2024 - IT Management - Analysis, Surveys, Trends and Opinions
  • 23 May 2024
  • 314 Minutes to read
  • Dark
    Light

2024 - IT Management - Analysis, Surveys, Trends and Opinions

  • Dark
    Light

Article Summary

Weekly and Monthly sponsorships are available.

This curation starts in September 2023. To see our previous curation, click here.

Title/Link

Description

Category

Information Week - Navigating Risk Management in the Age of AI

Another challenge lies in the interdisciplinary nature of AI risk, which encompasses technical, ethical, legal, and societal dimensions. Businesses have long understood that risk management should not be thought of in organizational silos, but making such changes can prove challenging, especially when AI is involved

Risk Management

AiThority - AI-powered Cyber Attacks Cast Unprecedented Threats on IT Leadership

According to KnowBe4’s research, HR and IT-related emails are camouflaged as vectors for phishing scams by ransomware gangs. On similar lines, Keeper Security’s report named these parts that have faced attacks.

Security

Network World - Cisco research highlights network complexity, security challenges

One in five (21%) organizations surveyed are currently using multiple, separate management systems when managing their campus, branch, WAN, data center, and multicloud domains, according to the report, while 39% are leveraging a platform architecture across some networking domains. Using a centralized network platform to help handle new and future environments could resolve those problems, according to Cisco’s data.

Network Management

CIO Influence - The Dynamic Duo: How CMOs and CIOs Are Shaping the Future of Business

While marketing teams are adept at understanding consumer behavior, identifying market trends; IT departments excel in infrastructure management, software development, and data security. The elimination of those silos has become increasingly vital for businesses aiming to stay competitive. Amidst this landscape, AI stands out as a transformative catalyst to break down silos, revolutionizing how companies engage with customers, analyze data, and optimize operations.

Data Management

Computerworld - Trying to keep AI from sneaking into your environment? Good luck!

Enterprise IT today has generative AI hitting it from every angle: from systems that it directly licenses for millions of dollars, from large language models and other genAI algorithms that are sneaking into every SaaS product globally, from employees and contractors using genAI even when they are told that it is prohibited. It permeates every cloud environment, it is creeping into IoT, and it is overwhelming every third-party app your company leverages.

AI

Dark Reading - HP Catches Cybercriminals 'Cat-Phishing' Users

Attackers using open redirects to ‘Cat-Phish’ users: In an advanced WikiLoader campaign, attackers exploited open redirect vulnerabilities within websites to circumvent detection. Users were directed to trustworthy sites, often through open redirect vulnerabilities in ad embeddings. They were then redirected to malicious sites – making it almost impossible for users to detect the switch.

Security

Information Week - Fake News, Deepfakes: What Every CIO Should Know

Imagine attending a meeting only to discover that everyone else present was a deepfake. That’s precisely what happened to a Chinese finance worker on a video call who believed the CFO had asked for a $25.6 million transfer. The other people in the meeting were also deepfakes. As technology continues to improve, so will the efficacy of such attacks.

Security

The Hacker News - Five Core Tenets Of Highly Effective DevSecOps Practices

For example, locking down the development platform, instituting exhaustive code reviews, and enforcing heavyweight approval processes may improve the security posture of pipelines and code, but don't count on applications teams to operate fluidly enough to innovate. The same goes for application security testing; uncovering a mountain of vulnerabilities does little good if developers have inadequate time or guidance to fix them.

DevOps

CIO Influence - Top 10 Multi-cloud Security Solutions to Know in 2024

The major challenge in cloud security is visibility, and using multi-cloud strategies further exacerbates it. By using third-party cloud providers, one may be denied access to all layers of the cloud computing stack and, hence, have no clear visibility into all security flaws or vulnerabilities. In addition, though cloud providers offer some monitoring tools, they are mostly incomplete or do not yield sufficient detail about granular logging. In a multi-cloud environment, managing multiple built-in monitoring tools simultaneously becomes impractical.

Cloud Security

sdxCentral - Workers are still overconfident in their ability to spot ransomware

While many respondents to the Veritas survey were confident in their ability to spot phishing, they were still likely to open suspicious emails if they seemed to be coming from a friend (63%) or colleague, or appeared to be related to employer benefits (60%), online orders (56%) or financial institution.

Security

Network Computing - How Artificial Intelligence Simplifies Network Complexity to Bridge the Skills Shortage

Generative AI combined with a network digital twin can empower even the most inexperienced engineer to glean complex insights from the network, quickly troubleshoot issues, prove compliance, and discover vulnerabilities. By combining purpose-built LLMs (Large Language Models) with the comprehensive configuration and state data contained in a network digital twin, engineers can virtually “talk” to the network to understand what’s happening.

Network Management

Network World - Network teams are ready to switch tool vendors

Most network management tools are now available as SaaS solutions with a subscription license. Many vendors have developed new automation features and AI-driven features that reduce the amount of customization that some IT organizations will need to do. Tool vendors have also focused on improving ease of use, through modernized GUIs and AI features that provide natural language insights.

Network Management

VentureBeat - Why data breaches have become ‘normalized’ and 6 things CISOs can do to prevent them

Employ a remote browser isolation (RBI) system to alleviate human error: The Okta breach is a classic example of how human error can lead to significant security incidents. Even the most robust security measures can be undermined by simple mistakes. Employees must be continuously educated on the risks of mixing personal and professional digital activities. An RBI system can help to technically alleviate these issues.

Security

AiThority - US Organizations Targeted by Deep Fake and Third-Party Vendor Risks

Despite the positive attitudes toward AI and ML, 25% of respondents list managing and securing emerging tech like AI, ML and blockchain as a top challenge and only about a third (36%) intend to increase cybersecurity spend by up to 25% in the next 12 months.

Security

CIO Influence - Top SecOps Tools, Use Cases and Best Practices

It is important to analyze the enterprise requirements to draft the security operations strategy well. The SecOps use cases are different for all the companies. There cannot be a standard SecOps strategy that all organizations can follow. Determining what the organization is looking for to improve its security operations process is vital.

Security

CIO Influence - Top 10 AI Companies for Data Center and Edge

AI is an ever-changing business discipline for today’s data centers. Admins must learn everything from how to deploy the latest AI tools in the data center to what questions to ask AI vendors. While there are concerns about data centers supporting their customers’ AI-powered workloads, there are many benefits of deploying AI tools inside the data center.

AI/Data

Information Week - What Happens When You Want to Leave the Cloud?

We were going to build our own tooling rather than pay for overpriced enterprise service contracts … A month later, we placed an order for $600,000 worth of Dell servers to carry our exit, and did the math to conservatively estimate $7 million in savings over the next five years. We also detailed the larger values beyond just cost, that was driving our cloud exit. Things like independence and loyalty to the original ethos of the internet.”

Cloud Computing

CIO Influence - CIO Influence Interview with Karl Mattson, Field CISO at Noname Security

At Noname Security, we’ve established an API Top 20 Security Controls reference model to guide the planning and strategy towards a mature state of API security controls. Pivotal to this framework is the primary emphasis on people and process design, followed by selecting technologies that enable the capabilities within this framework.

Security

AiThority - 10 AI ML In Data Storage Trends To Look Out For In 2024

60% of all business data is kept in the cloud. The cloud storage is estimated to exceed 100 zettabytes. 54.62% of consumers utilize 3 distinct cloud storage providers. Google Drive has nearly 1 billion users, whereas Dropbox has over 700 million claimed users.

Data Management

Information Week - Now’s the Time to Optimize Cloud Costs: Here’s How

According to our Enterprise Cloud Index, the vast majority (85 percent) of organizations report cloud cost control as a challenge within their company. Further, 30 percent say they’re “very concerned” about cloud costs in relation to their IT budget for the coming year.

Cloud

CIO Influence - AI at Workplace: Essential Steps for CIOs and Security Teams

Transparency in AI decision-making processes remains a significant challenge. AI models often operate as black boxes, making decisions based on complex computations that are difficult to interpret or explain. This opacity raises concerns about accountability and understanding the rationale behind AI-driven decisions. Efforts to create more transparent AI models, such as explainable AI techniques, are essential to foster trust and understanding.

AI

eWeek - 10 Best AI Career Path Considerations for 2024: Securing a Future in AI

The AI consultant is currently one of the most sought-after professionals when it comes to artificial intelligence jobs/careers. AI consultants are responsible for supporting businesses and other organizations in implementing AI. Responsibilities include everything from managing implementation projects to ensuring AI solutions are compatible with an organization’s needs.

Tech Jobs

CIO Influence - Top 10 Cybersecurity Forecasts and Statistics of 2024

One of the major concerns in cyber espionage operations will be sleeper botnets. Espionage groups are projected to start leveraging sleeper botnets made up of a diversified mix of vulnerable devices, ranging from those in the Internet of Things (IoT) to small office, home office (SOHO) setups, and end-of-life routers. They will be harvested using both older and newer exploits, allowing the attackers to create these underground networks of compromised devices.

Security

CIO Influence - Three Strategies to Help You Solve Your IT Skills Gap

Cybersecurity requires specialized skills and knowledge, meaning continuous learning and professional development are crucial within this industry. Unfortunately, organizations that do not invest in ongoing training further widen the skills gap. Upskilling existing cybersecurity talent is more cost-effective than hiring new employees.

IT Management

SiliconANGLE - Open redirect vulnerabilities exploited in ‘cat-phishing’ attacks, HP warns

Another campaign detailed in the report includes one that HP describes as “Living-off-the-BITS” that abused the Windows Background Intelligence Transfer Service. BITS is a legitimate mechanism used by programs and system administrators to download or upload files to web services and share files. The LotL technique helps attackers remain undetected by using BITS to download malicious files.

Security

Network Computing - Network Support for AI

For example, if the AI uses a supervised learning algorithm, all of the input data to the app is already tagged for easy retrieval and processing. This data is also coming from a finite data repository that can be quantified. In contrast, AI applications like generative AI use an unsupervised learning algorithm. In an unsupervised learning algorithm, the data is untagged and requires more processing because of that. There can also be a limitless flow of data into the application that defies quantification.

Network Management

sdxCentral - CrowdStrike CTO: 6 questions to ask before using generative AI for security

“If you are asking it to make security decisions, implement policies take action in your environment across your entire enterprise, and you get a hallucination, it’s a bit of a bigger deal,” Zaitsev added. “Not only can [generative AI system] be wrong, but they’re very confidently wrong.”

Security

Network Computing - An IT Manager’s (Re)View of the RSA Conference

From a security standpoint, “one of the interesting things when we analyze this traffic is that we can see that for many organizations, the amount of traffic going to illegitimate sites can exceed what goes to legitimate sites.” So, on a day-to-day basis, many users are clicking links that take them to malicious sites.

Security

CIO Influence - Top EDR/XDR Tools to Know in 2024

EDR and XDR solutions play a very vital role in detecting and responding to security threats. EDR provides fine-grained visibility and control of endpoints; thus, threats can be identified at a fast pace and responded to with action. On the other hand, XDR provides holistic visibility across different security domains, thus providing broad threat detection and response capabilities.

Security

Information Week - Why CIOs Are Under Pressure to Innovate

“The innovative CIO’s mindset must shift from ‘just keeping things running’ to being a crucial player in strategic business moves, and they must show a deeper understanding of the role technology plays in the future of the business.”

IT Management

Blocks & Files - Modernizing storage for the age of AI

Investing heavily in the latest GPUs or cloud capabilities to give yourself an edge in the training and inference of AI models is important, but it will all be for nought if you can’t feed the beast with the data it needs to deliver results. That’s where scale-out storage technology comes in – to help provide organizations with the answers to the infrastructure questions which this new world of AI is asking.

Data Management

VentureBeat - Are you behind when it comes to generative AI?

In this week’s CarCast, tech entrepreneur Bruno Aziza reviews the latest insights from Scale AI’s AI Readiness Report and highlight the key questions every executive should know to ask about gen AI.

AI

Information Week - What You Need to Know about AI as a Service

New adopters should start by understanding where to apply AI. Menninger says his organization's research shows that training on AI business applications has a higher correlation with success than basing training on AI techniques. "The next thing enterprises need to address is the skills issue," he advises. If in-house AI talent is absent or rudimentary, turn to third parties to find skilled resources on a contract basis.

AI

The Hacker News - 6 Mistakes Organizations Make When Deploying Advanced Authentication

On top of that, not all users need access to all applications or data. For example, a user in marketing doesn't need access to sensitive HR data. By evaluating roles as part of a risk assessment, organizations can look to implement role-based access controls (RBAC) which ensure that users in a particular role only have access to the data and applications needed to complete their work.

Security

AiThority - Why CISOs are reluctant to get involved in AI conversations

“So the bigger root cause is the CISOs’ lack of ability to align to the pace of the business. That’s really the big trouble, so a lot of CISOs are just shying away and letting the business and the data team go do their own thing, because they’re not quite sure how to do AI and they’d rather not be involved, especially if they’re not going to be able to do it well.”

AI

CIO Influence - What are the Top Skills Needed for Digital Transformation?

A recent study from the National Skills Coalition showed that a third of the United States workforce lacks fundamental digital skills. Specifically, 13 percent lack any digital skills, while 18 percent possess only minimal proficiency. That highlights an urgent need to upgrade digital literacy at a national level to provide people with the right skills for success in our increasingly digital world.

Digital Transformation

VentureBeat - How third-party digital breaches can cripple your company — and how to prevent them

However, a survey from Deloitte discloses a troubling reality: 87% of respondents have faced a disruptive incident with third parties in the past three years with nearly a third (28%) experiencing major disruption to all business functions as a result.1 Additionally, less than half (43%) of Chief Information Security Officers (CISOs) have intensified their oversight over vendors’ software development and testing processes to ensure secure coding and consistent patching.

Security

CIO Influence - Key Takeaways from the 2024 Gartner CIO Agenda Report

Technologically, the landscape is changing with blinding speed. Digital transformation is still top on the agenda. Still, more so, there is a tremendous focus on the need for hard-core business outcomes from investments in new technologies like Artificial Intelligence, Data Analytics, and Cloud Computing. Thus, keeping up with the pace of technological changes, leading them, and integrating them into the core business strategy has become a huge focus for CIOs this year.

IT Management

Network World - Insecure protocols leave networks vulnerable: report

For instance, Cato’s analysis found that 62% of environments run HTTP, a non-encrypted protocol. In addition, the report also shows that while the Secure Shell (SSH) Protocol is the most secure for accessing remote services, 54% run Telnet inside their organizations. Telnet connections are not encrypted and leave data unprotected.

Security

CIO Dive - IT services spend will reach $2 trillion by 2028: Forrester

Hyperscalers AWS, Microsoft and Google Cloud are driving the strongest growth by category, with IaaS spending expected to double in five years. By 2028, Forrester expects public cloud infrastructure providers to command 15% of the IT services market, up from 8% in in 2022.

IT Management

CIO Influence - Top 10 Test Data Management Tools for Clean and Secure Data

SDLC Partners report states that QA professionals dedicate more than 30% of their testing time to handling faulty test data. On average, they invest 5 to 15 hours per week in managing test data-related tasks, amounting to at least one day per week lost to provisioning issues.

Data Management

Businesswire - 92% of CISOs Question the Future of Their Role Amidst Growing AI Pressures

The democratization of GenAI means it can be used by professionals at every skill level, bringing with it a range of benefits as well as potential risks and challenges. This same democratization makes GenAI capabilities easy to access and economical for malicious cyber actors. The role of the CISO has become even more essential as they’re looked upon to navigate this evolving landscape.

Security

Diginomica - ERP - and the buying of it - has fundamentally changed. Here's how and why that matters to enterprises

As software evolves, so too must the methods used by buyers to pick an acceptable solution. The latest innovations/evolutions in application software should make every company re-examine how and what it is purchasing. Here’s a critical look at the future of software buying and how it’s getting harder to do well.

IT/Applications

Information Week - ‘They’re Coming After Us’: RSA Panel Explores CISO Legal Pressure

“I’ve been getting calls from people who are considering taking on a CISO role ... they would call and say, ‘Hey Joe, how do I get the job? What do I say when I get interviewed by a CFO or general counsel?’ Now, when I get those calls, it’s ‘Do I really want the job?’”

Security

ZDNet - AI raises cybersecurity fears among professionals, EY report finds

The study also found that 39% of employees do not feel confident about using AI responsibly. Employees are looking for their companies to take action to help build their confidence in using AI tools.

AI/Security

ITPro Today - Study Reveals Massive Gap in Cyber Defenses

The report reveals alarming gaps in the cyber defenses of many organizations, calling out misconfigured identity and access controls as a massive attack vector exploited by adversaries. For example, the study indicates that identity and credential misconfigurations account for a staggering 80% of security exposures across organizations, with one-third of these exposures directly jeopardizing critical assets

Security

Information Week - Wisdom FromWisdom From the Pump: What Gas Spending Can Teach Us About Managing Public Cloud Costs

In a cloud context, “the right people” would be anyone consuming cloud resources -- i.e., your engineers. The more cloud efficiency data your engineers have in a context that’s relevant to them, the more cloud-efficiently they’ll build.

Cloud

VentureBeat - How to prepare your workforce to think like AI pros

Knowing this, it’s not surprising that we’re seeing fewer than 10% of organizations successfully developing and deploying gen AI projects. Other factors like misalignment with business values and unexpectedly costly data curation efforts are only compounding the challenges that businesses face with AI projects.

