quantum computing will be ahead of today’s conventional technologies and occupy a leading position in solving practical problems, including cryptography, artificial intelligence, and financial modeling. This being said, why is data security so important for quantum computing? Could strong encryption and data wiping still be reliable destruction means, or will physical destruction prevail?

Data Management

AiThority - Role of AI in Cybersecurity: Protecting Digital Assets From Cybercrime

“As businesses race to adopt AI and reap its competitive advantages, they are inadvertently creating a massive new attack surface that today‘s cybersecurity tools are ill-equipped to defend. Even advanced AI systems like ChatGPT and foundation models now being incorporated into enterprise applications exhibit vulnerabilities to an array of threats, from data poisoning and model extraction to outright data leakage by malicious actors.”

Security

CIO - Don’t fall into the AI buzzwords trap when evaluating vendors

Other AI buzzwords are just sloppy analogies. Again, there’s something about the analogy that’s useful and true, and other parts that aren’t, but you’re left to guess which is which. Assistant, agent, and copilot are good examples. A real copilot is a full replacement for a human pilot. If the pilot dies, the copilot can take over completely. That’s absolutely not true for AI copilots.

AI

Information Week - How to Protect Your Enterprise from Deepfake Damage

Both manual and automated methods can help detect deepfakes by analyzing unnatural movements, visual artifacts, audio distortions, contextual inaccuracies, and other signatures, Atar says. "AI-based detection systems can identify fakes across large datasets, but it's an arms race as deepfake creators learn to overcome imperfections."

Security

VentureBeat - How AI’s energy hunger upends IT’s procurement strategy

A new whitepaper released last week by the Electric Power Research Institute (EPRI) quantifies the exponential growth potential of AI power requirements. The 35-page report titled, “Powering Intelligence: Analyzing Artificial Intelligence and Data Center Energy Consumption,” projects total data center power consumption by U.S. data centers alone could more than double to 166% by 2030.

AI Management

Information Week - How Cybersecurity and Sustainability Intersect

But the CIA triad (confidentiality, integrity, and availability) gives all enterprises a starting point to think about their operations and sustainability. Without the three sides of this triangle, businesses cannot sustain operations.

Security

Forbes - The Risks And Rewards Of AI: Strategies For Mitigation And Containment

As companies strengthen their technical mitigations against traditional forms of cyberattacks, I believe threat actors will shift their attention toward illicit data manipulation. As a result, adversarial actions may become more obscure and harder to detect. The accuracy and credibility of workforce-related data, which companies increasingly depend upon, could be compromised. Manipulation of AI models, whether in the realm of software code or the information that is being stored or processed, remains a major concern.

AI/Security

Information Week - The Value of IT Steering Committees

A steering committee should in theory be an equally shared responsibility. Unfortunately, the CIO often finds themselves doing a great deal of the steering, because the centerpiece of most projects is the technology that will run them.

IT Management

CIO Influence - Importance of Data Protection in Cybersecurity

The primary objective of data protection is to preempt data breaches, mitigating the consequential financial liabilities resulting from successful intrusions. Additionally, it safeguards clientele against the peril of data compromise by malicious actors, thereby reducing the likelihood of identity theft and fraudulent activities. Beyond mere risk avoidance, data protection initiatives enable enterprises to derive value from their data assets through systematic cataloging for future utilization.

Data Management

Techradar - The impact of legacy vulnerabilities in today's cybersecurity landscape

Of the top five most widely used network attacks against SMBs, the ‘newest’ vulnerability represented were nearly three years old, while the oldest were over a decade old - which is primitive when considering the modern threat environment. The results are a clear reminder for CISOs and cybersecurity leaders that they must assess organizational threats based on their own current threat landscape, and specifically the main cybersecurity risks facing their organizations - rather than getting swept up in the latest media buzz.

Security

CIO Influence - Integrating Security with Observability: Putting Continuous Threat Exposure Management (CTEM) Solutions into Focus

According to the report, organizations with a formal observability strategy are 3.5x more likely to detect disruptive incidents quickly compared to those without such a strategy. This approach not only shortens incident detection times but also brings additional benefits, such as enhanced security (83%), faster product/service advancements (82%), and improved compliance (78%).

Security

Information Week - Understanding the AI/Cloud Convergence

Absent a comprehensive cloud strategy, companies wishing to realize the full benefits of AI will always fall short. The ability to process large amounts of data in real-time, make informed decisions, and act quickly based on actionable AI insights are all highly cloud dependent. Moreover, the cloud allows companies to experiment with different AI models and rethink or reject projects that are proving infeasible, while accelerating successful initiatives without significant up-front investment.

AI

CIO Influence - Will SecOps Teams Bow Down to the Ultra-modern AI-Powered Cyber Threats?

Deep Instinct’s “The 2024 Voice of SecOps” report finds 97% of security professionals are concerned that their organization will suffer an AI-generated security incident, with 66% claiming AI is the direct cause of burnout.

Security

Network Computing - Is it Time for a Full-Stack Network Infrastructure?

Struggling for years with a preponderance of different network management tools from different vendors, the pipe dream for network staffs has always been an over-arching network management “full stack” of tools and visibility that could do everything under one management umbrella

Network Management

TechRepublic - Technology Leaders: Align Your IT and Business Strategies to Deliver High-Performance IT

Executives at firms with high levels of alignment across functions such as marketing, customer experience and digital report 2.4 times higher revenue growth and two times higher growth in profitability than those with some or no alignment. And those same high-performance companies are 1.6 times more likely to have IT organizations that are highly aligned to the business, according to data from Forrester.

IT Management

Information Week - Should Your Organization Use a Hyperscaler Cloud Provider?

Vendor lock-in is perhaps the biggest hyperscaler pitfall. "Relying too heavily on a single hyperscaler can make it difficult to move workloads and data between clouds in the future," Inamdar warns. Proprietary services and tight integrations with a particular hyperscaler cloud provider's ecosystem can also lead to lock-in challenges.

Cloud

Security Boulevard - Defending Against Persistent Phishing: A Real-World Case Study

One of the scariest acronyms in a CISO’s knowledge base is APT – Advanced Persistent Threat. This term refers to someone determined to harm you and can do so in sophisticated ways. A colleague once taught me that the real threat isn’t just the advanced tools of the adversary, but their persistence. This means the adversary will attempt to hack you over time, using various methods, collecting information, and exploiting multiple technical and human vulnerabilities. It’s truly frightening.

Security

Information Week - Cloud Migration Means Teamwork: Everyone’s Involved

Enterprises should also invest in upskilling and certification programs for existing employees to foster up-to-date competencies, while hiring talent with specific cloud expertise can also supplement skills deficits.

Cloud

SiliconANGLE - Cybersecurity leaders must be prepared for cloud adoption

Effective cloud security requires both adopting cloud-native skills and tools as well as partnering with business technologists to support the democratized nature of cloud usage without compromising security. Gartner has found that two-thirds of organizations have a dedicated cloud security team. Chief information security officers should determine the right approach for their own organization based on both the complexity of their environment and the need for transformation of their security approach.

Cloud

CIO Influence - Top 5 Cloud Trends for CIOs in 2024

As generative AI dominated the world, it became clearer that its development and deployment would be in the cloud. Sure, there’s a lot of talk about running AI tools in a home data center, but the reality is that the cloud has the tools, infrastructure, and services needed. That’s nothing new, but it’s confirmation that the cloud is where things will happen for AI. So, the question becomes what else IT architects are looking at to ensure they take advantage of all the other potential cloud-based initiatives.

Cloud

Computerworld - Within two years, 90% of organizations will suffer a critical tech skills shortage

While it’s no surprise that artificial intelligence (AI) skills are currently the most in-demand skill for most enterprises, IT Operations are a close second. Additionally, a variety of cloud skills, including architecture, data management and storage, and software development, are among the ten most needed skills identified by survey respondents.

Tech Jobs

VentureBeat - McKinsey: Gen AI adoption rockets, generates value for enterprises

The biggest increase in adoption is in professional services, and gen AI is (today at least) most often being used in marketing and sales (for content, personalization and sales leads); product and service development (for design development, scientific literature and research review); and IT (for help desk chatbots, data management, real-time assistance and script suggestions). Also, organizations are seeing the greatest cost reduction in human resources.

AI

Information Week - Uniting IT and Business Professionals Through a Shared Language of Success

Anyone in the world of IT knows just how jargon-filled and buzzword-heavy it is. In fact, when poking around the websites of several tech companies, I collected words from their description sections. Here are some standouts: blind spots, orchestration, all-in-one, robust, AI-based, operational, cohesive, framework, transformation, and modernization. These words are commonly found in the realm of IT.

IT Management

Network Computing - A Sneak Peek at Network Computing Research Results

Network Computing, along with our sister site InformationWeek, often does original research on matters important to IT and network managers. Here, we present some highlights from two of our recently completed studies

Network Management

Datanami - IDC: Worldwide Spending on Digital Transformation is Forecast to Reach Almost $4T by 2027

The financial services industry is growing at a very fast pace with a five-year CAGR of 20.5% and three use cases that are growing well above the average rate. Robotic Process Automation-Based Claims Processing is the fastest growing use case with a CAGR of 35.1%, followed by Real-time Financial Advice (29.5%) and Digital Banking Experience (29.3%).

Digital Transformation

Network World - Network jobs watch: Hiring, skills and certification trends

The IDC report, Enterprise Resilience: IT Skilling Strategies, 2024, reveals the most in-demand skills at enterprise organizations right now. Among the 811 respondents, artificial intelligence tops the list, cited by 45% of respondents, followed closely by IT operations (44%) and cloud solutions-architecture (36%). Other skills in demand right now include: API integration (33%), generative AI (32%), cloud solutions-data management/storage (32%), data analysis (30%), cybersecurity/data security (28%), IoT software development (28%), and IT service management (27%).

Tech Jobs

Computerworld - Buyer’s guide: How to buy PCs for your enterprise

Three PC makers dominate the market globally: Although the top PC vendors’ sales numbers tend to vary from quarter to quarter, Lenovo has maintained the No. 1 spot for years, with roughly 23% of sales, while HP and Dell Technologies essentially tie for second place with roughly 16% to 20% of sales each, according to IDC’s market data. Apple comes in fourth, but its percentage can vary strongly, usually between 8% and 14%. Acer and Asus typically tie for fifth place, with around 6% to 7% market share each.

Automation & Productivity

Forbes - Bridging Cybersecurity Expectations And Reality To Empower CISOs

Cybersecurity has migrated to the C-suite and the boardroom as a result. Gartner predicts that by 2026, 70% of corporate boards will include at least one member with cybersecurity expertise. In the same report, they predicted that in 2024, privacy regulation will mature to the point where it covers the majority of all consumer data. At the same time, fewer than 10% of organizations will have developed a strong enough cybersecurity posture to serve as a differentiator.

Security

ZDNet - Ready to upskill? Look to the edge (where it's not all about AI)

The Eclipse survey found development increasing across all IoT sectors, including industrial automation (33%, up from 22% a year before), followed by agriculture (29%, up from 23%), building automation, energy management, and smart cities (all at 24%). Java ranked as the top language for IoT gateways and edge nodes, while C, C++, and Java are the most widely used languages for constrained devices.

IoT

The Hacker News - New Research Warns About Weak Offboarding Management and Insider Risks

Today, where SaaS applications are easily onboarded and are commonly used by users within and beyond the organization, effective offboarding procedures are non-negotiable to prevent instances of data leaks and other cybersecurity issues. Let's explore insider risk management and user offboarding in more detail, looking at their security risks and discussing best practices for ensuring a secure organization.

Security

Network Computing - “Out”-of-Band Network Management is “In” for IT Professionals

Examining the costs of downtime across industries illustrates their diverse economic impact. For example, in the retail sector, where the reliance on digital transactions and online platforms is heavy, the cost can skyrocket to over $1 million per hour. Over in the IT industry, downtime is typically calculated at about $5,600 per minute, with the full range of lost revenue spanning from $145,000 to $450,000 per hour, depending on the company’s size.

Network Management

Information Week - The AI Skills Gap and How to Address It

Reuters reports that this year there will be a 50% hiring gap for AI-related positions. Some 60% of IT decision makers think AI constitutes their largest skills shortage. A 2022 Deloitte survey indicates that there are a mere 22,000 AI specialists globally. Equinix found that 62% of IT decision makers view these types of shortages as a major business threat. And a Redhat survey of IT leaders found that 72% thought AI skill gaps needed to be urgently addressed.

Tech Jobs

CIO Influence - Understanding the Role and Mechanism of Encryption in Data Security

Encryption is a mathematical process where data is modified by an encryption algorithm with a key. Take the example that Alice is sending a message, “Hello,” to Bob: each letter in the alphabet is shifted two places to the right. So “Hello” becomes “Jgnnq.” Now Bob decrypts the message by re-reversing with the key “2” into the word “Hello.”

Data Management

Network Computing - AI is Coming to a Network Near You and Sooner Than You Think

Given this data, I expect, in the next year, that most of the automation in operations will be driven by a system (probably AI-backed) and not initiated by a human being. We’re already close, and the interest and desire to leverage AI for that automation is significant.

Network Management

Network World - Complexity snarls multicloud network management

Several factors contribute to making multicloud network management a complex and, at times, frustrating task. “These include skills and expertise gaps, complex tools and application integrations, security challenges, vulnerabilities, and infrastructure visibility across networks and beyond,”

Network Management

Information Week - Addressing Trending Questions About Generative AI

Targeted multidisciplinary teams then utilize frameworks, such as use-case value matrix, to vet and juxtapose the ideas based on business value and feasibility. At this stage, the C-suite and technology leaders (responsible for AI, analytics, data, applications, integration or infrastructure) can work together to determine how to vet and fund the various AI initiatives. In order to do this, they should look at cost, value, and risk.

Automation & Productivity

Computerworld - Charting the ‘flight path’ for Copilot for Microsoft 365

Taking your most important asset – proprietary data on your customers, products and markets – and having that generate truly game-changing outputs for your business takes a lot of planning and data integration capability. This needs to happen without losing sight of security and governance.

Automation & Productivity

InfoWorld - Partitioning an LLM between cloud and edge

Somehow, it’s in the generative AI zeitgeist that edge computing won’t work. This is given the processing requirements of generative AI models and the need to drive high-performing inferences. I’m often challenged when I suggest “knowledge at the edge” architecture due to this misperception. We’re missing a huge opportunity to be innovative, so let’s take a look.

AI

Blocks & Files - Don’t fall for the bring-your-own-AI trap

As risky as shadow IT was, shadow AI has the potential to be far worse – a decentralized Wild West or free-for-all of tool consumption. And while you can hope that employees have the common sense not to drop strategy documents into public GPTs such as OpenAI, even something innocuous like meeting transcriptions can have serious consequences for the business.

AI/Security

Network Computing - Nextgen Network Management: What’s Next and Are We Ready?

Network managers are being bombarded with tools and techniques for network monitoring, observability, QoS (quality of service), and AI (artificial intelligence)—but how do you build all of these capabilities into a go-forward, cohesive network management strategy without overlapping tools and investments?

Network Management

Information Week - The New IT Driven by Multifaceted Skill Sets

In this visualization, the vertical bar of the “T” represents the in-depth knowledge of the specialized field, such as artificial intelligence, cloud computing, cybersecurity, technical support, data analytics or other tech disciplines. The horizontal bar of the “T” represents capabilities in a broad range of related skills, such as critical thinking, problem-solving, effective communication, collaboration and similar durable skills.

Tech Jobs

Tech Startups - INE Security Enables CISOs to Secure Board Support for Cybersecurity Training

“To bridge the gap between CISOs and stakeholders, CISOs must adopt a strategic approach that combines financial impact data, relevant case studies, and compelling narratives. Framing cybersecurity training as an essential investment rather than an optional expense is critical.”

Security

CIO Influence - Security Operations Center (SOC) Best Practices and Steps in Building Process

Cybersecurity often focuses too much on technology at the expense of business value. This issue stems from a lack of cohesive top-down strategy and continuous organizational communication, leading to siloed teams with different or competing priorities. The modern CISO requires business acumen to build stakeholder relationships and communicate risks effectively to corporate boards. Working with key stakeholders to align security with business objectives is essential to developing a solid, well-supported, and funded program.

Security

Datanami - New Relic Highlights AI and Cloud-Native Trends in Latest Observability Report

The report highlights the importance of implementing full-stack observability, with the top trends driving adoption being the development of cloud-native application architectures (48%), adoption of AI technologies (43%), migration to a multi-cloud environment (40%), and an increased focus on customer experience management (39%)

AI/Cloud

sdxCentral - 10 industries at the highest risk of cyberattacks

The alarming rise in cyberattacks underscores the urgent need for businesses to prioritize cybersecurity measures, according to SOAX, which also listed cyberattack trends in other major sectors. The professional services industry ranked third with 308 cases in 2023, impacting 30 million victims, representing a 38% increase from the previous year.

Security

CIO Influence - Transforming IT Service Management Through AIOps

Gartner reveals that AIOps has become the part and parcel of IT operations, and discussions on AIOps appear in 40% of all the inquiries within the last year regarding IT performance analysis. Three drivers are behind the growing interest in AIOps: digital business transformation, the shift from reactive to proactive IT management, and the need to make digital business operations observable.

IT Management

Forbes - Generative AI And Data Protection: What Are The Biggest Risks For Employers?

So, let’s say you use a generative AI tool to create a report on employee compensation based on internal employee data. That data could potentially be used by the AI tool to generate responses to other users (outside of your organization) in the future. Personal data could, quite easily, be absorbed into the generative AI tool and reused.

AI/Security

VentureBeat - How Microsoft’s Copilot+ PCs could reshape enterprise computing

It’s easy to envision knowledge workers leaping at the opportunity to use a Copilot+ PC because it gives them AI at their fingertips. After all, employees want to use the technology at work, even resorting to bringing their own AI if one isn’t provided by their company. However, one obstacle in their way might be the IT managers who would need to vet Copilot+ PCs before they’re doled out to the workforce.

Automation & Productivity

ZDNet - When's the right time to invest in AI? 4 ways to help you decide

Silverstein told ZDNET that security and governance concerns mean his company is unlikely to take a pioneering stance on AI: "We're not keen to make AI aware of colleagues' or patients' medical or financial records."

AI Management

sdxCentral - SIEM shakeup: IBM retreats, Splunk sold and the fate of the rest

“[Palo Alto Networks] don’t want the technology, they just want the customers, they’re just going to end a life of the [QRadar] technology, it’ll go away [maybe in] five years,” Firstbrook said, adding the security giant needs more customers to customers to deploy its XSIAM products and to “get quantities of scale rolling.”

Vendor Management

CIO Influence - Top 10 Anomaly Detection Software for Secured Enterprise

Detecting anomalies is imperative as they often signify crucial information, including a pending or ongoing security breach, hardware or software malfunctions, or shifts in customer demands. These anomalies signal various challenges necessitating immediate attention.

Data & Analytics

Information Week - Navigating Risk Management in the Age of AI

Another challenge lies in the interdisciplinary nature of AI risk, which encompasses technical, ethical, legal, and societal dimensions. Businesses have long understood that risk management should not be thought of in organizational silos, but making such changes can prove challenging, especially when AI is involved

Risk Management

AiThority - AI-powered Cyber Attacks Cast Unprecedented Threats on IT Leadership

According to KnowBe4’s research, HR and IT-related emails are camouflaged as vectors for phishing scams by ransomware gangs. On similar lines, Keeper Security’s report named these parts that have faced attacks.

Security

Network Computing - What is a Zero Trust Network and How Does it Work?

Older networks that use monolithic security frameworks, such as user one-time sign-on access without any continuous user verification, are especially vulnerable to these attacks. These networks are vulnerable because there are no internal security boundaries or continuous verifications set up for the different systems and IT assets on the network. Consequently, a zero-day hacker can destroy or impact everything.

Security

Network World - Cisco research highlights network complexity, security challenges

One in five (21%) organizations surveyed are currently using multiple, separate management systems when managing their campus, branch, WAN, data center, and multicloud domains, according to the report, while 39% are leveraging a platform architecture across some networking domains. Using a centralized network platform to help handle new and future environments could resolve those problems, according to Cisco’s data.

Network Management

CIO Influence - The Dynamic Duo: How CMOs and CIOs Are Shaping the Future of Business

While marketing teams are adept at understanding consumer behavior, identifying market trends; IT departments excel in infrastructure management, software development, and data security. The elimination of those silos has become increasingly vital for businesses aiming to stay competitive. Amidst this landscape, AI stands out as a transformative catalyst to break down silos, revolutionizing how companies engage with customers, analyze data, and optimize operations.

Data Management

Computerworld - Trying to keep AI from sneaking into your environment? Good luck!

Enterprise IT today has generative AI hitting it from every angle: from systems that it directly licenses for millions of dollars, from large language models and other genAI algorithms that are sneaking into every SaaS product globally, from employees and contractors using genAI even when they are told that it is prohibited. It permeates every cloud environment, it is creeping into IoT, and it is overwhelming every third-party app your company leverages.

AI

Dark Reading - HP Catches Cybercriminals 'Cat-Phishing' Users

Attackers using open redirects to ‘Cat-Phish’ users: In an advanced WikiLoader campaign, attackers exploited open redirect vulnerabilities within websites to circumvent detection. Users were directed to trustworthy sites, often through open redirect vulnerabilities in ad embeddings. They were then redirected to malicious sites – making it almost impossible for users to detect the switch.

Security

Information Week - Fake News, Deepfakes: What Every CIO Should Know

Imagine attending a meeting only to discover that everyone else present was a deepfake. That’s precisely what happened to a Chinese finance worker on a video call who believed the CFO had asked for a $25.6 million transfer. The other people in the meeting were also deepfakes. As technology continues to improve, so will the efficacy of such attacks.

Security

The Hacker News - Five Core Tenets Of Highly Effective DevSecOps Practices

For example, locking down the development platform, instituting exhaustive code reviews, and enforcing heavyweight approval processes may improve the security posture of pipelines and code, but don't count on applications teams to operate fluidly enough to innovate. The same goes for application security testing; uncovering a mountain of vulnerabilities does little good if developers have inadequate time or guidance to fix them.

DevOps

CIO Influence - Top 10 Multi-cloud Security Solutions to Know in 2024

The major challenge in cloud security is visibility, and using multi-cloud strategies further exacerbates it. By using third-party cloud providers, one may be denied access to all layers of the cloud computing stack and, hence, have no clear visibility into all security flaws or vulnerabilities. In addition, though cloud providers offer some monitoring tools, they are mostly incomplete or do not yield sufficient detail about granular logging. In a multi-cloud environment, managing multiple built-in monitoring tools simultaneously becomes impractical.

Cloud Security

sdxCentral - Workers are still overconfident in their ability to spot ransomware

While many respondents to the Veritas survey were confident in their ability to spot phishing, they were still likely to open suspicious emails if they seemed to be coming from a friend (63%) or colleague, or appeared to be related to employer benefits (60%), online orders (56%) or financial institution.

Security

Network Computing - How Artificial Intelligence Simplifies Network Complexity to Bridge the Skills Shortage

Generative AI combined with a network digital twin can empower even the most inexperienced engineer to glean complex insights from the network, quickly troubleshoot issues, prove compliance, and discover vulnerabilities. By combining purpose-built LLMs (Large Language Models) with the comprehensive configuration and state data contained in a network digital twin, engineers can virtually “talk” to the network to understand what’s happening.

Network Management

Network World - Network teams are ready to switch tool vendors

Most network management tools are now available as SaaS solutions with a subscription license. Many vendors have developed new automation features and AI-driven features that reduce the amount of customization that some IT organizations will need to do. Tool vendors have also focused on improving ease of use, through modernized GUIs and AI features that provide natural language insights.

Network Management

VentureBeat - Why data breaches have become ‘normalized’ and 6 things CISOs can do to prevent them

Employ a remote browser isolation (RBI) system to alleviate human error: The Okta breach is a classic example of how human error can lead to significant security incidents. Even the most robust security measures can be undermined by simple mistakes. Employees must be continuously educated on the risks of mixing personal and professional digital activities. An RBI system can help to technically alleviate these issues.

Security

AiThority - US Organizations Targeted by Deep Fake and Third-Party Vendor Risks

Despite the positive attitudes toward AI and ML, 25% of respondents list managing and securing emerging tech like AI, ML and blockchain as a top challenge and only about a third (36%) intend to increase cybersecurity spend by up to 25% in the next 12 months.

Security

CIO Influence - Top SecOps Tools, Use Cases and Best Practices

It is important to analyze the enterprise requirements to draft the security operations strategy well. The SecOps use cases are different for all the companies. There cannot be a standard SecOps strategy that all organizations can follow. Determining what the organization is looking for to improve its security operations process is vital.

Security

CIO Influence - Top 10 AI Companies for Data Center and Edge

AI is an ever-changing business discipline for today’s data centers. Admins must learn everything from how to deploy the latest AI tools in the data center to what questions to ask AI vendors. While there are concerns about data centers supporting their customers’ AI-powered workloads, there are many benefits of deploying AI tools inside the data center.

AI/Data

Information Week - What Happens When You Want to Leave the Cloud?

We were going to build our own tooling rather than pay for overpriced enterprise service contracts … A month later, we placed an order for $600,000 worth of Dell servers to carry our exit, and did the math to conservatively estimate $7 million in savings over the next five years. We also detailed the larger values beyond just cost, that was driving our cloud exit. Things like independence and loyalty to the original ethos of the internet.”

Cloud Computing

CIO Influence - CIO Influence Interview with Karl Mattson, Field CISO at Noname Security

At Noname Security, we’ve established an API Top 20 Security Controls reference model to guide the planning and strategy towards a mature state of API security controls. Pivotal to this framework is the primary emphasis on people and process design, followed by selecting technologies that enable the capabilities within this framework.