AI

sdxCentral - Is the AWS Network Firewall safe? CyberRatings tests reveal concerns

At the top end, CyberRatings gave the Palto Alto Networks VM-Series Next Generation Firewall with Advanced Threat Protection a security effectiveness score of 100%. Versa Networks next-generation firewall (NGFX) scored 99.90%, while Check Point CloudGuard and Forcepoint NGFW both scored 99.80%.

Security

Network Computing - Survey: 5G Becoming Connectivity Method of Choice When Businesses Expand Operations

What the report found is that even the best-in-class wired connection providers typically have a few hours of downtime per month, which can happen at inconvenient hours for businesses. Over 50% of businesses estimated their organizations experience 1 to 2 hours of downtime per week due to network failures, while 34% experience 3 to 4 hours downtime per week.

Network Management

ITPro Today- Guidance Published To Help Developers Build Safer AI

NIST published four draft publications designed to provide advice to businesses implementing chatbots and text-based image and video systems.

AI Ethics

InfoWorld - 'Architecture by conference' is a really bad idea

Generative AI is not just a shiny new tool; it demands a radical rethinking of architectural principles. Current trends show a heavy reliance on reusing and repurposing old strategies without substantial innovation. This approach may offer short-term convenience but leads to long-term stagnation and, more often, “functional failure.”

IT Management

Government Technology - San Jose CIO: AI ‘Challenges Us to Think Differently’

Part of this process involves leveraging hands-on experience with AI tools to see them in action. Last year, the city started an AI pilot to assess the effectiveness of AI tools from four vendors. The pilot involves a vehicle with cameras on it that drives through the city to detect objects on the street: specifically, potholes, vehicles and objects left by illegal dumping.

Automation & Productivity

Information Week - Introducing Maintenance for Agile Applications

“The fundamental problem with Agile, as many companies use it, is that its relentless pace biases developers,” said HBR. “They want to get out a minimum viable product in only a few weeks, so they skimp on scoping out just what the product should accomplish … They accept their existing constraints, which automatically limits the potential for a high-growth offering … Instead of a major breakthrough, they trend toward only incremental improvements on existing offerings.”

DevOps

Government Technology - Three State Leaders Offer AI Governance Strategies

“We know that AI needs no introduction because, in state government, IT shops across the country are working to expand their AI understanding,” Deshpande said. “While we still do not have an executive order focused on AI for the state, the Georgia Technology Authority (GTA) has implemented an AI governance framework in partnership with state agencies. We are currently putting together an innovation lab for technology pilots and proof of concepts.”

AI/Governance

SiliconANGLE - Splunk report finds generative AI both a problem and a solution for security teams

The use of generative AI within security teams is very high, with 91% of security teams claiming they are using it, although 65% say they do not fully understand the implications. I found this data point interesting, as it shows that security teams are looking for a better way of doing things, even if that means having to understand the ramifications later.

AI/Security

Computerworld - Workers with these AI skills are getting cash premiums

“This is cash paid out, not as a salary increase but in addition to salary,” said David Foote, chief analyst at Foote Partners. “In fact, 28 of these core AI skills can add between 15% and 21% in pay, well above the 9.6% average premium across all 632 non-certified skills we report. They are very hot right now.”

Tech Jobs

CIO Influence - What is the Difference Between Data Engineering and Data Management?

Recent advancements in hybrid cloud, artificial intelligence, the Internet of Things (IoT), and edge computing have precipitated the exponential growth of big data, introducing greater complexity for enterprises to navigate. Consequently, establishing a robust data management discipline within organizations has become increasingly imperative to address challenges such as data silos, security vulnerabilities, and decision-making bottlenecks.

Data Management

Information Week - The Tug-of-War for Cyber Resilience to Guard Water Utilities

Despite the importance of critical infrastructure, the matter of upgrading cybersecurity to meet new rules can come down to balancing costs -- which can be difficult for budget-strapped towns regardless of regulatory pressure. “We can’t push a local electric or water municipality provider out of business because people rely on that for their daily lives,” Hughes says.

Security

The Hacker News - When is One Vulnerability Scanner Not Enough?

Generally speaking, vulnerability scanners aim to produce checks for as many vulnerabilities as possible. However, the number of vulnerabilities discovered year on year is now so high, reaching nearly 30,000 a year, or 80 a day, that it's impossible for a single scanning engine to keep up with them all.

Security

Information Week - Hiring Hi-Tech Talent by Kickin’ It Old School

AI and automation may help human resources departments filter and sort resumes, but to land top notch talent, companies will need to take an old school approach. The recruiter is often a candidate’s first contact with a potential employer company. And the way the recruiter conducts themselves serves as a reflection of the company’s core values. At least, that is how candidates see it.

Tech Jobs

The Hacker News - Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success

Traditional SAT programs have long been scrutinized for their inability to drive meaningful behavioral changes. In fact, 69% of employees admit to "intentionally bypassing" their enterprise's cybersecurity guidance.

Security

Information Week - How Today’s CIOs Drive Value

Organizational agility has its roots in IT because software development was the first to adopt agile mindsets and methodologies. Among them, minimally viable products (MVPs) and proofs of concept (POCs) help IT departments demonstrate the potential value of a solution faster than the old waterfall method. Agile practices also involve collaboration among stakeholders, which accelerates the realization of business value.

Leadership

Computerworld - LLM deployment flaws that catch IT by surprise

For example, if an end user innocuously — or an attacker maliciously — inputs too much data into an LLM query window, no error message is returned and the system won’t seemingly crash. But the LLM will often instantly override its programming and disable all guardrails.

AI/Security

The Hacker News - U.S. Government Releases New AI Security Guidelines for Critical Infrastructure

"These guidelines are informed by the whole-of-government effort to assess AI risks across all sixteen critical infrastructure sectors, and address threats both to and from, and involving AI systems," the Department of Homeland Security (DHS) said Monday.

AI/Security

Information Week - How to Manage a Rapidly Growing IT Team

Missed deadlines, especially if they're becoming more frequent, is a key indicator that a team may not be accommodating rapid growth, Rafferty says. "You may also notice a rise in workload complaints or other signs of dissatisfaction from team members," she notes. If these signs are left unchecked without acknowledgment and resolution, turnover may become a key issue adversely impacting scale and growth.

IT Management

sdxCentral - Verizon DBIR paints a bleak picture of data breach landscape

Amidst the surge in data breaches involving vulnerability exploitation, Pinto pointed out a significant gap: While it takes companies that are actively fixing the vulnerability problems an average of 55 days to patch 50% of critical vulnerabilities on their estate, the median time for these vulnerabilities to be exploited by cybercriminals is as little as five days.

Security

Network Computing - BMC Acquisition of Netreo Highlights Role of OpenTelemetry, AIOps in Network Observability

“They're adding capabilities around more data for different customers across DevOps across IT operations, infrastructure, platform engineers, and they're driving more opportunities with their customers to better understand metrics, logs, traces, and events that are foundational for any of these discussions,”

Network Management

Forbes - The Danger Of Zombie Leaks

GitGuardian issues an annual report called "The State of Secrets Sprawl," covering things we discovered about secrets that have been accidentally published to public repositories in the past year. One of the call-outs in the 2024 report had to do not just with the number of secrets we discovered published to GitHub but what happened after we discovered them.

Security

GeekWire - GeekWire: Generative AI is a dual concern for cybersecurity industry — and will drive increased labor demand

“The amount of creativity, the amount of patience, the amount of thinking outside of the box, the amount of not just following instructions, but having real creativity, using all the different skill sets you have, become really important in how we’re able to be cyber warriors,” he said. “How we’re able to protect things.”

AI/Security

CIO Influence - What is the Difference Between Data Engineering and Data Management?

Recent advancements in hybrid cloud, artificial intelligence, the Internet of Things (IoT), and edge computing have precipitated the exponential growth of big data, introducing greater complexity for enterprises to navigate. Consequently, establishing a robust data management discipline within organizations has become increasingly imperative to address challenges such as data silos, security vulnerabilities, and decision-making bottlenecks.

Data Management

Computerworld - What Capgemini software chief learned about AI-generated code: highly usable, ‘too many unknowns’ for production

According to Capgamini’s own survey data, seven in 10 organizations will be using generative AI (genAI) for software engineering in the next 12 months. Today, 30% of organizations are experimenting with it for software engineering, and an additional 42% plan to use it within a year. Only 28% of organizations are steering completely clear of the technology.

AI

Information Week - Transform Data Leadership: Core Skills for Chief Data Officers in 2024

Key among these skills is strategic visioning to align data initiatives with business goals, the ability to articulate the value of data-driven decisions across various levels of the organization, and stakeholder management skills to navigate diverse interests and foster collaboration.

Data Management

Becker's Health IT - Why Ardent isn't focusing on 'technology just for technology's sake'

For example, digital ethics is paramount as we advance in healthcare technology, especially with the integration of AI. We've got to be really focused on ensuring that we have proficiency around digital ethics so that we can ensure patients are receiving equitable care and avoid health disparities while leveraging data responsibly.

IT Management

InfoWorld - How cloud cost visibility impacts business and employment

What rings true is that engineers are on the frontline in controlling cloud costs. Indeed, they drive most overspending (or underspending) on cloud services and the associated fees. However, they are the most often overlooked asset when it comes to dealing with these costs.

Cloud Computing

CIO Influence - Global CIOs Challenges on AI Scaling Reveals Lenovo’s Report

In a significant shift from previous years, CIOs are prioritizing core IT functions over non-traditional responsibilities. Over half (51%) consider AI/ML an urgent priority, second only to cybersecurity. This urgency stems from the pressure to drive business impact, with 84% of CIOs now evaluated based on business outcome metrics.

IT Management

CSO - Is your hybrid/multicloud strategy putting your organization at risk?

CNAPPs, according to Gartner, Inc., “consolidate a large number of previously siloed capabilities, including container scanning, cloud security posture management, infrastructure as code scanning, cloud infrastructure entitlement management, runtime cloud workload protection and runtime vulnerability/configuration scanning.”

Cloud Computing

CIO Influence - How Software Companies Help to Manage Workforce in the IT Industry

Workforce planning must be a very close-fitting fit with the overall organizational business strategy. IT business leaders must work out the organization’s operating and strategic goals when designing a workforce plan. This consideration helps to identify the short-term and long-term resource requirements. Additionally, the plan must be flexible enough to allow changing business needs while ensuring that the firm has the right talent to make the business successful.

IT Management

SiliconANGLE - AI-powered metadata: Informatica’s role in the future of data management

As we have discussed in past articles about the Sixth Data Platform and the rise of the Intelligent Data Platform, integrating islands of metadata into a coherent knowledge graph presents numerous challenges. AI will play a crucial role in this integration, but human in-the-loop remains critical, especially in ensuring data quality, consistency and governance. The complexity of creating a unified metadata platform is significant, as it involves harmonizing diverse data types and structures across different systems and applications.

AI/Data

Network Computing - What is Wi-Fi 6? (802.11ax), How Fast is it, and What are its Benefits?

Why would you want the flexibility of selecting either Wi-Fi 5 or Wi-Fi 6 for a device? Hands down, Wi-Fi 6 is the preferred choice because of its enhanced speed and connectivity, which creates far less congestion on your network. Wi-Fi 6 is also backwards-compatible with older devices that run Wi-Fi 5. However, if you are using older devices that do not support Wi-Fi 6, you will not be able to take advantage of Wi-Fi 6 capabilities because the devices will fall back into operation at the Wi-Fi 5 level.

Network Management

VentureBeat - Forrester’s top 5 cybersecurity threats for 2024: Weaponized AI is the new normal

With the goal of democratizing weaponized AI and profiting off of attackers’ demand for the latest technologies, attack groups that include APTs and nation-states are selling ransomware-as-a-service, FraudGPT starter services, IoT attack services and selling knowledge of how to fine-tune malware-less attacks that the current generation of cybersecurity systems can’t detect. CrowdStrike’s 2024 Global Threat Report found that malware-free attacks increased from 71% of all attacks in 2022 to 75% in 2023.

AI/Security

sdxCentral - Zscaler reports phishing attacks to get worse as cybercriminals tap AI

Phishing affects all industries, exploiting the human element as a common vulnerability. The finance and insurance sector experienced the highest number of phishing attempts, with attacks increasing by 393 percent from the previous year. Meanwhile, manufacturing saw a 31 percent uptick in phishing attacks. These two sectors and the technology sector — where attacks surged by 114 percent — are leading adopters of AI tools. Together, the sectors accounted for 35 percent of AI/machine learning (machine learning) transactions on the ZTE.

AI/Security

VentureBeat - Microsoft deputy CISO says gen AI can give organizations the upper hand

Microsoft Copilot for Security is informed by large-scale data and threat intelligence, including more than 78 trillion security signals processed daily, and coupled with large language models to deliver tailored insights and guide next steps, which makes it far easier to detect more subtle attacks and significantly reduce response times, even to the point where security teams can stay ahead of cyber criminals.

AI/Security

Datanami - Gartner Identifies the Top Trends in Data and Analytics for 2024

“D&A leaders must demonstrate their value to the organization by linking the capabilities they are developing and the work they do to achieve the business outcomes required by the organization,” said Ramakrishnan. “If this is not done, issues such as misallocation of resources and underutilized investments will continue to escalate, and D&A will not be entrusted with leading the AI strategy within the organization.”

Data & Analytics

The Hacker News - Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM

This approach offers a unique perspective because it considers not just vulnerabilities, but how attackers could actually exploit each weakness. And you may have heard of Gartner's Continuous Threat Exposure Management (CTEM) which essentially takes Exposure Management and puts it into an actionable framework. Exposure Management, as part of CTEM, helps organizations take measurable actions to detect and prevent potential exposures on a consistent basis.

Security

Datanami - Losing control of your company’s data? You’re not alone

The more they sign up for new applications, the more control these companies lose of what should ideally be a single, interacting, unitary asset across the data layer. The more they migrate to public clouds while holding on to an application-centric, fragmentary data view of IT, the more control they lose, and the harder data integration becomes.

Data Management

Information Week - No Fear, AI is Here: How to Harness AI for Social Good

However, our job as tech leaders is not only to motivate capable teams, but to also provide them with frameworks for finding new ways of responsibly leveraging technology for good. To do so, we’ll need to stay grounded in the fundamentals of science -- facts, data, and measurement.

AI

ZDNet - Bank CIO: We don't need AI whizzes, we need critical thinkers to challenge AI

In working closely with AI, Mai discovered an interesting twist in human nature: People tend to disregard their own judgement and diligence as they grow dependent on these systems. "As an example, we found that some humans become lazy -- they prompt something, and then decide, 'ah that sounds like a really good response,' and send it on."

Automation & Productivity

Information Week - OpenAI Enterprise API Expands Offerings, Eyes Growth and Safety

What we’ve seen already since the launch of ChatGPT is that we have 92% of Fortune 500 companies already using ChatGPT in some way. What we are announcing now in this version are the changes from a pricing and cost perspective, we introduced batch API that lets people do asynchronous requesting, and we introduced a provision throughput, which lets people commit to a certain throughput and get a discount for it. We want more people to build with our API and not have to worry about spending more.

AI/API

SiliconANGLE - Security budgets are growing, but so is vendor sprawl

This data represents a standout revelation from the survey in that 70% of customers see their security budgets growing by 5% or more, a strikingly high rate of security spending compared with IT spending at large. The data further shows that more than half of the surveyed firms are increasing their security investment by 5% to 14%. Notably, an astonishing 14% of respondents are engaging in what we classify as “hypergrowth” in spending, exceeding a 15% increase.

Security

eWeek - 9 Best Business Automation Software in 2024

Business automation software automates repetitive and mundane tasks in a wide variety of business processes, including invoicing, marketing, customer service, data entry, customer communication, and workflow management.

Automation & Productivity

GovTech - How Should Government Guide the Use of Generative AI?

“We found that the principle-based approach was very effective, because it didn’t require us to anticipate every single potential use case that could emerge in this area,” Loter said. “It allowed us to communicate to city employees: Go ahead and use your discretion. When you are making a decision about whether to use or not use a particular system, keep these principles in mind.”

GenAI

VentureBeat - Curbing shadow AI with calculated generative AI deployment

Today IT staff can access LLMs and GPUs-as-a-service from an array of public cloud providers or from specialists offering API access to build gen AI services. As these LLMs become both smaller and easier to use it’s easy to envision knowledge workers creating their own bespoke digital assistants simply by picking their way through drop-down menus on laptops or speaking commands into their smartphones.

AI

CIO Influence - Building Security from Scratch: Key Steps in Implementing Zero Trust Architecture

The Zero Trust architecture’s center consists of policy decision points (PDPs) and policy enforcement points (PEPs) within the corporate network. These components allow the creation of data enclaves and microperimeters. PDPs and PEPs act as collection points for security information and as decision hubs for critical decisions regarding transaction path or policy enforcement, such as requiring additional authentication factors or denying untrusted requests.

Security

VentureBeat - Palo Alto Networks’ CTO on why machine learning is revolutionizing SOC performance

We’re moving away from investigating an attack once every few hours or once every few days to investigating 10s of millions or 100s of millions of potential attacks every second. Humans can’t do that we need machine learning.

Security

sdxCentral - Why both vendors and buyers are pushing for security platformization

“Look at products based on the functionalities that they’re offering,” he said. “So, are your users happy with them? Are the admins happy with the tools? Because you may have a tool that your admins love, and if you take it away from them because you’re going into a different platform and they don’t like it, they may have an issue with that.”

Security

Network Computing - Fixed Wireless Access Benefits Extend to Enterprises

Fixed Wireless Access (FWA) has surged in recent years to support both residential and enterprise connectivity due to its ease of deployment along with the more widespread availability of 4G LTE and 5G Sub-6GHz networks, which offer increased throughput and reliability, comparable in many cases to more traditional fixed broadband technologies.

Network Management

VentureBeat - Exclusive: Visa’s CIO shares insights on generative AI’s transformative potential in payments industry

Visa is exploring the use of generative AI to bolster its already robust fraud detection and risk management capabilities. “As we look to the future, gen AI’s capacity to process and learn from vast amounts of data could significantly enhance our fraud models. By leveraging better insights, we are exploring how to further bolster our fraud detection capabilities,”

GenAI

CIO Influence - Innovating Security Operations: The Role of Generative AI

In this ever-changing landscape of cybersecurity threats, organizations always search for new ways to strengthen their security operations. That is why generative AI technology has recently captured the greatest attention in cybersecurity. Following the launch of OpenAI’s ChatGPT in November 2022, many have been talking about how this technology could maliciously build malware and phishing content or how automation and augmentation of security processes could make it workable.

AI/Security

The Hacker News - 10 Critical Endpoint Security Tips You Should Know

Adhering to the principle of least privilege can help you strike the right balance between security and functionality. The principle of least privilege works by allowing only enough access for a user, program, or process to perform its function.

Security

ZDNet - Do employers want AI skills or AI-enhanced skills? That could depend on you

"People in this field must be comfortable using Copilot to code faster and more efficiently, Looking ahead, there are other tools coming out that will allow a solutions architect to describe a problem -- or even an idea for how to solve a problem -- to an AI platform, and it will produce an elastically scalable and implementable diagram."

Tech Jobs

Network Computing - Cloud-Native Software: What it Is, How We Got Here, and Why it Matters

With so many application functions handled via existing cloud services, developers can write cloud-native applications much more quickly and inexpensively. They can also continually update and experiment with software capabilities—and continually bring new features to users—with far less cost and risk.

Cloud

Information Week - A New Era for CISOs: Navigating Regulations and Unprecedented Threats

This begins at the executive level. It’s a good idea for CISOs to develop close working relationships with the CEO (chief executive officer), CFO (chief financial officer), and CLO (chief legal officer. If each of these relationships is strong, then everyone can ensure that technology investments- - including the latest in cloud and AI technology -- are assets to business and financial outcomes without causing legal trouble.

Security

Network Computing - How to Get the Maximum Value Out of Network Automation

"There are distinct types of multi-clouds, each with its own unique management requirements," he notes in an email interview. Public cloud-to-public cloud is one type; another is private cloud-to-hyperscaler cloud. "With so many different applications and platforms in play, all parties must work within the same definition of multi-cloud," he notes. Without it, stakeholders are adding extra fragmentation on top of the existing technical complexities.

Network Management

eWeek - Creating a Winning AI Business Strategy: 8 Steps

There’s also a wide range of prebuilt AI tools that won’t require you to adjust any deep learning algorithms or training data. Instead, you’ll simply work with the vendor or their platform to adjust the AI to your specific needs. You’ll also need to determine if you want to invest in more generic AI solutions — such as chatbots, copilots, and AI automation tools — or if you’re interested in a more specialized solution that is designed for your industry or a enterprise specific use case.

AI

sdxCentral - What is AI networking? Use cases, benefits and challenges

AI networking can optimize IT service management (ITSM) by handling the most basic level 1 and level 2 support issues (like password resets or hardware glitches). Leveraging NLP, chatbots and virtual agents can field the most common and simple service desk inquiries and help users troubleshoot. AI can also identify higher-level issues that go beyond step-by-step instructions and pass them along for human support.

Network Management

Forbes - Cybersecurity In A Data-Driven World: The Problem Of Invalid Data

The challenge isn’t that the data doesn’t exist. Conversely, data has quickly become the crown jewel for most organizations, and the cyber data that surrounds it is invaluable. The challenge lies in cataloging, collecting, organizing and analyzing the supporting cyber data in a way that enables leaders to make informed decisions based on ground truth, in real time.

Data Management

Network Computing - Good Things Happen when Network Engineers Internalize Spider-Man’s Mantra

The risks are not just due to mistakes – typos, misconfigurations, or other changes that unintentionally create a ripple effect of instability in other parts of the network. Malicious behavior is also a risk. I have personal experience working for a very large service provider that had to terminate one of its senior network engineers. Before the company was able to decommission his access, he was able to get into the network from home, lock them out of all their core routers, and demand a ransom

Network Management

InfoWorld - How RAG completes the generative AI puzzle

RAG brings to generative AI the one big thing that was holding it back in the enterprise: an information retrieval model. Now, generative AI tools have a way to access relevant data that is external to the data the large language model (LLM) was trained on—and they can generate output based on that information. This enhancement sounds simple, but it’s the key that unlocks the potential of generative AI tools for enterprise use cases.

AI/RAG

Blocks & Files - NetApp AI expert says calculating text data estate vector embeddings could take minutes

He made the point that an organization’s text-based data estate might not be as large as all that. “If you take Wikipedia, for example, which is a significant corpus of text representing most of the world’s knowledge, the textual form of Wikipedia is less than 40 gigabytes.”

AI/Data

Dark Reading - 5 Hard Truths About the State of Cloud Security 2024

"A lot of people think they're outsourcing security to the cloud provider. They think they're transferring the risk," Kindervag says. "In cybersecurity, you can never transfer the risk. If you are the custodian of that data, you are always the custodian of the data, no matter who's holding it for you."

Security

Forbes - Meeting Cyber Risk Objectives In An AI-Infused World

Adoption of AI introduces an organization to a specific set of risks. AI will be generating conclusions, and its accuracy is proportionate to how much data it is fed. Adverse impacts can result if data integrity goes unchecked or inadequate security architecture leads to data leakage. Cyber teams must understand AI assets and impacts before implementation and be able to explain these to compliance officers, who will establish a framework for risk assessment

AI/Security

CIO Influence - Review of Secured Operating System: Windows, Linux, MacOS and ChromeOS

In this article, you’ll explore the operating systems, gaining valuable insights into their privacy features and security measures. It will give an overview and review criteria, encompassing factors such as ease of use, compatibility, and performance. Let’s understand each OS’s emphasis on privacy, security, and anonymity, scrutinizing their key security features, practical applications, and strengths and weaknesses.

Security

Dark Reading - Lessons for CISOs From OWASP's LLM Top 10

OWASP recently released its top 10 list for large language model (LLM) applications, in an effort to educate the industry on potential security threats to be aware of when deploying and managing LLMs. This release is a notable step in the right direction for the security community, as developers, designers, architects, and managers now have 10 areas to clearly focus on.

Security

SiliconANGLE - Coalition reveals uptick in cyber insurance claims driven by ransomware in 2023

More than half of all claims lodged with Coalition last year related to business email compromise or funds transfer fraud, with one common factor: They were attacks that came through email. The report notes that more than half of claims were related to email attacks, highlighting the importance of email security as a key aspect of cyber risk management.

Security

Information Week - Why Your Enterprise Should Create an Internal Talent Marketplace

Internal talent marketplaces are intelligent platforms designed to connect employees with the career opportunities and resources necessary for professional growth. Powered by AI-matching algorithms, talent marketplaces allow managers to view candidates for specific job roles without the involvement of a recruiter. Gartner predicts that by 2025, 30% of large enterprises will have deployed a marketplace to optimize talent utilization and agility.

Tech Jobs

The Next Web - The top programming languages to learn if you want to get into AI

The real task is to look beyond the hype and headlines to figure out what language best suits your skill set and interests, leaving you well-positioned to meet the growing market demand. Read on to explore what language you should be looking at if you want to explore a career in AI.

Tech Jobs

Information Week - How Developers of All Skill Levels Can Best Leverage AI

Increased AI adoption has come with its challenges. Studies, like this one done by GitClear, note that AI use in the development process has exacerbated code churn; it’s expected to double by the end of the year. This is often a result of mishandling or misunderstanding AI in the software space. This means poor quality, AI-generated code stands to become a large business pitfall and compound technical debt if not handled properly.

AI/DevOps

Cyber Defense Magazine - AI is Revolutionizing Phishing for Both Sides. What will make the Difference?

“If it ain’t broke, don’t fix it.” Phishing as a cybercrime model has always been successful. Thus, we see phishers using generative AI to recreate the same old techniques, only better. The result? An unheard-of 1,235% increase in phishing emails since the launch of ChatGPT.

AI/Security

ComputerWeekly - Five reasons why – and when – cloud storage is the answer

Being able to scale up and down remains one of the biggest draws for cloud storage – customers pay for what they use, when they use it. In the storage context, this is useful to match capacity to seasonal workloads, to bring capacity online for analytics or research purposes, and increasingly, machine learning and AI.

Data Storage

Data Center Frontier - U.S. Contains Fully Half of 1,000 Hyperscale Data Centers Now Counted Globally, as Cloud Giants Race Toward AI

The firm's latest research is based on an analysis of the data center footprint of 19 of the world's major cloud and internet service firms, including the largest operators in the sectors for SaaS, IaaS, PaaS, search, social networking, e-commerce and gaming.

Data Management

CIO Influence - Gen AI That Drives Business Value? Focus on These Four Things

When considering Gen AI initiatives, take into account your org’s entire data journey, from data production through data presentation, and then identify where AI can augment processes. Gen AI becomes much more valuable when used to address a clearly identified gap or opportunity and powered by high-quality, timely data.

AI/Data

SiliconANGLE - Zscaler report warns of AI’s growing role in sophisticated phishing attacks

With generative AI now freely and frequently available, cybercriminals have been using it to rapidly construct highly convincing phishing campaigns that surpass previous benchmarks of complexity and effectiveness. Using AI algorithms, threat actors can swiftly analyze vast datasets to tailor their attacks and easily replicate legitimate communications and websites with alarming precision.

Security

CIO Influence - AI Integration Roadmap Planning for Cybersecurity Experts

AI, a domain of computer science, deals with the creation of machines that can carry out tasks that are regarded as human; cybersecurity, on the other hand, safeguards digitally set-up systems. These areas thus merge with real-world information that has been ciphered by the cybersecurity system used to train AI for an increased level of threats.

AI/Security

Network World - Network jobs watch: Hiring, skills and certification trends

“The most challenging thing for me is the lack of network engineers who can contribute to automation,” said a network engineer at a midmarket business services company in the EMA report. “The community is small, and it’s hard to find people who can help you solve a problem.”

Network Management

Diginomica - The US Government's big question - where do we find 100 Chief AI Officers by the end of May?

It is worth noting though that things are not being helped in general terms by a marked lack of AI expertise in public sector IT teams. It is currently well below the industry average in skills gap terms, according to research from Salesforce. For instance, only just under a third (32%) of tech professionals understand generative AI use cases, such as content creation and data analytics. A mere 30% claim to be experts in implementing AI within their organization.

Tech Jobs

TechReport - LastPass Users Hit by Major Phishing Scam: Master Passwords Breached

As LastPass mentioned in its official blog, it found a parked domain (help-lastpass[.]com) and immediately started monitoring it in case the site went live. As it happened, the site did go live and started attacking LastPass users. The company then immediately worked with its vendors and took it down.

Security

sdxCentral - Forrester warns of deepfakes and AI supply chain security threats

As generative AI (genAI) goes mainstream, prompt engineering, prompt injection and sensitive data spillage will move to the top of every security team’s threat list. These AI response risks could come from genAI applications like Microsoft Copilot and Anthropic Claude, or internally developed applications with sensitive data sets trained on enterprise data.

AI/Security

Information Week - GPUs Force CIOs to Rethink the Datacenter

All of which leads directly to the datacenter. As AI goes mainstream, organizations must adapt, says Teresa Tung, Cloud First Chief Technologist for Accenture. It isn’t enough to understand where GPUs deliver strategic gains, CIOs must make critical decisions about when to use GPUs or CPUs and whether to handle training, inferencing, and other tasks on premises or in the cloud.

AI/Data

Network World - Networking among tech roles forecast for growth in 2024

“On a numeric basis, software developers, systems engineers and cybersecurity analysts, network architects, and IT support specialists recorded the largest gains in employment,” the report states.

Tech Jobs

AiThority - Looking for an AI Career? Here’re the 10 Most Employable Degrees for AI Professionals

Out of all 1,790 degrees related to Computer Science, 294 produced graduates that were employed both a year and four years after completing their studies. Only 23 of them had median earnings data available for the fourth year after graduation. These were ranked from highest to lowest to reveal the best-paying degrees for an AI career with 100% employability.

Tech Jobs

ZDNet - Meet your new IT superhero: Citizen developers flex their AI muscles

"Ultimately, this is going to mean higher success rates for technology initiatives. Traditionally IT projects have a very high failure rate. It's because there is a lack of overlap between domain expertise and knowing what it is that you're trying to actually solve. And understanding the tools you're trying to solve it with."

IT Management

StateTech - Rethinking the Weakest Link in State Government Cybersecurity

Ransomware attacks targeting cities, states, municipalities, law enforcement and other public entities are expected to grow, according to Zscaler’s latest Ransomware Report. These entities often have a very low security posture to protect critical data and systems and typically rely on legacy technologies, making them attractive targets for cybercriminals seeking easy payouts or valuable information that they can sell.

Security

Network World - Network jobs watch: Hiring, skills and certification trends

“Based on our analysis, the IT job market and opportunities for IT professionals are poor at best. In the past 12 months, telecommunications lost 26,400 jobs, content providers lost 9,300 jobs, and other information services lost 10,300 jobs,” said M. Victor Janulaitis, CEO at Janco, in a statement. “Gainers in the same period were computer system designers gaining 32,300 jobs and hosting providers gaining 14,000.”

Tech Jobs

Data Center Frontier - DOE Study: AI Boom Breeds Localized Energy Constraints, But Grid Can Meet Long-Term Demand

The 2024 Report to Congress on U.S. Data Center Energy Use is designed to assess how surging interest in artificial intelligence (AI) is impacting the technology industry’s use of electricity. Demand for AI will likely alter the geography of digital infrastructure, but isn’t going to gobble up all the power on the electric grid, say government researchers from Lawrence Berkeley National Laboratory (LBNL), part of the Department of Energy.

AI/Data

Information Week - 8 Cloud Migration Challenges

An emerging class of capabilities such as Cloud Security Posture Management (CSPM), and Cloud Native Application Protection Platform (CNAPP) are being used by security teams to provide real-time visibility into security misconfigurations or otherwise suspicious activity that requires investigation.”

Cloud

CIO Influence - AI Integration Roadmap Planning for Cybersecurity Experts

Traditional risk management processes involve manual data analysis, which is time-consuming and prone to human error. With the advent of artificial intelligence (AI), there’s a transformative shift in how businesses approach risk. AI provides tools for predictive analytics, real-time data processing, and decision-making support that can significantly enhance risk management strategies.

AI/Security

Information Week - How to Balance Disaster Recovery, Backup Systems, and Security

Increasingly sophisticated attack types, which might include AI-powered threats, can make finding the right approach a challenge especially as cybersecurity is often seen as a cost rather than an operational benefit. This can lead to conversations in the C-suite about what measures are worth taking to secure data and systems while also trying to ensure continuity of business.

Security

VentureBeat - Psychological safety is key to managing security teams

The reality of life as a security expert is that you’re regularly trauma-bonding with your team. You and your peers are constantly resolving high-stakes, heavy-collaboration, little-room-for-error incidents together, and this intense type of work is a core function of your day-to-day lives. If you don’t feel able to communicate comfortably with your team, you’re in trouble.

Security

sdxCentral - Gartner ups 2024 IT spending forecast to top $5 trillion — what’s behind the growth?

“The talent gap in key IT skillsets is widening, causing enterprises to turn increasingly to IT service firms for expertise. This trend is pushing consulting spend to outpace internal IT staff investment for the first time.”

IT Management

VentureBeat - Why LLMs are predicting the future of compliance and risk management

“By adopting cloud technologies and moving away from on-premises solutions, we’ve seen a drastic reduction in both infrastructure and operational costs—by approximately 40% and 150%, respectively,” Carlson noted. These changes have not only simplified operations but also greatly increased the scalability of Relativity’s services, crucial for handling their extensive document loads.

AI/LLM

eWeek - What is Retrieval Augmented Generation? How it Works & Use Cases

Large language models (LLMs) are trained on vast volumes of data. They are like well-read individuals who have a broad understanding of various topics and subjects. They can provide general information and answer various queries based on their vast knowledge-base. But to generate more precise, reliable, and detailed responses backed up by specific evidence or examples, LLMs often need the assistance of RAG techniques. This is similar to how even the most knowledgeable person may need to consult references or sources to provide thorough and accurate responses in certain situations.

AI/RAG

InfoWorld - Cloud cost management is not working

The results come as regional cloud workloads are predicted to increase significantly over the next two years. Workloads for applications in IT ops are predicted to grow 51%, hybrid work 55%, software creation platforms and tools 42%, and digital experiences 40%; these will be the fastest areas to grow.