Security

AiThority - 10 AI ML In Data Storage Trends To Look Out For In 2024

60% of all business data is kept in the cloud. The cloud storage is estimated to exceed 100 zettabytes. 54.62% of consumers utilize 3 distinct cloud storage providers. Google Drive has nearly 1 billion users, whereas Dropbox has over 700 million claimed users.

Data Management

Information Week - Now’s the Time to Optimize Cloud Costs: Here’s How

According to our Enterprise Cloud Index, the vast majority (85 percent) of organizations report cloud cost control as a challenge within their company. Further, 30 percent say they’re “very concerned” about cloud costs in relation to their IT budget for the coming year.

Cloud

CIO Influence - AI at Workplace: Essential Steps for CIOs and Security Teams

Transparency in AI decision-making processes remains a significant challenge. AI models often operate as black boxes, making decisions based on complex computations that are difficult to interpret or explain. This opacity raises concerns about accountability and understanding the rationale behind AI-driven decisions. Efforts to create more transparent AI models, such as explainable AI techniques, are essential to foster trust and understanding.

AI

eWeek - 10 Best AI Career Path Considerations for 2024: Securing a Future in AI

The AI consultant is currently one of the most sought-after professionals when it comes to artificial intelligence jobs/careers. AI consultants are responsible for supporting businesses and other organizations in implementing AI. Responsibilities include everything from managing implementation projects to ensuring AI solutions are compatible with an organization’s needs.

Tech Jobs

CIO Influence - Top 10 Cybersecurity Forecasts and Statistics of 2024

One of the major concerns in cyber espionage operations will be sleeper botnets. Espionage groups are projected to start leveraging sleeper botnets made up of a diversified mix of vulnerable devices, ranging from those in the Internet of Things (IoT) to small office, home office (SOHO) setups, and end-of-life routers. They will be harvested using both older and newer exploits, allowing the attackers to create these underground networks of compromised devices.

Security

CIO Influence - Three Strategies to Help You Solve Your IT Skills Gap

Cybersecurity requires specialized skills and knowledge, meaning continuous learning and professional development are crucial within this industry. Unfortunately, organizations that do not invest in ongoing training further widen the skills gap. Upskilling existing cybersecurity talent is more cost-effective than hiring new employees.

IT Management

SiliconANGLE - Open redirect vulnerabilities exploited in ‘cat-phishing’ attacks, HP warns

Another campaign detailed in the report includes one that HP describes as “Living-off-the-BITS” that abused the Windows Background Intelligence Transfer Service. BITS is a legitimate mechanism used by programs and system administrators to download or upload files to web services and share files. The LotL technique helps attackers remain undetected by using BITS to download malicious files.

Security

Network Computing - Network Support for AI

For example, if the AI uses a supervised learning algorithm, all of the input data to the app is already tagged for easy retrieval and processing. This data is also coming from a finite data repository that can be quantified. In contrast, AI applications like generative AI use an unsupervised learning algorithm. In an unsupervised learning algorithm, the data is untagged and requires more processing because of that. There can also be a limitless flow of data into the application that defies quantification.

Network Management

sdxCentral - CrowdStrike CTO: 6 questions to ask before using generative AI for security

“If you are asking it to make security decisions, implement policies take action in your environment across your entire enterprise, and you get a hallucination, it’s a bit of a bigger deal,” Zaitsev added. “Not only can [generative AI system] be wrong, but they’re very confidently wrong.”

Security

Network Computing - An IT Manager’s (Re)View of the RSA Conference

From a security standpoint, “one of the interesting things when we analyze this traffic is that we can see that for many organizations, the amount of traffic going to illegitimate sites can exceed what goes to legitimate sites.” So, on a day-to-day basis, many users are clicking links that take them to malicious sites.

Security

CIO Influence - Top EDR/XDR Tools to Know in 2024

EDR and XDR solutions play a very vital role in detecting and responding to security threats. EDR provides fine-grained visibility and control of endpoints; thus, threats can be identified at a fast pace and responded to with action. On the other hand, XDR provides holistic visibility across different security domains, thus providing broad threat detection and response capabilities.

Security

Information Week - Why CIOs Are Under Pressure to Innovate

“The innovative CIO’s mindset must shift from ‘just keeping things running’ to being a crucial player in strategic business moves, and they must show a deeper understanding of the role technology plays in the future of the business.”

IT Management

Blocks & Files - Modernizing storage for the age of AI

Investing heavily in the latest GPUs or cloud capabilities to give yourself an edge in the training and inference of AI models is important, but it will all be for nought if you can’t feed the beast with the data it needs to deliver results. That’s where scale-out storage technology comes in – to help provide organizations with the answers to the infrastructure questions which this new world of AI is asking.

Data Management

VentureBeat - Are you behind when it comes to generative AI?

In this week’s CarCast, tech entrepreneur Bruno Aziza reviews the latest insights from Scale AI’s AI Readiness Report and highlight the key questions every executive should know to ask about gen AI.

AI

Information Week - What You Need to Know about AI as a Service

New adopters should start by understanding where to apply AI. Menninger says his organization's research shows that training on AI business applications has a higher correlation with success than basing training on AI techniques. "The next thing enterprises need to address is the skills issue," he advises. If in-house AI talent is absent or rudimentary, turn to third parties to find skilled resources on a contract basis.

AI

The Hacker News - 6 Mistakes Organizations Make When Deploying Advanced Authentication

On top of that, not all users need access to all applications or data. For example, a user in marketing doesn't need access to sensitive HR data. By evaluating roles as part of a risk assessment, organizations can look to implement role-based access controls (RBAC) which ensure that users in a particular role only have access to the data and applications needed to complete their work.

Security

AiThority - Why CISOs are reluctant to get involved in AI conversations

“So the bigger root cause is the CISOs’ lack of ability to align to the pace of the business. That’s really the big trouble, so a lot of CISOs are just shying away and letting the business and the data team go do their own thing, because they’re not quite sure how to do AI and they’d rather not be involved, especially if they’re not going to be able to do it well.”

AI

CIO Influence - What are the Top Skills Needed for Digital Transformation?

A recent study from the National Skills Coalition showed that a third of the United States workforce lacks fundamental digital skills. Specifically, 13 percent lack any digital skills, while 18 percent possess only minimal proficiency. That highlights an urgent need to upgrade digital literacy at a national level to provide people with the right skills for success in our increasingly digital world.

Digital Transformation

VentureBeat - How third-party digital breaches can cripple your company — and how to prevent them

However, a survey from Deloitte discloses a troubling reality: 87% of respondents have faced a disruptive incident with third parties in the past three years with nearly a third (28%) experiencing major disruption to all business functions as a result.1 Additionally, less than half (43%) of Chief Information Security Officers (CISOs) have intensified their oversight over vendors’ software development and testing processes to ensure secure coding and consistent patching.

Security

CIO Influence - Key Takeaways from the 2024 Gartner CIO Agenda Report

Technologically, the landscape is changing with blinding speed. Digital transformation is still top on the agenda. Still, more so, there is a tremendous focus on the need for hard-core business outcomes from investments in new technologies like Artificial Intelligence, Data Analytics, and Cloud Computing. Thus, keeping up with the pace of technological changes, leading them, and integrating them into the core business strategy has become a huge focus for CIOs this year.

IT Management

Network World - Insecure protocols leave networks vulnerable: report

For instance, Cato’s analysis found that 62% of environments run HTTP, a non-encrypted protocol. In addition, the report also shows that while the Secure Shell (SSH) Protocol is the most secure for accessing remote services, 54% run Telnet inside their organizations. Telnet connections are not encrypted and leave data unprotected.

Security

CIO Dive - IT services spend will reach $2 trillion by 2028: Forrester

Hyperscalers AWS, Microsoft and Google Cloud are driving the strongest growth by category, with IaaS spending expected to double in five years. By 2028, Forrester expects public cloud infrastructure providers to command 15% of the IT services market, up from 8% in in 2022.

IT Management

CIO Influence - Top 10 Test Data Management Tools for Clean and Secure Data

SDLC Partners report states that QA professionals dedicate more than 30% of their testing time to handling faulty test data. On average, they invest 5 to 15 hours per week in managing test data-related tasks, amounting to at least one day per week lost to provisioning issues.

Data Management

Businesswire - 92% of CISOs Question the Future of Their Role Amidst Growing AI Pressures

The democratization of GenAI means it can be used by professionals at every skill level, bringing with it a range of benefits as well as potential risks and challenges. This same democratization makes GenAI capabilities easy to access and economical for malicious cyber actors. The role of the CISO has become even more essential as they’re looked upon to navigate this evolving landscape.

Security

Diginomica - ERP - and the buying of it - has fundamentally changed. Here's how and why that matters to enterprises

As software evolves, so too must the methods used by buyers to pick an acceptable solution. The latest innovations/evolutions in application software should make every company re-examine how and what it is purchasing. Here’s a critical look at the future of software buying and how it’s getting harder to do well.

IT/Applications

Information Week - ‘They’re Coming After Us’: RSA Panel Explores CISO Legal Pressure

“I’ve been getting calls from people who are considering taking on a CISO role ... they would call and say, ‘Hey Joe, how do I get the job? What do I say when I get interviewed by a CFO or general counsel?’ Now, when I get those calls, it’s ‘Do I really want the job?’”

Security

ZDNet - AI raises cybersecurity fears among professionals, EY report finds

The study also found that 39% of employees do not feel confident about using AI responsibly. Employees are looking for their companies to take action to help build their confidence in using AI tools.

AI/Security

ITPro Today - Study Reveals Massive Gap in Cyber Defenses

The report reveals alarming gaps in the cyber defenses of many organizations, calling out misconfigured identity and access controls as a massive attack vector exploited by adversaries. For example, the study indicates that identity and credential misconfigurations account for a staggering 80% of security exposures across organizations, with one-third of these exposures directly jeopardizing critical assets

Security

Information Week - Wisdom FromWisdom From the Pump: What Gas Spending Can Teach Us About Managing Public Cloud Costs

In a cloud context, “the right people” would be anyone consuming cloud resources -- i.e., your engineers. The more cloud efficiency data your engineers have in a context that’s relevant to them, the more cloud-efficiently they’ll build.

Cloud

VentureBeat - How to prepare your workforce to think like AI pros

Knowing this, it’s not surprising that we’re seeing fewer than 10% of organizations successfully developing and deploying gen AI projects. Other factors like misalignment with business values and unexpectedly costly data curation efforts are only compounding the challenges that businesses face with AI projects.

AI

sdxCentral - Is the AWS Network Firewall safe? CyberRatings tests reveal concerns

At the top end, CyberRatings gave the Palto Alto Networks VM-Series Next Generation Firewall with Advanced Threat Protection a security effectiveness score of 100%. Versa Networks next-generation firewall (NGFX) scored 99.90%, while Check Point CloudGuard and Forcepoint NGFW both scored 99.80%.

Security

Network Computing - Survey: 5G Becoming Connectivity Method of Choice When Businesses Expand Operations

What the report found is that even the best-in-class wired connection providers typically have a few hours of downtime per month, which can happen at inconvenient hours for businesses. Over 50% of businesses estimated their organizations experience 1 to 2 hours of downtime per week due to network failures, while 34% experience 3 to 4 hours downtime per week.

Network Management

ITPro Today- Guidance Published To Help Developers Build Safer AI

NIST published four draft publications designed to provide advice to businesses implementing chatbots and text-based image and video systems.

AI Ethics

InfoWorld - 'Architecture by conference' is a really bad idea

Generative AI is not just a shiny new tool; it demands a radical rethinking of architectural principles. Current trends show a heavy reliance on reusing and repurposing old strategies without substantial innovation. This approach may offer short-term convenience but leads to long-term stagnation and, more often, “functional failure.”

IT Management

Government Technology - San Jose CIO: AI ‘Challenges Us to Think Differently’

Part of this process involves leveraging hands-on experience with AI tools to see them in action. Last year, the city started an AI pilot to assess the effectiveness of AI tools from four vendors. The pilot involves a vehicle with cameras on it that drives through the city to detect objects on the street: specifically, potholes, vehicles and objects left by illegal dumping.

Automation & Productivity

Information Week - Introducing Maintenance for Agile Applications

“The fundamental problem with Agile, as many companies use it, is that its relentless pace biases developers,” said HBR. “They want to get out a minimum viable product in only a few weeks, so they skimp on scoping out just what the product should accomplish … They accept their existing constraints, which automatically limits the potential for a high-growth offering … Instead of a major breakthrough, they trend toward only incremental improvements on existing offerings.”

DevOps

Government Technology - Three State Leaders Offer AI Governance Strategies

“We know that AI needs no introduction because, in state government, IT shops across the country are working to expand their AI understanding,” Deshpande said. “While we still do not have an executive order focused on AI for the state, the Georgia Technology Authority (GTA) has implemented an AI governance framework in partnership with state agencies. We are currently putting together an innovation lab for technology pilots and proof of concepts.”

AI/Governance

SiliconANGLE - Splunk report finds generative AI both a problem and a solution for security teams

The use of generative AI within security teams is very high, with 91% of security teams claiming they are using it, although 65% say they do not fully understand the implications. I found this data point interesting, as it shows that security teams are looking for a better way of doing things, even if that means having to understand the ramifications later.

AI/Security

Computerworld - Workers with these AI skills are getting cash premiums

“This is cash paid out, not as a salary increase but in addition to salary,” said David Foote, chief analyst at Foote Partners. “In fact, 28 of these core AI skills can add between 15% and 21% in pay, well above the 9.6% average premium across all 632 non-certified skills we report. They are very hot right now.”

Tech Jobs

CIO Influence - What is the Difference Between Data Engineering and Data Management?

Recent advancements in hybrid cloud, artificial intelligence, the Internet of Things (IoT), and edge computing have precipitated the exponential growth of big data, introducing greater complexity for enterprises to navigate. Consequently, establishing a robust data management discipline within organizations has become increasingly imperative to address challenges such as data silos, security vulnerabilities, and decision-making bottlenecks.

Data Management

Information Week - The Tug-of-War for Cyber Resilience to Guard Water Utilities

Despite the importance of critical infrastructure, the matter of upgrading cybersecurity to meet new rules can come down to balancing costs -- which can be difficult for budget-strapped towns regardless of regulatory pressure. “We can’t push a local electric or water municipality provider out of business because people rely on that for their daily lives,” Hughes says.

Security

The Hacker News - When is One Vulnerability Scanner Not Enough?

Generally speaking, vulnerability scanners aim to produce checks for as many vulnerabilities as possible. However, the number of vulnerabilities discovered year on year is now so high, reaching nearly 30,000 a year, or 80 a day, that it's impossible for a single scanning engine to keep up with them all.

Security

Information Week - Hiring Hi-Tech Talent by Kickin’ It Old School

AI and automation may help human resources departments filter and sort resumes, but to land top notch talent, companies will need to take an old school approach. The recruiter is often a candidate’s first contact with a potential employer company. And the way the recruiter conducts themselves serves as a reflection of the company’s core values. At least, that is how candidates see it.

Tech Jobs

The Hacker News - Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success

Traditional SAT programs have long been scrutinized for their inability to drive meaningful behavioral changes. In fact, 69% of employees admit to "intentionally bypassing" their enterprise's cybersecurity guidance.

Security

Information Week - How Today’s CIOs Drive Value

Organizational agility has its roots in IT because software development was the first to adopt agile mindsets and methodologies. Among them, minimally viable products (MVPs) and proofs of concept (POCs) help IT departments demonstrate the potential value of a solution faster than the old waterfall method. Agile practices also involve collaboration among stakeholders, which accelerates the realization of business value.

Leadership

Computerworld - LLM deployment flaws that catch IT by surprise

For example, if an end user innocuously — or an attacker maliciously — inputs too much data into an LLM query window, no error message is returned and the system won’t seemingly crash. But the LLM will often instantly override its programming and disable all guardrails.

AI/Security

The Hacker News - U.S. Government Releases New AI Security Guidelines for Critical Infrastructure

"These guidelines are informed by the whole-of-government effort to assess AI risks across all sixteen critical infrastructure sectors, and address threats both to and from, and involving AI systems," the Department of Homeland Security (DHS) said Monday.

AI/Security

Information Week - How to Manage a Rapidly Growing IT Team

Missed deadlines, especially if they're becoming more frequent, is a key indicator that a team may not be accommodating rapid growth, Rafferty says. "You may also notice a rise in workload complaints or other signs of dissatisfaction from team members," she notes. If these signs are left unchecked without acknowledgment and resolution, turnover may become a key issue adversely impacting scale and growth.

IT Management

sdxCentral - Verizon DBIR paints a bleak picture of data breach landscape

Amidst the surge in data breaches involving vulnerability exploitation, Pinto pointed out a significant gap: While it takes companies that are actively fixing the vulnerability problems an average of 55 days to patch 50% of critical vulnerabilities on their estate, the median time for these vulnerabilities to be exploited by cybercriminals is as little as five days.

Security

Network Computing - BMC Acquisition of Netreo Highlights Role of OpenTelemetry, AIOps in Network Observability

“They're adding capabilities around more data for different customers across DevOps across IT operations, infrastructure, platform engineers, and they're driving more opportunities with their customers to better understand metrics, logs, traces, and events that are foundational for any of these discussions,”

Network Management

Forbes - The Danger Of Zombie Leaks

GitGuardian issues an annual report called "The State of Secrets Sprawl," covering things we discovered about secrets that have been accidentally published to public repositories in the past year. One of the call-outs in the 2024 report had to do not just with the number of secrets we discovered published to GitHub but what happened after we discovered them.

Security

GeekWire - GeekWire: Generative AI is a dual concern for cybersecurity industry — and will drive increased labor demand

“The amount of creativity, the amount of patience, the amount of thinking outside of the box, the amount of not just following instructions, but having real creativity, using all the different skill sets you have, become really important in how we’re able to be cyber warriors,” he said. “How we’re able to protect things.”

AI/Security

CIO Influence - What is the Difference Between Data Engineering and Data Management?

Recent advancements in hybrid cloud, artificial intelligence, the Internet of Things (IoT), and edge computing have precipitated the exponential growth of big data, introducing greater complexity for enterprises to navigate. Consequently, establishing a robust data management discipline within organizations has become increasingly imperative to address challenges such as data silos, security vulnerabilities, and decision-making bottlenecks.

Data Management

Computerworld - What Capgemini software chief learned about AI-generated code: highly usable, ‘too many unknowns’ for production

According to Capgamini’s own survey data, seven in 10 organizations will be using generative AI (genAI) for software engineering in the next 12 months. Today, 30% of organizations are experimenting with it for software engineering, and an additional 42% plan to use it within a year. Only 28% of organizations are steering completely clear of the technology.

AI

Information Week - Transform Data Leadership: Core Skills for Chief Data Officers in 2024

Key among these skills is strategic visioning to align data initiatives with business goals, the ability to articulate the value of data-driven decisions across various levels of the organization, and stakeholder management skills to navigate diverse interests and foster collaboration.

Data Management

Becker's Health IT - Why Ardent isn't focusing on 'technology just for technology's sake'

For example, digital ethics is paramount as we advance in healthcare technology, especially with the integration of AI. We've got to be really focused on ensuring that we have proficiency around digital ethics so that we can ensure patients are receiving equitable care and avoid health disparities while leveraging data responsibly.

IT Management

InfoWorld - How cloud cost visibility impacts business and employment

What rings true is that engineers are on the frontline in controlling cloud costs. Indeed, they drive most overspending (or underspending) on cloud services and the associated fees. However, they are the most often overlooked asset when it comes to dealing with these costs.

Cloud Computing

CIO Influence - Global CIOs Challenges on AI Scaling Reveals Lenovo’s Report

In a significant shift from previous years, CIOs are prioritizing core IT functions over non-traditional responsibilities. Over half (51%) consider AI/ML an urgent priority, second only to cybersecurity. This urgency stems from the pressure to drive business impact, with 84% of CIOs now evaluated based on business outcome metrics.

IT Management

CSO - Is your hybrid/multicloud strategy putting your organization at risk?

CNAPPs, according to Gartner, Inc., “consolidate a large number of previously siloed capabilities, including container scanning, cloud security posture management, infrastructure as code scanning, cloud infrastructure entitlement management, runtime cloud workload protection and runtime vulnerability/configuration scanning.”

Cloud Computing

CIO Influence - How Software Companies Help to Manage Workforce in the IT Industry

Workforce planning must be a very close-fitting fit with the overall organizational business strategy. IT business leaders must work out the organization’s operating and strategic goals when designing a workforce plan. This consideration helps to identify the short-term and long-term resource requirements. Additionally, the plan must be flexible enough to allow changing business needs while ensuring that the firm has the right talent to make the business successful.

IT Management

SiliconANGLE - AI-powered metadata: Informatica’s role in the future of data management

As we have discussed in past articles about the Sixth Data Platform and the rise of the Intelligent Data Platform, integrating islands of metadata into a coherent knowledge graph presents numerous challenges. AI will play a crucial role in this integration, but human in-the-loop remains critical, especially in ensuring data quality, consistency and governance. The complexity of creating a unified metadata platform is significant, as it involves harmonizing diverse data types and structures across different systems and applications.

AI/Data

Network Computing - What is Wi-Fi 6? (802.11ax), How Fast is it, and What are its Benefits?

Why would you want the flexibility of selecting either Wi-Fi 5 or Wi-Fi 6 for a device? Hands down, Wi-Fi 6 is the preferred choice because of its enhanced speed and connectivity, which creates far less congestion on your network. Wi-Fi 6 is also backwards-compatible with older devices that run Wi-Fi 5. However, if you are using older devices that do not support Wi-Fi 6, you will not be able to take advantage of Wi-Fi 6 capabilities because the devices will fall back into operation at the Wi-Fi 5 level.

Network Management

VentureBeat - Forrester’s top 5 cybersecurity threats for 2024: Weaponized AI is the new normal

With the goal of democratizing weaponized AI and profiting off of attackers’ demand for the latest technologies, attack groups that include APTs and nation-states are selling ransomware-as-a-service, FraudGPT starter services, IoT attack services and selling knowledge of how to fine-tune malware-less attacks that the current generation of cybersecurity systems can’t detect. CrowdStrike’s 2024 Global Threat Report found that malware-free attacks increased from 71% of all attacks in 2022 to 75% in 2023.

AI/Security

sdxCentral - Zscaler reports phishing attacks to get worse as cybercriminals tap AI

Phishing affects all industries, exploiting the human element as a common vulnerability. The finance and insurance sector experienced the highest number of phishing attempts, with attacks increasing by 393 percent from the previous year. Meanwhile, manufacturing saw a 31 percent uptick in phishing attacks. These two sectors and the technology sector — where attacks surged by 114 percent — are leading adopters of AI tools. Together, the sectors accounted for 35 percent of AI/machine learning (machine learning) transactions on the ZTE.

AI/Security

VentureBeat - Microsoft deputy CISO says gen AI can give organizations the upper hand

Microsoft Copilot for Security is informed by large-scale data and threat intelligence, including more than 78 trillion security signals processed daily, and coupled with large language models to deliver tailored insights and guide next steps, which makes it far easier to detect more subtle attacks and significantly reduce response times, even to the point where security teams can stay ahead of cyber criminals.

AI/Security

Datanami - Gartner Identifies the Top Trends in Data and Analytics for 2024

“D&A leaders must demonstrate their value to the organization by linking the capabilities they are developing and the work they do to achieve the business outcomes required by the organization,” said Ramakrishnan. “If this is not done, issues such as misallocation of resources and underutilized investments will continue to escalate, and D&A will not be entrusted with leading the AI strategy within the organization.”

Data & Analytics

The Hacker News - Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM

This approach offers a unique perspective because it considers not just vulnerabilities, but how attackers could actually exploit each weakness. And you may have heard of Gartner's Continuous Threat Exposure Management (CTEM) which essentially takes Exposure Management and puts it into an actionable framework. Exposure Management, as part of CTEM, helps organizations take measurable actions to detect and prevent potential exposures on a consistent basis.

Security

Datanami - Losing control of your company’s data? You’re not alone

The more they sign up for new applications, the more control these companies lose of what should ideally be a single, interacting, unitary asset across the data layer. The more they migrate to public clouds while holding on to an application-centric, fragmentary data view of IT, the more control they lose, and the harder data integration becomes.

Data Management

Information Week - No Fear, AI is Here: How to Harness AI for Social Good

However, our job as tech leaders is not only to motivate capable teams, but to also provide them with frameworks for finding new ways of responsibly leveraging technology for good. To do so, we’ll need to stay grounded in the fundamentals of science -- facts, data, and measurement.

AI

ZDNet - Bank CIO: We don't need AI whizzes, we need critical thinkers to challenge AI

In working closely with AI, Mai discovered an interesting twist in human nature: People tend to disregard their own judgement and diligence as they grow dependent on these systems. "As an example, we found that some humans become lazy -- they prompt something, and then decide, 'ah that sounds like a really good response,' and send it on."

Automation & Productivity

Information Week - OpenAI Enterprise API Expands Offerings, Eyes Growth and Safety

What we’ve seen already since the launch of ChatGPT is that we have 92% of Fortune 500 companies already using ChatGPT in some way. What we are announcing now in this version are the changes from a pricing and cost perspective, we introduced batch API that lets people do asynchronous requesting, and we introduced a provision throughput, which lets people commit to a certain throughput and get a discount for it. We want more people to build with our API and not have to worry about spending more.

AI/API

SiliconANGLE - Security budgets are growing, but so is vendor sprawl

This data represents a standout revelation from the survey in that 70% of customers see their security budgets growing by 5% or more, a strikingly high rate of security spending compared with IT spending at large. The data further shows that more than half of the surveyed firms are increasing their security investment by 5% to 14%. Notably, an astonishing 14% of respondents are engaging in what we classify as “hypergrowth” in spending, exceeding a 15% increase.

Security

eWeek - 9 Best Business Automation Software in 2024

Business automation software automates repetitive and mundane tasks in a wide variety of business processes, including invoicing, marketing, customer service, data entry, customer communication, and workflow management.

Automation & Productivity

GovTech - How Should Government Guide the Use of Generative AI?

“We found that the principle-based approach was very effective, because it didn’t require us to anticipate every single potential use case that could emerge in this area,” Loter said. “It allowed us to communicate to city employees: Go ahead and use your discretion. When you are making a decision about whether to use or not use a particular system, keep these principles in mind.”

GenAI

VentureBeat - Curbing shadow AI with calculated generative AI deployment

Today IT staff can access LLMs and GPUs-as-a-service from an array of public cloud providers or from specialists offering API access to build gen AI services. As these LLMs become both smaller and easier to use it’s easy to envision knowledge workers creating their own bespoke digital assistants simply by picking their way through drop-down menus on laptops or speaking commands into their smartphones.

AI

CIO Influence - Building Security from Scratch: Key Steps in Implementing Zero Trust Architecture

The Zero Trust architecture’s center consists of policy decision points (PDPs) and policy enforcement points (PEPs) within the corporate network. These components allow the creation of data enclaves and microperimeters. PDPs and PEPs act as collection points for security information and as decision hubs for critical decisions regarding transaction path or policy enforcement, such as requiring additional authentication factors or denying untrusted requests.

Security

VentureBeat - Palo Alto Networks’ CTO on why machine learning is revolutionizing SOC performance

We’re moving away from investigating an attack once every few hours or once every few days to investigating 10s of millions or 100s of millions of potential attacks every second. Humans can’t do that we need machine learning.

Security

sdxCentral - Why both vendors and buyers are pushing for security platformization

“Look at products based on the functionalities that they’re offering,” he said. “So, are your users happy with them? Are the admins happy with the tools? Because you may have a tool that your admins love, and if you take it away from them because you’re going into a different platform and they don’t like it, they may have an issue with that.”

Security

Network Computing - Fixed Wireless Access Benefits Extend to Enterprises

Fixed Wireless Access (FWA) has surged in recent years to support both residential and enterprise connectivity due to its ease of deployment along with the more widespread availability of 4G LTE and 5G Sub-6GHz networks, which offer increased throughput and reliability, comparable in many cases to more traditional fixed broadband technologies.

Network Management

VentureBeat - Exclusive: Visa’s CIO shares insights on generative AI’s transformative potential in payments industry

Visa is exploring the use of generative AI to bolster its already robust fraud detection and risk management capabilities. “As we look to the future, gen AI’s capacity to process and learn from vast amounts of data could significantly enhance our fraud models. By leveraging better insights, we are exploring how to further bolster our fraud detection capabilities,”

GenAI

CIO Influence - Innovating Security Operations: The Role of Generative AI

In this ever-changing landscape of cybersecurity threats, organizations always search for new ways to strengthen their security operations. That is why generative AI technology has recently captured the greatest attention in cybersecurity. Following the launch of OpenAI’s ChatGPT in November 2022, many have been talking about how this technology could maliciously build malware and phishing content or how automation and augmentation of security processes could make it workable.

AI/Security

The Hacker News - 10 Critical Endpoint Security Tips You Should Know

Adhering to the principle of least privilege can help you strike the right balance between security and functionality. The principle of least privilege works by allowing only enough access for a user, program, or process to perform its function.

Security

ZDNet - Do employers want AI skills or AI-enhanced skills? That could depend on you

"People in this field must be comfortable using Copilot to code faster and more efficiently, Looking ahead, there are other tools coming out that will allow a solutions architect to describe a problem -- or even an idea for how to solve a problem -- to an AI platform, and it will produce an elastically scalable and implementable diagram."

Tech Jobs

Network Computing - Cloud-Native Software: What it Is, How We Got Here, and Why it Matters

With so many application functions handled via existing cloud services, developers can write cloud-native applications much more quickly and inexpensively. They can also continually update and experiment with software capabilities—and continually bring new features to users—with far less cost and risk.

Cloud

Information Week - A New Era for CISOs: Navigating Regulations and Unprecedented Threats

This begins at the executive level. It’s a good idea for CISOs to develop close working relationships with the CEO (chief executive officer), CFO (chief financial officer), and CLO (chief legal officer. If each of these relationships is strong, then everyone can ensure that technology investments- - including the latest in cloud and AI technology -- are assets to business and financial outcomes without causing legal trouble.

Security

Network Computing - How to Get the Maximum Value Out of Network Automation

"There are distinct types of multi-clouds, each with its own unique management requirements," he notes in an email interview. Public cloud-to-public cloud is one type; another is private cloud-to-hyperscaler cloud. "With so many different applications and platforms in play, all parties must work within the same definition of multi-cloud," he notes. Without it, stakeholders are adding extra fragmentation on top of the existing technical complexities.

Network Management

eWeek - Creating a Winning AI Business Strategy: 8 Steps

There’s also a wide range of prebuilt AI tools that won’t require you to adjust any deep learning algorithms or training data. Instead, you’ll simply work with the vendor or their platform to adjust the AI to your specific needs. You’ll also need to determine if you want to invest in more generic AI solutions — such as chatbots, copilots, and AI automation tools — or if you’re interested in a more specialized solution that is designed for your industry or a enterprise specific use case.

AI

sdxCentral - What is AI networking? Use cases, benefits and challenges

AI networking can optimize IT service management (ITSM) by handling the most basic level 1 and level 2 support issues (like password resets or hardware glitches). Leveraging NLP, chatbots and virtual agents can field the most common and simple service desk inquiries and help users troubleshoot. AI can also identify higher-level issues that go beyond step-by-step instructions and pass them along for human support.

Network Management

Forbes - Cybersecurity In A Data-Driven World: The Problem Of Invalid Data

The challenge isn’t that the data doesn’t exist. Conversely, data has quickly become the crown jewel for most organizations, and the cyber data that surrounds it is invaluable. The challenge lies in cataloging, collecting, organizing and analyzing the supporting cyber data in a way that enables leaders to make informed decisions based on ground truth, in real time.

Data Management

Network Computing - Good Things Happen when Network Engineers Internalize Spider-Man’s Mantra

The risks are not just due to mistakes – typos, misconfigurations, or other changes that unintentionally create a ripple effect of instability in other parts of the network. Malicious behavior is also a risk. I have personal experience working for a very large service provider that had to terminate one of its senior network engineers. Before the company was able to decommission his access, he was able to get into the network from home, lock them out of all their core routers, and demand a ransom

Network Management

InfoWorld - How RAG completes the generative AI puzzle

RAG brings to generative AI the one big thing that was holding it back in the enterprise: an information retrieval model. Now, generative AI tools have a way to access relevant data that is external to the data the large language model (LLM) was trained on—and they can generate output based on that information. This enhancement sounds simple, but it’s the key that unlocks the potential of generative AI tools for enterprise use cases.

AI/RAG

Blocks & Files - NetApp AI expert says calculating text data estate vector embeddings could take minutes

He made the point that an organization’s text-based data estate might not be as large as all that. “If you take Wikipedia, for example, which is a significant corpus of text representing most of the world’s knowledge, the textual form of Wikipedia is less than 40 gigabytes.”

AI/Data

Dark Reading - 5 Hard Truths About the State of Cloud Security 2024

"A lot of people think they're outsourcing security to the cloud provider. They think they're transferring the risk," Kindervag says. "In cybersecurity, you can never transfer the risk. If you are the custodian of that data, you are always the custodian of the data, no matter who's holding it for you."

Security

Forbes - Meeting Cyber Risk Objectives In An AI-Infused World

Adoption of AI introduces an organization to a specific set of risks. AI will be generating conclusions, and its accuracy is proportionate to how much data it is fed. Adverse impacts can result if data integrity goes unchecked or inadequate security architecture leads to data leakage. Cyber teams must understand AI assets and impacts before implementation and be able to explain these to compliance officers, who will establish a framework for risk assessment

AI/Security

CIO Influence - Review of Secured Operating System: Windows, Linux, MacOS and ChromeOS

In this article, you’ll explore the operating systems, gaining valuable insights into their privacy features and security measures. It will give an overview and review criteria, encompassing factors such as ease of use, compatibility, and performance. Let’s understand each OS’s emphasis on privacy, security, and anonymity, scrutinizing their key security features, practical applications, and strengths and weaknesses.

Security

Dark Reading - Lessons for CISOs From OWASP's LLM Top 10

OWASP recently released its top 10 list for large language model (LLM) applications, in an effort to educate the industry on potential security threats to be aware of when deploying and managing LLMs. This release is a notable step in the right direction for the security community, as developers, designers, architects, and managers now have 10 areas to clearly focus on.

Security

SiliconANGLE - Coalition reveals uptick in cyber insurance claims driven by ransomware in 2023

More than half of all claims lodged with Coalition last year related to business email compromise or funds transfer fraud, with one common factor: They were attacks that came through email. The report notes that more than half of claims were related to email attacks, highlighting the importance of email security as a key aspect of cyber risk management.

Security

Information Week - Why Your Enterprise Should Create an Internal Talent Marketplace

Internal talent marketplaces are intelligent platforms designed to connect employees with the career opportunities and resources necessary for professional growth. Powered by AI-matching algorithms, talent marketplaces allow managers to view candidates for specific job roles without the involvement of a recruiter. Gartner predicts that by 2025, 30% of large enterprises will have deployed a marketplace to optimize talent utilization and agility.

Tech Jobs

The Next Web - The top programming languages to learn if you want to get into AI

The real task is to look beyond the hype and headlines to figure out what language best suits your skill set and interests, leaving you well-positioned to meet the growing market demand. Read on to explore what language you should be looking at if you want to explore a career in AI.

Tech Jobs

Information Week - How Developers of All Skill Levels Can Best Leverage AI

Increased AI adoption has come with its challenges. Studies, like this one done by GitClear, note that AI use in the development process has exacerbated code churn; it’s expected to double by the end of the year. This is often a result of mishandling or misunderstanding AI in the software space. This means poor quality, AI-generated code stands to become a large business pitfall and compound technical debt if not handled properly.

AI/DevOps

Cyber Defense Magazine - AI is Revolutionizing Phishing for Both Sides. What will make the Difference?

“If it ain’t broke, don’t fix it.” Phishing as a cybercrime model has always been successful. Thus, we see phishers using generative AI to recreate the same old techniques, only better. The result? An unheard-of 1,235% increase in phishing emails since the launch of ChatGPT.

AI/Security

ComputerWeekly - Five reasons why – and when – cloud storage is the answer

Being able to scale up and down remains one of the biggest draws for cloud storage – customers pay for what they use, when they use it. In the storage context, this is useful to match capacity to seasonal workloads, to bring capacity online for analytics or research purposes, and increasingly, machine learning and AI.

Data Storage

Data Center Frontier - U.S. Contains Fully Half of 1,000 Hyperscale Data Centers Now Counted Globally, as Cloud Giants Race Toward AI

The firm's latest research is based on an analysis of the data center footprint of 19 of the world's major cloud and internet service firms, including the largest operators in the sectors for SaaS, IaaS, PaaS, search, social networking, e-commerce and gaming.

Data Management

CIO Influence - Gen AI That Drives Business Value? Focus on These Four Things

When considering Gen AI initiatives, take into account your org’s entire data journey, from data production through data presentation, and then identify where AI can augment processes. Gen AI becomes much more valuable when used to address a clearly identified gap or opportunity and powered by high-quality, timely data.

AI/Data

SiliconANGLE - Zscaler report warns of AI’s growing role in sophisticated phishing attacks

With generative AI now freely and frequently available, cybercriminals have been using it to rapidly construct highly convincing phishing campaigns that surpass previous benchmarks of complexity and effectiveness. Using AI algorithms, threat actors can swiftly analyze vast datasets to tailor their attacks and easily replicate legitimate communications and websites with alarming precision.

Security

CIO Influence - AI Integration Roadmap Planning for Cybersecurity Experts

AI, a domain of computer science, deals with the creation of machines that can carry out tasks that are regarded as human; cybersecurity, on the other hand, safeguards digitally set-up systems. These areas thus merge with real-world information that has been ciphered by the cybersecurity system used to train AI for an increased level of threats.

AI/Security

Network World - Network jobs watch: Hiring, skills and certification trends

“The most challenging thing for me is the lack of network engineers who can contribute to automation,” said a network engineer at a midmarket business services company in the EMA report. “The community is small, and it’s hard to find people who can help you solve a problem.”

Network Management

Diginomica - The US Government's big question - where do we find 100 Chief AI Officers by the end of May?

It is worth noting though that things are not being helped in general terms by a marked lack of AI expertise in public sector IT teams. It is currently well below the industry average in skills gap terms, according to research from Salesforce. For instance, only just under a third (32%) of tech professionals understand generative AI use cases, such as content creation and data analytics. A mere 30% claim to be experts in implementing AI within their organization.

Tech Jobs

TechReport - LastPass Users Hit by Major Phishing Scam: Master Passwords Breached

As LastPass mentioned in its official blog, it found a parked domain (help-lastpass[.]com) and immediately started monitoring it in case the site went live. As it happened, the site did go live and started attacking LastPass users. The company then immediately worked with its vendors and took it down.

Security

sdxCentral - Forrester warns of deepfakes and AI supply chain security threats

As generative AI (genAI) goes mainstream, prompt engineering, prompt injection and sensitive data spillage will move to the top of every security team’s threat list. These AI response risks could come from genAI applications like Microsoft Copilot and Anthropic Claude, or internally developed applications with sensitive data sets trained on enterprise data.

AI/Security

Information Week - GPUs Force CIOs to Rethink the Datacenter

All of which leads directly to the datacenter. As AI goes mainstream, organizations must adapt, says Teresa Tung, Cloud First Chief Technologist for Accenture. It isn’t enough to understand where GPUs deliver strategic gains, CIOs must make critical decisions about when to use GPUs or CPUs and whether to handle training, inferencing, and other tasks on premises or in the cloud.

AI/Data

Network World - Networking among tech roles forecast for growth in 2024

“On a numeric basis, software developers, systems engineers and cybersecurity analysts, network architects, and IT support specialists recorded the largest gains in employment,” the report states.

Tech Jobs

AiThority - Looking for an AI Career? Here’re the 10 Most Employable Degrees for AI Professionals

Out of all 1,790 degrees related to Computer Science, 294 produced graduates that were employed both a year and four years after completing their studies. Only 23 of them had median earnings data available for the fourth year after graduation. These were ranked from highest to lowest to reveal the best-paying degrees for an AI career with 100% employability.

Tech Jobs

ZDNet - Meet your new IT superhero: Citizen developers flex their AI muscles

"Ultimately, this is going to mean higher success rates for technology initiatives. Traditionally IT projects have a very high failure rate. It's because there is a lack of overlap between domain expertise and knowing what it is that you're trying to actually solve. And understanding the tools you're trying to solve it with."

IT Management

StateTech - Rethinking the Weakest Link in State Government Cybersecurity

Ransomware attacks targeting cities, states, municipalities, law enforcement and other public entities are expected to grow, according to Zscaler’s latest Ransomware Report. These entities often have a very low security posture to protect critical data and systems and typically rely on legacy technologies, making them attractive targets for cybercriminals seeking easy payouts or valuable information that they can sell.

Security

Network World - Network jobs watch: Hiring, skills and certification trends

“Based on our analysis, the IT job market and opportunities for IT professionals are poor at best. In the past 12 months, telecommunications lost 26,400 jobs, content providers lost 9,300 jobs, and other information services lost 10,300 jobs,” said M. Victor Janulaitis, CEO at Janco, in a statement. “Gainers in the same period were computer system designers gaining 32,300 jobs and hosting providers gaining 14,000.”

Tech Jobs

Data Center Frontier - DOE Study: AI Boom Breeds Localized Energy Constraints, But Grid Can Meet Long-Term Demand

The 2024 Report to Congress on U.S. Data Center Energy Use is designed to assess how surging interest in artificial intelligence (AI) is impacting the technology industry’s use of electricity. Demand for AI will likely alter the geography of digital infrastructure, but isn’t going to gobble up all the power on the electric grid, say government researchers from Lawrence Berkeley National Laboratory (LBNL), part of the Department of Energy.

AI/Data

Information Week - 8 Cloud Migration Challenges

An emerging class of capabilities such as Cloud Security Posture Management (CSPM), and Cloud Native Application Protection Platform (CNAPP) are being used by security teams to provide real-time visibility into security misconfigurations or otherwise suspicious activity that requires investigation.”

Cloud

CIO Influence - AI Integration Roadmap Planning for Cybersecurity Experts

Traditional risk management processes involve manual data analysis, which is time-consuming and prone to human error. With the advent of artificial intelligence (AI), there’s a transformative shift in how businesses approach risk. AI provides tools for predictive analytics, real-time data processing, and decision-making support that can significantly enhance risk management strategies.

AI/Security

Information Week - How to Balance Disaster Recovery, Backup Systems, and Security

Increasingly sophisticated attack types, which might include AI-powered threats, can make finding the right approach a challenge especially as cybersecurity is often seen as a cost rather than an operational benefit. This can lead to conversations in the C-suite about what measures are worth taking to secure data and systems while also trying to ensure continuity of business.

Security

VentureBeat - Psychological safety is key to managing security teams

The reality of life as a security expert is that you’re regularly trauma-bonding with your team. You and your peers are constantly resolving high-stakes, heavy-collaboration, little-room-for-error incidents together, and this intense type of work is a core function of your day-to-day lives. If you don’t feel able to communicate comfortably with your team, you’re in trouble.

Security

sdxCentral - Gartner ups 2024 IT spending forecast to top $5 trillion — what’s behind the growth?

“The talent gap in key IT skillsets is widening, causing enterprises to turn increasingly to IT service firms for expertise. This trend is pushing consulting spend to outpace internal IT staff investment for the first time.”

IT Management

VentureBeat - Why LLMs are predicting the future of compliance and risk management

“By adopting cloud technologies and moving away from on-premises solutions, we’ve seen a drastic reduction in both infrastructure and operational costs—by approximately 40% and 150%, respectively,” Carlson noted. These changes have not only simplified operations but also greatly increased the scalability of Relativity’s services, crucial for handling their extensive document loads.

AI/LLM

eWeek - What is Retrieval Augmented Generation? How it Works & Use Cases

Large language models (LLMs) are trained on vast volumes of data. They are like well-read individuals who have a broad understanding of various topics and subjects. They can provide general information and answer various queries based on their vast knowledge-base. But to generate more precise, reliable, and detailed responses backed up by specific evidence or examples, LLMs often need the assistance of RAG techniques. This is similar to how even the most knowledgeable person may need to consult references or sources to provide thorough and accurate responses in certain situations.

AI/RAG

InfoWorld - Cloud cost management is not working

The results come as regional cloud workloads are predicted to increase significantly over the next two years. Workloads for applications in IT ops are predicted to grow 51%, hybrid work 55%, software creation platforms and tools 42%, and digital experiences 40%; these will be the fastest areas to grow.

Cloud

Information Week - What CIOs Can Learn from an Attempted Deepfake Call

“The fact that they [the threat actor] were able to put something together that was at least passable, I think is what's really interesting and represents that … proliferation and that escalation that we've been concerned about with this technology for years now,” says Kosak.

Security

Security InfoWatch - Egress: Millennials are key target of top phishing trends

Social engineering has also increased, now representing 19% of phishing attacks and phishing emails are over three times longer than they were in 2021, likely due to the increase in use of generative AI. On the other hand, the use of attachment-based payloads has decreased since 2021; three years ago, these accounted for 72.7% of attacks detected by Egress Defend, and by the first quarter of 2024, this had fallen to 35.7% as threat actors evolve their payloads to evade cybersecurity efforts.

Security

ITPro Today - How to Choose a Storage Solution for AI Training Data

Irregular data access: AI models typically only access training data when they're actively training or retraining — events that may happen on an irregular, unpredictable basis. As a result, it can be tough to predict exactly how frequently the data will need to be made available. This can affect storage strategies because some storage solutions (like "cold" cloud storage) don't make data readily available, so not knowing ahead of time exactly when you'll need the data can pose problems.

AI/Data

CIO Infuence - Understanding Red Teaming for Generative AI

Red teaming has found a new ground in its recent past: stress-testing generative AI across safety, security, and social biases. The risks in the industrial context of generative AI differ from those of conventional software models, and potential hazards range from hate speech, pornography, false facts, copyrighted material, or even the disclosure of private data like phone numbers and social security numbers.

AI/Security

sdxCentral - Gartner crowns Netskope, Palo Alto Networks, Zscaler as SSE leaders

The analysis firm defines SSE as a security framework that safeguards access to the web, cloud services and private applications regardless of user location, device or Application hosting, which enhances security and visibility for software-as-service (SaaS), platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS).

Security

Information Week - Working With Non-IT Users Who Do IT

IT must get involved as soon as multiple system boundaries get crossed, because linking these systems together requires technical integration that goes beyond the scope of user IT skills. Integration is never a simple task. The process can also be time-consuming. However, if IT maintains active communications and collaboration with citizen developers, everyone can sit together to brainstorm where they foresee their applications extending in the future

IT Management

sdxCentral - What’s Next: Versa’s Kelly Ahuja talks security, the network edge and AI platforms

You need to be able to act on things faster. All that is driving a lot of pain for the current CSOs and CIOs, and they’re looking to figure out how they can keep up with all of this while staying within budget. Because budgets aren’t unlimited. Every CEO, including me, says ‘We’re gonna grow the top line.’ But we’re not necessarily gonna grow the expenses. So how do you do more with less or the same? That’s kind of what the name of the game is.

Network Management

Datanami - General Assembly Report: Tech Firms Pay Top Dollar to Secure Competent AI Professionals

The report outlines how HR leaders from across the globe – including Australia, Canada, France, Singapore, and the United States – are taking action to develop an AI-enabled workforce. Their responses are paired with actionable guidance based on General Assembly’s delivery of tech training services to Fortune 500 companies, including Microsoft, Humana, Indeed and Adobe.

Tech Jobs

CIO Influence - Will AI Replace or Enhance Cybersecurity Engineering?

In this era of cybercrime, AI finds a significant role in risk identification. Traditional security systems that are based on be a threat signature are a known thing. In contrast, AI can make proactive processes that involve analyzing behaviors and patterns before implementing the detection of an unexpected attack. Using the behavioral analysis approach, the organizations would be able to detect any misbehavior and threats, thus they could eliminate the majority of threats before these are virtually done and the damage is widely spread, that increases the overall threat detection potential.

AI/Security

Information Week - Expect the Unexpected: 3 Lessons for Building a Culture of Security

According to Layoffs.fyi, during 2023 more than 250,000 people were laid off across tech, including thousands of security professionals. While cost-cutting isn’t new, “doing more with less” doesn’t work for security. Overly aggressive job cuts can lead to increased risks, by unintentionally creating insider threats, or by untrained or over-stretched employees taking on extra work and inadvertently creating vulnerabilities.

Security

Network Computing - How CISOs Can Contend With Increasing Scrutiny from Regulators

As team leaders, CISOs already had to set and deliver on cyber strategy, a task made harder at a time when 41% of security teams are understaffed, and 51% are held back by budget constraints. It's no surprise that this pressure results in high levels of stress and burnout. Work-related stress affects 94% of CISOs, and 65% admit that it's compromising their ability to do their jobs.

Security

Dark Reading - 3 Steps Executives and Boards Should Take to Ensure Cyber Readiness

Organizational remediation efforts can and should be developed, tested, and implemented before an attack happens. It is imperative for those at the top to use this time to evaluate how well their teams will respond when thrust into a dire situation and take the necessary steps to ensure cyber readiness.

Security

CSO - Where in the world is your AI? Identify and secure AI across a hybrid environment

As more AI features are added to SaaS and cloud apps, it becomes more and more important for CISOs to find and bring these apps into their governance, risk, and compliance (GRC) programs. And that means taking a closer look at data usage and protection strategies, experts say.

AI/Security

Information Week - How to Choose Effective Business Technology

The latest technology is great, but it’s not doing its job if your customer needs a coding certificate to operate it. The vast majority of consumers have achieved a level of tech-savvy to efficiently use new tools if they’ve been designed with user experience in mind. But even the most advanced users won’t use your tech if it requires more than a few minutes of time.

Automation & Productivity

CIO Influence - How Cloud Applications are Used for Data Protection

Cloud applications operate by dividing processing logic and data storage between client-side and server-side systems. Processing occurs partly on end-user devices and partly on remote servers, with most data storage situated on the latter. Users typically interact with these applications via web browsers or APIs. While these principles are fundamental to cloud applications, the specifics of client-server interactions and their impact on user experience vary across designs.

Data Management

Information Week - How CIOs Should Be Managing and Reducing Technical Debt

Another example is a business implementing a patchwork of independent systems for different departments. Initially, this approach seems efficient, but eventually, integration challenges lead to data silos, inefficiencies in communication, and increased data reconciliation and system maintenance costs. In both cases, the short-term benefits are outweighed by long-term drawbacks, which is the essence of technical debt for businesses.

IT Management

sdxCentral - The race to cloudify the LAN – network vendors jostle for position

Enterprises have reported seeing a 90% reduction in trouble tickets. Organizations have witnessed hardware installation and configuration times drop from hours to minutes. In addition, because the management application is hosted by the manufacturer, frequent software updates and feature additions have become possible. In this way, equipment suppliers are demonstrating ongoing value to their customers, who pay recurring fees for support and software features.

Network Management

Information Week - How CEOs and IT Leaders Can Take the Wheel on Responsible AI Adoption

Rather than sit idly by, now is the time for CEOs, CTOs, CIOs and others to begin establishing their own comprehensive plans for AI safety. In partnership with IT, legal and other teams, progressive leaning stakeholders are taking matters into their own hands, defining ways to manage AI risk while meeting the needs of their workforce.