Cloud

Information Week - What CIOs Can Learn from an Attempted Deepfake Call

“The fact that they [the threat actor] were able to put something together that was at least passable, I think is what's really interesting and represents that … proliferation and that escalation that we've been concerned about with this technology for years now,” says Kosak.

Security

Security InfoWatch - Egress: Millennials are key target of top phishing trends

Social engineering has also increased, now representing 19% of phishing attacks and phishing emails are over three times longer than they were in 2021, likely due to the increase in use of generative AI. On the other hand, the use of attachment-based payloads has decreased since 2021; three years ago, these accounted for 72.7% of attacks detected by Egress Defend, and by the first quarter of 2024, this had fallen to 35.7% as threat actors evolve their payloads to evade cybersecurity efforts.

Security

ITPro Today - How to Choose a Storage Solution for AI Training Data

Irregular data access: AI models typically only access training data when they're actively training or retraining — events that may happen on an irregular, unpredictable basis. As a result, it can be tough to predict exactly how frequently the data will need to be made available. This can affect storage strategies because some storage solutions (like "cold" cloud storage) don't make data readily available, so not knowing ahead of time exactly when you'll need the data can pose problems.

AI/Data

CIO Infuence - Understanding Red Teaming for Generative AI

Red teaming has found a new ground in its recent past: stress-testing generative AI across safety, security, and social biases. The risks in the industrial context of generative AI differ from those of conventional software models, and potential hazards range from hate speech, pornography, false facts, copyrighted material, or even the disclosure of private data like phone numbers and social security numbers.

AI/Security

sdxCentral - Gartner crowns Netskope, Palo Alto Networks, Zscaler as SSE leaders

The analysis firm defines SSE as a security framework that safeguards access to the web, cloud services and private applications regardless of user location, device or Application hosting, which enhances security and visibility for software-as-service (SaaS), platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS).

Security

Information Week - Working With Non-IT Users Who Do IT

IT must get involved as soon as multiple system boundaries get crossed, because linking these systems together requires technical integration that goes beyond the scope of user IT skills. Integration is never a simple task. The process can also be time-consuming. However, if IT maintains active communications and collaboration with citizen developers, everyone can sit together to brainstorm where they foresee their applications extending in the future

IT Management

sdxCentral - What’s Next: Versa’s Kelly Ahuja talks security, the network edge and AI platforms

You need to be able to act on things faster. All that is driving a lot of pain for the current CSOs and CIOs, and they’re looking to figure out how they can keep up with all of this while staying within budget. Because budgets aren’t unlimited. Every CEO, including me, says ‘We’re gonna grow the top line.’ But we’re not necessarily gonna grow the expenses. So how do you do more with less or the same? That’s kind of what the name of the game is.

Network Management

Datanami - General Assembly Report: Tech Firms Pay Top Dollar to Secure Competent AI Professionals

The report outlines how HR leaders from across the globe – including Australia, Canada, France, Singapore, and the United States – are taking action to develop an AI-enabled workforce. Their responses are paired with actionable guidance based on General Assembly’s delivery of tech training services to Fortune 500 companies, including Microsoft, Humana, Indeed and Adobe.

Tech Jobs

CIO Influence - Will AI Replace or Enhance Cybersecurity Engineering?

In this era of cybercrime, AI finds a significant role in risk identification. Traditional security systems that are based on be a threat signature are a known thing. In contrast, AI can make proactive processes that involve analyzing behaviors and patterns before implementing the detection of an unexpected attack. Using the behavioral analysis approach, the organizations would be able to detect any misbehavior and threats, thus they could eliminate the majority of threats before these are virtually done and the damage is widely spread, that increases the overall threat detection potential.

AI/Security

Information Week - Expect the Unexpected: 3 Lessons for Building a Culture of Security

According to Layoffs.fyi, during 2023 more than 250,000 people were laid off across tech, including thousands of security professionals. While cost-cutting isn’t new, “doing more with less” doesn’t work for security. Overly aggressive job cuts can lead to increased risks, by unintentionally creating insider threats, or by untrained or over-stretched employees taking on extra work and inadvertently creating vulnerabilities.

Security

Network Computing - How CISOs Can Contend With Increasing Scrutiny from Regulators

As team leaders, CISOs already had to set and deliver on cyber strategy, a task made harder at a time when 41% of security teams are understaffed, and 51% are held back by budget constraints. It's no surprise that this pressure results in high levels of stress and burnout. Work-related stress affects 94% of CISOs, and 65% admit that it's compromising their ability to do their jobs.

Security

Dark Reading - 3 Steps Executives and Boards Should Take to Ensure Cyber Readiness

Organizational remediation efforts can and should be developed, tested, and implemented before an attack happens. It is imperative for those at the top to use this time to evaluate how well their teams will respond when thrust into a dire situation and take the necessary steps to ensure cyber readiness.

Security

CSO - Where in the world is your AI? Identify and secure AI across a hybrid environment

As more AI features are added to SaaS and cloud apps, it becomes more and more important for CISOs to find and bring these apps into their governance, risk, and compliance (GRC) programs. And that means taking a closer look at data usage and protection strategies, experts say.

AI/Security

Information Week - How to Choose Effective Business Technology

The latest technology is great, but it’s not doing its job if your customer needs a coding certificate to operate it. The vast majority of consumers have achieved a level of tech-savvy to efficiently use new tools if they’ve been designed with user experience in mind. But even the most advanced users won’t use your tech if it requires more than a few minutes of time.

Automation & Productivity

CIO Influence - How Cloud Applications are Used for Data Protection

Cloud applications operate by dividing processing logic and data storage between client-side and server-side systems. Processing occurs partly on end-user devices and partly on remote servers, with most data storage situated on the latter. Users typically interact with these applications via web browsers or APIs. While these principles are fundamental to cloud applications, the specifics of client-server interactions and their impact on user experience vary across designs.

Data Management

Information Week - How CIOs Should Be Managing and Reducing Technical Debt

Another example is a business implementing a patchwork of independent systems for different departments. Initially, this approach seems efficient, but eventually, integration challenges lead to data silos, inefficiencies in communication, and increased data reconciliation and system maintenance costs. In both cases, the short-term benefits are outweighed by long-term drawbacks, which is the essence of technical debt for businesses.

IT Management

sdxCentral - The race to cloudify the LAN – network vendors jostle for position

Enterprises have reported seeing a 90% reduction in trouble tickets. Organizations have witnessed hardware installation and configuration times drop from hours to minutes. In addition, because the management application is hosted by the manufacturer, frequent software updates and feature additions have become possible. In this way, equipment suppliers are demonstrating ongoing value to their customers, who pay recurring fees for support and software features.

Network Management

Information Week - How CEOs and IT Leaders Can Take the Wheel on Responsible AI Adoption

Rather than sit idly by, now is the time for CEOs, CTOs, CIOs and others to begin establishing their own comprehensive plans for AI safety. In partnership with IT, legal and other teams, progressive leaning stakeholders are taking matters into their own hands, defining ways to manage AI risk while meeting the needs of their workforce.

AI

Diginomica - Google Cloud Industries VP shares the dos and don’ts of generative AI projects

Tharp said that the path to adoption of generative AI will depend on a number of factors, including a company’s background, what industry it is in, what data it holds, what its profit levels are, and what ROI it is seeking. However, she added that the priority should be for organizations to get going and start testing and learning

AI

CIO Influence - AI in Cybersecurity a Threat or Not?

The emergence of sophisticated attack vectors such as polymorphic malware and “living-off-the-land” attacks underscores the necessity for modern cybersecurity approaches. Behavior analysis and detection methods are gaining prominence as they focus on identifying malicious behavior rather than solely relying on file-scanning-based anti-virus defenses. When appropriately trained, AI excels in monitoring, detecting, and responding to such malicious behaviors, surpassing human capabilities alone.

AI/Security

Network World - DIY or commercial network automation? Most network teams choose ‘all of the above’

“We have a hybrid strategy,” an IT tools architect at a Fortune 500 media company recently told Enterprise Management Associates (EMA). “We can buy some commercial tools where it makes sense. But we are also developing tools internally where we can’t get the capabilities we need from vendors. Commercial tools can meet about 80% of our needs.”

Network Management

Information Week - How to Accurately Determine an IT Project's Value

"Project leaders should have expectations mapped to the realization framework and the relative weights of benefits scored," Natarajan says. "The value realization formula should be consistently applied across the [project] lifecycle and actively used for decision support."

IT Management

Computerworld - Do cloud-based genAI services have an enterprise future?

Through 2025, 30% of genAI projects will be abandoned after proof of concept (POC) due to poor data quality, inadequate risk controls, escalating costs, or unclear business value, according to Gartner Research. And by 2028, more than half of enterprises that have built their own LLMs from scratch will abandon their efforts due to costs, complexity and technical debt in their deployments.

AI/Cloud

VentureBeat - Telesign’s Verify API goes all in with AI and ML to secure omnichannel growth

The more successful a fraud attack is, the more it damages a brand. E-commerce fraud decimates brands, goodwill and trust, driving customers away to competitors. It’s on CIOs and CISOs to get e-commerce fraud detection and response right. Telesign found that 94% of customers hold businesses accountable and believe they must be responsible for protecting their digital privacy.

Privacy & Security

FedScoop - How Google Cloud AI and Assured Workloads can enhance public sector security, compliance and service delivery at scale

One challenge that remains at the forefront of those efforts is ensuring that today’s increasingly dynamic and distributed IT environments continue to meet the government’s complex security, regulatory and data privacy compliance rules — while learning how best to capitalize on AI’s potential to serve the public.

IT Management

Network Computing - Where Are You on the Cybersecurity Readiness Index? Cisco Thinks You’re Probably Overconfident

“We cannot underestimate the threat posed by our own overconfidence,” he said. Today’s organizations need to prioritize investments in integrated platforms and lean into AI to operate at machine scale and finally tip the scales in favor of defenders.”

Security

Network World - Enterprises struggle with network reliability, security: survey

The survey data shows that businesses as an alternative or supplement to fiber and wired connections are turning to cellular networks to ensure better connectivity for specific business and technology functions. For instance, 37% of respondents said they use cellular to support security and surveillance systems, and 33% use cellular for critical operational infrastructure

Network Management

SiliconANGLE - State agency proves DevOps and mainframes can coexist

Most of the department’s applications are based on Adabas, an inverted list database from 1971, and about 80% were written in the companion Natural programming language, which was launched in 1979. Although cloud-native development is often associated with more contemporary information technology infrastructure, Software AG has continued modernizing Adabas and Natural to keep them in line with cloud-native constructs. The company has said it will support both at least through 2050.

IT Management

The Hacker News - Code Keepers: Mastering Non-Human Identity Management

To manage non-human identities and secrets at scale you need a bird's-eye view of all machine identities in your systems. From ownership details to permissions and risk levels, all this critical information needs to be centralized, empowering your security teams to understand the secrets landscape thoroughly. No more guessing games—just clear insights into non-human identities and their potential vulnerabilities.

Security

Infosecurity Magazine - Preparing for AR’s Influence on Cybersecurity

Furthermore, malicious threat actors can look to misuse AR technology to create convincing deepfakes to dupe unsuspecting victims or to spread misinformation in the coming months due to both the UK and US having significant political elections this year. This is just the tip of the iceberg of emerging threats that surround the AR world, and much attention is required to ensure these spaces are protected.

Security

Network Computing - How Cisco sees Silicon One Easing Network Convergence and Helping with AI

Regarding web scalers, Eyal noted that two kinds of networks in data centers are critical to running AI apps. In addition to the front-end network we’re all familiar with, there’s a back-end network, typically InfiniBand, that has historically been used to connect storage clusters and the like. Cisco also sees Ethernet as a solution, especially in the world of web-scale.

Network Management

Information Week - A Roadmap for AI Products in an Age of Hyper Darwinism

Define the right tools for the right job. AI is the acronym du jour, but it should not distract from the core focus of any product team, customer delight. Whether designing toasters or writing physics simulation software, customer centricity reigns supreme. Knowing which problems to solve and which technologies most appropriately solve those problems are the two most important concepts any product team can grok -- AI or not. However, in this environment, they assume differential complexity.

Automation & Productivity

eWeek - SentinelOne’s Gregor Stewart on AI in Cybersecurity

One of the challenges presented by the rise of artificial intelligence is that hackers have AI and know how to use it – they often use AI to launch effective cyberattacks. So for today’s companies, AI is no longer optional; they must use it or be essentially defenseless. As a result, some companies have rushed to deploy AI without fully planning or understanding its uses.

AI/security

Information Week - AI: Friend or Foe?

“For the next few years, AI’s impact will be more like that of a team member with a unique specialty that boosts overall team productivity. AI is advancing quickly, but it is nowhere close to having some key elements of human intelligence that employees use every day.”

Automation & Productivity

eWeek - AI CRM Use Cases: 10 Top Examples and Platforms Explored

AI’s integration with CRM helps organizations get a deeper understanding of customer behaviors, preferences, and patterns, which in turn paves the way for higher customer satisfaction through more personalized and more efficient interactions. To make the most of AI in CRM, organizations need to ensure data accuracy, privacy, and security, as these best practices form the foundation of all customer relationships.

AI/CRM

AiThority - Artificial Intelligence for Cybersec Professionals: TeKnowledge Expands Cybersecurity Capabilities in AI Era

TeKnowledge’s advanced training programs address the nuances of AI in cybersecurity. These programs go beyond traditional cybersecurity training and are wisdom-led, looking into the intricacies of AI-powered threats and the defensive strategies required to counteract them. From understanding AI-driven phishing attacks and malware to mastering the art of AI-based threat detection and response, the curriculum is comprehensive and cutting-edge.

Security

SiliconANGLE - Box’s strategic leap: Embracing AI to transform unstructured content management

“One of the things that a lot of customers are doing and should do right now is to pick their platforms. Who are they going to trust to not only give them AI capabilities right now, but also in the future?” said Kus, highlighting the strategic considerations businesses must navigate in adopting AI technologies.

AI/Content Management

A Call for Technology Resilience

For each of your mission-critical IT functions, you should assess staff roster depth and then describe the holes and the risks. If training or cross-training can’t address them, outside recruiting or consulting services might be needed. Whatever tack you take, this assessment enables the board, the CEO, and other C-level executives to see the risk, and they can understand why investments in key skills and personnel are necessary for corporate success.

IT Management

Network Computing - Modernizing IT Networks for Higher Education Facebook X LinkedIn Reddit

Information technology teams at institutions of higher learning face unique network challenges based on lean budgets and lengthy evaluation and approval processes to upgrade any hardware or software components. Yet IT managers are still responsible for securing and managing sensitive financial and personal information for students, instructors, and administrators.

Network Management

VentureBeat - Key takeaways from Forrester’s Top Trends in IoT Security 2024

Forrester believes nine dominant trends will define the current and future landscape of IoT security. One of the report’s main takeaways is that closing the many security gaps between IoT sensors, systems and legacy infrastructure is becoming more challenging. That’s especially the case in healthcare and manufacturing, two industries under siege from cyberattacks.

IoT Security

Information Week - 7 Top IT Challenges in 2024

Meanwhile, organizational attack surfaces continue to broaden, providing bad actors with more potential points of compromise. AI and generative AI both play a part here out of necessity. However, as always, not everything that needs to be addressed has to do with technology. IT departments and other stakeholders need to ensure that people and processes also align with the new realities.

IT Management

Computerworld - Enterprise buyer’s guide: How to choose the right UEM platform

Connected, data-intensive and ubiquitous, endpoint devices — ranging from PCs and smartphones to internet of things (IoT) devices — are among the most valuable IT assets an organization can have. For a growing number of enterprises, unified endpoint management (UEM) is the platform of choice for managing endpoints and keeping them from becoming security, privacy, and regulatory compliance risks.

Security

Information Week - Critical Measures CIOs Should Consider Before Modernizing

However, today's app modernization programs are becoming increasingly complex and fraught with multiple risks due to the growing diversity of application portfolios and heterogeneous IT landscape. IDC predicts by 2027, 53% of enterprises in the US will have 500 or more applications.

IT Management

Information Week - Cyber Risks When Job Hunters Become the Hunted

Job search platforms, like any other application, are vulnerable to web exploitation. Threat actors could seek to inject code via malicious links, allowing them to steal data or gain access to administrator accounts and move laterally throughout the system. Threat actors could also target these platforms with web scraping attacks.

Security

Cyber Defense Magazine - The Role of Identity Data Management in Achieving CISA’S Strategic Goals

Firstly, organizations need to develop a clear understanding of what identity data is. One major issue that tends to be overlooked in cybersecurity discussions, even by esteemed organizations like CISA, is the nuanced role of identity that extends beyond human users. When we say “identity,” it’s not just about ‘John Doe’ accessing his workstation. It’s also about a specific microservice querying a database or an IoT device reporting metrics.

Security

ITPro Today - Pros and Cons of IT Jobs in Education

Likewise, if you work for an EdTech company, you're likely to be further removed from the education environment. You probably won't work on-site at a school or university; instead, you'll typically be deploying and managing EdTech software that users access remotely. Your job may feel more like a generic IT job than an IT job devoted to the education sector.

Tech Jobs

Diginomica - How compliance automation can #acceleratetrust

New compliance automation platforms are helping to streamline this process. A recent Drata survey found that 75% of early adopters see continuous compliance accelerate business opportunities, establish trust, and improve cybersecurity. Conversely, 76% of those with a manual approach consider it a burden.