AI

Diginomica - Google Cloud Industries VP shares the dos and don’ts of generative AI projects

Tharp said that the path to adoption of generative AI will depend on a number of factors, including a company’s background, what industry it is in, what data it holds, what its profit levels are, and what ROI it is seeking. However, she added that the priority should be for organizations to get going and start testing and learning

AI

CIO Influence - AI in Cybersecurity a Threat or Not?

The emergence of sophisticated attack vectors such as polymorphic malware and “living-off-the-land” attacks underscores the necessity for modern cybersecurity approaches. Behavior analysis and detection methods are gaining prominence as they focus on identifying malicious behavior rather than solely relying on file-scanning-based anti-virus defenses. When appropriately trained, AI excels in monitoring, detecting, and responding to such malicious behaviors, surpassing human capabilities alone.

AI/Security

Network World - DIY or commercial network automation? Most network teams choose ‘all of the above’

“We have a hybrid strategy,” an IT tools architect at a Fortune 500 media company recently told Enterprise Management Associates (EMA). “We can buy some commercial tools where it makes sense. But we are also developing tools internally where we can’t get the capabilities we need from vendors. Commercial tools can meet about 80% of our needs.”

Network Management

Information Week - How to Accurately Determine an IT Project's Value

"Project leaders should have expectations mapped to the realization framework and the relative weights of benefits scored," Natarajan says. "The value realization formula should be consistently applied across the [project] lifecycle and actively used for decision support."

IT Management

Computerworld - Do cloud-based genAI services have an enterprise future?

Through 2025, 30% of genAI projects will be abandoned after proof of concept (POC) due to poor data quality, inadequate risk controls, escalating costs, or unclear business value, according to Gartner Research. And by 2028, more than half of enterprises that have built their own LLMs from scratch will abandon their efforts due to costs, complexity and technical debt in their deployments.

AI/Cloud

VentureBeat - Telesign’s Verify API goes all in with AI and ML to secure omnichannel growth

The more successful a fraud attack is, the more it damages a brand. E-commerce fraud decimates brands, goodwill and trust, driving customers away to competitors. It’s on CIOs and CISOs to get e-commerce fraud detection and response right. Telesign found that 94% of customers hold businesses accountable and believe they must be responsible for protecting their digital privacy.

Privacy & Security

FedScoop - How Google Cloud AI and Assured Workloads can enhance public sector security, compliance and service delivery at scale

One challenge that remains at the forefront of those efforts is ensuring that today’s increasingly dynamic and distributed IT environments continue to meet the government’s complex security, regulatory and data privacy compliance rules — while learning how best to capitalize on AI’s potential to serve the public.

IT Management

Network Computing - Where Are You on the Cybersecurity Readiness Index? Cisco Thinks You’re Probably Overconfident

“We cannot underestimate the threat posed by our own overconfidence,” he said. Today’s organizations need to prioritize investments in integrated platforms and lean into AI to operate at machine scale and finally tip the scales in favor of defenders.”

Security

Network World - Enterprises struggle with network reliability, security: survey

The survey data shows that businesses as an alternative or supplement to fiber and wired connections are turning to cellular networks to ensure better connectivity for specific business and technology functions. For instance, 37% of respondents said they use cellular to support security and surveillance systems, and 33% use cellular for critical operational infrastructure

Network Management

SiliconANGLE - State agency proves DevOps and mainframes can coexist

Most of the department’s applications are based on Adabas, an inverted list database from 1971, and about 80% were written in the companion Natural programming language, which was launched in 1979. Although cloud-native development is often associated with more contemporary information technology infrastructure, Software AG has continued modernizing Adabas and Natural to keep them in line with cloud-native constructs. The company has said it will support both at least through 2050.

IT Management

The Hacker News - Code Keepers: Mastering Non-Human Identity Management

To manage non-human identities and secrets at scale you need a bird's-eye view of all machine identities in your systems. From ownership details to permissions and risk levels, all this critical information needs to be centralized, empowering your security teams to understand the secrets landscape thoroughly. No more guessing games—just clear insights into non-human identities and their potential vulnerabilities.

Security

Infosecurity Magazine - Preparing for AR’s Influence on Cybersecurity

Furthermore, malicious threat actors can look to misuse AR technology to create convincing deepfakes to dupe unsuspecting victims or to spread misinformation in the coming months due to both the UK and US having significant political elections this year. This is just the tip of the iceberg of emerging threats that surround the AR world, and much attention is required to ensure these spaces are protected.

Security

Network Computing - How Cisco sees Silicon One Easing Network Convergence and Helping with AI

Regarding web scalers, Eyal noted that two kinds of networks in data centers are critical to running AI apps. In addition to the front-end network we’re all familiar with, there’s a back-end network, typically InfiniBand, that has historically been used to connect storage clusters and the like. Cisco also sees Ethernet as a solution, especially in the world of web-scale.

Network Management

Information Week - A Roadmap for AI Products in an Age of Hyper Darwinism

Define the right tools for the right job. AI is the acronym du jour, but it should not distract from the core focus of any product team, customer delight. Whether designing toasters or writing physics simulation software, customer centricity reigns supreme. Knowing which problems to solve and which technologies most appropriately solve those problems are the two most important concepts any product team can grok -- AI or not. However, in this environment, they assume differential complexity.

Automation & Productivity

eWeek - SentinelOne’s Gregor Stewart on AI in Cybersecurity

One of the challenges presented by the rise of artificial intelligence is that hackers have AI and know how to use it – they often use AI to launch effective cyberattacks. So for today’s companies, AI is no longer optional; they must use it or be essentially defenseless. As a result, some companies have rushed to deploy AI without fully planning or understanding its uses.

AI/security

Information Week - AI: Friend or Foe?

“For the next few years, AI’s impact will be more like that of a team member with a unique specialty that boosts overall team productivity. AI is advancing quickly, but it is nowhere close to having some key elements of human intelligence that employees use every day.”

Automation & Productivity

eWeek - AI CRM Use Cases: 10 Top Examples and Platforms Explored

AI’s integration with CRM helps organizations get a deeper understanding of customer behaviors, preferences, and patterns, which in turn paves the way for higher customer satisfaction through more personalized and more efficient interactions. To make the most of AI in CRM, organizations need to ensure data accuracy, privacy, and security, as these best practices form the foundation of all customer relationships.

AI/CRM

AiThority - Artificial Intelligence for Cybersec Professionals: TeKnowledge Expands Cybersecurity Capabilities in AI Era

TeKnowledge’s advanced training programs address the nuances of AI in cybersecurity. These programs go beyond traditional cybersecurity training and are wisdom-led, looking into the intricacies of AI-powered threats and the defensive strategies required to counteract them. From understanding AI-driven phishing attacks and malware to mastering the art of AI-based threat detection and response, the curriculum is comprehensive and cutting-edge.

Security

SiliconANGLE - Box’s strategic leap: Embracing AI to transform unstructured content management

“One of the things that a lot of customers are doing and should do right now is to pick their platforms. Who are they going to trust to not only give them AI capabilities right now, but also in the future?” said Kus, highlighting the strategic considerations businesses must navigate in adopting AI technologies.

AI/Content Management

A Call for Technology Resilience

For each of your mission-critical IT functions, you should assess staff roster depth and then describe the holes and the risks. If training or cross-training can’t address them, outside recruiting or consulting services might be needed. Whatever tack you take, this assessment enables the board, the CEO, and other C-level executives to see the risk, and they can understand why investments in key skills and personnel are necessary for corporate success.

IT Management

Network Computing - Modernizing IT Networks for Higher Education Facebook X LinkedIn Reddit

Information technology teams at institutions of higher learning face unique network challenges based on lean budgets and lengthy evaluation and approval processes to upgrade any hardware or software components. Yet IT managers are still responsible for securing and managing sensitive financial and personal information for students, instructors, and administrators.

Network Management

VentureBeat - Key takeaways from Forrester’s Top Trends in IoT Security 2024

Forrester believes nine dominant trends will define the current and future landscape of IoT security. One of the report’s main takeaways is that closing the many security gaps between IoT sensors, systems and legacy infrastructure is becoming more challenging. That’s especially the case in healthcare and manufacturing, two industries under siege from cyberattacks.

IoT Security

Information Week - 7 Top IT Challenges in 2024

Meanwhile, organizational attack surfaces continue to broaden, providing bad actors with more potential points of compromise. AI and generative AI both play a part here out of necessity. However, as always, not everything that needs to be addressed has to do with technology. IT departments and other stakeholders need to ensure that people and processes also align with the new realities.

IT Management

Computerworld - Enterprise buyer’s guide: How to choose the right UEM platform

Connected, data-intensive and ubiquitous, endpoint devices — ranging from PCs and smartphones to internet of things (IoT) devices — are among the most valuable IT assets an organization can have. For a growing number of enterprises, unified endpoint management (UEM) is the platform of choice for managing endpoints and keeping them from becoming security, privacy, and regulatory compliance risks.

Security

Information Week - Critical Measures CIOs Should Consider Before Modernizing

However, today's app modernization programs are becoming increasingly complex and fraught with multiple risks due to the growing diversity of application portfolios and heterogeneous IT landscape. IDC predicts by 2027, 53% of enterprises in the US will have 500 or more applications.

IT Management

Information Week - Cyber Risks When Job Hunters Become the Hunted

Job search platforms, like any other application, are vulnerable to web exploitation. Threat actors could seek to inject code via malicious links, allowing them to steal data or gain access to administrator accounts and move laterally throughout the system. Threat actors could also target these platforms with web scraping attacks.

Security

Cyber Defense Magazine - The Role of Identity Data Management in Achieving CISA’S Strategic Goals

Firstly, organizations need to develop a clear understanding of what identity data is. One major issue that tends to be overlooked in cybersecurity discussions, even by esteemed organizations like CISA, is the nuanced role of identity that extends beyond human users. When we say “identity,” it’s not just about ‘John Doe’ accessing his workstation. It’s also about a specific microservice querying a database or an IoT device reporting metrics.

Security

ITPro Today - Pros and Cons of IT Jobs in Education

Likewise, if you work for an EdTech company, you're likely to be further removed from the education environment. You probably won't work on-site at a school or university; instead, you'll typically be deploying and managing EdTech software that users access remotely. Your job may feel more like a generic IT job than an IT job devoted to the education sector.

Tech Jobs

Diginomica - How compliance automation can #acceleratetrust

New compliance automation platforms are helping to streamline this process. A recent Drata survey found that 75% of early adopters see continuous compliance accelerate business opportunities, establish trust, and improve cybersecurity. Conversely, 76% of those with a manual approach consider it a burden.

Automation & Productivity

Network Computing - The Complexity Cycle: Infrastructure Sprawl is a Killer

You can see evidence of the complexity cycle in the evolution of network and app services automation. From imperative APIs that required hundreds of individual API calls to configure a system to today’s declarative APIs that use only one API call. It’s easier, of course, but only the interface changed. The hundreds of calls mapped to individual configuration settings still need to be made, you just don’t have do it yourself.

Network Management

Computerworld - A phish by any other name should still not be clicked

Look for the major cyber attackers to start sending candy and flowers to these companies’ CIOs and CISOs with a note: “Thanks very much for training your customers to fall for our phishing attacks more effectively! We owe you one. We’ll connect again when we send you our ransom demands. Talk soon.”

Security

sdxCentral - Identity management is your weakest link, but you can strengthen it

“You need to lock down access to make sure that you don’t have data breaches, because if you think about it, most data breaches today are rooted in some sort of identity and access compromised, and that’s the idea that Zilla is based on.”

Security

The Hacker News - CISO Perspectives on Complying with Cybersecurity Regulations

We tapped into the CISO brain trust to get their take on the best ways to approach data security and privacy compliance requirements. In this blog, they share strategies to reduce the pain of dealing with the compliance process, including risk management and stakeholder alignment.

Security

Network Computing - Technical Debt and the Hidden Cost of Network Management: Why it’s Time to Revisit Your Network Foundations

In the context of network infrastructure, a running network is more urgent than an optimized network. New features may be added that make the network less optimal. Regular review of the infrastructure is like making interest payments on the technical debt incurred. Resources may be overloaded, or even stranded, because of moves, adds, changes, and removed connections.

Network Management

Infosecurity Magazine - How to Discover the Right AI Cybersecurity Tools for Your Security Strategy

“Everyone is jumping on the AI bandwagon because they see £/$ signs, so many vendors are trying to put an AI spin on existing, or as they’ll sell it, ‘updated’ products, that in some cases are nothing more than glorified automation tools,” he outlined.

AI/Security

Information Week - Tech Leaders Devise Strategies for Controlling Legacy Tech Costs

“Then, consider the labor and software cost differential between maintaining the legacy and modern technology, followed by the cost estimate for migrating off the legacy technology,” he says in an email interview.

IT Management

sdxCentral - Google Cloud security expert warns of shadow AI and the risks of consumer genAI in the enterprise

Chuvakin delineated the differences between consumer and enterprise AI tools: Consumer-grade AI systems are expected to learn from prompts and improve over time, designed mainly for fun or personal use. Enterprise AI, on the other hand, often requires restrictions on learning from prompts to protect sensitive information, necessitating fine-grained control over the learning process. Enterprise AI should ideally learn from controlled and canonical sources rather than from any available data.

AI/Security

CIO Influence - Are Cloud Cost Management And Optimization (CCMO) Tools Effective?

Boomi’s new report on proactive cloud optimization strategies found why companies are fraught with uncontrolled and wasteful cloud spend in 2024. It also pointed out the role of Integration-platform-as-a-service (iPaaS) solutions in cloud cost remediation tactics. It was found that FinOps teams either introduced these tactics too late or without having a full picture of the environment.

Cloud

VentureBeat - Beyond the hype: Enterprises embrace Gen AI as key enabler for growth

IT operations (65%), customer support (64%) and security (54%) are the top business areas where gen AI will be most impactful

Automation & Productivity

SiliconANGLE - Google Cloud/CSA survey shows strong belief in generative AI’s ability to beef up cybersecurity

The survey respondents also expressed a belief that AI, rather than replacing humans, is more likely to empower them and make them more effective at their jobs. Some 30% of respondents said AI will enhance their skill set, with 28% indicating it will support their role more generally, and 24% saying it will replace large parts of their role, freeing them up to perform other activities.

AI/Security

CIO Influence - Mitigating Risks of Poor Dat

Data loss is one of the most concerning risks of poor data management. Truelist reports that 94% of companies facing severe data loss never fully recover. Addressing this risk is imperative to prevent your organization from becoming vulnerable and incapacitated.

Data Management

Information Week - Zero-Trust Architecture: What You Need to Know

Fox recommends forming a small, agile, cross-functional team. To gain a holistic view of the organization's security posture, risks and needs, the team should engage with key stakeholders, including IT, application development, cybersecurity, data governance, and operations teams, as well as business decision-makers, internal communications, and senior leadership.

Security

VentureBeat - Google Cloud and CSA: 2024 will bring significant generative AI adoption in cybersecurity, driven by C-suite

Per the report, nearly three-fourths (67%) of security practitioners have already tested AI specifically for security tasks. Additionally, 55% of organizations will incorporate AI security tools this year — the top use cases being rule creation, attack simulation, compliance violation detection, network detection, reducing false positives and classifying anomalies. C-suites are largely behind that push, as confirmed by 82% of respondents.

AI/Security

Information Week - Time for a Disaster Recovery Health Check

Unfortunately, data center-focused DR didn’t anticipate the rapid movement of IT to the edges of enterprises, and the movement of employees out of the corporate buildings and into their own home offices. Decentralized sites in retail, distribution, healthcare, finance, and manufacturing use their own systems and networks, too. They might even use different cloud resources and internet service providers than the headquarters.

IT Management

AiThority - 10 AI ML In IT Security Trends To Look Out For In 2024

Before getting into the precise sorts of cyber assaults, you need to understand how much data is involved. In 2025, the total amount of information created by humans will be 175 zettabytes (175 followed by 21 zeros). Streaming media, dating applications, and medical records are all examples of this type of data. Securing this information is crucial.

AI/Security

CIO Influence - IoT and Robotics Trends for CTOs

The surge in adoption of IoT sensors across diverse industries such as automotive and manufacturing, aerospace and defense, and healthcare is identified as a key driver propelling the growth of the Internet of Robotic Things market. Additionally, the increasing utilization of cloud computing coupled with the availability of a wide range of cost-effective sensors is expected to further drive demand for Internet of Robotic Things solutions.

IoT

InfoWorld - There's more to cloud architecture than GPUs

While GPUs have been pivotal in advancing AI, overemphasizing them might detract from exploring and leveraging equally effective and potentially more sustainable alternatives. Indeed, GPUs could quickly become commodities like other resources that AI systems need, such as storage and processing space. The focus should be on designing and deploying these systems, not just the hardware they run on. Call me crazy.

Cloud

Information Week - Does Your Organization Need a Dedicated AI Leader?

A strong AI leader is also needed to anchor all AI investments to strategic outcomes, she notes. "This requires a dedicated leader to work across all functions to drive a new operating model, [encourage] cross-collaboration, and maximize positive results and return on investments."

AI Management

Network Computing - Seeing the Unseen: How AI is Transforming SDN Monitoring

Uncover hidden anomalies. AI algorithms can analyze vast amounts of network data, identifying subtle patterns and anomalies that might evade traditional methods. This proactive approach allows for early detection and mitigation of potential issues before they have an impact on performance or security.

Network Management

The Hacker News - Harnessing the Power of CTEM for Cloud Security

One major hurdle is the lack of visibility. Unlike physical servers you can see and touch, cloud resources are often spread across vast networks, making it difficult to monitor for suspicious activity and leaving vulnerabilities undetected. Another challenge is the inconsistency across cloud vendor permission management systems. Different providers have different controls for who can access and modify data. This inconsistency creates complexity and increases the risk of accidental misconfigurations, which are a leading cause of breaches.

Security

TechRepublic - Top 6 Passwordless Authentication Solutions for 2024

Passwordless authentication solutions are often components of larger identity and access management (IAM) platforms offering capabilities like password management, single sign-on (SSO) and multi-factor authentication (MFA). They typically integrate with other applications to provide additional capabilities or to unify authentication across the entire environment.

Security

Computerworld - Biggest problems and best practices for generative AI rollouts

Chandrasekaran and other experts have long called out the fact that data hygiene, categorization, and security are lacking in most organizations. When poor data quality is combined with a genAI large language model (LLM) — well, garbage in, garbage out. GenAI platforms are little more than next-word, image or line-of-code prediction engines, so they generate responses based on the data they’ve been fed.

AI/Data

ZDNet - The best network-attached storage devices you can buy

Based on extensive testing, research, product review analysis, and expert opinions, ZDNET's top pick for the best NAS overall is the Synology Diskstation DS1522+. You can't go wrong with this NAS as a powerful, robust option with excellent supporting applications. Read on to find all of our recommendations for NAS devices on the market today.

Data Storage

CIO Influence - Three Tips for Managing Complex Cloud Architectures

There are too, without a strong strategy, issues in matching data to modern data stacks. Using legacy data presets for data sequences requires a high level of oversight, conversion and often human intervention to ensure there is no data loss in the migration process. This takes time, and expert knowledge – something many organizations struggle to find, and can be costly.

Cloud

Information Week - Digital Transformation: What Should be Next on Your Agenda?

"Have you accounted for the impact of quantum computing?" he asks. "Within several years, it's likely to go from lab curiosity to useful tool." How about digital twins or the spatial web? "Not all of these [technologies] will come to pass but investing a few days up front can save years of pain down the road."

Digital Transformation

CIO Influence - Web Scraping Tools Vs Web Scraping Services

The process of web scraping involves two components: the crawler and the scraper. The crawler, an AI algorithm, controls the web, seeking specific data by following internet links. Conversely, the scraper is specialized in extracting data from websites. The scraper’s design varies depending on the project’s complexity and scope, ensuring efficient and accurate data extraction.

Data Management

AiThority - AI in Federal Government: Why Decision Makers Should Work with Data Scientists in 2024

“One unfortunate reality is that data scientists and engineers spend weeks and months wrangling data before they can get to the mathematical modeling and AI part of problem-solving. Solving these fundamental data challenges can accelerate the deployment of AI use cases at scale.”

AI/Data

StateScoop - States are working on AI, but some officials say privacy should come first

Several state technology officials told StateScoop that before they even started creating AI policies, they considered the data-privacy risks of allowing state employees to use generative AI. This includes the practice of data minimization, limiting collection or use of personal information to just what’s relevant and necessary to accomplish a specific task.

AI/Data Privacy

sdxCentral - Google reports jump in zero-day exploits aimed at enterprises, offers 6 tips to stay safe

The report also found that zero-day exploits associated with financially motivated actors decreased proportionally. Of the 58 zero days, Google was able to attribute to threat actor motivation, only 10 were attributed to financial motivation, and the remaining 48 were attributed to espionage actors.

Security

CIO Influence - Top Cloud Management Tools of 2024

These tools encompass various functionalities, including cost management, security enforcement, compliance monitoring, performance tracking, and automation capabilities. The tools contribute to streamlining and enhancing cloud resource management processes by offering such features, enabling a more efficient, secure, and cost-effective operation.

Cloud

Network Computing - 5G Crowd Analytics in Public Venues: What IT Leaders Need to Know

Verizon’s turnkey 5G Edge Crowd Analytics solution incorporates CrowdVision advanced indoor analytics and AWS Wavelength, which offers the compute environment at the edge to allow IT leaders at large facilities to run apps that require ultra-low latency

Network Management

Dark Reading - Cloud Email Filtering Bypass Attack Works 80% of the Time

That might seem obvious, but setting the filters to work in tandem with the enterprise email system is tricky. The bypass attack can happen because of a mismatch between the filtering server and the email server, in terms of matching how Google and Microsoft email servers react to a message coming from an unknown IP address, such as one that would be used by spammers.

Security

sdxCentral - Deloitte on Tech: How to gain an industry advantage from cloud investments

The vast majority (81%) of global leaders Deloitte surveyed use productivity as an indicator of digital value. And while investments in cloud and other technologies certainly contribute to greater process productivity, we know the potential is far greater. In fact, when organizations get digital transformation right – with a solid digital strategy, enabled by tech investments, and a strong digital change capability – there’s a $1.25 trillion opportunity for Fortune 500 firms alone, according to another Deloitte analysis.

Cloud

Dark Reading - CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation

The report also found that having separate board committees focused on specialized risk and audit compliance produces the best outcomes. "Boards that exercise cyber oversight through specialized committees with a cyber expert member as opposed to relying on the full board are more likely to improve their overall security postures and financial performance,"

Security

Information Week - What Is AI TRiSM, and Why Is it Time to Care?

This can be a daunting undertaking, for while there are many years of governance experience and best practices for traditional applications and structured system of records data, there are few established best practices when it comes to managing and analyzing AI structured and unstructured data, and their applications, algorithms and machine learning.

AI/Data

AiThority - AI in Federal Government: Why Decision Makers Should Work with Data Scientists in 2024

“One unfortunate reality is that data scientists and engineers spend weeks and months wrangling data before they can get to the mathematical modeling and AI part of problem-solving. Solving these fundamental data challenges can accelerate the deployment of AI use cases at scale.”

AI/Data

Datanami - Cloudera Survey Reveals 90% of IT Leaders Believe that Unifying the Data Lifecycle on a Single Platform is Critical for Analytics and AI

The proliferation of generative AI is highlighting the importance of trustworthy data because AI insights are only as powerful as the data feeding them. However, the survey revealed respondents face obstacles in their AI journeys due to the quality and availability of data (36%), scalability and deployment challenges (36%), integration with existing systems (35%), change management (34%), and model transparency (34%). This demonstrates that while many organizations may be investing in AI, there are foundational data roadblocks that must be addressed.

AI/Data

ITPro Today - How AI Is Poised to Upend Cloud Networking

Cloud networks will provide the essential link that connects AI workloads to data. The volumes of data will be vast in many cases (even training a simple AI model could require many terabytes' worth of information), and models will need to access the data at low latency rates. Thus, networks will need to be able to support very high bandwidth with very high levels of performance.

AI/Cloud

Network World - Industry groups drive Ethernet upgrades for AI, HPC

With the approach UEC is taking, “customers could use existing Ethernet switches that everybody is deploying today, and UEC technologies will work on top of them and take advantage of all of the innovation Ethernet already has at the link and endpoint level,” Elzur said. “So, the next time they are making a buying decision, they can consider some optional features that we’ll offer that will be fully compliant with Ethernet, and they’ll be able to use all of their exiting tools to work with it.”

Network Computing

sdxCentral - Adobe CSO: How we’re tackling the security talent shortage

The company also works with BlackGirlsHack, which helps women of color pursue careers in information security and cybersecurity; this collaboration involves sharing skills training and offering mentorship opportunities.

Tech Jobs

Network World - Network automation challenges are dampening success rates

The survey data reveals that most IT organizations are using a mix of do-it-yourself, homegrown tools, open-source software, and commercial automation technologies. According to EMAs’ recent webinar, network automation continues to challenge IT leaders who struggle to find the right skills on staff, to create a single source of truth about their environments, and to drive collaboration across IT domains.

Network Management

sdxCentral - What CISOs and the C-suite has is failure to communicate

“The importance of CISO-to-C-suite communications fundamentally comes down to risk — in many ways, a primary role of the CISO is to help their fellow leaders understand their risk profile, risk tolerance and the impact risk mitigation actions will have on the business,” said Roberts.

Security

CIO Influence - The Basics of Biometric Security in IT

Combining various biometric modalities or factors in multi-factor or multi-modal authentication enhances security exponentially. Blending different biometric data types or integrating them with traditional authentication factors like passwords creates a multi-layered defense mechanism, effectively thwarting cyber threats.

Security

sdxCentral - Hybrid work, cloud and AI adoptions drive SASE and SD-WAN demand

The surveyed professionals identified the biggest challenges they are facing in managing wide area networks (WAN) and enterprise network connectivity, which include the complexity of connecting different networking domains such as cloud, branch and wireless (41%), cost (26%), Complexity of choosing the types of network technologies such as MPLS, Internet, SD-WAN, wireless and broadband (20%), expertise and knowledge (10%).

Network Management

Information Week - 10 Ways to Boost Cybersecurity Talent Retention

“It really begins to upskill the existing staff and give them a way to grow their role within the organization … as opposed to been picking up that aggressive recruiter’s phone call and saying, ‘Oh, I'll hop over there because that was the kind of thing I wanted to do, but I couldn't find it within my own organization,’” Weiss Kaya explains.

Security

ITPro Today - 10 Essential Measures To Secure Access Credentials

Supporting these findings, IBM’s X-Force Threat Intelligence Index 2024 notes: “For the first time ever, abusing valid accounts became cybercriminals’ most common entry point into victim environments.” The report goes on to explain why we’re seeing such a surge in credentials theft: “Attackers have a historical inclination to choose the path of least resistance in pursuit of their objectives. In this era, the focus has shifted towards logging in rather than hacking in, highlighting the relative ease of acquiring credentials compared to exploiting vulnerabilities or executing phishing campaigns.”

Security

InfoWorld - Ethics makes a comeback in cloud-based systems

Artificial intelligence has caused many enterprises, technology providers, and consulting organizations to refocus on ethics. All are realizing that it is not only a good idea but also can significantly reduce their legal exposure. In a recent LinkedIn poll that I conducted, about one-third do not consider ethics when making IT decisions. If that sounds bad, it would have been 50% to 60% just a few years ago.

IT Management

Network Computing - Four Ways Your Network Team Can Help You Defeat Ransomware

Research on 905 recent ransomware incidents from 2023 indicated that 28% of organizations had issues related to network segmentation or improperly configured firewalls. Empowering the NetOps team with tools to automate configuration grooming back into compliance or maintain accurate documentation for manual remediation helps teams mitigate drift.

Network Management

Information Week - Why CTOs Must Become Better Storytellers

“Like any executive, CTOs started at the bottom managing and developing technology, and the great ones still do to an extent,” he explains via email. “Their approach to their jobs -- getting in the trenches or hearing the stories -- helps them know the relevancy of today’s problems and be able to explain technology that’s relatable.”

IT Management

SiliconANGLE - Cisco report reveals only 3% of organizations globally are fully prepared for cyberthreats

The adoption of unmanaged devices was also highlighted, with 85% saying their employees access company platforms from unmanaged devices and 43% of those spend 20% of their time logged onto company networks from unmanaged devices. Additionally, 29% reported that their employees hop among at least six networks over a week.

Security

TechRepublic - 6 Best Authenticator Apps for 2024

Google Authenticator is a multi-factor authentication app that generates unique, time-sensitive codes to enhance account security. The app works by generating time-based one-time passcodes that users enter in addition to their passwords when logging into their accounts. These passcodes are secure as they are generated locally (on the device) and not transmitted over the internet.

Security

EDTech - Higher Education Institutions Are Using Firewall as a Service to Enhance Security

“It is key to deploy a solution that has central management, setting up policies only once and not for every device,” he says. “You have the ability to know what device the person is using. If someone is connecting from an iPhone, maybe you don’t provide access to as many applications as if they’re connecting from their laptop, setting that security policy to zero-trust access.”

Security

sdxCentral - Leveraging SD-WAN and SASE for a unified zero-trust architecture

However, as organizations adopt zero-trust principles, creating robust policies that are able to keep up with ever-changing cybe threats presents a challenge. Generative artificial intelligence can be an effective tool to enhance zero-trust policies by automating the policy-writing process and ensuring compliance with best practices and regulations. AI-driven insights can enable organizations to better understand the threat landscapes, spot potential risks, and refine policies accordingly.

AI/Security

SiliconANGLE - Flashpoint report warns organizations to adapt rapidly amid increases in data breaches

Organizations are advised to raise the bar on data actionability. “More data isn’t the solution to staying a step ahead; it’s about the quality, actionability and tailoring of data to an organization’s specific needs,” the report notes.

Security

Network World - 4 reasons to consider a network digital twin

“Without knowing what your infrastructure is doing, you know nothing about your infrastructure,” Wynston says. “Without a digital twin, you do not know your perimeter, you do not know the risks from CVE [common vulnerabilities and exposures], you cannot implement automation. It can paralyze the infrastructure.”

Network Management

Computerworld - Q&A: Udemy online education exec on tech layoffs and skills needs

“Additionally, the onset of genAI is changing existing job roles and responsibilities. Up to 30% of working hours in the U.S. can be automated by 2030 with employees across various professional fields using genAI to complete repetitive tasks and redirect their efforts toward more strategic initiatives. Professionals, regardless of role, need to navigate which tasks to automate, what new skills to cultivate, and how to enhance existing skills.”

Tech Jobs

InfoWorld - 4 steps to improve root cause analysis

While much of IT operations tends to focus on major incidents like outages, disruptive performance issues, and security attacks, one of the more difficult challenges is finding the root cause behind sporadic, needle-in-a-haystack issues. These issues are infrequent, impact a small subset of users, or last for a very short duration. However, they can be very damaging to the business if they occur during critical operations performed by important end users.

Automation & Productivity

Information Week - Using Cloud for Competitive Advantage

“We tie everything we do back to business value,” says Aflac CIO Sheila Anderson. “[For] most innovations, we’ll do a quick proof of concept. I have a team called ‘The Hatch Lab’ that will leverage new technologies. A lot of it today is focused on AI, machine learning, and large language models to quickly prove some hypotheses or opportunities. If it’s a viable solution, we’ll bring it forward to our normal funding cycles.”

IT Management

InfoWorld - 10 cloud development gotchas to watch out for

Deploying resources inefficiently, poor usage estimations, and failing to manage resource allocation all directly impact the overrun of contracts and unexpected expenses, Gaston says. “To address this challenge, developers need to be very familiar with the financial aspects of developing and operating in the cloud,” he says.

Cloud

CIO Influence - Top 10 Application Security Tools to follow for CSOs

By exploring the leading solutions, this article will assist you in fortifying your defenses, identifying vulnerabilities, enforcing security policies, and safeguarding sensitive data. Whether your goal is to enhance your application’s security posture or to stay abreast of the best practices in application security, this guide is designed to help you make informed decisions that cater to your specific needs.

Security

SiliconANGLE - Four generative AI cyber risks that keep CISOs up at night — and how to combat them

Similar research from ISACA surveying some 2,300 pros working in risk, security, audit, data privacy and IT governance published in the fall of 2023 showed that a measly 10% of companies had developed a comprehensive generative AI policy. Shockingly, more than a fourth of the ISACA survey respondents had no plans to develop an AI policy.

AI/Security

CIO Influence - Virtual Reality and Cybersecurity: Emerging Risks and Strategies

Investing in cybersecurity is crucial to mitigate the growing threats and security risks posed to VR and other technologies. These risks encompass malware, hacking, and spam. Moreover, VR introduces new security challenges, such as virtual identities, digital currencies, and biometric data, which serve as novel economic targets for hackers. The article aims to elucidate the imperative need for cybersecurity within virtual reality (VR) and the intricate relationship between VR technology and cybersecurity.

Security

TechTarget - Use these 10 steps to successfully build your data culture

The first step to building a successful data culture is to link the data and analytics strategy to the organization's business and operational strategies. Organizations struggle with understanding the economic value of data and how to extract that value. Leadership should communicate about how the vision, mission and goals of the data and analytics strategy support the business strategy. Demonstrate how data and analytics can create new sources of customer, product, service and operational value.

Data Management

Network Computing - NaaS 2024: A Look at the Future of Network Services

NaaS solutions offer a flexible, pay-as-you-go, or monthly subscription model, eliminating the need for significant upfront capital investments and ongoing maintenance costs. This allows enterprises to rapidly scale their network resources up or down based on evolving needs, ensuring optimal performance without unnecessary expenditures. NaaS frees up valuable IT resources from managing network infrastructure, allowing them to focus on core business initiatives and drive innovation

Network Management

CIO Dive - Accenture sees companies struggling to scale AI

As organizations move into the adoption phase, vendors and service providers are racing to provide industry-tuned models, implementation expertise and, perhaps most importantly, data modernization solutions.

AI

Network World - 2024 global network outage report and internet health check

After weeks of decreasing, global outages increased significantly last week. ThousandEyes reported 206 global network outage events across ISPs, cloud service provider networks, collaboration app networks and edge networks (including DNS, content delivery networks, and security as a service) during the week of March 11-17. That’s up 45% from 142 outages the week prior. Specific to the U.S., there were 87 outages, which is up 38% from 63 outages the week prior

Network Management

sdxCentral - Google Cloud CISO contrasts shared fate vs. shared responsibility models

“The shared responsibility model [is] where a cloud provider runs the underlying infrastructure and is responsible for the security of that. And then on the other side of that line is what the customer is responsible for, in terms of maintaining and managing a secure configuration on top of the cloud,” Venables explained. “That clearly is contractually and legally correct, but it doesn’t, in our opinion, embody the right philosophical approach for security.”

Security

VentureBeat - Why adversarial AI is the cyber threat no one sees coming

An overwhelming majority of IT leaders, 97%, say that securing AI and safeguarding systems is essential, yet only 61% are confident they’ll get the funding they will need. Despite the majority of IT leaders interviewed, 77%, saying they had experienced some form of AI-related breach (not specifically to models), only 30% have deployed a manual defense for adversarial attacks in their existing AI development, including MLOps pipelines.

AI/Security

Government Technology - Report Predicts Top Cybersecurity Threats for 2024

“We’re predicting that at least one ransomware group will carry out a successful compromise of hundreds of targets, by exploiting the vulnerability in specifically enterprise third-party file transfer solutions,” said Recorded Future’s Maggie Coleman.

Security

ZDNet - AI is changing cybersecurity and businesses must wake up to the threat

Lee urged boards to understand the work of their CIO and CISO and determine how effective these executives are in their roles. To have a "well-oiled machinery" running, boards need to be able to have open discussions with the two people responsible for identifying and defending the company against online threats, he said.

AI/Security

CIO Influence - CCPA Essentials: A Guide for IT Security Professionals

Effective data governance ensures compliance with the California Consumer Privacy Act (CCPA). While data security remains a crucial aspect, the core challenges of CCPA compliance revolve around identifying and managing personal data by regulatory requirements, making data governance indispensable in tackling CCPA challenges.

Data Privacy

Network Computing - Embracing the Digital Wave: How Government is Transforming with Technology

The funding was allocated to agencies at the federal level of government, but most of the innovation will impact citizens and other public entities. Cities throughout America are also launching large initiatives to install new and innovative technology that will modernize old systems, increase efficiency, improve citizen services, and reduce costs.

Automation & Productivity

sdxCentral - Forrester: SASE is future, ZT is past, but SSE is right now

Forrester has seen momentum in the adoption of security service edge (SSE) as its clients are three times more often asking about and purchasing solutions from SSE providers than secure access service edge (SASE) vendors. The analyst firm also named Netskope, Palo Alto Networks, Zscaler and Forcepoint as leaders in its latest SSE Wave report for Q1 2024.

Security

sdxCentral - AI data-quality issues cost enterprises hundreds of millions

“As companies rush to adopt generative AI [genAI], they continue to face major issues with inaccessible and unreliable data,” Fivetran Field CTO Mark Van de Wiel told SDxCentral. The research found 69% of organizations struggle to access all the data needed to run AI programs, and 68% struggle to cleanse their data into a usable format.

AI/Data

Information Week - Downtime Cost of Cyberattacks and How to Reduce It

What we do know is that these attacks are unlikely to abate anytime soon. Roughly 50% of organizations experienced more than 24 hours of downtime between 2014 and 2019. And large organizations are far from the only targets. Small and medium-sized businesses (SMBs) are increasingly on the radar of cyberattackers as well. Healthcare and non-finance type businesses have suffered more than three quarters of the brunt of this onslaught.

Security

Network Computing - Bring Network and Security Teams Together by Asking the Right Questions

Network and security leaders may sit down at the same table from time to time, but without a structured plan for collaboration, they go back to focusing on their individual objectives as soon as they walk out of that room. Because that's the way it's always been done.

Network Management

VentureBeat - CIOs share how they are harnessing gen AI’s potential at Nvidia GTC

“We’re making a huge dent in developer productivity by automating a lot of that work. What this does, it actually allows engineers to get back to building new things, adding things that actually provide value to the enterprise as opposed to just working on things that are repetitive or that would be considered sort of maintenance.”

Automation & Productivity

sdxCentral - Network underlay: What is it, and why does it matter to enterprises?

Enterprises face a complex cloud landscape with public, private, hybrid and multicloud options. Choosing the right connection is crucial, and there’s no one-size-fits-all solution. In 2024, security, resiliency and performance of the underlying network will be paramount as enterprises evaluate cloud connectivity providers

Network Management

CIO Influence - Cybersecurity Attack Surface Management Trends of 2024

Following identification, each asset undergoes a meticulous evaluation to gauge its susceptibility to potential cyber threats. Vulnerability assessment entails scrutinizing software, configurations, and system architectures to pinpoint weaknesses that could be exploited. This step is pivotal in comprehending each asset’s security posture and effectively prioritizing remediation efforts.

Security

ITPro Today - Algorithms vs. Automation vs. AI: Understanding the Differences

These days, it feels almost impossible to have a conversation about anything tech-related without mentioning at least one of these three terms: algorithm, automation, and AI. Whether you're talking about software development (where algorithms are key), DevOps (which is all about automation), or AIOps (which leverages AI to drive IT operations), you're likely to encounter at least one of modern tech's "a-words."

IT Management

Datanami - Gartner Predicts Over 30% of API Demand Boost by 2026 Due to AI and Tools Using LLMs

“Enterprise customers must determine the optimal ways GenAI can be added to offerings, such as by using third-party APIs or open-source model options. With TSPs leading the charge, they provide a natural connection between these enterprise customers and their needs for GenAI-enabled solutions.

GenAI

Information Week - IT Careers: Does Skills-Based Hiring Really Work?

“With skills-based hiring, all you need to do is break your job descriptions down into the tasks that need to be done and then look at the skills [required] for those tasks. If it’s done as a silo, then it won’t offer all the benefits that skills-based organizations can bring.”

Tech Jobs

Computerworld - Which genAI chatbots are the most popular now?

“IDC expects that copilots [lower-case ‘c’] will proliferate over the next several years and will eventually become the standard interface for most software products, like web interfaces are today,” the firm said in a new report.

Automation & Productivity

Information Week - How to Structure Your IT Team for Efficiency and Strength

“We want our employees to have opportunities to level-up their skills, work with the latest tech, and benefit from partnering on diverse projects,” Mahon explains. “This aligns with our goals of creating learning opportunities for our employees and empowering them to do their jobs while also growing in their careers.”

IT Management

Datanami - Nutanix Study Finds AI, Security, and Sustainability Are Major Drivers for IT Modernization

“80% of ECI respondents are planning to invest in IT modernization, with 85% planning to increase their investments specifically to support AI. What this year’s ECI reveals is that organizations need to support the technologies of tomorrow by future proofing their IT infrastructure today. Hybrid multicloud continues to emerge as the infrastructure standard of choice because of the flexibility it provides to support traditional VM and modern containerized applications and movement between clouds and on-prem.”

Cloud

Forbes - Lead The Change: The Enterprise Executive Roadmap To Automation Platforms

No matter what most vendors will tell you, there is no singular platform that can become your entire enterprise automation platform. The reality is that all platforms have their shortcomings, and it is important to identify the gaps in each tool and then determine what tools or glue code will be used to integrate your systems

Automation & Productivity

CIO Influence - DevSecOps Tools for CIOs in 2024

DevSecOps embodies a dynamic paradigm in software development, fostering collaboration across the Software Development Life Cycle (SDLC). Within this framework, tools play a pivotal role, harmonizing security with the Continuous Integration/Continuous Deployment (CI/CD) pipeline, automating processes, and bridging the divide between DevOps and security teams.

DevOps

sdxCentral - How entry-level certifications can help a growing cybersecurity workforce crisis

ISC2, for one, offers its entry-level Certified in Cybersecurity (CC) training program that has now been earned by 50,000 people. Further, the organization has made a One Million Certified in Cybersecurity pledge to offer free CC online training and exams to a million people.

Training/Certs

Forbes - How AI-Driven Cyberattacks Will Reshape Cyber Protection

Software and hardware attacks can pose a constant threat to businesses. However, there are effective ways to counter these threats. One such way is by utilizing a system dependency model. This model connects predictive analysis, response time, attack type, deterrence and cyber protection into a cohesive system rather than treating them as separate entities.

Security

Data Science Central - How modern businesses leverage technology to transform data

The path from unstructured data to actionable insights is fraught with complexity, mainly due to the disorganized nature of the data itself. Traditional analysis tools falter in the face of unstructured data’s lack of a predefined model, but this is where data extraction tools genuinely shine. These sophisticated technologies are essential in transforming unstructured data, as they automate the preliminary organization and interpretation, employing algorithms to tag, sort, and initially analyze the data.

Data Management

Information Week - What Can a CIO Do About AI Bias?

Tools such as IBM’s AI Fairness 360 (AIF360) can tell IT leaders to what degree their AI models are biased toward one group of people versus another. RagaAI’s tool, called RagaAI DNA, identifies biases in AI models by training on a multimodal data set. Organizations can custom-train RagaAI DNA to test product descriptions and customer reviews in retail, location data in geospatial applications, and medical records and images in healthcare.

AI Ethics

Forbes - Three Things That Might Surprise You About Ransomware Attacks

In fact, attackers only need to find, steal and/or encrypt a small amount of an organization’s data to be successful. With sensitive data often being stored in multiple different locations in an organization’s environment, attackers have plenty of target areas to choose from.

Security

Network Computing - Avoid Buyer's Regret: Top Tips for Assessing Infrastructure Provider Health Before Purchases and Contract Extensions

With large enterprise infrastructure purchases for services, including SASE, SD-WAN, wireless, and more, on the line, the tech behind the services may be proven, but can the provider deliver? Is the provider having business problems? What can buyers do to avoid regret or devastating mistakes?

IT Management

ComputerWeekly - Budgets rise as IT decision-makers ramp up cyber security spending

IT spend is being driven by requirements to meet regulatory compliance. For instance, European regulations like the Digital Services Act, Data Act, European Health Data Space (EHDS), Data Governance Act, and AI Act are aimed at forcing transparency, responsible data use, and improved cyber security across the European Union (EU).

IT Management

Network Computing - Cloud Adoption Soars as Organizations Navigate Challenges

Forty-one percent of the respondents said they are currently using artificial intelligence/machine learning (AI/ML); however, nearly half, 49%, are experimenting and planning to use ML/AL platform-as-a-service (PaaS) services.

Cloud

SiliconANGLE - AI and data security: Prioritizing speed, protection and visibility in cloud migration

“Businesses really want to use AI and large language models to accelerate their business decisions. It makes a lot of things really easy,” he said. “You can kind of put some prompts in and get some information back, and then you can make decisions based on that. But at the same time, it’s actually a really traditional problem. Having visibility of where your data is and what systems are using that data is something we’ve been doing in the security industry for a really long time.”

AI/Data

eWeek - 20 Top Generative AI Companies Leading In 2024

Beyond its flagship content generation solution, ChatGPT, and image generation solution, DALL-E, OpenAI also offers its API and different generative AI models to support companies in their own AI development efforts. GPT-4, chat models, instruct models, fine-tuning models, audio models, image models, and embedding models can all be customized for a usage fee to meet individual business needs.

GenAI

SiliconANGLE - Archera discusses gen AI costs and opportunity amid a tech evolution

As generative artificial intelligence continues to disrupt everything, a big conversation taking place revolves around how much a company is going to spend and whether the juice is worth the squeeze. Everyone knows they want generative AI, but how best to handle the gen AI costs?

AI

ITPro Today/DarkReading - 6 CISO Takeaways From the NSA's Zero-Trust Guidance

On March 5, the National Security Agency continued its best-practice recommendation to federal agencies, publishing its latest Cybersecurity Information Sheet (CIS) on the Network and Environment pillar of its zero-trust framework. The NSA document recommends that organizations segment their networks to limit unauthorized users from accessing sensitive information though segmentation.

Security

Forbes - Modernize To Thrive: Transitioning To The Cloud In The Public Sector

Across the public sector, some Web 2.0 applications are either already on the cloud or primed to be with very little work needed to modernize, says Kerr. Those mainly cloud-based areas include self-service applications such as government information portals, student admissions and enrollment and medical applications.

Cloud

Information Week - The Courtroom Factor in GenAI’s Future

How much haggling or wrangling has been going on to say whether current laws on the books are sufficient or not sufficient? Whether or not they’re up to the task of really answering these questions? At a local, state, or national level, there are different conversations happening about getting our arms around this in terms of policy. But with what’s on the books now, is existing policy kind of like a dinosaur?

AI Ethics

Computerworld - Generative AI will drive a foundational shift for companies — IDC

Through 2025, 75% of organizations are expected to create AI implementation review boards; 40% will be looking to increase their outsourced AI services, including AI delivery; and 40% of new applications are expected to be more intelligent, as developers incorporate genAI to enhance existing and new use cases, according to a recent CIO survey by IDC.

GenAI

ITPro Today - Tips for Deploying Enterprise NAS Storage

Here are key steps for setting up a network-attached storage appliance. We will also explain how to configure block storage using iSCSI.

Data Stroage

CIO Influence - How CIOs can Enhance Agility Through Cloud Migration Strategies

Optimizing IT infrastructure varies for each organization, often incorporating public, private, and traditional IT environments. According to an IDG cloud computing survey, 73 percent of key IT decision-makers have already adopted this hybrid cloud technology, with an additional 17 percent planning to do so within 12 months.

Cloud

Information Week - Recent Ivanti Vulnerabilities: 4 Lessons Security Leaders Can Learn

“There are other solutions out there that do this exact same thing that haven’t appeared on CISA KEV [Known Exploited Vulnerabilities Catalog] as much,” says Jacob Baines, CTO of VulnCheck, a vulnerability intelligence company. “But at the same time as other people pivot [to] other solutions, those solutions are going to get targeted … and we'll see in the future what type of vulnerabilities fall out of the new popular systems.”

Security

ZDNet - How to avoid the headaches of AI skills development

While 81% of IT professionals are confident they can integrate AI into their roles, only 12% have significant experience working with the technology. To complicate matters further, 90% of executives don't completely understand their team's AI skills and proficiency.

AI

sdxCentral - IT leaders concerned about speed of genAI deployments

The survey reached AI/ML (machine learning) and other technology leaders at 1,000 global organizations and found that an overwhelming 96% of respondents are working to scale their AI compute infrastructure, capacity and investments in 2024. More than 50% of respondents plan to use large language models like LLaMA, and 26% plan to use embedded models in their commercial AI deployments.

GenAI

SC Media - Four practical applications of phishing-resistant authentication

Companies have begun to embrace phishing-resistant authentication. For example, Google requires its employees to use physical security keys for access to its corporate resources. This move significantly reduces the risk of phishing attacks. Banks worldwide have integrated biometric authentication methods, including fingerprint and facial recognition, into their mobile banking apps

Security

SupplyChainBrain - Implement iPaaS to Become a Data-Driven Enterprise

Where SaaS grants access to software applications via the cloud, iPaaS focuses on integrating and orchestrating data flows across various software systems, encompassing services offered by SaaS, such as ERP, CRM, WMS, billing, and sales applications within a single platform. It’s also worth noting that iPaaS isn’t confined to cloud-based solutions; it also extends integration to on-premises systems.

Data Management

Datanami - Three-Quarters of Organizations Have Reached High Levels of AI Maturity, LXT Survey Finds

This latest report found that organizations have taken large steps, with nearly three-quarters (72%) reporting that they have reached higher levels of AI maturity. The most significant shift is in the mid-range, where nearly a third of companies state that AI is now in production and creating value. To achieve this, half of all organizations invest between $1 million and $50 million, and more than ten percent reported an AI budget between $50 million and $500 million.

AI

CIO Influence - The Role of Confidentiality in Data Pipeline Security

Confidential AI operates at the convergence of artificial intelligence (AI) and confidential computing, bridging the gap between Zero Trust policies intended to secure private data and generative AI, which often relies on cloud computing power for training and processing complex tasks and requests. To instill confidence in AI tools, technology must exist to shield inputs, trained data, generative models, and proprietary algorithms. Confidential AI facilitates this assurance.

AI/Security

Network Computing - A Problem 40 Years in the Making

In the era of the data economy, every vendor offering a product that generates data will likely convert that product into a service to provide a better Service Level Agreement (SLA) to their customers. Consequently, every business entity will require access to their data. This situation presents interesting challenges from both security and compliance perspectives. Opening up security access to your business partners will necessitate much stricter scrutiny and adherence to compliance standards.

Network Management

CIO Influence - Guide to Implementing Zero Trust Security in Enterprise Networks

Zero Trust architecture necessitates continuous monitoring and validation of user and device privileges and attributes. It mandates policy enforcement based on user and device risk, compliance requirements, and other factors before granting access. Organizations must be aware of all service and privileged accounts, establishing controls over their connections. One-time validation is insufficient as threats and user attributes are subject to change.