Automation & Productivity

Network Computing - The Complexity Cycle: Infrastructure Sprawl is a Killer

You can see evidence of the complexity cycle in the evolution of network and app services automation. From imperative APIs that required hundreds of individual API calls to configure a system to today’s declarative APIs that use only one API call. It’s easier, of course, but only the interface changed. The hundreds of calls mapped to individual configuration settings still need to be made, you just don’t have do it yourself.

Network Management

Computerworld - A phish by any other name should still not be clicked

Look for the major cyber attackers to start sending candy and flowers to these companies’ CIOs and CISOs with a note: “Thanks very much for training your customers to fall for our phishing attacks more effectively! We owe you one. We’ll connect again when we send you our ransom demands. Talk soon.”

Security

sdxCentral - Identity management is your weakest link, but you can strengthen it

“You need to lock down access to make sure that you don’t have data breaches, because if you think about it, most data breaches today are rooted in some sort of identity and access compromised, and that’s the idea that Zilla is based on.”

Security

The Hacker News - CISO Perspectives on Complying with Cybersecurity Regulations

We tapped into the CISO brain trust to get their take on the best ways to approach data security and privacy compliance requirements. In this blog, they share strategies to reduce the pain of dealing with the compliance process, including risk management and stakeholder alignment.

Security

Network Computing - Technical Debt and the Hidden Cost of Network Management: Why it’s Time to Revisit Your Network Foundations

In the context of network infrastructure, a running network is more urgent than an optimized network. New features may be added that make the network less optimal. Regular review of the infrastructure is like making interest payments on the technical debt incurred. Resources may be overloaded, or even stranded, because of moves, adds, changes, and removed connections.

Network Management

Infosecurity Magazine - How to Discover the Right AI Cybersecurity Tools for Your Security Strategy

“Everyone is jumping on the AI bandwagon because they see £/$ signs, so many vendors are trying to put an AI spin on existing, or as they’ll sell it, ‘updated’ products, that in some cases are nothing more than glorified automation tools,” he outlined.

AI/Security

Information Week - Tech Leaders Devise Strategies for Controlling Legacy Tech Costs

“Then, consider the labor and software cost differential between maintaining the legacy and modern technology, followed by the cost estimate for migrating off the legacy technology,” he says in an email interview.

IT Management

sdxCentral - Google Cloud security expert warns of shadow AI and the risks of consumer genAI in the enterprise

Chuvakin delineated the differences between consumer and enterprise AI tools: Consumer-grade AI systems are expected to learn from prompts and improve over time, designed mainly for fun or personal use. Enterprise AI, on the other hand, often requires restrictions on learning from prompts to protect sensitive information, necessitating fine-grained control over the learning process. Enterprise AI should ideally learn from controlled and canonical sources rather than from any available data.

AI/Security

CIO Influence - Are Cloud Cost Management And Optimization (CCMO) Tools Effective?

Boomi’s new report on proactive cloud optimization strategies found why companies are fraught with uncontrolled and wasteful cloud spend in 2024. It also pointed out the role of Integration-platform-as-a-service (iPaaS) solutions in cloud cost remediation tactics. It was found that FinOps teams either introduced these tactics too late or without having a full picture of the environment.

Cloud

VentureBeat - Beyond the hype: Enterprises embrace Gen AI as key enabler for growth

IT operations (65%), customer support (64%) and security (54%) are the top business areas where gen AI will be most impactful

Automation & Productivity

SiliconANGLE - Google Cloud/CSA survey shows strong belief in generative AI’s ability to beef up cybersecurity

The survey respondents also expressed a belief that AI, rather than replacing humans, is more likely to empower them and make them more effective at their jobs. Some 30% of respondents said AI will enhance their skill set, with 28% indicating it will support their role more generally, and 24% saying it will replace large parts of their role, freeing them up to perform other activities.

AI/Security

CIO Influence - Mitigating Risks of Poor Dat

Data loss is one of the most concerning risks of poor data management. Truelist reports that 94% of companies facing severe data loss never fully recover. Addressing this risk is imperative to prevent your organization from becoming vulnerable and incapacitated.

Data Management

Information Week - Zero-Trust Architecture: What You Need to Know

Fox recommends forming a small, agile, cross-functional team. To gain a holistic view of the organization's security posture, risks and needs, the team should engage with key stakeholders, including IT, application development, cybersecurity, data governance, and operations teams, as well as business decision-makers, internal communications, and senior leadership.

Security

VentureBeat - Google Cloud and CSA: 2024 will bring significant generative AI adoption in cybersecurity, driven by C-suite

Per the report, nearly three-fourths (67%) of security practitioners have already tested AI specifically for security tasks. Additionally, 55% of organizations will incorporate AI security tools this year — the top use cases being rule creation, attack simulation, compliance violation detection, network detection, reducing false positives and classifying anomalies. C-suites are largely behind that push, as confirmed by 82% of respondents.

AI/Security

Information Week - Time for a Disaster Recovery Health Check

Unfortunately, data center-focused DR didn’t anticipate the rapid movement of IT to the edges of enterprises, and the movement of employees out of the corporate buildings and into their own home offices. Decentralized sites in retail, distribution, healthcare, finance, and manufacturing use their own systems and networks, too. They might even use different cloud resources and internet service providers than the headquarters.

IT Management

AiThority - 10 AI ML In IT Security Trends To Look Out For In 2024

Before getting into the precise sorts of cyber assaults, you need to understand how much data is involved. In 2025, the total amount of information created by humans will be 175 zettabytes (175 followed by 21 zeros). Streaming media, dating applications, and medical records are all examples of this type of data. Securing this information is crucial.

AI/Security

CIO Influence - IoT and Robotics Trends for CTOs

The surge in adoption of IoT sensors across diverse industries such as automotive and manufacturing, aerospace and defense, and healthcare is identified as a key driver propelling the growth of the Internet of Robotic Things market. Additionally, the increasing utilization of cloud computing coupled with the availability of a wide range of cost-effective sensors is expected to further drive demand for Internet of Robotic Things solutions.

IoT

InfoWorld - There's more to cloud architecture than GPUs

While GPUs have been pivotal in advancing AI, overemphasizing them might detract from exploring and leveraging equally effective and potentially more sustainable alternatives. Indeed, GPUs could quickly become commodities like other resources that AI systems need, such as storage and processing space. The focus should be on designing and deploying these systems, not just the hardware they run on. Call me crazy.

Cloud

Information Week - Does Your Organization Need a Dedicated AI Leader?

A strong AI leader is also needed to anchor all AI investments to strategic outcomes, she notes. "This requires a dedicated leader to work across all functions to drive a new operating model, [encourage] cross-collaboration, and maximize positive results and return on investments."

AI Management

Network Computing - Seeing the Unseen: How AI is Transforming SDN Monitoring

Uncover hidden anomalies. AI algorithms can analyze vast amounts of network data, identifying subtle patterns and anomalies that might evade traditional methods. This proactive approach allows for early detection and mitigation of potential issues before they have an impact on performance or security.

Network Management

The Hacker News - Harnessing the Power of CTEM for Cloud Security

One major hurdle is the lack of visibility. Unlike physical servers you can see and touch, cloud resources are often spread across vast networks, making it difficult to monitor for suspicious activity and leaving vulnerabilities undetected. Another challenge is the inconsistency across cloud vendor permission management systems. Different providers have different controls for who can access and modify data. This inconsistency creates complexity and increases the risk of accidental misconfigurations, which are a leading cause of breaches.

Security

TechRepublic - Top 6 Passwordless Authentication Solutions for 2024

Passwordless authentication solutions are often components of larger identity and access management (IAM) platforms offering capabilities like password management, single sign-on (SSO) and multi-factor authentication (MFA). They typically integrate with other applications to provide additional capabilities or to unify authentication across the entire environment.

Security

Computerworld - Biggest problems and best practices for generative AI rollouts

Chandrasekaran and other experts have long called out the fact that data hygiene, categorization, and security are lacking in most organizations. When poor data quality is combined with a genAI large language model (LLM) — well, garbage in, garbage out. GenAI platforms are little more than next-word, image or line-of-code prediction engines, so they generate responses based on the data they’ve been fed.

AI/Data

ZDNet - The best network-attached storage devices you can buy

Based on extensive testing, research, product review analysis, and expert opinions, ZDNET's top pick for the best NAS overall is the Synology Diskstation DS1522+. You can't go wrong with this NAS as a powerful, robust option with excellent supporting applications. Read on to find all of our recommendations for NAS devices on the market today.

Data Storage

CIO Influence - Three Tips for Managing Complex Cloud Architectures

There are too, without a strong strategy, issues in matching data to modern data stacks. Using legacy data presets for data sequences requires a high level of oversight, conversion and often human intervention to ensure there is no data loss in the migration process. This takes time, and expert knowledge – something many organizations struggle to find, and can be costly.

Cloud

Information Week - Digital Transformation: What Should be Next on Your Agenda?

"Have you accounted for the impact of quantum computing?" he asks. "Within several years, it's likely to go from lab curiosity to useful tool." How about digital twins or the spatial web? "Not all of these [technologies] will come to pass but investing a few days up front can save years of pain down the road."

Digital Transformation

CIO Influence - Web Scraping Tools Vs Web Scraping Services

The process of web scraping involves two components: the crawler and the scraper. The crawler, an AI algorithm, controls the web, seeking specific data by following internet links. Conversely, the scraper is specialized in extracting data from websites. The scraper’s design varies depending on the project’s complexity and scope, ensuring efficient and accurate data extraction.

Data Management

AiThority - AI in Federal Government: Why Decision Makers Should Work with Data Scientists in 2024

“One unfortunate reality is that data scientists and engineers spend weeks and months wrangling data before they can get to the mathematical modeling and AI part of problem-solving. Solving these fundamental data challenges can accelerate the deployment of AI use cases at scale.”

AI/Data

StateScoop - States are working on AI, but some officials say privacy should come first

Several state technology officials told StateScoop that before they even started creating AI policies, they considered the data-privacy risks of allowing state employees to use generative AI. This includes the practice of data minimization, limiting collection or use of personal information to just what’s relevant and necessary to accomplish a specific task.

AI/Data Privacy

sdxCentral - Google reports jump in zero-day exploits aimed at enterprises, offers 6 tips to stay safe

The report also found that zero-day exploits associated with financially motivated actors decreased proportionally. Of the 58 zero days, Google was able to attribute to threat actor motivation, only 10 were attributed to financial motivation, and the remaining 48 were attributed to espionage actors.

Security

CIO Influence - Top Cloud Management Tools of 2024

These tools encompass various functionalities, including cost management, security enforcement, compliance monitoring, performance tracking, and automation capabilities. The tools contribute to streamlining and enhancing cloud resource management processes by offering such features, enabling a more efficient, secure, and cost-effective operation.

Cloud

Network Computing - 5G Crowd Analytics in Public Venues: What IT Leaders Need to Know

Verizon’s turnkey 5G Edge Crowd Analytics solution incorporates CrowdVision advanced indoor analytics and AWS Wavelength, which offers the compute environment at the edge to allow IT leaders at large facilities to run apps that require ultra-low latency

Network Management

Dark Reading - Cloud Email Filtering Bypass Attack Works 80% of the Time

That might seem obvious, but setting the filters to work in tandem with the enterprise email system is tricky. The bypass attack can happen because of a mismatch between the filtering server and the email server, in terms of matching how Google and Microsoft email servers react to a message coming from an unknown IP address, such as one that would be used by spammers.

Security

sdxCentral - Deloitte on Tech: How to gain an industry advantage from cloud investments

The vast majority (81%) of global leaders Deloitte surveyed use productivity as an indicator of digital value. And while investments in cloud and other technologies certainly contribute to greater process productivity, we know the potential is far greater. In fact, when organizations get digital transformation right – with a solid digital strategy, enabled by tech investments, and a strong digital change capability – there’s a $1.25 trillion opportunity for Fortune 500 firms alone, according to another Deloitte analysis.

Cloud

Dark Reading - CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation

The report also found that having separate board committees focused on specialized risk and audit compliance produces the best outcomes. "Boards that exercise cyber oversight through specialized committees with a cyber expert member as opposed to relying on the full board are more likely to improve their overall security postures and financial performance,"

Security

Information Week - What Is AI TRiSM, and Why Is it Time to Care?

This can be a daunting undertaking, for while there are many years of governance experience and best practices for traditional applications and structured system of records data, there are few established best practices when it comes to managing and analyzing AI structured and unstructured data, and their applications, algorithms and machine learning.

AI/Data

AiThority - AI in Federal Government: Why Decision Makers Should Work with Data Scientists in 2024

“One unfortunate reality is that data scientists and engineers spend weeks and months wrangling data before they can get to the mathematical modeling and AI part of problem-solving. Solving these fundamental data challenges can accelerate the deployment of AI use cases at scale.”

AI/Data

Datanami - Cloudera Survey Reveals 90% of IT Leaders Believe that Unifying the Data Lifecycle on a Single Platform is Critical for Analytics and AI

The proliferation of generative AI is highlighting the importance of trustworthy data because AI insights are only as powerful as the data feeding them. However, the survey revealed respondents face obstacles in their AI journeys due to the quality and availability of data (36%), scalability and deployment challenges (36%), integration with existing systems (35%), change management (34%), and model transparency (34%). This demonstrates that while many organizations may be investing in AI, there are foundational data roadblocks that must be addressed.

AI/Data

ITPro Today - How AI Is Poised to Upend Cloud Networking

Cloud networks will provide the essential link that connects AI workloads to data. The volumes of data will be vast in many cases (even training a simple AI model could require many terabytes' worth of information), and models will need to access the data at low latency rates. Thus, networks will need to be able to support very high bandwidth with very high levels of performance.

AI/Cloud

Network World - Industry groups drive Ethernet upgrades for AI, HPC

With the approach UEC is taking, “customers could use existing Ethernet switches that everybody is deploying today, and UEC technologies will work on top of them and take advantage of all of the innovation Ethernet already has at the link and endpoint level,” Elzur said. “So, the next time they are making a buying decision, they can consider some optional features that we’ll offer that will be fully compliant with Ethernet, and they’ll be able to use all of their exiting tools to work with it.”

Network Computing

sdxCentral - Adobe CSO: How we’re tackling the security talent shortage

The company also works with BlackGirlsHack, which helps women of color pursue careers in information security and cybersecurity; this collaboration involves sharing skills training and offering mentorship opportunities.

Tech Jobs

Network World - Network automation challenges are dampening success rates

The survey data reveals that most IT organizations are using a mix of do-it-yourself, homegrown tools, open-source software, and commercial automation technologies. According to EMAs’ recent webinar, network automation continues to challenge IT leaders who struggle to find the right skills on staff, to create a single source of truth about their environments, and to drive collaboration across IT domains.

Network Management

sdxCentral - What CISOs and the C-suite has is failure to communicate

“The importance of CISO-to-C-suite communications fundamentally comes down to risk — in many ways, a primary role of the CISO is to help their fellow leaders understand their risk profile, risk tolerance and the impact risk mitigation actions will have on the business,” said Roberts.

Security

CIO Influence - The Basics of Biometric Security in IT

Combining various biometric modalities or factors in multi-factor or multi-modal authentication enhances security exponentially. Blending different biometric data types or integrating them with traditional authentication factors like passwords creates a multi-layered defense mechanism, effectively thwarting cyber threats.

Security

sdxCentral - Hybrid work, cloud and AI adoptions drive SASE and SD-WAN demand

The surveyed professionals identified the biggest challenges they are facing in managing wide area networks (WAN) and enterprise network connectivity, which include the complexity of connecting different networking domains such as cloud, branch and wireless (41%), cost (26%), Complexity of choosing the types of network technologies such as MPLS, Internet, SD-WAN, wireless and broadband (20%), expertise and knowledge (10%).

Network Management

Information Week - 10 Ways to Boost Cybersecurity Talent Retention

“It really begins to upskill the existing staff and give them a way to grow their role within the organization … as opposed to been picking up that aggressive recruiter’s phone call and saying, ‘Oh, I'll hop over there because that was the kind of thing I wanted to do, but I couldn't find it within my own organization,’” Weiss Kaya explains.

Security

ITPro Today - 10 Essential Measures To Secure Access Credentials

Supporting these findings, IBM’s X-Force Threat Intelligence Index 2024 notes: “For the first time ever, abusing valid accounts became cybercriminals’ most common entry point into victim environments.” The report goes on to explain why we’re seeing such a surge in credentials theft: “Attackers have a historical inclination to choose the path of least resistance in pursuit of their objectives. In this era, the focus has shifted towards logging in rather than hacking in, highlighting the relative ease of acquiring credentials compared to exploiting vulnerabilities or executing phishing campaigns.”

Security

InfoWorld - Ethics makes a comeback in cloud-based systems

Artificial intelligence has caused many enterprises, technology providers, and consulting organizations to refocus on ethics. All are realizing that it is not only a good idea but also can significantly reduce their legal exposure. In a recent LinkedIn poll that I conducted, about one-third do not consider ethics when making IT decisions. If that sounds bad, it would have been 50% to 60% just a few years ago.

IT Management

Network Computing - Four Ways Your Network Team Can Help You Defeat Ransomware

Research on 905 recent ransomware incidents from 2023 indicated that 28% of organizations had issues related to network segmentation or improperly configured firewalls. Empowering the NetOps team with tools to automate configuration grooming back into compliance or maintain accurate documentation for manual remediation helps teams mitigate drift.

Network Management

Information Week - Why CTOs Must Become Better Storytellers

“Like any executive, CTOs started at the bottom managing and developing technology, and the great ones still do to an extent,” he explains via email. “Their approach to their jobs -- getting in the trenches or hearing the stories -- helps them know the relevancy of today’s problems and be able to explain technology that’s relatable.”

IT Management

SiliconANGLE - Cisco report reveals only 3% of organizations globally are fully prepared for cyberthreats

The adoption of unmanaged devices was also highlighted, with 85% saying their employees access company platforms from unmanaged devices and 43% of those spend 20% of their time logged onto company networks from unmanaged devices. Additionally, 29% reported that their employees hop among at least six networks over a week.

Security

TechRepublic - 6 Best Authenticator Apps for 2024

Google Authenticator is a multi-factor authentication app that generates unique, time-sensitive codes to enhance account security. The app works by generating time-based one-time passcodes that users enter in addition to their passwords when logging into their accounts. These passcodes are secure as they are generated locally (on the device) and not transmitted over the internet.

Security

EDTech - Higher Education Institutions Are Using Firewall as a Service to Enhance Security

“It is key to deploy a solution that has central management, setting up policies only once and not for every device,” he says. “You have the ability to know what device the person is using. If someone is connecting from an iPhone, maybe you don’t provide access to as many applications as if they’re connecting from their laptop, setting that security policy to zero-trust access.”

Security

sdxCentral - Leveraging SD-WAN and SASE for a unified zero-trust architecture

However, as organizations adopt zero-trust principles, creating robust policies that are able to keep up with ever-changing cybe threats presents a challenge. Generative artificial intelligence can be an effective tool to enhance zero-trust policies by automating the policy-writing process and ensuring compliance with best practices and regulations. AI-driven insights can enable organizations to better understand the threat landscapes, spot potential risks, and refine policies accordingly.

AI/Security

SiliconANGLE - Flashpoint report warns organizations to adapt rapidly amid increases in data breaches

Organizations are advised to raise the bar on data actionability. “More data isn’t the solution to staying a step ahead; it’s about the quality, actionability and tailoring of data to an organization’s specific needs,” the report notes.

Security

Network World - 4 reasons to consider a network digital twin

“Without knowing what your infrastructure is doing, you know nothing about your infrastructure,” Wynston says. “Without a digital twin, you do not know your perimeter, you do not know the risks from CVE [common vulnerabilities and exposures], you cannot implement automation. It can paralyze the infrastructure.”

Network Management

Computerworld - Q&A: Udemy online education exec on tech layoffs and skills needs

“Additionally, the onset of genAI is changing existing job roles and responsibilities. Up to 30% of working hours in the U.S. can be automated by 2030 with employees across various professional fields using genAI to complete repetitive tasks and redirect their efforts toward more strategic initiatives. Professionals, regardless of role, need to navigate which tasks to automate, what new skills to cultivate, and how to enhance existing skills.”

Tech Jobs

InfoWorld - 4 steps to improve root cause analysis

While much of IT operations tends to focus on major incidents like outages, disruptive performance issues, and security attacks, one of the more difficult challenges is finding the root cause behind sporadic, needle-in-a-haystack issues. These issues are infrequent, impact a small subset of users, or last for a very short duration. However, they can be very damaging to the business if they occur during critical operations performed by important end users.

Automation & Productivity

Information Week - Using Cloud for Competitive Advantage

“We tie everything we do back to business value,” says Aflac CIO Sheila Anderson. “[For] most innovations, we’ll do a quick proof of concept. I have a team called ‘The Hatch Lab’ that will leverage new technologies. A lot of it today is focused on AI, machine learning, and large language models to quickly prove some hypotheses or opportunities. If it’s a viable solution, we’ll bring it forward to our normal funding cycles.”

IT Management

InfoWorld - 10 cloud development gotchas to watch out for

Deploying resources inefficiently, poor usage estimations, and failing to manage resource allocation all directly impact the overrun of contracts and unexpected expenses, Gaston says. “To address this challenge, developers need to be very familiar with the financial aspects of developing and operating in the cloud,” he says.

Cloud

CIO Influence - Top 10 Application Security Tools to follow for CSOs

By exploring the leading solutions, this article will assist you in fortifying your defenses, identifying vulnerabilities, enforcing security policies, and safeguarding sensitive data. Whether your goal is to enhance your application’s security posture or to stay abreast of the best practices in application security, this guide is designed to help you make informed decisions that cater to your specific needs.

Security

SiliconANGLE - Four generative AI cyber risks that keep CISOs up at night — and how to combat them

Similar research from ISACA surveying some 2,300 pros working in risk, security, audit, data privacy and IT governance published in the fall of 2023 showed that a measly 10% of companies had developed a comprehensive generative AI policy. Shockingly, more than a fourth of the ISACA survey respondents had no plans to develop an AI policy.

AI/Security

CIO Influence - Virtual Reality and Cybersecurity: Emerging Risks and Strategies

Investing in cybersecurity is crucial to mitigate the growing threats and security risks posed to VR and other technologies. These risks encompass malware, hacking, and spam. Moreover, VR introduces new security challenges, such as virtual identities, digital currencies, and biometric data, which serve as novel economic targets for hackers. The article aims to elucidate the imperative need for cybersecurity within virtual reality (VR) and the intricate relationship between VR technology and cybersecurity.

Security

TechTarget - Use these 10 steps to successfully build your data culture

The first step to building a successful data culture is to link the data and analytics strategy to the organization's business and operational strategies. Organizations struggle with understanding the economic value of data and how to extract that value. Leadership should communicate about how the vision, mission and goals of the data and analytics strategy support the business strategy. Demonstrate how data and analytics can create new sources of customer, product, service and operational value.

Data Management

Network Computing - NaaS 2024: A Look at the Future of Network Services

NaaS solutions offer a flexible, pay-as-you-go, or monthly subscription model, eliminating the need for significant upfront capital investments and ongoing maintenance costs. This allows enterprises to rapidly scale their network resources up or down based on evolving needs, ensuring optimal performance without unnecessary expenditures. NaaS frees up valuable IT resources from managing network infrastructure, allowing them to focus on core business initiatives and drive innovation

Network Management

CIO Dive - Accenture sees companies struggling to scale AI

As organizations move into the adoption phase, vendors and service providers are racing to provide industry-tuned models, implementation expertise and, perhaps most importantly, data modernization solutions.

AI

Network World - 2024 global network outage report and internet health check

After weeks of decreasing, global outages increased significantly last week. ThousandEyes reported 206 global network outage events across ISPs, cloud service provider networks, collaboration app networks and edge networks (including DNS, content delivery networks, and security as a service) during the week of March 11-17. That’s up 45% from 142 outages the week prior. Specific to the U.S., there were 87 outages, which is up 38% from 63 outages the week prior

Network Management

sdxCentral - Google Cloud CISO contrasts shared fate vs. shared responsibility models

“The shared responsibility model [is] where a cloud provider runs the underlying infrastructure and is responsible for the security of that. And then on the other side of that line is what the customer is responsible for, in terms of maintaining and managing a secure configuration on top of the cloud,” Venables explained. “That clearly is contractually and legally correct, but it doesn’t, in our opinion, embody the right philosophical approach for security.”

Security

VentureBeat - Why adversarial AI is the cyber threat no one sees coming

An overwhelming majority of IT leaders, 97%, say that securing AI and safeguarding systems is essential, yet only 61% are confident they’ll get the funding they will need. Despite the majority of IT leaders interviewed, 77%, saying they had experienced some form of AI-related breach (not specifically to models), only 30% have deployed a manual defense for adversarial attacks in their existing AI development, including MLOps pipelines.

AI/Security

Government Technology - Report Predicts Top Cybersecurity Threats for 2024

“We’re predicting that at least one ransomware group will carry out a successful compromise of hundreds of targets, by exploiting the vulnerability in specifically enterprise third-party file transfer solutions,” said Recorded Future’s Maggie Coleman.

Security

ZDNet - AI is changing cybersecurity and businesses must wake up to the threat

Lee urged boards to understand the work of their CIO and CISO and determine how effective these executives are in their roles. To have a "well-oiled machinery" running, boards need to be able to have open discussions with the two people responsible for identifying and defending the company against online threats, he said.

AI/Security

CIO Influence - CCPA Essentials: A Guide for IT Security Professionals

Effective data governance ensures compliance with the California Consumer Privacy Act (CCPA). While data security remains a crucial aspect, the core challenges of CCPA compliance revolve around identifying and managing personal data by regulatory requirements, making data governance indispensable in tackling CCPA challenges.

Data Privacy

Network Computing - Embracing the Digital Wave: How Government is Transforming with Technology

The funding was allocated to agencies at the federal level of government, but most of the innovation will impact citizens and other public entities. Cities throughout America are also launching large initiatives to install new and innovative technology that will modernize old systems, increase efficiency, improve citizen services, and reduce costs.

Automation & Productivity

sdxCentral - Forrester: SASE is future, ZT is past, but SSE is right now

Forrester has seen momentum in the adoption of security service edge (SSE) as its clients are three times more often asking about and purchasing solutions from SSE providers than secure access service edge (SASE) vendors. The analyst firm also named Netskope, Palo Alto Networks, Zscaler and Forcepoint as leaders in its latest SSE Wave report for Q1 2024.

Security

sdxCentral - AI data-quality issues cost enterprises hundreds of millions

“As companies rush to adopt generative AI [genAI], they continue to face major issues with inaccessible and unreliable data,” Fivetran Field CTO Mark Van de Wiel told SDxCentral. The research found 69% of organizations struggle to access all the data needed to run AI programs, and 68% struggle to cleanse their data into a usable format.

AI/Data

Information Week - Downtime Cost of Cyberattacks and How to Reduce It

What we do know is that these attacks are unlikely to abate anytime soon. Roughly 50% of organizations experienced more than 24 hours of downtime between 2014 and 2019. And large organizations are far from the only targets. Small and medium-sized businesses (SMBs) are increasingly on the radar of cyberattackers as well. Healthcare and non-finance type businesses have suffered more than three quarters of the brunt of this onslaught.

Security

Network Computing - Bring Network and Security Teams Together by Asking the Right Questions

Network and security leaders may sit down at the same table from time to time, but without a structured plan for collaboration, they go back to focusing on their individual objectives as soon as they walk out of that room. Because that's the way it's always been done.

Network Management

VentureBeat - CIOs share how they are harnessing gen AI’s potential at Nvidia GTC

“We’re making a huge dent in developer productivity by automating a lot of that work. What this does, it actually allows engineers to get back to building new things, adding things that actually provide value to the enterprise as opposed to just working on things that are repetitive or that would be considered sort of maintenance.”

Automation & Productivity

sdxCentral - Network underlay: What is it, and why does it matter to enterprises?

Enterprises face a complex cloud landscape with public, private, hybrid and multicloud options. Choosing the right connection is crucial, and there’s no one-size-fits-all solution. In 2024, security, resiliency and performance of the underlying network will be paramount as enterprises evaluate cloud connectivity providers

Network Management

CIO Influence - Cybersecurity Attack Surface Management Trends of 2024

Following identification, each asset undergoes a meticulous evaluation to gauge its susceptibility to potential cyber threats. Vulnerability assessment entails scrutinizing software, configurations, and system architectures to pinpoint weaknesses that could be exploited. This step is pivotal in comprehending each asset’s security posture and effectively prioritizing remediation efforts.

Security

ITPro Today - Algorithms vs. Automation vs. AI: Understanding the Differences

These days, it feels almost impossible to have a conversation about anything tech-related without mentioning at least one of these three terms: algorithm, automation, and AI. Whether you're talking about software development (where algorithms are key), DevOps (which is all about automation), or AIOps (which leverages AI to drive IT operations), you're likely to encounter at least one of modern tech's "a-words."

IT Management

Datanami - Gartner Predicts Over 30% of API Demand Boost by 2026 Due to AI and Tools Using LLMs

“Enterprise customers must determine the optimal ways GenAI can be added to offerings, such as by using third-party APIs or open-source model options. With TSPs leading the charge, they provide a natural connection between these enterprise customers and their needs for GenAI-enabled solutions.

GenAI

Information Week - IT Careers: Does Skills-Based Hiring Really Work?

“With skills-based hiring, all you need to do is break your job descriptions down into the tasks that need to be done and then look at the skills [required] for those tasks. If it’s done as a silo, then it won’t offer all the benefits that skills-based organizations can bring.”

Tech Jobs

Computerworld - Which genAI chatbots are the most popular now?

“IDC expects that copilots [lower-case ‘c’] will proliferate over the next several years and will eventually become the standard interface for most software products, like web interfaces are today,” the firm said in a new report.

Automation & Productivity

Information Week - How to Structure Your IT Team for Efficiency and Strength

“We want our employees to have opportunities to level-up their skills, work with the latest tech, and benefit from partnering on diverse projects,” Mahon explains. “This aligns with our goals of creating learning opportunities for our employees and empowering them to do their jobs while also growing in their careers.”

IT Management

Datanami - Nutanix Study Finds AI, Security, and Sustainability Are Major Drivers for IT Modernization

“80% of ECI respondents are planning to invest in IT modernization, with 85% planning to increase their investments specifically to support AI. What this year’s ECI reveals is that organizations need to support the technologies of tomorrow by future proofing their IT infrastructure today. Hybrid multicloud continues to emerge as the infrastructure standard of choice because of the flexibility it provides to support traditional VM and modern containerized applications and movement between clouds and on-prem.”

Cloud

Forbes - Lead The Change: The Enterprise Executive Roadmap To Automation Platforms

No matter what most vendors will tell you, there is no singular platform that can become your entire enterprise automation platform. The reality is that all platforms have their shortcomings, and it is important to identify the gaps in each tool and then determine what tools or glue code will be used to integrate your systems

Automation & Productivity

CIO Influence - DevSecOps Tools for CIOs in 2024

DevSecOps embodies a dynamic paradigm in software development, fostering collaboration across the Software Development Life Cycle (SDLC). Within this framework, tools play a pivotal role, harmonizing security with the Continuous Integration/Continuous Deployment (CI/CD) pipeline, automating processes, and bridging the divide between DevOps and security teams.

DevOps

sdxCentral - How entry-level certifications can help a growing cybersecurity workforce crisis

ISC2, for one, offers its entry-level Certified in Cybersecurity (CC) training program that has now been earned by 50,000 people. Further, the organization has made a One Million Certified in Cybersecurity pledge to offer free CC online training and exams to a million people.

Training/Certs

Forbes - How AI-Driven Cyberattacks Will Reshape Cyber Protection

Software and hardware attacks can pose a constant threat to businesses. However, there are effective ways to counter these threats. One such way is by utilizing a system dependency model. This model connects predictive analysis, response time, attack type, deterrence and cyber protection into a cohesive system rather than treating them as separate entities.

Security

Data Science Central - How modern businesses leverage technology to transform data

The path from unstructured data to actionable insights is fraught with complexity, mainly due to the disorganized nature of the data itself. Traditional analysis tools falter in the face of unstructured data’s lack of a predefined model, but this is where data extraction tools genuinely shine. These sophisticated technologies are essential in transforming unstructured data, as they automate the preliminary organization and interpretation, employing algorithms to tag, sort, and initially analyze the data.

Data Management

Information Week - What Can a CIO Do About AI Bias?

Tools such as IBM’s AI Fairness 360 (AIF360) can tell IT leaders to what degree their AI models are biased toward one group of people versus another. RagaAI’s tool, called RagaAI DNA, identifies biases in AI models by training on a multimodal data set. Organizations can custom-train RagaAI DNA to test product descriptions and customer reviews in retail, location data in geospatial applications, and medical records and images in healthcare.

AI Ethics

Forbes - Three Things That Might Surprise You About Ransomware Attacks

In fact, attackers only need to find, steal and/or encrypt a small amount of an organization’s data to be successful. With sensitive data often being stored in multiple different locations in an organization’s environment, attackers have plenty of target areas to choose from.

Security

Network Computing - Avoid Buyer's Regret: Top Tips for Assessing Infrastructure Provider Health Before Purchases and Contract Extensions

With large enterprise infrastructure purchases for services, including SASE, SD-WAN, wireless, and more, on the line, the tech behind the services may be proven, but can the provider deliver? Is the provider having business problems? What can buyers do to avoid regret or devastating mistakes?

IT Management

ComputerWeekly - Budgets rise as IT decision-makers ramp up cyber security spending

IT spend is being driven by requirements to meet regulatory compliance. For instance, European regulations like the Digital Services Act, Data Act, European Health Data Space (EHDS), Data Governance Act, and AI Act are aimed at forcing transparency, responsible data use, and improved cyber security across the European Union (EU).

IT Management

Network Computing - Cloud Adoption Soars as Organizations Navigate Challenges

Forty-one percent of the respondents said they are currently using artificial intelligence/machine learning (AI/ML); however, nearly half, 49%, are experimenting and planning to use ML/AL platform-as-a-service (PaaS) services.

Cloud

SiliconANGLE - AI and data security: Prioritizing speed, protection and visibility in cloud migration

“Businesses really want to use AI and large language models to accelerate their business decisions. It makes a lot of things really easy,” he said. “You can kind of put some prompts in and get some information back, and then you can make decisions based on that. But at the same time, it’s actually a really traditional problem. Having visibility of where your data is and what systems are using that data is something we’ve been doing in the security industry for a really long time.”