Security

SiliconANGLE - Salt Security identifies critical flaws in ChatGPT plugins that risk third-party data breaches

The second vulnerability was within PluginLab, a framework developers and companies use to develop plugins for ChatGPT. During installation, Salt Labs researchers found that PluginLab did not properly authenticate user accounts, allowing a prospective attacker to insert another user ID and get a code that represents the victim, which can lead to account takeover via the plugin.

Security

Infosecurity Magazine - The Growing Threat of Application-Layer DDoS Attacks

During a recent Cyber Forum event at the House of Lords in London, it was reported that 56% of DDoS attacks on AWS customers were application-layer attacks. A Radware report points out that total malicious web application and API transactions increased by 171 percent in 2023, with a significant part of this increase attributed to layer 7 encrypted web application attacks.

Security

Information Week - EU AI Act Passes: How CIOs Can Prepare

“I believe this is going to have a ‘halo effect’ for other regions. GDPR deals with a very specific point around data privacy. But AI is such a big, broad existential issue for our society and businesses right now … every country is trying to see what they can do to get inspired by this law in some shape or form.”

AI Ethics

Forbes - Does AWS Or Google Cloud Offer Better Options For Your Business?

A comparative analysis shows that while AWS provides more services, Google Cloud excels in specific niches such as big data processing and artificial intelligence.

Cloud

Network World - Remote work keeps driving network innovation

“True innovation will be in the stack, and it will be centered around the work done by network architects to harmonize all these demands into a new single network layer for experience, security and connectivity, and cost management. While there’s certainly a place for innovative point solutions, this rethinking is required before AIOps or any innovative networking solution can be deployed.”

Network Management

ZDNet - How AI firewalls will secure your new business applications

AI and cybersecurity have been inextricably linked for many years. The good guys use AI to analyze incoming data packets and help block malicious activity while the bad guys use AI to find and create gaps in their targets' security. AI has contributed to the ever-escalating arms race.

AI/Security

Blocks & Files - Generative AI and the wizardry of the wide-open ecosystem

If you believe that GenAI is going to be a critical workload for your business – 70 percent of global CEOs told PwC it will change the way their businesses create, deliver and capture value – then you must clear the lock-in hurdle. One way to do this is to pick an open model and supporting stack that affords you flexibility to jump to new products that better serve your business.

GenAI

Harvard Business Review - Why Adopting GenAI Is So Difficult

First, many businesses, large and small, are still grappling with how to integrate traditional AI — such as rule-based algorithm and machine learning — into their operations. At best, they are in an exploratory phase with traditional AL, and at worst they’re simply feeling lost. A recent study suggested that more than 70% of the large companies surveyed were still wondering how to reap the potential benefits that AI can offer.

GenAI

Network Computing - How to Mitigate Shadow AI Security Risks by Implementing the Right Policies

The ‘Shadow IT’ of several years ago is now evolving to ‘Shadow AI.’ The growing popularity of LLM or Multi-modal Language Models has led to product teams within an organization adopting these models to build productivity-enhancing use cases. There has been an explosion of tools and cloud services simplifying the build and deployment of GenAI applications by teams in marketing, sales, development, legal, HR, etc. While there is rapid adoption of GenAI, security teams are yet unclear on the implications and policies.

AI/Security

The Wall Street Journal - AI Will Transform One of Corporate Tech’s Biggest Cost Areas—Actual Savings TBD

However, some chief information officers fear these contractors, called systems integrators, will see bottom-line savings from tools such as coding assistants—which contractors say can speed up some tasks by 50%—while charging the companies the same rate.

IT Management

Information Week - How to Budget for Generative AI in 2024 and 2025

“We’ve seen success in integrating with an existing AI model … an investment of a $150,000 to $200,000. We’ve also built highly complex custom models into products that take [an] investment of $1 million to $2 million,” says Brown.

GenAI

Datanami - Rapid Tech Expansion Creates Chaos for the Majority of Businesses, new Software AG Study Finds

“Finding the right tools to manage the portfolio is key. But we should not be just talking about “managing”. These technology investments are being made as part of a transformation agenda. Organizations are aiming to differentiate themselves, be innovative and grow. Technology is a critical enabler for most of those plans. Greater transparency and control over the technology landscape will better align the tech and business agendas and set these companies up for success.”

IT Management

TechBullion - Breaking Down the Basics: What You Need to Know About Public, Private, and Hybrid Clouds

Hybrid Multi-Cloud Approach: Many companies already utilize multiple types of clouds for different purposes – public clouds for customer-facing apps/services and private clouds for internal operations or sensitive data storage needs – known as hybrid clouds. In 2020 alone, 93% of enterprises reported using a multi-cloud strategy. This trend is expected to continue as organizations look for ways to optimize their cloud usage and reduce costs while ensuring data security.

Cloud

Blocks & Files - Scality: there are degrees of immutability

Cyber criminals understand that as long as you can recover (restore), you are less likely to pay their ransom, so attacks on backups are much more common now. Immutability puts up significant barriers to common attack threats that modify (encrypt) or delete backup data.

Data Management

Information Week - Special Report: What's Next for the GenAI Market in 2024?

However, there aren’t just new generative AI companies themselves growing; there are industries growing in reaction to AI. IT departments -- recognizing that their hardware might not be up to the task of running AI workloads -- are looking for AI chips. Businesses are readying themselves for AI-related legal challenges, privacy compliance snags, and ethical quagmires by seeking specialized services. (Quite possibly there will be cyber incident response companies touting their enterprise “singularity defense management” platform before 2025.)

GenAI

TechBullion - Harnessing the Potential of Cloud Computing with Strong IT Infrastructure & Networking

The concept of cloud computing is based on three main models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). IaaS provides access to fundamental resources such as processing power, storage space, and networking infrastructure. PaaS offers tools and services needed for application development and deployment in addition to basic infrastructure. SaaS provides complete web-based applications that are accessible over the internet.

Cloud

Forbes - As SaaS Sprawls, Risks Rise

For example, I recently did a risk assessment for a global enterprise with 100,000 employees. We showed the CIO that they had more than 2,000 different SaaS apps in use across the organization. He said, OK, that's a lot. We didn't realize that. But how do I know that we have an actual problem?

Security

Network World - Ransomware increases urgency of documented DR plans

A proper DR plan is built on the assumption that you’ll probably need to restore data and systems on entirely new infrastructure. The original system could be unavailable because it needs to be retained for forensic reasons, or its hardware is beyond repair. Counting on reusing the same physical servers after an attack or disaster is reckless. It simply might not be possible, so you must be prepared to start a recovery with all new hardware.

Security

CIO Influence - Best Practices to Overcome Network Security Challenges

Cyber-attacks represent a significant threat to businesses of all sizes, emphasizing the critical importance of robust network security measures. Whether managing a large corporation or a small enterprise, implementing effective network security safeguards vital data and ensures business continuity. Throughout this article, we’ve explored the multifaceted landscape of network security, covering key challenges, best practices, and case studies.

Network Management

ComputerWeekly - A better way to manage hybrid or multicloud deployments

This highly heterogeneous IT environment can cause management headaches. What’s crucial, says Lock, is the questions you ask of different suppliers. “Are you going to get the sort of support you need to make this work? Do you have all the knowledge and skills you need to run it – if not, have you got a specialist in mind that knows them well enough and knows you well enough to make that work for you?

Cloud

sdxCentral - Why CISOs should embrace the metric of ‘no’

The reality is that C-suites and boards often don’t ask security questions — or if they do, they’re often quick, superficial ones, Rodgers pointed out. In these scenarios, if CISO do say no, there isn’t a strong enough culture in place to stop so-called shadow IT, when employees use tools without the security department’s knowledge.

Security

SC Media - Six ways to protect an organization from commercial spyware

As a result, commercial spyware creates significant risk exposure for companies on two fronts. First, by putting organizations at risk from known zero-days that could be remediated by vendors had they been responsibly disclosed. Secondly, by creating an increased risk of fines, penalties, and litigation under all privacy laws applicable to the data impacted.

Security

Network Computing - What is Network-as-a-Service (NaaS)? A Complete Guide

Soaring data traffic, driven by the broadening use of 5G, IoT, and video streaming (and the rapid emergence of AI), has given rise to the newer and more flexible WAN approach. Beyond not buying, managing, or maintaining network equipment, bandwidth, and specialized talent, NaaS offers many capabilities and functionality.

Network Management

Harvard Business Review - Why Adopting GenAI Is So Difficult

First, many businesses, large and small, are still grappling with how to integrate traditional AI — such as rule-based algorithm and machine learning — into their operations. At best, they are in an exploratory phase with traditional AL, and at worst they’re simply feeling lost. A recent study suggested that more than 70% of the large companies surveyed were still wondering how to reap the potential benefits that AI can offer.

GenAI

Information Week - IT’s Waste Management Job With Software Applications

In 2023, SaaS management firm Zylo reported that “44% of businesses' SaaS licenses were wasted or underutilized and that the average organization was wasting $17 million in unused SaaS licenses every year.” Zylo went on to say, “Enterprise organizations (10,000 employees+) spend over $224M on SaaS but only utilize 50% of their SaaS licenses.” Zylo added that “70% of SaaS application contracts were renewed in 2023, despite being underutilized.”

IT Management

Computerworld - Why are CIOs who anticipate the future rarely allowed to do anything about it?

It would be easier to accept if IT pros were routinely caught offguard by opportunities or problems they didn’t anticipate. Alas, that's not the case. To be blunt, IT decision-makers in the US often see the train charging down the tracks, but they're not permitted to do anything about it until it's pulled into the station and crashed.

IT Management

sdxCentral - AWS CISO answers most frequently asked questions about genAI security

For the first question, the conversation often starts with data security. Betz said he emphasizes the importance of securely managing and storing data. This includes ensuring data availability and efficiency for genAI model training. In addition, fundamental data security strategies apply to genAI as with other domains, he said.

AI/Security

Network Computing - How to Securely Access Customer Networks With BYOC

To address these challenges, a new architecture has emerged called Bring Your Own Cloud (BYOC). BYOC means that the data plane portion of the SaaS vendor’s software stack is deployed into their customers’ environment to store, process, and analyze customer data. The control plane consists of all the backend services and computational resources required to configure and manage data sets in the vendor’s network, and it runs in the SaaS vendor’s cloud environment while connecting to the BYOC data plane that runs in the customer’s network via APIs

Data Management

Network World - Cisco Talos: 3 post-compromise tactics that threaten your network infrastructure

For a long time, enterprises have taken a hands-off approach to edge devices, sort of a “don’t touch it, let it do what it does, and let it keep running” approach, Biasini said. “It was like a badge of honor to have an edge device that was out there running for two or three years. Now, that is a very, very big liability, and it’s something organizations really need to take care of,” Biasini said.

Network Management

sdxCentral - How to future-proof networks for multicloud

Dedicated direct connect-style connections offered by cloud providers create silos and serve to inhibit multicloud. As Turner explained, “There is some inherent vendor lock-in because the provider owns the interconnect into the cloud.”

Cloud

Network World - Zero Trust security in your data center

While many Zero Trust Security solutions are focused on the edge or access into the network, it’s critical for organizations to extend Zero Trust thinking and architectural design to include the data center – where the majority of the organization’s physical and virtualized business-critical applications and workloads live.

Security

ITPro Today - Explosion of Data in the Cloud Era Leading to Observability Complexity

According to the report, an overwhelming 86% of technology leaders say that these stacks produce an explosion of data that is beyond humans' ability to manage effectively. To cope with this data deluge, organizations use an average of 10 different monitoring and observability tools to manage applications, infrastructure, and user experience. However, 85% of technology leaders say that the number of tools, platforms, dashboards, and applications they rely on only adds to the complexity of managing a multicloud environment.

Data Management

Dark Reading - NIST Cybersecurity Framework 2.0: 4 Steps to Get Started

"In many cases, this will mean that organizations have to take a hard look at existing assessments, identified gaps, and remediation activities to determine the impact of the framework changes," he says, adding that "new program gaps will emerge that previously may not have been present, especially with respect to cybersecurity governance and supply chain risk management."

Security

Information Week - The People Aspects of Social Engineering Audits

No one likes telling users there are flaws in their business operations, because it’s natural for people to become defensive and even hostile. This unenviable job is further complicated because many IT staffers, including CIOs, still view social engineering audits as unnecessary expenditures of time and money. After all, aren’t IT security and network penetration and vulnerability audits performed every year? Aren’t they enough?

Security

CIO Influence - A Closer Look at Browser Security in 2024

Browser usage has exploded in recent years, exposing a giant attack surface that companies are struggling to manage and cover. And, traditional network-based security controls aren’t detecting zero-hour phishing attacks that deliver ransomware and steal credentials. Our team, over 30 days, detected more than 11,000 zero-hour phishing attacks that exhibited no signature or digital breadcrumb. This means that no existing Secure Web Gateway (SWG) or endpoint tool could detect and block those attacks.

Security

Dark Reading - 10 Essential Processes for Reducing the Top 11 Cloud Risks

Fortunately, as KnowBe4's Robert Grimes points out, several of the issues we expected to be problematic several years ago have not (yet) been issues, including tenant collisions, cloud-based malware, virtual machine client-to client/host attacks, undeletions, and data ownership issues. That said, there is more than enough to keep everyone busy — if not overwhelmed.

Cloud Security

Information Week - CISOs Tackle Compliance With Cyber Guidelines

The federal government is also leaning in on vulnerability management with an emphasis on software -- here the focus is on knowing and managing risks associated with an organization's software bill of materials

Security

Network Computing - Enterprise Security Gets Personal: Enter the Human Firewall

But here we are talking about a broader concept of a firewall. It is not merely a software application or a physical device that serves as a demarcation point between an enterprise entity and the rest of the world. Instead, a human firewall approach aims to provide every end user with a combination of tools, knowledge about threats, and security best practices, as well as instilling in every user the importance of their role in the enterprise’s security.

Security

AiThority - Navigating IT Budgets Amid AI-Boom: Experts Eye Automation Tech

This prompts companies to face a critical decision: where to allocate their budgets for maximum return on investment (ROI). According to experts, Robotics Process Automation (RPA) and smart app creation suites represent promising options to gain an edge in business efficiency and innovation going forward.

Automation & Productivity

Network Computing - The Risks of Using an Unsecured Network and the Best Way to Protect Your Users and Company

The best way for IT to fight threats like ransomware is to bullet-proof access to the network, whether it is by deploying centralized security monitoring, tracking, and mitigation tools, securing all remote edge access points to the network by properly configuring the security settings on IoT and mobile devices; installing the latest security updates for application and operating systems; training users in sound security practices; or physically inspecting network equipment.

Security

Computerworld - Q&A: GitHub COO on how genAI makes devs more efficient (and can automate the helpdesk)

For more than two years, GitHub has been developing its own genAI platform that can not only write a majority of code for a developer, but also take on mundane IT help desk tasks. COO Kyle Daigle explains what's been going on.

AI/DevOps

Information Week - How to Innovate in a Privacy-Protective Way

To innovate in a privacy-conscious manner, organizations should leverage current processes for evaluating privacy (such as privacy impact assessments and data protection impact assessments) and reinforce them to account for new and increased risks posed by AI. Practicing data minimization and purpose limitation can help maintain quality of data, while respecting consumer rights regarding their personal data.

Data Privacy

CIO Influence - Securing the Future: Exploring Global IT Security Regulations

Moreover, as security requirements often converge, these frameworks facilitate crosswalks, enabling organizations to demonstrate compliance with diverse regulatory standards. For instance, ISO 27002 delineates information security policy in Section 5, whereas Control Objectives for Information and Related Technology (COBIT) defines it within its “Align, Plan and Organize” segment. Similarly, frameworks such as the Committee of Sponsoring Organizations of the Treadway Commission (COSO), HIPAA, and PCI DSS each outline distinct facets of information security policy within their respective sections.

Security

Network Computing - Forget High Availability; Modern Enterprises Need Always-on Services

Redundant networking connections are critical for businesses that need to be always online. In the event the primary network is down, there should be an easy switch in place to provide backup service, even at a slower rate, until the primary network is back online. Another solution would be to have critical operations and devices work even when offline, syncing data at a later date with the network, although that is not always possible.

Network Management

Information Week - Help Your C-Suite Colleagues Navigate Generative AI

For example, CTOs can clarify the differences between generative and discriminative AI. It’s an essential distinction because each represents a vastly different approach to learning from data. They are also at separate points on the adoption curve. Generative models can be used for tasks like data generation, while discriminative models excel at classification and prediction tasks.

GenAI

CIO Influence - The ChatGPT Revolution is Coming for Compliance

Business heavyweights from Goldman Sachs to Apple – many of which have banned employees from using ChatGPT – have joined a call to rein in generative AI development over fears of misinformation and replacing human labor, as well as cybersecurity concerns. Any tool that possesses the capability to undermine data privacy, leak source code, and compromise compliance and regulatory performance through “automated decision-making” is the last thing many business leaders want to see in the pipeline.

AI/Security

sdxCentral - Assessing the post-quantum threat – 3 tips to be ready

A fully functional quantum computer capable of breaking current cryptographic systems is not yet a reality. The threat is imminent enough, however, to cause some to take action in anticipation of nation state and other threat actors gaining access to quantum computing. The idea of hackers using a “harvest now, decrypt later” tactic poses an immediate risk. Adversaries could be collecting encrypted data with the purpose of decrypting it once quantum computing becomes sufficiently advanced.

Quantum Computing

sdxCentral - Why networking for AI needs AI for networking

All the major network vendors are now working on evolving their products to meet the unique demands of AI. One of the positive signs for the industry is the formation of the Ultra Ethernet Consortium, where rival companies such as Arista, Cisco, Juniper and HPE have come together to create an Ethernet standard that can challenge InfiniBand as the technology that can support AI. I don’t believe Ultra Ethernet will universally displace InfiniBand, but many customers do want an option, and having the industry come together on a standards-based offering will create a rising tide where everyone wins.

Network Management

VentureBeat - A CISO’s guide to AI: Embracing innovation while mitigating risk

AI is just one more technological advancement we must accommodate. CISOs had the same uncertainty about bring-your-own-device (BYOD) and cloud adoption, both of which are now common. It’s likely AI will become ubiquitous, which means CISOs must know how to manage, guide and lead AI’s adoption.

AI/Security

Information Week - Squeezing the Maximum Value Out of Generative AI

Before LLMs, organizations needed to perform complex text analytics in order to get value out of unstructured text data, such as maintenance records or shift logs in a production environment. “LLMs can be used to structure text data and prepare it as inputs for machine learning models used for production optimization and predictive maintenance.”

AI/Data

Datanami - Reveal Survey Report: AI Integration is Biggest Software Challenge of 2024

However, those who have not jumped on the AI bandwagon cite concerns such as: generative AI code lacks the creativity and innovation of human developers, AI can produce code with security vulnerabilities, and code developed with AI may contain errors, bugs, or inefficiencies. There is also a concern that AI might make the developer’s role obsolete.

AI

VentureBeat - 4 strategies data-driven CISOs need to take now to defend their budgets

However, the fear and uncertainty of an impending global recession is forcing business leaders to take a hard look at every entry in their operating budget. Enterprise CISOs can no longer assume that their budgets will be exempt from cost-cutting measures. Instead, they must be prepared to answer pointed questions about the overall cost-effectiveness of their security program.

Security

Network World - And the AI winner is…IBM?

For decades, I’ve listened to sales management tell the sales force to avoid consultative selling, avoid “educating” the customer. Make your darn numbers, sales management says. For decades (six, in fact) IBM has taken another path. They used to hand out notebooks to people, emblazoned with one word: Think. I’ve sat in on CIO/CTO-level meetings that included IBM’s account teams, and I was struck by how much the team worked to draw out that thinking. And not just thinking about technology, thinking about how technology changes business.

Automation & Productivity

sdxCentral - Breaking down the value of managed SASE for today’s businesses

“The benefit we have over a lot of IT and security teams is we’ve done thousands of deployments of all flavors, [including] cloud security, on-prem [security], SD-WAN, etc. And so we learn a lot by having so many repetitions,” he said. “It’s a team of people for a fraction of the cost of even hiring one security professional who certainly cannot do everything and definitely can’t do it all the time.”

Security

Information Week - Enterprise Data Integration: Now More than Ever

While personnel or process problems may be the source of the problems caused by insufficient data integration, obsolete technology or a lack of appropriate tools are frequently the main contributing factors. Replacing outdated technologies with suitable current replacements may seem monetarily intimidating due to the accumulation of technical debt from years of workarounds and patching up old procedures

Data Management

eWeek - Businesses Investing in AI: An Industry Perspective

Cisco is also cautious, advising against the use of public generative AI services. For instance, Cisco has its own internal AI platform leveraging Microsoft’s Azure AI capabilities. This reflects a broader trend Cisco observed among its customers. Financial services firms tend to be wary of AI, whereas manufacturing companies are more open to it. Cisco believes providing employees with viable, secure alternatives to public AI tools is essential.

AI

SiliconANGLE - Seven FinOps trends that are reshaping cloud cost management

In a fundamental respect, cloud-based AI workloads don’t require different infrastructure from other workloads. But they do require an especially high capacity of compute resources, and the ways in which they use those resources may vary. For example, AI model training is a compute-intensive but non-continuous activity, making it different from other compute-heavy workloads that operate without interruption.

Cloud

Information Week - ConnectWise ScreenConnect Vulnerabilities: What CIOs Need to Know

Earlier this month, IT management software company ConnectWise announced vulnerabilities in its ScreenConnect, its remote access tool. The critical vulnerabilities (CVE-2024-1709 and CVE-2024-1708) are being exploited in the wild. What do CIOs and other enterprise security leaders need to know about remediation and exploitation of these bugs thus far?

Security

CIO Influence - CIO Influence Interview with PF Grillet, SAP Global Lead at SoftwareOne

Such ‘immutable storage’ functionality wasn’t available in on-premises data centers in the past, and the expensive and complex third-party solutions that were required there should not simply be lifted into the cloud where better, cheaper, and simpler solutions are available from the hyperscalers.

IT Management

eWeek - Top 9 AI Governance Tools 2024

IBM Cloud Pak for Data is an integrated data and AI platform that helps organizations accelerate their journey to AI-driven insights. Built on a multicloud architecture, it provides a unified view of data and AI services, enabling data engineers, data scientists, and business analysts to collaborate and build AI models faster.

AI Governance

Information Week - Defining AI's Role in Network Management

More importantly, the emergence of software-defined WANs (SD-WANs) is opening the way for network managers to integrate AI technology into network operations and management. "For the industry to deliver on the promise of a self-healing or self-correcting WAN, AI tools can help automate routine network operation tasks, set policies, measure network performance against set targets, and respond to and rectify the networks as needed," Herren explains.

Network Management

eWeek - GitHub Copilot vs. ChatGPT: Ultimate AI App Comparison

GitHub Copilot doesn’t do any of this, but it isn’t designed to. Rather than trying to be everything ChatGPT attempts to be, GitHub Copilot focuses — deeply and effectively — on its role as an AI assistant for software coding. However, it’s important to note that this AI assistant interface works similarly to a chatbot, as users can request code improvements, completions, and more in a chatbot interface with natural language.

Automation & Productivity

ITPro Today - Is Passkey Authentication More Secure Than Traditional Passwords?

Passkeys are not entirely foolproof, however. Cybercriminals have evolved their strategies, with session hijacking emerging as a common method for account takeover. “Instead of trying to access a user’s login credentials, cybercriminals now use malware-exfiltrated session cookies to launch session hijacking attacks – bypassing passkeys entirely,” said Trevor Hilligoss, vice president of SpyCloud Labs.

Security

sdxCentral - Cybersecurity pay from analysts to leaders revealed: Understanding impacting factors

They found that experience and level of education contribute favorably to compensation levels as expected. Cybersecurity professionals with at least 12 years of relevant experience can have an annual cash compensation as much as 22% above the baseline. On the flip side, those with fewer than three years of relevant experience earn packages of up to 40% below the baseline. Meanwhile, the impact of advanced degrees on cash compensation is a positive 12%.

Security

sdxCentral - Google Cloud optimizes databases, data analytics for genAI

The hyperscaler shared the general availability of AlloyDB AI, which is designed to simplify the process of building enterprise-grade genAI applications. The AI database platform can run on-premises or in any public cloud environment and is ideal for transactional, analytical and vector workloads.

AI/Data

Information Week - Rubrik CIO on GenAI’s Looming Technical Debt

Technical debt is hardly a new concept and not exclusive to artificial intelligence. A 2023 CompTIA survey found 74% of organizations said technical debt posed challenges. And 42% of those surveyed said the technical debt would cause “substantial hindrance.” Technical debt is often an invisible foe that can creep up on IT leaders as companies push to grab a competitive advantage with emerging technologies.

GenAI

Network Computing - A Perfect Cyber Storm is Leading to Burnout

Cybersecurity is about, among other things, attention to detail, careful planning, and precision execution during incident response times. Distracted, stressed-out, and understaffed teams are a recipe for disaster. A perfect storm of factors is contributing to this scary reality, but there are also strategies we can implement as technology and business leaders to navigate these challenging waters.

IT Management

Data Science Central - What are the benefits of using Natural Language Processing (NLP) in Business?

NLP is transforming business practices, data analysis, and customer engagement by empowering machines to comprehend, interpret, and even produce human language effectively. This article delves into the extensive advantages of incorporating NLP within business operations, demonstrating that this technology is indispensable for maintaining a competitive edge in today’s dynamic business environment.

NLP

CIO Influence - Driving Business Agility with Cloud Ops Architecture, Management, and Compliance

Cloud Operations Engineers collaborate with staff to plan and implement secure, cost-effective cloud-based services that support business initiatives. Ideal candidates for managing cloud operations possess the expertise of Alibaba, Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS).

Cloud

Forbes - Saving Telco From Itself: Overcoming The Top 5 Challenges In 2024

A common theme that is creating challenges across all of these industries is the rise of software, silicon and the edge as critical enablers—whether it’s the via disruption of AI, the re-working of operations around software development, deployment and support or the deconstruction of proprietary tech stacks into “open” hardware, software and services combinations.