AI/Data

eWeek - 20 Top Generative AI Companies Leading In 2024

Beyond its flagship content generation solution, ChatGPT, and image generation solution, DALL-E, OpenAI also offers its API and different generative AI models to support companies in their own AI development efforts. GPT-4, chat models, instruct models, fine-tuning models, audio models, image models, and embedding models can all be customized for a usage fee to meet individual business needs.

GenAI

SiliconANGLE - Archera discusses gen AI costs and opportunity amid a tech evolution

As generative artificial intelligence continues to disrupt everything, a big conversation taking place revolves around how much a company is going to spend and whether the juice is worth the squeeze. Everyone knows they want generative AI, but how best to handle the gen AI costs?

AI

ITPro Today/DarkReading - 6 CISO Takeaways From the NSA's Zero-Trust Guidance

On March 5, the National Security Agency continued its best-practice recommendation to federal agencies, publishing its latest Cybersecurity Information Sheet (CIS) on the Network and Environment pillar of its zero-trust framework. The NSA document recommends that organizations segment their networks to limit unauthorized users from accessing sensitive information though segmentation.

Security

Forbes - Modernize To Thrive: Transitioning To The Cloud In The Public Sector

Across the public sector, some Web 2.0 applications are either already on the cloud or primed to be with very little work needed to modernize, says Kerr. Those mainly cloud-based areas include self-service applications such as government information portals, student admissions and enrollment and medical applications.

Cloud

Information Week - The Courtroom Factor in GenAI’s Future

How much haggling or wrangling has been going on to say whether current laws on the books are sufficient or not sufficient? Whether or not they’re up to the task of really answering these questions? At a local, state, or national level, there are different conversations happening about getting our arms around this in terms of policy. But with what’s on the books now, is existing policy kind of like a dinosaur?

AI Ethics

Computerworld - Generative AI will drive a foundational shift for companies — IDC

Through 2025, 75% of organizations are expected to create AI implementation review boards; 40% will be looking to increase their outsourced AI services, including AI delivery; and 40% of new applications are expected to be more intelligent, as developers incorporate genAI to enhance existing and new use cases, according to a recent CIO survey by IDC.

GenAI

ITPro Today - Tips for Deploying Enterprise NAS Storage

Here are key steps for setting up a network-attached storage appliance. We will also explain how to configure block storage using iSCSI.

Data Stroage

CIO Influence - How CIOs can Enhance Agility Through Cloud Migration Strategies

Optimizing IT infrastructure varies for each organization, often incorporating public, private, and traditional IT environments. According to an IDG cloud computing survey, 73 percent of key IT decision-makers have already adopted this hybrid cloud technology, with an additional 17 percent planning to do so within 12 months.

Cloud

Information Week - Recent Ivanti Vulnerabilities: 4 Lessons Security Leaders Can Learn

“There are other solutions out there that do this exact same thing that haven’t appeared on CISA KEV [Known Exploited Vulnerabilities Catalog] as much,” says Jacob Baines, CTO of VulnCheck, a vulnerability intelligence company. “But at the same time as other people pivot [to] other solutions, those solutions are going to get targeted … and we'll see in the future what type of vulnerabilities fall out of the new popular systems.”

Security

ZDNet - How to avoid the headaches of AI skills development

While 81% of IT professionals are confident they can integrate AI into their roles, only 12% have significant experience working with the technology. To complicate matters further, 90% of executives don't completely understand their team's AI skills and proficiency.

AI

sdxCentral - IT leaders concerned about speed of genAI deployments

The survey reached AI/ML (machine learning) and other technology leaders at 1,000 global organizations and found that an overwhelming 96% of respondents are working to scale their AI compute infrastructure, capacity and investments in 2024. More than 50% of respondents plan to use large language models like LLaMA, and 26% plan to use embedded models in their commercial AI deployments.

GenAI

SC Media - Four practical applications of phishing-resistant authentication

Companies have begun to embrace phishing-resistant authentication. For example, Google requires its employees to use physical security keys for access to its corporate resources. This move significantly reduces the risk of phishing attacks. Banks worldwide have integrated biometric authentication methods, including fingerprint and facial recognition, into their mobile banking apps

Security

SupplyChainBrain - Implement iPaaS to Become a Data-Driven Enterprise

Where SaaS grants access to software applications via the cloud, iPaaS focuses on integrating and orchestrating data flows across various software systems, encompassing services offered by SaaS, such as ERP, CRM, WMS, billing, and sales applications within a single platform. It’s also worth noting that iPaaS isn’t confined to cloud-based solutions; it also extends integration to on-premises systems.

Data Management

Datanami - Three-Quarters of Organizations Have Reached High Levels of AI Maturity, LXT Survey Finds

This latest report found that organizations have taken large steps, with nearly three-quarters (72%) reporting that they have reached higher levels of AI maturity. The most significant shift is in the mid-range, where nearly a third of companies state that AI is now in production and creating value. To achieve this, half of all organizations invest between $1 million and $50 million, and more than ten percent reported an AI budget between $50 million and $500 million.

AI

CIO Influence - The Role of Confidentiality in Data Pipeline Security

Confidential AI operates at the convergence of artificial intelligence (AI) and confidential computing, bridging the gap between Zero Trust policies intended to secure private data and generative AI, which often relies on cloud computing power for training and processing complex tasks and requests. To instill confidence in AI tools, technology must exist to shield inputs, trained data, generative models, and proprietary algorithms. Confidential AI facilitates this assurance.

AI/Security

Network Computing - A Problem 40 Years in the Making

In the era of the data economy, every vendor offering a product that generates data will likely convert that product into a service to provide a better Service Level Agreement (SLA) to their customers. Consequently, every business entity will require access to their data. This situation presents interesting challenges from both security and compliance perspectives. Opening up security access to your business partners will necessitate much stricter scrutiny and adherence to compliance standards.

Network Management

CIO Influence - Guide to Implementing Zero Trust Security in Enterprise Networks

Zero Trust architecture necessitates continuous monitoring and validation of user and device privileges and attributes. It mandates policy enforcement based on user and device risk, compliance requirements, and other factors before granting access. Organizations must be aware of all service and privileged accounts, establishing controls over their connections. One-time validation is insufficient as threats and user attributes are subject to change.

Security

SiliconANGLE - Salt Security identifies critical flaws in ChatGPT plugins that risk third-party data breaches

The second vulnerability was within PluginLab, a framework developers and companies use to develop plugins for ChatGPT. During installation, Salt Labs researchers found that PluginLab did not properly authenticate user accounts, allowing a prospective attacker to insert another user ID and get a code that represents the victim, which can lead to account takeover via the plugin.

Security

Infosecurity Magazine - The Growing Threat of Application-Layer DDoS Attacks

During a recent Cyber Forum event at the House of Lords in London, it was reported that 56% of DDoS attacks on AWS customers were application-layer attacks. A Radware report points out that total malicious web application and API transactions increased by 171 percent in 2023, with a significant part of this increase attributed to layer 7 encrypted web application attacks.

Security

Information Week - EU AI Act Passes: How CIOs Can Prepare

“I believe this is going to have a ‘halo effect’ for other regions. GDPR deals with a very specific point around data privacy. But AI is such a big, broad existential issue for our society and businesses right now … every country is trying to see what they can do to get inspired by this law in some shape or form.”

AI Ethics

Forbes - Does AWS Or Google Cloud Offer Better Options For Your Business?

A comparative analysis shows that while AWS provides more services, Google Cloud excels in specific niches such as big data processing and artificial intelligence.

Cloud

Network World - Remote work keeps driving network innovation

“True innovation will be in the stack, and it will be centered around the work done by network architects to harmonize all these demands into a new single network layer for experience, security and connectivity, and cost management. While there’s certainly a place for innovative point solutions, this rethinking is required before AIOps or any innovative networking solution can be deployed.”

Network Management

ZDNet - How AI firewalls will secure your new business applications

AI and cybersecurity have been inextricably linked for many years. The good guys use AI to analyze incoming data packets and help block malicious activity while the bad guys use AI to find and create gaps in their targets' security. AI has contributed to the ever-escalating arms race.

AI/Security

Blocks & Files - Generative AI and the wizardry of the wide-open ecosystem

If you believe that GenAI is going to be a critical workload for your business – 70 percent of global CEOs told PwC it will change the way their businesses create, deliver and capture value – then you must clear the lock-in hurdle. One way to do this is to pick an open model and supporting stack that affords you flexibility to jump to new products that better serve your business.

GenAI

Harvard Business Review - Why Adopting GenAI Is So Difficult

First, many businesses, large and small, are still grappling with how to integrate traditional AI — such as rule-based algorithm and machine learning — into their operations. At best, they are in an exploratory phase with traditional AL, and at worst they’re simply feeling lost. A recent study suggested that more than 70% of the large companies surveyed were still wondering how to reap the potential benefits that AI can offer.

GenAI

Network Computing - How to Mitigate Shadow AI Security Risks by Implementing the Right Policies

The ‘Shadow IT’ of several years ago is now evolving to ‘Shadow AI.’ The growing popularity of LLM or Multi-modal Language Models has led to product teams within an organization adopting these models to build productivity-enhancing use cases. There has been an explosion of tools and cloud services simplifying the build and deployment of GenAI applications by teams in marketing, sales, development, legal, HR, etc. While there is rapid adoption of GenAI, security teams are yet unclear on the implications and policies.

AI/Security

The Wall Street Journal - AI Will Transform One of Corporate Tech’s Biggest Cost Areas—Actual Savings TBD

However, some chief information officers fear these contractors, called systems integrators, will see bottom-line savings from tools such as coding assistants—which contractors say can speed up some tasks by 50%—while charging the companies the same rate.

IT Management

Information Week - How to Budget for Generative AI in 2024 and 2025

“We’ve seen success in integrating with an existing AI model … an investment of a $150,000 to $200,000. We’ve also built highly complex custom models into products that take [an] investment of $1 million to $2 million,” says Brown.

GenAI

Datanami - Rapid Tech Expansion Creates Chaos for the Majority of Businesses, new Software AG Study Finds

“Finding the right tools to manage the portfolio is key. But we should not be just talking about “managing”. These technology investments are being made as part of a transformation agenda. Organizations are aiming to differentiate themselves, be innovative and grow. Technology is a critical enabler for most of those plans. Greater transparency and control over the technology landscape will better align the tech and business agendas and set these companies up for success.”

IT Management

TechBullion - Breaking Down the Basics: What You Need to Know About Public, Private, and Hybrid Clouds

Hybrid Multi-Cloud Approach: Many companies already utilize multiple types of clouds for different purposes – public clouds for customer-facing apps/services and private clouds for internal operations or sensitive data storage needs – known as hybrid clouds. In 2020 alone, 93% of enterprises reported using a multi-cloud strategy. This trend is expected to continue as organizations look for ways to optimize their cloud usage and reduce costs while ensuring data security.

Cloud

Blocks & Files - Scality: there are degrees of immutability

Cyber criminals understand that as long as you can recover (restore), you are less likely to pay their ransom, so attacks on backups are much more common now. Immutability puts up significant barriers to common attack threats that modify (encrypt) or delete backup data.

Data Management

Information Week - Special Report: What's Next for the GenAI Market in 2024?

However, there aren’t just new generative AI companies themselves growing; there are industries growing in reaction to AI. IT departments -- recognizing that their hardware might not be up to the task of running AI workloads -- are looking for AI chips. Businesses are readying themselves for AI-related legal challenges, privacy compliance snags, and ethical quagmires by seeking specialized services. (Quite possibly there will be cyber incident response companies touting their enterprise “singularity defense management” platform before 2025.)

GenAI

TechBullion - Harnessing the Potential of Cloud Computing with Strong IT Infrastructure & Networking

The concept of cloud computing is based on three main models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). IaaS provides access to fundamental resources such as processing power, storage space, and networking infrastructure. PaaS offers tools and services needed for application development and deployment in addition to basic infrastructure. SaaS provides complete web-based applications that are accessible over the internet.

Cloud

Forbes - As SaaS Sprawls, Risks Rise

For example, I recently did a risk assessment for a global enterprise with 100,000 employees. We showed the CIO that they had more than 2,000 different SaaS apps in use across the organization. He said, OK, that's a lot. We didn't realize that. But how do I know that we have an actual problem?

Security

Network World - Ransomware increases urgency of documented DR plans

A proper DR plan is built on the assumption that you’ll probably need to restore data and systems on entirely new infrastructure. The original system could be unavailable because it needs to be retained for forensic reasons, or its hardware is beyond repair. Counting on reusing the same physical servers after an attack or disaster is reckless. It simply might not be possible, so you must be prepared to start a recovery with all new hardware.

Security

CIO Influence - Best Practices to Overcome Network Security Challenges

Cyber-attacks represent a significant threat to businesses of all sizes, emphasizing the critical importance of robust network security measures. Whether managing a large corporation or a small enterprise, implementing effective network security safeguards vital data and ensures business continuity. Throughout this article, we’ve explored the multifaceted landscape of network security, covering key challenges, best practices, and case studies.

Network Management

ComputerWeekly - A better way to manage hybrid or multicloud deployments

This highly heterogeneous IT environment can cause management headaches. What’s crucial, says Lock, is the questions you ask of different suppliers. “Are you going to get the sort of support you need to make this work? Do you have all the knowledge and skills you need to run it – if not, have you got a specialist in mind that knows them well enough and knows you well enough to make that work for you?

Cloud

sdxCentral - Why CISOs should embrace the metric of ‘no’

The reality is that C-suites and boards often don’t ask security questions — or if they do, they’re often quick, superficial ones, Rodgers pointed out. In these scenarios, if CISO do say no, there isn’t a strong enough culture in place to stop so-called shadow IT, when employees use tools without the security department’s knowledge.

Security

SC Media - Six ways to protect an organization from commercial spyware

As a result, commercial spyware creates significant risk exposure for companies on two fronts. First, by putting organizations at risk from known zero-days that could be remediated by vendors had they been responsibly disclosed. Secondly, by creating an increased risk of fines, penalties, and litigation under all privacy laws applicable to the data impacted.

Security

Network Computing - What is Network-as-a-Service (NaaS)? A Complete Guide

Soaring data traffic, driven by the broadening use of 5G, IoT, and video streaming (and the rapid emergence of AI), has given rise to the newer and more flexible WAN approach. Beyond not buying, managing, or maintaining network equipment, bandwidth, and specialized talent, NaaS offers many capabilities and functionality.

Network Management

Harvard Business Review - Why Adopting GenAI Is So Difficult

First, many businesses, large and small, are still grappling with how to integrate traditional AI — such as rule-based algorithm and machine learning — into their operations. At best, they are in an exploratory phase with traditional AL, and at worst they’re simply feeling lost. A recent study suggested that more than 70% of the large companies surveyed were still wondering how to reap the potential benefits that AI can offer.

GenAI

Information Week - IT’s Waste Management Job With Software Applications

In 2023, SaaS management firm Zylo reported that “44% of businesses' SaaS licenses were wasted or underutilized and that the average organization was wasting $17 million in unused SaaS licenses every year.” Zylo went on to say, “Enterprise organizations (10,000 employees+) spend over $224M on SaaS but only utilize 50% of their SaaS licenses.” Zylo added that “70% of SaaS application contracts were renewed in 2023, despite being underutilized.”

IT Management

Computerworld - Why are CIOs who anticipate the future rarely allowed to do anything about it?

It would be easier to accept if IT pros were routinely caught offguard by opportunities or problems they didn’t anticipate. Alas, that's not the case. To be blunt, IT decision-makers in the US often see the train charging down the tracks, but they're not permitted to do anything about it until it's pulled into the station and crashed.

IT Management

sdxCentral - AWS CISO answers most frequently asked questions about genAI security

For the first question, the conversation often starts with data security. Betz said he emphasizes the importance of securely managing and storing data. This includes ensuring data availability and efficiency for genAI model training. In addition, fundamental data security strategies apply to genAI as with other domains, he said.

AI/Security

Network Computing - How to Securely Access Customer Networks With BYOC

To address these challenges, a new architecture has emerged called Bring Your Own Cloud (BYOC). BYOC means that the data plane portion of the SaaS vendor’s software stack is deployed into their customers’ environment to store, process, and analyze customer data. The control plane consists of all the backend services and computational resources required to configure and manage data sets in the vendor’s network, and it runs in the SaaS vendor’s cloud environment while connecting to the BYOC data plane that runs in the customer’s network via APIs

Data Management

Network World - Cisco Talos: 3 post-compromise tactics that threaten your network infrastructure

For a long time, enterprises have taken a hands-off approach to edge devices, sort of a “don’t touch it, let it do what it does, and let it keep running” approach, Biasini said. “It was like a badge of honor to have an edge device that was out there running for two or three years. Now, that is a very, very big liability, and it’s something organizations really need to take care of,” Biasini said.

Network Management

sdxCentral - How to future-proof networks for multicloud

Dedicated direct connect-style connections offered by cloud providers create silos and serve to inhibit multicloud. As Turner explained, “There is some inherent vendor lock-in because the provider owns the interconnect into the cloud.”

Cloud

Network World - Zero Trust security in your data center

While many Zero Trust Security solutions are focused on the edge or access into the network, it’s critical for organizations to extend Zero Trust thinking and architectural design to include the data center – where the majority of the organization’s physical and virtualized business-critical applications and workloads live.