Tech Trends

Datanami - Reducing Cloud Waste a Top Priority in 2024, FinOps Foundation Says

The biggest FinOps spending is targeting compute instances, the survey shows, with more than 50% having already spent heavily to optimize compute. That leaves plenty of room for optimizing other aspects of cloud computing, the FinOps Foundation says, including data and storage, database, containers, backup and retention, data transfer and networking, and more.

Cloud

Computerworld - Enterprise mobility 2024: Welcome, genAI

“This has been the main topic of interest in the last year. We see generative AI having impacts in multiple areas, such as script creation, knowledge-based article creation, NLP [natural language processing]-based querying of endpoint data, and help desk chatbots. All of these are considerations for inclusion within the UEM stack.”

Tech Trends

Forbes - Three Ways Your Organization Could Be Susceptible To Ransomware Attacks

Breached credentials and “stealer logs” are some of the most frequent ways hackers gain access to systems and initiate ransomware attacks. Because nearly all organizations have had stolen credentials on the internet at some point, it can make them susceptible to later attacks—especially if the exposure happened within 90 days and the information is current.

Security

CIO Influence - Revolutionizing Business Reporting with Cloud Reporting Tools

A cloud reporting tool is a software solution that facilitates report generation and analysis through cloud-based technology. Diverging from conventional reporting approaches, these tools furnish real-time data updates, automate processes, and seamlessly integrate with various business applications. They serve as a centralized data collection, analysis, and visualization hub, empowering businesses to effortlessly make informed decisions based on data insights.

Cloud

SiliconANGLE - CAST AI report unveils major underuse of cloud resources in Kubernetes environments

That’s resulting in substantial inefficiencies and opportunities for cost optimization in cloud computing. The second annual CAST AI Kubernetes Cost Benchmark Report, based on the analysis of 4,000 clusters running on Amazon Web Services, Google Cloud Platform and Microsoft Azure, found that for clusters containing 50 to 1,000 CPUs, organizations only use 13% of provisioned CPUs and 20% of memory, on average.

Cloud

ZDNet - Beyond programming: AI spawns a new generation of job roles

While prompt-engineering skills are in demand now, Lee says the future might look different: "It's a new way to interface with a computer that requires different skills. But as the interface becomes more conversational and more human-like, it remains to be seen if this is a new career path or just a point-in-time opportunity."

Tech Jobs

Network Computing - The Increasing Trend of Consolidation in the IT and Cybersecurity World

Within organizations, CIOs play a critical role in ensuring data security and managing IT infrastructure. However, as technology ecosystems continue to expand and diversify, CIOs face the daunting task of navigating a labyrinth of software solutions. This has started to lead many CIOs to seek consolidation of products and services. The primary aim is to simplify operations, streamline workflows, and ultimately enhance overall efficiency.

IT Management

CIO Influence - AI Security Imperatives for 2024: Collaboration Between Tech and Governments

Cisco’s recent findings from the Cybersecurity Readiness Index underscore a concerning reality: only a mere 15% of organizations demonstrate mature readiness to withstand cybersecurity threats, with a mere 22% adequately prepared to safeguard data. Concurrently, the 2023 Cisco AI Readiness Index reveals a stark truth: a staggering 86% of global organizations lack comprehensive readiness to integrate AI into their operations seamlessly.

AI/Security

Information Week - Is Self-Promotion a Viable Path to CIO?

I’ve talked to many women CIOs, and this isn’t an uncommon story, but it goes for males, too. I know a few CIOs who ascended to the CIO position because they were willing to wait for their bosses to retire -- but most had to self-promote themselves by seeking career advancement outside of their companies, and they saw self-promotion by seeking new employment as a viable path to CIO.

Tech Jobs

CIO Influence - Essential Skills for Future CIOs in 2024 and Beyond

CIOs must discern between valuable data and irrelevant information to optimize resources effectively. Strategic evaluation of data usage ensures alignment with business objectives, minimizing wastage of resources and time.

IT Management

Blocks & Files - Developing AI workloads is complex. Deciding where to run them might be easier

But connectivity is not simply an external concern. “Within the four walls of the data centre we’re seeing six times the cable requirements [as] customers are connecting their GPUs, the CPUs, the network nodes. …. so, where we had one cable tray for fibre runs, now we have six times those cable trays, just to enable that.”

AI

Information Week - How to Cope with AI Disappointment

“It’s important to have the right human intelligence upfront to manage the AI and to build it into the process. “Enterprises want to implement AI to make programs faster, but must first understand the intended result, the true result, as well as the problems that haven’t been addressed.”

Automation & Productivity

CIO Influence - Latest Trends in Networking Cloud Services

However, alongside the benefits, there has been a notable rise in cyberattacks targeting cloud environments, as highlighted by a 40% increase reported by McAfee in their 2023 report. Despite the advantages, the digital landscape presents distinctive challenges for networking cloud services. In this context, it is essential to delve into the critical aspects of the digital era and examine the hurdles that necessitate innovative solutions in cloud networking.

Cloud

Information Week - How to Develop an Effective Governance Risk and Compliance Strategy

“Compliance has for too long lived in a niche corner of business strategy, but with the AI boom bringing new outsized challenges to the GRC world, every department in an organization needs to understand and be aware of the day-to-day work involved in risk and compliance,”

Risk Management

Network Computing - 5G is Moving Downstream to Enterprises—And Everyone Stands to Gain from It

The same survey showed that almost two-thirds of MNOs consider private wireless networks as an important part of their enterprise strategy. While not discounting considerable consumer interest in 5G-driven services for things like gaming on the go, B2B enterprise is clearly the strongest 5G opportunity for MNOs in 2024, driving 5G indoors through on-premises public and private 5G networks.

5G

Information Week - How Leadership Missteps Can Derail Your Cloud Strategy

But there's another layer: the iceberg beneath the surface. Focusing merely on the initial outlay while overlooking ongoing operational costs is like ignoring the currents below, both can unexpectedly steer your budget -- and your company -- off course. Acknowledging and managing operational expenses is vital for a thorough and financially stable cloud computing strategy.

Cloud

sdxCentral - Enterprise networking in flux: Why readers flock to disruptors like Aviz, Cato, Nile and Versa

Our data shows that these outdated technologies and architectures have burdened network infrastructure consumers with significant technical debt, requiring substantial resources to maintain. Consequently, CIOs, Chief information security officer (CISO), CTOs and network operations teams find themselves unable to prioritize innovation, despite the demands from their CEOs and line-of-business executives.

Network Management

Information Week - How to Ready Your Company for The Cloud Revolution in 2024

By the end of the year, the world's first zero-touch call centers will likely be unveiled -- a testament to the strides made in GenAI. These centers will be equipped to perform tasks that surpass the abilities of traditional chatbots, such as handling customer histories, inventory management and sensitive communication tasks, all enhanced by advanced natural language processing.

Cloud

Forbes - Lessons From The Insurance Industry: Six Keys To Developing An Effective Data Strategy

Any path toward an effective data strategy begins with knowing where your data originates and the types of data you’re collecting. Consider whether you can combine data sources or if it’s time to retire others. Your initial understanding sets the stage for a more far-reaching and well-informed approach to the data’s ultimate deployment.

Data Management

Network Computing - Why Businesses Should Watch Wi-Fi-7 Closely

Wi-Fi 7 products offer significantly more performance for enterprise users and can support more users in denser environments compared to Wi-Fi 6. It is pitched as a match for streaming applications and is able to handle more users per Access Point (AP), which translates into fewer devices to manage and maintain in deployments.

Network Management

Forbes - Five Predictions For How SaaS Will Be Managed By IT, Software Asset Management And Procurement Teams In 2024

SaaS management is often referred to as a team sport. When it’s done right, it’s the joining of forces of the IT and finance organizations. This partnership makes sense, as these teams have a common goal of efficiency. While CFOs approach efficiency from a purchasing and cash flow perspective, CIOs are focused on maximizing investments and software utility.

IT Management

Network World - The tech world’s best kept secret: carrier-grade connectivity

“They are dependent on the network so why not go direct to the owner of world’s largest internet backbone that covers 350 points-of-presence (PoPs), which serve customers across 125 countries? By cutting out the middlemen, they gain access to capacity, performance and the best customer service.

Network Management

SiliconANGLE - Generative AI, IAM, culture-based programs will shape cybersecurity in 2024, Gartner says

To support organizations in their move to this model, Garter has developed PIPE (practices, influences, platforms, enablers), a framework guiding practices not traditionally used in security awareness programs — such as organizational change management, human-centric design practices, marketing and PR and security coaching.

AI/Security

sdxCentral - 3 ways new CIOs can build credibility with the C-suite

Tech talent and skills shortages are a major concern for boards for directors, That concern is well-founded as it can hinder enterprise growth. CIOs can address this challenge by adopting what Gartner describes as “a franchising digital delivery mindset.” This involves breaking down IT department walls and empowering other business areas to contribute to technology production.

IT Management

SiliconANGLE - Organizations need a business-driven AI strategy, not a CAIO

Given the speed of AI updates and changes, it is imperative that organizations operate in a dynamic, iterative, risk-adjusted, repeatable approach to better focus on the value that AI can bring to their organization. The key is a synergistic multidisciplinary approach to measurement, AI-ready data strategy, security, risk governance and talent shifts.

AI Management

Government Executive - OPM announces survey to analyze AI in government jobs

Last July, OPM completed the first step of its work, identifying 43 general and 14 technical competencies required for work with AI. And in a memo last week, Veronica Hinton, OPM’s associate director for workforce policy and innovation, announced the HR agency’s next task: surveying current federal employees who are already working with AI to confirm OPM’s initial list of skills.

Tech Jobs

CIO Influence - RAG Strategies for CIO Success: Harnessing Data Retrieval Potential

Enter retrieval augmented generation (RAG) is a sophisticated natural language processing (NLP) technique among the strengths of return- and generative-based AI models. RAG AI capitalizes on existing knowledge while possessing the ability to synthesize and contextualize information, thereby generating bespoke, contextually-aware responses, instructions, or explanations in human-like language. Unlike generative AI, RAG operates as a superset, incorporating the strengths of both generative and retrieval AI mechanisms

AI/Data

Computerworld - The highest-paid IT skills — and why you need them on your resume

The top 10 highest paid skills in tech can help workers earn up to 47% more — and the top skill among them is generative artificial intelligence (genAI), according to a new report from employment website Indeed and other sources.

Tech Jobs

Blocks & Files - Keepit has a unique approach to SaaS data protection

The backup software is an object store that prohibits the deletion of any data object or backup set. Every backed-up item is an object like a file or email. That means customers can restore files at the same speed whether they are a minute, a week, a month, a year or older. All objects are immediately addressable. There is no separate archive section for older data. Customers sign up for retention periods, with many having 99-year retention deals.

Data Management

CIO Influence - Top 5 Data Center Management Software for CIOs

Asset management within an enterprise data center is inherently intricate. It encompasses hardware and software sourced from various vendors alongside numerous applications and tools. Additionally, data center environments often interface with private cloud platforms from multiple providers. Each component, whether hardware, software, or cloud-based, carries its contractual terms, warranty agreements, user interfaces, and licensing requirements.

Data Management

CIO Influence - Multi Cloud Governance Strategies for CIO Leadership

Identity security poses a substantial threat, as most cloud services require user authentication. Cyber-attacks like phishing target cloud credentials, making user access control more challenging in multi-cloud environments. A robust cloud governance framework is essential to enforce security policies across all cloud systems and monitor credential compromises effectively.

Cloud

sdxCentral - GenAI, boardroom communications gaps top Gartner’s list of cybersecurity trends

Gartner noted that security behavior and culture programs (SBCPs) have gained traction to reduce human risks, as security leaders shift focuses from increasing awareness to fostering behavioral change. The firm expected half of large enterprise chief information security officer (CISO) will adopt human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption by 2027.

Security

CIO Influence - CIO Influence Interview with Chris Parker, Director Government Strategy at Fortinet

Active security in a modern IT infrastructure is seeing a convergence of security and networking. Whereas these often used to sit in separate teams, as two separate entities, now they’re the same system. At Fortinet, we are leading very strongly in the emergence of Secure Access Service Edge (SASE), a cloud architecture model that combines network and security-as-a-service and that also allows us to move data remotely and securely from point to point.

Security

appleinsider - Apple users are increasingly falling victim to malware, phishing, and viruses

FileVault, for instance, a "basic feature that provides critical protection of user data by encrypting it" was reportedly "found disabled on 36% of devices" surveyed. Then across 2023, "3% of [iPhones] devices had lock screen disabled and 25% of organizations had at least one user with lock screen disabled."

Privacy & Security

Forbes - Three Priorities That Enterprise CIOs Must Address In 2024

As such, it has remained at the periphery of the enterprise. However, as more legal and compliance work has been done to understand the ramifications of generative AI, in 2024, we can expect to see its use extend beyond marketing and engineering into areas like design, planning and strategy.

Tech Trends

Information Week - How to Build a Strong IT Risk Mitigation Strategy

“In order for the resulting risk score to be usable, the exposure data analysis needs to be highly automated, which generally involves setting up a data warehouse for key metrics,” he explains. “The impact analysis also needs to take into account system categorization, driven by confidentiality, integrity, and availability assessments.”

Risk Management

Network World - SASE, multicloud spur greater collaboration between network and security teams

SASE converges network and security solutions into an integrated architecture, so it makes sense that these groups would come together to implement and operationalize it. Multicloud adds significant complexity to networking and security at a time when both these groups are fighting to regain influence and control over cloud strategy. EMA believes that strong collaboration between the two groups can help both gain more credibility in the cloud

Network Management

Information Week - The Psychology of Cybersecurity Burnout

Employees who are not focused on cybersecurity often feel that safeguarding procedures represent an undue impediment to completing their assigned tasks. And cybersecurity professionals must contend with an ever-growing panoply of alerts and crises -- in the midst of a massive shortage of both workers and skillsets. Sixty-eight percent of respondents to a 2022 IBM survey of cybersecurity responders said they were often assigned to more than one incident at a time.

Security

Network World - IBM X-Force: Stolen credentials a top risk to network infrastructure

In terms of network infrastructure, nearly 85% of attacks on this sector were caused by exploiting public-facing applications, phishing emails, and the use of valid accounts. In 2023, X-Force saw attackers increasingly invest in operations to obtain users’ identities; there was a 266% uptick in infostealing malware, designed to steal personal identifiable information like emails, social media and messaging app credentials, banking details, crypto wallet data and more, the report found.

Security

CIO Influence - Top Healthcare Data Management Software and Tools Every CIO Must-know

Establishing a centralized repository, often referred to as the “source of truth,” is paramount for maintaining master data integrity. This repository encompasses essential identity information such as patient and provider identifiers, alongside reference details like standardized vocabularies used in daily operations. Implementing robust processes aligned with industry standards ensures smooth operations, aided by Healthcare Business Intelligence tools aimed at enhancing overall outcomes.

Data Management

Information Week - Solving the Non-Invasive Data Governance Puzzle

Employee non-adherence (or in some cases, lack of knowledge) to security and governance policies is one reason why more companies are using social engineering audits to review practices in user departments. Another reason for lapses in governance is employee stress, which in 2023, according to Gallup, was at 44% of all employees.

Data Management

CIO Influence - Streamlining NIS2 Compliance: The Microsoft Security Solutions Approach

One of the notable features of the directive is the introduction of heightened accountability measures. Through reinforced reporting requirements and increased penalties, organizations are urged to prioritize the enhancement of their security protocols. The deadline for compliance with NIS2 is set for October 17, 2024, after which adherence to the directive becomes legally mandatory.

Security

Information Week - Changing Role of the CIO

From tech strategy to artificial intelligence, talent, and transformation to value creation -- the CIO needs to have a tech-led answer for every question from the C-suite. The job is mercurial, the responsibilities expansive and the demands relentless. So how do you cope? With leadership: CIOs need to move beyond cost-cutting to expand their role and embrace the fact that they can be the chief insights officer in a business.

IT Management

Information Week - Talent Management: The Missing CIO Management Strategy

Then, in 2023, eight out of 10 technology leaders surveyed said that they were having to prioritize the upskilling of their employees. Now, in 2024, LinkedIn has reported a demand for IT skills in AI, cloud computing, cyber security, data science and other IT areas.

IT Management

SiliconANGLE - Metadata is the glue: federated data silos, metadata and governance

We believe that no single data platform will conquer them all. And that organizations will look to continue to break apart the compute or execution layer from the data storage layer in their composable data platform. In the research, we see organizations looking at ways to address their major challenges: costs of compute and storage, number of systems to manage, how to understand what data they have, and how to govern the use of that data. This research note digs into the last two issues around knowing what data you have and who can use it.

Data Management

CIO Influence - Balancing Act: Ethics and Privacy in the Age of Big Data Analytics

The significance of big data collection and analytics is increasing at a rapid pace. According to IBM, a staggering 90% of the world’s data has been generated in the past two years alone. This exponential growth in data holds profound implications across various industries, underlining the need for data analysis. Organizations leverage big data to drive informed decision-making, innovate products and services, and address complex challenges.

Data & Analytics

Information Week - Streamline Your IT Workforce by Consolidating Roles, Not Workers

“The third way to achieve these goals is by leveraging opportunities for employees to work on other teams or pods to support different parts of the product and technology,” Walters says. “This encourages knowledge sharing and helps retain talent by offering them additional learning opportunities.”

IT Management

SiliconANGLE - New report warns of ongoing rise of malicious emails bypassing secure email gateways

The Cofense 2024 Annual State of Email Security Report, based on 35 million employee accounts tracked by Cofense, identified more than 1.5 million malicious emails bypassing customer secure email gateways, or SEGs, last year, up 37% from 2022 and 310% from 2021. In context, the report notes that Cofense detected at least one malicious email bypassing their customer’s SEGs every 57 seconds.

Security

CIO Influence - What It Means To Be An ‘IT Pro’ In The Age Of Generative AI

With a simple prompt, an IT pro can fix long-standing business problems more quickly and easily than ever, whether that means pulling data for a board meeting where critical decisions will be made or instantly or knitting applications together to enable the delivery of new products and services. If being a data-oriented problem solver was a skill before, AI has made it a superpower.

Automation & Productivity

Information Week - Solving the Non-Invasive Data Governance Puzzle

Employee non-adherence (or in some cases, lack of knowledge) to security and governance policies is one reason why more companies are using social engineering audits to review practices in user departments. Another reason for lapses in governance is employee stress, which in 2023, according to Gallup, was at 44% of all employees.

Data Management

sdxCentral - Tech companies ditch degree requirements, focus on skills

The practice is gaining ground on the governmental level, too: Massachusetts Governor Maura Healey recently instituted skills-based hiring practices for state jobs, noting that “too many job applicants are being held back by unnecessary degree requirements.”

Tech Jobs

ZDNet - Does your business need a chief AI officer?

The rapid pace of development means it would be tough for anyone, let alone a CIO who's already responsible for managing day-to-day IT operations, to oversee the rollout of AI.

IT Management

sdxCentral - Dragos warns of rising ransomware, inaccurate vulnerability advisories

Dragos argues OT vulnerabilities should be addressed and mitigated differently from IT ones based on the strict operational requirements of OT systems, such as system uptime and vendor qualification processes.

Security

Strategies to Solve the IT Skills Gap in Enterprise Storage for Fortune 500 Companies

One effective strategy is to deploy autonomous automation into your storage infrastructure, so it reduces the level of complexity, thereby decreasing the dependence on specialized IT skills that are becoming harder to find. With the power of autonomous automation, an admin can manage PBs and PBs of storage easily and cost effectively. For example, a global Fortune 500 customer in Europe went from 15 people managing >75PBs of storage to only four people managing with the switch to Infinidat.

IT Management

sdxCentral - Cloud budgets are climbing, but execs leery of hidden costs

Unexpected cloud costs are the main factor driving the frequency of cost assessments. More than two-thirds of respondents reported negative impacts from unanticipated cloud costs in the last six months to a year. In 2022, 53% of respondents experienced surprise cloud costs.

Cloud

CIO Influence - Leveraging Big Data Analytics for Strategic Decision-Making: A Guide for CIOs

Chief Information Officers (CIOs) serve as linchpins in fostering data-driven decision-making within organizations, tasked with overseeing IT infrastructure and data management strategies. CIOs establish a coherent data strategy outlining data collection, storage, management, and analysis procedures, carefully considering factors such as data governance, security, and access control.

Data & Analytics

Network World - HPE and Juniper: Why?

The second of the two views is the most popular. A good M&A is based on the idea that there’s a lot of staff redundancy in the combination of two companies, and you can save a boatload of costs by merging and laying off employees. No revolutionary change in strategy, or in product plans. Economy of scale is the game. But consolidation is usually a response to commoditization, which means that at best, you’re circling the drain in a more favorable position (if that’s possible). Weak.

Network Management

CIO Influence - HP Reveals Security Threat Trends: Adversaries Target Endpoints

In Q4, a significant portion of intrusion attempts, with 84% involving spreadsheets and 73% involving Word documents, targeted vulnerabilities in Office applications, marking a departure from macro-enabled attacks. However, macro-enabled attacks remain prevalent, especially in instances utilizing low-cost malware like Agent Tesla and XWorm.

Security

VentureBeat - How AI is redefining data-based roles

AI will replace few if any data-related roles. Instead, AI-powered software will enhance their capabilities — and encourage ambitious data professionals to jump on acquiring whatever new AI-related skills may be demanded. Here’s a quick rundown of the impact AI will have on data roles across the organization.

AI/Data

CIO Influence - Next Gen Cloud Computing Platforms for CIOs in 2024

Directly transferring an application to the cloud might not be the most efficient approach. Use a cloud migration to reassess your IT architecture for better efficiencies. Consider breaking applications into microservices for leveraging the service-based approach of Infrastructure as a Service (IaaS). Alternatively, explore Platform as a Service (PaaS) or Software as a Service (SaaS) options to streamline operations and reduce complexity.

Cloud

The Hacker News - How Businesses Can Safeguard Their Communication Channels Against Hackers

As for the review of permissions, the more people have access to a system, the more likely it is that someone will make a mistake that could result in a breach. Make sure that only those people who really need it have access to sensitive information.

Security

sdxCentral - Tech leaders can’t play it safe in 2024

While 60 percent of workers use genAI tools internally is impressive, more eye-catching is the fact that 50 percent will use AI to offer custom-facing tools, according to Forrester’s research. Guarani said Forrester is an example of this shift to custom-facing AI that lets its clients can now use genAI to search its entire library of research.

Automation & Productivity

Computerworld - Tech spending shifts to meet AI demand, forces a 'reshuffling of skills' for workers

The adoption of AI has the potential to reshape the workforce, though many employees could be looking at reskilling instead of separation. According to a 2023 survey of 1,684 C-suite executives by McKinsey Global Institute, about four in 10 respondents reporting AI adoption expect more than 20% of their companies’ workforces will be reskilled in the next three years; and 8% expect the size of their workforces to decrease by more than 20%.

Automation & Productivity

SiliconANGLE - Cloud optimization wanes as AI slowly lifts off

The other key takeaway from the data is AI has gained notable momentum on both dimensions since the announcement of ChatGPT. Survey data indicates that approximately 40% of new AI projects are being funded by taking funds from other budgets. Most sectors have seen contracting Net Scores on the vertical axis over the past several quarters and AI is the clear exception.

Cloud

Federal News Network - DoD wants to ‘popularize’ data patterns to leverage AI

“So if somebody has a data product, the value is realized because there’s a customer. Our goal is to enable each CTO and CIO across the department with the skills and the tools to be a product manager so that they can provide their customer with what they promised.”

AI/Data

Information Week - Keys to Maximizing Data Value

Jain believes that the most effective way to maximize data value is by ensuring that the data is well-connected and not isolated within silos. “When data elements are interconnected and form a unified fabric, they can collectively tell a more comprehensive story,” she says. “It’s about establishing a single source of truth within your organization where every piece of data contributes to a larger, interconnected narrative.”

Data Management

ITPro Today - Generative AI Adoption and Productivity: Finding Benefits Proves Challenging

Approximately 20% of employees who haven't experienced increased productivity with GenAI attribute that to corporate guidelines and subpar AI tool output, which results in additional review and editing time.

Automation & Productivity

Network Computing - How to Choose the Right Form of LTE Connectivity for IoT

LTE 450 is an alternative that operates on the 450MHz frequency band and is an energy-efficient and long-range option that provides a better solution than 3G. This option is suitable for less data-intensive applications commonly associated with LPWA technologies and perfect for smart meter connectivity.

IoT

CIO Influence - Effective Ways to Create a Culture of Security Awareness for CIOs

Establishing a Security Development Lifecycle (SDL) guides security practices in software and system development while designating security champions enhances peer education and awareness. Recognizing and rewarding individuals excelling in security practices through incentives contributes to a positive and motivated security culture within the organization.

Security

Information Week - How to Build an Effective IT Training Program

Education and training are necessary to keep your IT staff competitive, Craig advises. “Having your technology teams stay current on the latest information, tools and methods is crucial.” He believes that teams need to “understand emerging technologies and best practices so they can deliver maximum value back to the organization through an effective training program.”

Training & Certs

Network World - 5 Wi-Fi vulnerabilities you need to know about

A major vulnerability of the WPA/WPA2-Personal security protocol, particularly on business networks, is that a user with the Wi-Fi passphrase could snoop on another user’s network traffic and perform attacks. The enterprise mode of WPA/WPA2 provides protection against user-to-user snooping. But that requires a RADIUS server or cloud service to deploy, and requires more of the user or client device in order to connect. Thus, many enterprise environments still broadcast signals with the simpler WPA/WPA2-Personal security.

Security

Network Computing - Maui Teaches Us Why We Need to Change Our Data Protection Strategies

"If backups are so great, why then has every company that has paid ransom had backups?" This is because backups are not the most effective disaster recovery strategy. We now need to prioritize disaster recovery, and we need to find an affordable way to create DR for unstructured data that is separate from backups. We can no longer simply rely on backups as our primary means of data protection.

Data Management

CIO Influence - Top 10 Endpoint Management Software Picks for CIOs

Key factors contributing to its significance include centralized patch management for software updates, automation for IT efficiency, cost savings through reduced downtime, crucial support for remote work, robust data protection features, efficient asset management, proactive performance optimization, disaster recovery assistance, and seamless scalability to adapt to organizational growth and IT changes.

Security

SiliconANGLE - New report finds sensitive information at risk in 55% of generative AI inputs

In the last thirty days, more than half of data loss prevention or DLP events detected by Menlo Security included attempts to input personally identifiable information. The next most common data type that triggered DLP detections included confidential documents, representing 40% of input attempts.

AI/Security

CIO Influence - Top 20 Enterprise Data Storage Providers to Look Up in 2024

Modern storage solutions also enable seamless collaboration and file sharing across teams and devices, boosting productivity and accelerating decision-making. Integration with data analytics tools allows businesses to unlock valuable insights from their data, empowering data-driven decision-making and enhancing customer experiences.

Data Storage

InfoWorld - 5 things to consider before you deploy an LLM

Most enterprise LLM systems will be custom-trained in specific data sets. A disadvantage to the neural networks on which LLMs rely is that they are notoriously difficult to debug. As the technology progresses, LLMs may develop the ability to revise, erase, or “unlearn” something false that it has learned. But for now, unlearning can be quite difficult. What is your process or procedure for regularly updating the LLM, and eliminating bad responses?

AI/LLMs

Business Insider - Amazon, Microsoft, and Google say cloud cost-cutting is waning. Customers say cost controls are still a major barrier.

Companies often don't understand exactly what they're spending on in the cloud, the survey found. 65% said they were unsure of all their company's cloud instances. 35% reported cloud cost overruns in the last 12 months, nearly half of which were over $100,000 or $500,000.

Cloud

Information Week - Pressure to implement AI raises IT tensions

“To accommodate AI’s increased power and computing demands, more than three-quarters of companies will require further data center graphics processing units (GPUs) to support current and future AI workloads. In addition, 30% say the latency and throughput of their network is not optimal or sub-optimal, and 48% agree that they need further improvements on this front to cater to future needs.”

AI

CIO Influence - CIO’s Guide to Preventing Ransomware Attacks in B2B Enterprises

Endpoint detection and response solutions function by aggregating security events and indicators of compromise (IoC) from endpoint devices. Although IoCs alone may not identify attacks, they provide critical insights for security teams to detect ongoing threats. EDR tools excel in recognizing subtle activities, such as burrowing, where attackers quietly amass compromised privileges and accounts.

Security

Computerworld - Tech spending shifts to meet AI demand, forces a 'reshuffling of skills' for workers

CompTIA pegs the IT unemployment rate in the US at 2.3%, more than a full percentage point below the national unemployment average of 3.7%. Janco Associates, however, puts IT unemployment at 5.5%, more than a full point above the national average. And Janco’s data paint a far grimmer picture for 156,000 unemployed IT pros.

Tech Jobs

AiThority - JumpCould Finds Organizations Embracing AI Despite Security Concerns

With a strong majority of respondents both planning or actively implementing within the next year and advocating for AI investment, IT leaders clearly see potential benefits from deploying AI in their workplaces. But IT admins report notable concerns around their organizations’ current ability to secure against related threats—and personal concerns about AI’s impact on their career.

AI/Security

CIO Influence - Pervasive OT & IoT Anomalies Raise Critical Infrastructure Threats

“Network scans” topped the list of Network Anomalies and Attacks alerts, followed closely by “TCP flood” attacks which involve sending large amounts of traffic to systems aiming to cause damage by bringing those systems down or making them inaccessible.

Security

VentureBeat - How AI is strengthening XDR to consolidate tech stacks

XDR is riding a strong wave of support due to its ability to consolidate functions while limiting data movement, two high priorities for CISOs today. Those benefits are especially important in an era of security budgets being scrutinized more closely than before. Add to that the ability to bring in more telemetry data, including sources that are behaviorally based that can be used to identify anomalous behavior, including insider threats, and AI’s potential impact to improve XDRs continually is clear.

AI/Security

Network Computing - How Cisco Sees Silicon One Easing Network Convergence and Helping with AI

Recently, Cisco held a Tech Talk focused on Cisco’s Silicon One and how the company believes you can converge a network without compromising security, performance, and manageability. The discussion also shed light on how Cisco is dealing with the rise of AI and the role of the network.

AI/Networking

Information Week - How to Get Your Failing Data Governance Initiatives Back on Track

Despite leadership often recognizing the importance of data governance, it is in a relatively immature state at many enterprises. At large enterprises, data ecosystems are increasingly complex and often siloed, making governance no easy feat. Smaller enterprises may not even see the value of investing time and resources in data governance.

Data Management

SiliconANGLE - The role of data loss prevention tools in protecting against AI data exfiltration

One of the cybersecurity challenges associated with generative AI is the potential for attackers to utilize it for multivector social engineering attacks and creating clean malware code. Attackers are using gen AI to create language models that can launch targeted voice, email and text attacks, making it difficult to protect against because they appear legitimate. Additionally, generative AI is being used to create clean malware code, making it challenging to identify the actor behind the attack

Data Management

Government Technology - Vermont IT Modernization Takes a Relationship-First Focus

First, she wants to ensure tech decisions are made with end users’ experience in mind. Second and third, she aims to enhance standards and drive predictability, ensuring partners know what to expect in terms of financial costs and service capabilities. Finally, Reilly-Hughes has sights set on “simplifying and reducing complexities.”

IT Management

Computerworld - The AI data-poisoning cat-and-mouse game — this time, IT will win

One, it tries to target a specific company by making educated guesses about the kind of sites and material they would want to train their LLMs with. The attackers then target, not that specific company, but the many places where it is likely to go for training. If the target is, let’s say Nike or Adidas, the attackers might try and poison the databases at various university sports departments with high-profile sports teams. If the target were Citi or Chase, the bad guys might target databases at key Federal Reserve sites.

AI Ethics

Forbes - 18 Best Practices For Designing Seamless, Flexible And Efficient APIs

“An API’s design must hide the complexity of the underlying computations, no matter how intensive, convoluted and advanced the solution is at a lower level. Good interfaces are those that abstract complexity and provide universally intuitive access to data and functionalities that make sense for the average user.”

DevOps

eWeek - Generative AI and Cybersecurity: Ultimate Guide

In this guide, you’ll learn about generative AI’s pros and cons for cybersecurity, how major companies are currently using this technology to bolster their cybersecurity tools, and how you can use generative AI in ways that balance efficacy with cybersecurity and ethical best practices.

GenAI

Information Week - Growing Your Cloud Engineering Capabilities

Do you have all the cloud engineers you need? Companies are moving tech to the cloud, which means that the development of IT infrastructure skills in Linux, applications and containers, app deployment, security, data management, and cloud toolsets also must grow.

Cloud

sdxCentral - 5 hot data center jobs for 2024

Data center IT operations manager - As artificial intelligence (AI) and machine learning (ML) remain high business priorities in 2024, companies like Microsoft, Amazon Data Services and Google are hiring data center IT operations managers in Q1 2024.

Tech Jobs

Network World - AI-powered 6G wireless promises big changes

6G (sixth-generation cellular) will deliver significant improvements in security, resilience, reliability, latency, connection density, traffic capacity, spectrum efficiency, and user data rates, compared to 5G. It is expected to be 50 times faster than 5G, with a top-end, theoretical speed of 1Tbps, compared to 20Gbps for 5G. It can also handle 10 million devices per square kilometer, compared with 1 million for 5G, according to Keysight Technologies.

Network Management

Information Week - Investing In a Multi-Cloud Strategy to Maximize Efficiency

While the first significant wave of cloud adoption was driven mainly by the opportunity for cost savings, more recent moves to multi-cloud architectures are often caused by a desire for greater innovation. Many organizations are shifting their IT focus from cost savings and operational streamlining to generating revenue and innovation.

Cloud

ZDNet - This botched migration shows why you need to deal with legacy tech

Underestimating the importance of user buy-in will more likely lead to a resistance to change and is a key reason why businesses end up having to retain legacy systems. That retention results in higher operational costs, which adds strain on existing resources and creates a wider surface area that needs to be secured.

IT Management

CIO Influence - Gemini Advanced: All You Need to Know About Google’s Powerful AI Suite

The Gemini Advanced version, accessible through a Google One AI Premium subscription, unlocks the full potential of Ultra 1.0. This enhanced experience excels in reasoning, following instructions, coding, and creative collaboration. Imagine a personal tutor tailored to your learning style or a creative partner assisting with content strategy or business plans.

AI

Data Science Central - 10 Prominent Data Science Predictions 2024- Know What the Industry Experts Say?

Real-time data shall become the standard for businesses to power generative experiences with artificial intelligence. Data layers should support both transactional and real-time analytics. He further goes on to say that, the world of data science should expect a paradigm shift from model-centric to data-centric Artificial intelligence. Multimodal LLMs and databases will enable a new frontier of AI applications across industries.

Data & Analytics

Network Computing - Mike Twumasi Reveals DDI Use Cases

We’ll learn how DDI enhances security, simplifies management, and optimizes mobile device integration, contributing to increased productivity and secure mobility. We will also see how DDI empowers organizations to seamlessly incorporate and manage IoT devices, unlocking the opportunity for innovation and operational efficiency. Then, we will learn about the strategic role of DDI and bridging the gap between IT and operational technology.

Network Management

CIO Influence - CIO Influence Interview with Steve Stone, Head of Rubrik Zero Lab

In 2024, organizations will face a stiffer challenge in securing data across a rapidly expanding and changing surface area. One way they can address it is to have the same visibility into SaaS and cloud data as they have in their on-premises environments–in particular with existing capabilities. And that will be a major cybersecurity focus for many organizations next year. More will recognize that the entire security construct has shifted – it’s no longer about protecting individual castles but rather an interconnected caravan.

Data Security

Network Computing - Navigating Single Cloud, Multi-Cloud, and Hybrid Cloud Environments

On the other hand, single cloud deployments present their own set of challenges. These types of deployments can lead to vendor lock-in, meaning that it can be both expensive and challenging to transition workloads to another cloud platform in the future. It also limits the optionality that comes with multi-cloud and hybrid cloud deployments. Each cloud provider has its own set of strengths and weaknesses, so by locking yourself into one cloud provider, you must accept those attributes as they are.

Cloud

sdxCentral - Verizon’s 70 billion network data points highlight genAI potential (and challenges)

“AI and analytics engines are only as good as the data you put into them,” Silliman said. “We have an enormous body of data across Verizon, but it sits in 29,000 different data sources, which in many ways are fragmented, we don’t have common taxonomy. So the journey we’re on right now is bringing all of our data together into common platforms and common governance and taxonomy structures.”

GenAI

SiliconANGLE - Advancing data architecture for generative AI

The traditional solutions that technical professionals have previously used might not handle the velocity, variety and volume of data generated by modern application and analytical workloads. Because of gen AI, they must adopt new and recent approaches to data storage and delivery. These approaches can influence a wide variety of data ecosystems, including data lakes, warehouses and hubs.

AI/Data

The Hacker News - Unified Identity – look for the meaning behind the hype!

After these benefits, let's talk a downside: vendor lock-in. Unified identity sounds wonderful but betting the house on a single vendor is a high ask. And what if you already have some solutions in place that you're happy with? It's important to remember that not all unified identity vendors are the same; Some vendors offer modular identity platforms which allow you to keep what you want and unify what you need.

Security

Computerworld - The do-it-yourself approach to MDM

Open-source software has long been a part of every enterprise toolbox — and that includes managing mobile devices. Whether IT wants to go all in on open-source tools or integrate those tools with commercial offerings, it’s possible to develop a do-it-yourself approach to mobile device management (MDM).

IT Management

AiThority - Threat Intelligence Report Exposes the Impact of GenAI on Remote Identity Verification

Face swaps are created using generative AI tools and present a huge challenge to identity verification systems due to their ability to manipulate key traits of the image or videos. A face swap can easily be generated by off-the-shelf video face-swapping software and is harnessed by feeding the manipulated or synthetic output to a virtual camera. Unlike the human eye, advanced biometric systems can be made resilient to this type of attack.

AI/Security

Forbes - The Cyber Threats Every C-Level Exec Should Care About In 2024

Small to medium-sized businesses (SMBs) find themselves in the crosshairs of escalating ransomware attacks. Operating within the constraints of aging network infrastructures and grappling with insufficient cybersecurity budgets or enterprise-level cyberdefense tech stacks, these organizations are perceived as easy targets by cyber adversaries.

Security

CIO Influence - Understanding Alpha Ransomware and its Operational Framework

Based on the panel and various indicators like the ransom demand, it appears that the group exhibits talent but also demonstrates a certain level of amateurism within this realm. It is anticipated that in the coming days, an increase in victims may occur, leading to heightened visibility for the group, potentially resulting in widespread attention as they gather additional digital footprints.

Security

Information Week - Dealing With Deepfakes

“Five years ago, deepfakes were things that were complicated to build. You needed to be quite expert,” Newell recalls. “They were expensive. And to be honest, they didn't look very good. Now, they are extremely easy to make. There are tools that are essentially free. The level of expertise [required] is very, very low.”

Privacy & Security

ZDNet - Business sustainability ambitions are hindered by these four big obstacles

Despite the stated importance of sustainability to commercial success, only 37% of respondents believe sustainability is "very integrated" into the core of their business. Low integration of sustainability into key functions, such as finance and technology, means there is less opportunity for people on the sustainability team to understand the commercial opportunities for the business.

Sustainability

Information Week - Expect the Unexpected: How to Reduce Zero-Day Risk

A number of zero-day bugs in browsers, for instance, have emerged in the first month of 2024. A zero-day (CVE-2024-0519) in Google Chrome, allows for code injection. Attackers actively exploited the vulnerability, which Google has patched by this point. A zero-day bug (CVE-2024-23222) in Apple’s WebKit browser engine for Safari has also been exploited and patched. Attackers could leverage that vulnerability to execute code on impacted systems.

Security

sdxCentral - Comparing HPE’s and Juniper Networks’ networking portfolios – where’s the overlap?

Looking across at least 44 different switch product families from both HPE and Juniper Networks, the mid-tier level of HPE Aruba Networking and Juniper EX switches do appear to have similar use cases and target deployments. Certainly the management tier for each is different, the network firmware and service level agreements have varying degrees of differences, even when the basic networking specifications appear similar.

Network Management

Information Week - IT Security Hiring Must Adapt to Skills Shortages

Organizations must continue to expand their recruiting pool, account for the bias that currently exist in cyber-recruiting, and provide in-depth training through apprenticeships, internships and on-the-job training, to help create the next generation of cyber-talent.

Tech Jobs

Dice - Tech Jobs with the Biggest Increases in Postings

If you’re currently on the job hunt, it’s also worth considering which jobs pay the most. Dice’s latest edition of the Tech Salary Report breaks down which types of engineers, managers, and other specialists have the highest earning potential; while managers (especially high-ranking ones such as CTOs and CIOs) can pull down huge paychecks, developers and engineers in “hot” arenas such as cloud and DevOps also earn high average pay:

Tech Jobs

GovTech - The Group Giving Arizona Local Government a Hand With AI

During a recent workshop event held by the group, “AI for Local Government Leaders,” speakers presented on several topics, including laying the groundwork for AI and cybersecurity and data privacy in AI. Through lecture-based information sharing and hands-on demonstrations, the workshop provided a space for government and industry members to better understand the risk and potential of the technology.

AI

Information Week - How to Build a Team of Talented Citizen Developers

The idea sounds great in concept -- allowing non-technical employees to create applications for use by themselves or others using pre-approved tools. Yet, in practice, building a citizen developer team requires comprehensive training, strong support, and close oversight.

Automation & Productivity

VentureBeat - Eight emerging areas of opportunity for AI in security

Vendor risk management and compliance automation. Cybersecurity now involves securing the entire third-party application stack as companies communicate, collaborate, and integrate with third-party vendors and customers, according to Menlo Venture’s prediction of how risk management will evolve.

AI/Security

Network Computing - Organizations Left Grappling for Solutions Amid Alarming Cloud Security Gaps

While 98 percent of the 1,600 IT security decision-makers polled said their organizations store and manage sensitive data in the cloud, over half believe their cloud security postures are weak. This fear stems from their reliance on traditional security tools designed to protect on-premises IT systems that have proven ineffective at securing cloud-based resources.

Cloud Security

Data Science Central - How to Enhance Data Quality in Your Data Pipeline

Data quality within a data pipeline is a multifaceted concept beyond mere accuracy. It involves ensuring that data is complete, consistent, reliable, and timely as it moves through various collection, processing, and analysis stages. Quality is crucial in a data pipeline because it directly impacts the validity of business insights derived from the data. Poor data quality can cause wrong decisions, slow work, and missed chances

Data Management

TechRepublic - Topic — Cloud Security Top 7 Cyber Threat Hunting Tools for 2024

Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. These are software solutions driven by advanced analytics, machine learning and artificial intelligence to detect abnormal patterns in a system’s network and endpoints. They use techniques like behavioral analytics, pattern matching, statistical analysis and AI/ML modeling.

Security

Data Science Central - 5 trends & advances that are set to define cloud security in 2024

So, there you have it, folks—the cloud security landscape of 2024 is shaping up to be quite the spectacle. From AI-enhanced defenses to uncrackable encryption and everything in between, it’s clear that the future of cloud security is all about being smarter, more integrated, and more proactive.

Cloud Security

ComputerWeekly - CIO interview: Stuart Birrell, chief data and information officer, EasyJet

The three years since have been focused on improvements in two major areas. First, modernising the key commercial systems – that is, the front-end EasyJet website, the booking engine behind it, and the airline inventory supporting it. Second, was to move completely away from in-house datacentres to the cloud.

Data Management

CIO Influence - CIO Strategies for an AI-Driven Future- Insights from Canva’s CIO Report

In response to this technological influx, Canva collaborated with Harris Poll to delve into how CIOs are grappling with “app sprawl,” the proliferation of applications in the workplace. This research sheds light on the strategies employed by CIOs to navigate the AI-driven landscape and make informed decisions about the selection of workplace tools that yield optimal outcomes.

AI

SC Media - Stop chasing shadow IT: Tackle the root causes of cloud breaches

For example, it’s common for industry analysts to label ransomware or data exfiltration a top cloud threat. Unfortunately, data exfiltration isn’t a threat, but an outcome of a threat. Similarly, ransomware isn’t the real threat, but a symptom. If we want to stop ransomware, we’ve got to stop ransomware from infiltrating our networks.

Security

Network World - Choosing a disaster recovery site

Not only that, but since the DR site is a full-scale replica, any time you add or change hardware in production, you need to do the same in the DR environment. And if you think about it, maintaining a DR site is like having a pool no one swims in: You still have to constantly clean and treat the water, trim the bushes, etc. It’s work that keeps ops resources busy but provides little tangible day-to-day value.

IT Management

CIO Influence - Top 10 Application Security Trends for CIOs in E-commerce

Unlike physical stores, online retail platforms face heightened vulnerability to fraudulent activities, owing to the lower risk of detection for fraudsters. Moreover, the convenience and accessibility inherent in e-commerce operations also render them appealing targets for cyber attackers, who can exploit factors like round-the-clock accessibility and remote access.

Security

Network Computing - IT Teams Are Not Prepared for 90-Day Digital Certifications

90-day digital certificates are a fast-approaching reality. While they will bring security benefits for businesses and help ensure digital trust across the web, they will also be a burden for unprepared IT managers.

Security

SiliconANGLE - Stop using servers to do things they’re not good at: How DPUs can change the data game

Servers are effective at many things but were never designed for the rigors of software-defined networking, storage and security. Servers excel in processing massive amounts of data, but they should not be performing functions such as network address translation, telemetry, firewall, storage-related services and, down the road, artificial intelligence functions such as AllReduce.

IT Management

Data Science Central - Your AI Journey: Start Small AND Strategic – Part 1

AI projects require significant data, technology, people skills, and culture investments to succeed. That means you will need the senior management support and fortitude to support those investments and stay the course as your organization learns to apply AI to derive and drive new customer, product, service, and operational value sources.

AI

Information Week - How Many C-Levels Does It Take to Securely Manage Regulated Data?

“I’ve seen a notable shift in the last few years to more C-suite and board leaders becoming active participants in cybersecurity conversations,” says Brent Johnson, CISO at Bluefin. “This was accelerated by the rapid transition to remote and hybrid work along with daily headlines, and coupled with mounting pressure to maintain regulatory compliance, securely managing data is no longer a concern just for CISOs.”

Security

VentureBeat - How to detect poisoned data in machine learning datasets

As AI adoption expands, data poisoning becomes more common. Model hallucinations, inappropriate responses and misclassifications caused by intentional manipulation have increased in frequency. Public trust is already degrading — only 34% of people strongly believe they can trust technology companies with AI governance.

AI Ethics

CIO Influence - IT Leaders Share their Insights on Data Privacy and Digital Transformation

As IT leaders strive to redefine new guidelines for privacy and security, they could shift budgets and strategies toward AI-led identity management and privacy-first campaigns. We spoke to the top IT leaders from data-driven organizations to understand how this year’s Data Privacy Day is a roadmap for building a reliable consumer data protection strategy in 2024.

IT Management

ZDNet - 4 ways to help your organization overcome AI inertia

"What's the smallest part of that purpose that you can start making a difference on? When you go down this path, and as soon as you mention things like AI, everybody goes for 'bigger is better.' It's like, 'What's the biggest problem? Can we solve world peace?' Instead, focus on the smallest problem where you can make a difference and use that as your model going forward."

Automation & Productivity

CIO Influence - Comprehensive Guide to Security Operations Center for CIOs

Gartner Predicts that by 2027, 50% of large enterprise CISOs will have adopted human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption.

Security

Network Computing - 5 Things You Can't Automate In Your Data Center

Theoretically, robots can automate much of the work of server deployment inside data centers. However, to do this work cost-effectively using robots, you'd need to operate on a massive scale. You'd also need server deployments that are sufficiently consistent and predictable to automate without the assistance of humans. Today, most server deployments just don't meet this criterion.

Data Management

CIO Influence - Navigating Business Outcomes in 2024: The Strategic Integration of Cloud Models

By leveraging the expertise of skilled professionals, embracing cutting-edge technologies, crafting a well-defined strategy, and streamlining operational processes, businesses can position themselves at the forefront of the cloud revolution, ready to embrace the opportunities that lie ahead.

Cloud

SiliconANGLE - Six cloud security trends we’re watching in 2024

Cybersecurity mesh architecture (CSMA) is a cyber defense strategy that is rapidly gaining ground, independently securing devices with their own perimeters (firewalls/network protection tools). CMSA helps provide a multi-layered defense against cyber threats, making it more difficult for attackers to penetrate an organization’s network successfully.

Security

VentureBeat - Why AI and behavioral analytics are stealth strengths of Gartner’s MQ on endpoints

Gartner writes in this year’s magic quadrant (MQ) for endpoint protection platforms, “the endpoint protection platform (EPP) market is no longer limited by vendors only offering EPP and endpoint detection and response (EDR) capabilities, and buyers are increasingly looking for fewer vendors to deliver a wider array of capabilities.” The report continues, “email security, identity threat detection and response and extended detection and response (XDR) are increasingly part of the purchasing decision.”

Security

CIO Influence - Advanced Endpoint Protection Strategies for 2024

The adoption of cutting-edge defense technologies is imperative in the evolving technological industry. A professional Advanced Endpoint Protection solution stands as the cornerstone, providing access to the ultimate security tools essential for safeguarding organizational assets. The undeniable trajectory towards the future involves the integration of AI and machine learning technologies into cyber defense strategies

Security

sdxCentral - Palo Alto Networks, CrowdStrike lead Forrester cloud workload security wave

The analyst firm noted the cloud workload security market has been witnessing a notable consolidation, as major players are expanding their functionalities to include cloud infrastructure entitlement management (CIEM) and data protection for prominent cloud infrastructure platforms such as Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP). There’s also increasing productized support for Oracle Cloud Infrastructure and Alibaba cloud platforms, especially in cloud security posture management (CSPM) functionalities.

Cloud Security

Network Computing - Evaluating the 2024 Cybersecurity Landscape

In 2024, expect to see the continued maturation of the cybersecurity business and platform vendors embrace the idea of delivering on cybersecurity-as-a-service. The tooling companies of yesterday want to be the business partner of today. There is far more value in the relationship of being a business partner vs. being a provider of a commodity technology solution. Platforms are critical to a business while tools are tactical to help at a given point in time.

Security

CIO Influence - Empower Your Cybersecurity: The OSINT Advantage

Fast-forward to the present day and the principles of OSINT find application in the domain of cybersecurity. Organizations, irrespective of their size, manage vast, public-facing infrastructures across diverse networks, technologies, and hosting services. Information, crucial for security, can be dispersed across employee desktops, legacy on-prem servers, cloud storage, embedded devices like webcams, and even concealed within the source code of active applications.

Security

Information Week - What Security Leaders Need to Know About the ‘Mother of All Breaches’

SecurityDiscovery regularly analyzes data from search engines. “We pay special attention to the misconfigured noSQL databases and Elasticsearch instances,” Diachenko tells InformationWeek. “We analyze them based on the size, based on the keywords, and other data that might lead us to uncovering some sensitive data that should not be exposed.”