Security

ITPro Today - Explosion of Data in the Cloud Era Leading to Observability Complexity

According to the report, an overwhelming 86% of technology leaders say that these stacks produce an explosion of data that is beyond humans' ability to manage effectively. To cope with this data deluge, organizations use an average of 10 different monitoring and observability tools to manage applications, infrastructure, and user experience. However, 85% of technology leaders say that the number of tools, platforms, dashboards, and applications they rely on only adds to the complexity of managing a multicloud environment.

Data Management

Dark Reading - NIST Cybersecurity Framework 2.0: 4 Steps to Get Started

"In many cases, this will mean that organizations have to take a hard look at existing assessments, identified gaps, and remediation activities to determine the impact of the framework changes," he says, adding that "new program gaps will emerge that previously may not have been present, especially with respect to cybersecurity governance and supply chain risk management."

Security

Information Week - The People Aspects of Social Engineering Audits

No one likes telling users there are flaws in their business operations, because it’s natural for people to become defensive and even hostile. This unenviable job is further complicated because many IT staffers, including CIOs, still view social engineering audits as unnecessary expenditures of time and money. After all, aren’t IT security and network penetration and vulnerability audits performed every year? Aren’t they enough?

Security

CIO Influence - A Closer Look at Browser Security in 2024

Browser usage has exploded in recent years, exposing a giant attack surface that companies are struggling to manage and cover. And, traditional network-based security controls aren’t detecting zero-hour phishing attacks that deliver ransomware and steal credentials. Our team, over 30 days, detected more than 11,000 zero-hour phishing attacks that exhibited no signature or digital breadcrumb. This means that no existing Secure Web Gateway (SWG) or endpoint tool could detect and block those attacks.

Security

Dark Reading - 10 Essential Processes for Reducing the Top 11 Cloud Risks

Fortunately, as KnowBe4's Robert Grimes points out, several of the issues we expected to be problematic several years ago have not (yet) been issues, including tenant collisions, cloud-based malware, virtual machine client-to client/host attacks, undeletions, and data ownership issues. That said, there is more than enough to keep everyone busy — if not overwhelmed.

Cloud Security

Information Week - CISOs Tackle Compliance With Cyber Guidelines

The federal government is also leaning in on vulnerability management with an emphasis on software -- here the focus is on knowing and managing risks associated with an organization's software bill of materials

Security

Network Computing - Enterprise Security Gets Personal: Enter the Human Firewall

But here we are talking about a broader concept of a firewall. It is not merely a software application or a physical device that serves as a demarcation point between an enterprise entity and the rest of the world. Instead, a human firewall approach aims to provide every end user with a combination of tools, knowledge about threats, and security best practices, as well as instilling in every user the importance of their role in the enterprise’s security.

Security

AiThority - Navigating IT Budgets Amid AI-Boom: Experts Eye Automation Tech

This prompts companies to face a critical decision: where to allocate their budgets for maximum return on investment (ROI). According to experts, Robotics Process Automation (RPA) and smart app creation suites represent promising options to gain an edge in business efficiency and innovation going forward.

Automation & Productivity

Network Computing - The Risks of Using an Unsecured Network and the Best Way to Protect Your Users and Company

The best way for IT to fight threats like ransomware is to bullet-proof access to the network, whether it is by deploying centralized security monitoring, tracking, and mitigation tools, securing all remote edge access points to the network by properly configuring the security settings on IoT and mobile devices; installing the latest security updates for application and operating systems; training users in sound security practices; or physically inspecting network equipment.

Security

Computerworld - Q&A: GitHub COO on how genAI makes devs more efficient (and can automate the helpdesk)

For more than two years, GitHub has been developing its own genAI platform that can not only write a majority of code for a developer, but also take on mundane IT help desk tasks. COO Kyle Daigle explains what's been going on.

AI/DevOps

Information Week - How to Innovate in a Privacy-Protective Way

To innovate in a privacy-conscious manner, organizations should leverage current processes for evaluating privacy (such as privacy impact assessments and data protection impact assessments) and reinforce them to account for new and increased risks posed by AI. Practicing data minimization and purpose limitation can help maintain quality of data, while respecting consumer rights regarding their personal data.

Data Privacy

CIO Influence - Securing the Future: Exploring Global IT Security Regulations

Moreover, as security requirements often converge, these frameworks facilitate crosswalks, enabling organizations to demonstrate compliance with diverse regulatory standards. For instance, ISO 27002 delineates information security policy in Section 5, whereas Control Objectives for Information and Related Technology (COBIT) defines it within its “Align, Plan and Organize” segment. Similarly, frameworks such as the Committee of Sponsoring Organizations of the Treadway Commission (COSO), HIPAA, and PCI DSS each outline distinct facets of information security policy within their respective sections.

Security

Network Computing - Forget High Availability; Modern Enterprises Need Always-on Services

Redundant networking connections are critical for businesses that need to be always online. In the event the primary network is down, there should be an easy switch in place to provide backup service, even at a slower rate, until the primary network is back online. Another solution would be to have critical operations and devices work even when offline, syncing data at a later date with the network, although that is not always possible.

Network Management

Information Week - Help Your C-Suite Colleagues Navigate Generative AI

For example, CTOs can clarify the differences between generative and discriminative AI. It’s an essential distinction because each represents a vastly different approach to learning from data. They are also at separate points on the adoption curve. Generative models can be used for tasks like data generation, while discriminative models excel at classification and prediction tasks.

GenAI

CIO Influence - The ChatGPT Revolution is Coming for Compliance

Business heavyweights from Goldman Sachs to Apple – many of which have banned employees from using ChatGPT – have joined a call to rein in generative AI development over fears of misinformation and replacing human labor, as well as cybersecurity concerns. Any tool that possesses the capability to undermine data privacy, leak source code, and compromise compliance and regulatory performance through “automated decision-making” is the last thing many business leaders want to see in the pipeline.

AI/Security

sdxCentral - Assessing the post-quantum threat – 3 tips to be ready

A fully functional quantum computer capable of breaking current cryptographic systems is not yet a reality. The threat is imminent enough, however, to cause some to take action in anticipation of nation state and other threat actors gaining access to quantum computing. The idea of hackers using a “harvest now, decrypt later” tactic poses an immediate risk. Adversaries could be collecting encrypted data with the purpose of decrypting it once quantum computing becomes sufficiently advanced.

Quantum Computing

sdxCentral - Why networking for AI needs AI for networking

All the major network vendors are now working on evolving their products to meet the unique demands of AI. One of the positive signs for the industry is the formation of the Ultra Ethernet Consortium, where rival companies such as Arista, Cisco, Juniper and HPE have come together to create an Ethernet standard that can challenge InfiniBand as the technology that can support AI. I don’t believe Ultra Ethernet will universally displace InfiniBand, but many customers do want an option, and having the industry come together on a standards-based offering will create a rising tide where everyone wins.

Network Management

VentureBeat - A CISO’s guide to AI: Embracing innovation while mitigating risk

AI is just one more technological advancement we must accommodate. CISOs had the same uncertainty about bring-your-own-device (BYOD) and cloud adoption, both of which are now common. It’s likely AI will become ubiquitous, which means CISOs must know how to manage, guide and lead AI’s adoption.

AI/Security

Information Week - Squeezing the Maximum Value Out of Generative AI

Before LLMs, organizations needed to perform complex text analytics in order to get value out of unstructured text data, such as maintenance records or shift logs in a production environment. “LLMs can be used to structure text data and prepare it as inputs for machine learning models used for production optimization and predictive maintenance.”

AI/Data

Datanami - Reveal Survey Report: AI Integration is Biggest Software Challenge of 2024

However, those who have not jumped on the AI bandwagon cite concerns such as: generative AI code lacks the creativity and innovation of human developers, AI can produce code with security vulnerabilities, and code developed with AI may contain errors, bugs, or inefficiencies. There is also a concern that AI might make the developer’s role obsolete.

AI

VentureBeat - 4 strategies data-driven CISOs need to take now to defend their budgets

However, the fear and uncertainty of an impending global recession is forcing business leaders to take a hard look at every entry in their operating budget. Enterprise CISOs can no longer assume that their budgets will be exempt from cost-cutting measures. Instead, they must be prepared to answer pointed questions about the overall cost-effectiveness of their security program.

Security

Network World - And the AI winner is…IBM?

For decades, I’ve listened to sales management tell the sales force to avoid consultative selling, avoid “educating” the customer. Make your darn numbers, sales management says. For decades (six, in fact) IBM has taken another path. They used to hand out notebooks to people, emblazoned with one word: Think. I’ve sat in on CIO/CTO-level meetings that included IBM’s account teams, and I was struck by how much the team worked to draw out that thinking. And not just thinking about technology, thinking about how technology changes business.

Automation & Productivity

sdxCentral - Breaking down the value of managed SASE for today’s businesses

“The benefit we have over a lot of IT and security teams is we’ve done thousands of deployments of all flavors, [including] cloud security, on-prem [security], SD-WAN, etc. And so we learn a lot by having so many repetitions,” he said. “It’s a team of people for a fraction of the cost of even hiring one security professional who certainly cannot do everything and definitely can’t do it all the time.”

Security

Information Week - Enterprise Data Integration: Now More than Ever

While personnel or process problems may be the source of the problems caused by insufficient data integration, obsolete technology or a lack of appropriate tools are frequently the main contributing factors. Replacing outdated technologies with suitable current replacements may seem monetarily intimidating due to the accumulation of technical debt from years of workarounds and patching up old procedures

Data Management

eWeek - Businesses Investing in AI: An Industry Perspective

Cisco is also cautious, advising against the use of public generative AI services. For instance, Cisco has its own internal AI platform leveraging Microsoft’s Azure AI capabilities. This reflects a broader trend Cisco observed among its customers. Financial services firms tend to be wary of AI, whereas manufacturing companies are more open to it. Cisco believes providing employees with viable, secure alternatives to public AI tools is essential.

AI

SiliconANGLE - Seven FinOps trends that are reshaping cloud cost management

In a fundamental respect, cloud-based AI workloads don’t require different infrastructure from other workloads. But they do require an especially high capacity of compute resources, and the ways in which they use those resources may vary. For example, AI model training is a compute-intensive but non-continuous activity, making it different from other compute-heavy workloads that operate without interruption.

Cloud

Information Week - ConnectWise ScreenConnect Vulnerabilities: What CIOs Need to Know

Earlier this month, IT management software company ConnectWise announced vulnerabilities in its ScreenConnect, its remote access tool. The critical vulnerabilities (CVE-2024-1709 and CVE-2024-1708) are being exploited in the wild. What do CIOs and other enterprise security leaders need to know about remediation and exploitation of these bugs thus far?

Security

CIO Influence - CIO Influence Interview with PF Grillet, SAP Global Lead at SoftwareOne

Such ‘immutable storage’ functionality wasn’t available in on-premises data centers in the past, and the expensive and complex third-party solutions that were required there should not simply be lifted into the cloud where better, cheaper, and simpler solutions are available from the hyperscalers.

IT Management

eWeek - Top 9 AI Governance Tools 2024

IBM Cloud Pak for Data is an integrated data and AI platform that helps organizations accelerate their journey to AI-driven insights. Built on a multicloud architecture, it provides a unified view of data and AI services, enabling data engineers, data scientists, and business analysts to collaborate and build AI models faster.

AI Governance

Information Week - Defining AI's Role in Network Management

More importantly, the emergence of software-defined WANs (SD-WANs) is opening the way for network managers to integrate AI technology into network operations and management. "For the industry to deliver on the promise of a self-healing or self-correcting WAN, AI tools can help automate routine network operation tasks, set policies, measure network performance against set targets, and respond to and rectify the networks as needed," Herren explains.

Network Management

eWeek - GitHub Copilot vs. ChatGPT: Ultimate AI App Comparison

GitHub Copilot doesn’t do any of this, but it isn’t designed to. Rather than trying to be everything ChatGPT attempts to be, GitHub Copilot focuses — deeply and effectively — on its role as an AI assistant for software coding. However, it’s important to note that this AI assistant interface works similarly to a chatbot, as users can request code improvements, completions, and more in a chatbot interface with natural language.

Automation & Productivity

ITPro Today - Is Passkey Authentication More Secure Than Traditional Passwords?

Passkeys are not entirely foolproof, however. Cybercriminals have evolved their strategies, with session hijacking emerging as a common method for account takeover. “Instead of trying to access a user’s login credentials, cybercriminals now use malware-exfiltrated session cookies to launch session hijacking attacks – bypassing passkeys entirely,” said Trevor Hilligoss, vice president of SpyCloud Labs.

Security

sdxCentral - Cybersecurity pay from analysts to leaders revealed: Understanding impacting factors

They found that experience and level of education contribute favorably to compensation levels as expected. Cybersecurity professionals with at least 12 years of relevant experience can have an annual cash compensation as much as 22% above the baseline. On the flip side, those with fewer than three years of relevant experience earn packages of up to 40% below the baseline. Meanwhile, the impact of advanced degrees on cash compensation is a positive 12%.

Security

sdxCentral - Google Cloud optimizes databases, data analytics for genAI

The hyperscaler shared the general availability of AlloyDB AI, which is designed to simplify the process of building enterprise-grade genAI applications. The AI database platform can run on-premises or in any public cloud environment and is ideal for transactional, analytical and vector workloads.

AI/Data

Information Week - Rubrik CIO on GenAI’s Looming Technical Debt

Technical debt is hardly a new concept and not exclusive to artificial intelligence. A 2023 CompTIA survey found 74% of organizations said technical debt posed challenges. And 42% of those surveyed said the technical debt would cause “substantial hindrance.” Technical debt is often an invisible foe that can creep up on IT leaders as companies push to grab a competitive advantage with emerging technologies.

GenAI

Network Computing - A Perfect Cyber Storm is Leading to Burnout

Cybersecurity is about, among other things, attention to detail, careful planning, and precision execution during incident response times. Distracted, stressed-out, and understaffed teams are a recipe for disaster. A perfect storm of factors is contributing to this scary reality, but there are also strategies we can implement as technology and business leaders to navigate these challenging waters.

IT Management

Data Science Central - What are the benefits of using Natural Language Processing (NLP) in Business?

NLP is transforming business practices, data analysis, and customer engagement by empowering machines to comprehend, interpret, and even produce human language effectively. This article delves into the extensive advantages of incorporating NLP within business operations, demonstrating that this technology is indispensable for maintaining a competitive edge in today’s dynamic business environment.

NLP

CIO Influence - Driving Business Agility with Cloud Ops Architecture, Management, and Compliance

Cloud Operations Engineers collaborate with staff to plan and implement secure, cost-effective cloud-based services that support business initiatives. Ideal candidates for managing cloud operations possess the expertise of Alibaba, Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS).

Cloud

Forbes - Saving Telco From Itself: Overcoming The Top 5 Challenges In 2024

A common theme that is creating challenges across all of these industries is the rise of software, silicon and the edge as critical enablers—whether it’s the via disruption of AI, the re-working of operations around software development, deployment and support or the deconstruction of proprietary tech stacks into “open” hardware, software and services combinations.

Tech Trends

Datanami - Reducing Cloud Waste a Top Priority in 2024, FinOps Foundation Says

The biggest FinOps spending is targeting compute instances, the survey shows, with more than 50% having already spent heavily to optimize compute. That leaves plenty of room for optimizing other aspects of cloud computing, the FinOps Foundation says, including data and storage, database, containers, backup and retention, data transfer and networking, and more.

Cloud

Computerworld - Enterprise mobility 2024: Welcome, genAI

“This has been the main topic of interest in the last year. We see generative AI having impacts in multiple areas, such as script creation, knowledge-based article creation, NLP [natural language processing]-based querying of endpoint data, and help desk chatbots. All of these are considerations for inclusion within the UEM stack.”

Tech Trends

Forbes - Three Ways Your Organization Could Be Susceptible To Ransomware Attacks

Breached credentials and “stealer logs” are some of the most frequent ways hackers gain access to systems and initiate ransomware attacks. Because nearly all organizations have had stolen credentials on the internet at some point, it can make them susceptible to later attacks—especially if the exposure happened within 90 days and the information is current.

Security

CIO Influence - Revolutionizing Business Reporting with Cloud Reporting Tools

A cloud reporting tool is a software solution that facilitates report generation and analysis through cloud-based technology. Diverging from conventional reporting approaches, these tools furnish real-time data updates, automate processes, and seamlessly integrate with various business applications. They serve as a centralized data collection, analysis, and visualization hub, empowering businesses to effortlessly make informed decisions based on data insights.

Cloud

SiliconANGLE - CAST AI report unveils major underuse of cloud resources in Kubernetes environments

That’s resulting in substantial inefficiencies and opportunities for cost optimization in cloud computing. The second annual CAST AI Kubernetes Cost Benchmark Report, based on the analysis of 4,000 clusters running on Amazon Web Services, Google Cloud Platform and Microsoft Azure, found that for clusters containing 50 to 1,000 CPUs, organizations only use 13% of provisioned CPUs and 20% of memory, on average.

Cloud

ZDNet - Beyond programming: AI spawns a new generation of job roles

While prompt-engineering skills are in demand now, Lee says the future might look different: "It's a new way to interface with a computer that requires different skills. But as the interface becomes more conversational and more human-like, it remains to be seen if this is a new career path or just a point-in-time opportunity."

Tech Jobs

Network Computing - The Increasing Trend of Consolidation in the IT and Cybersecurity World

Within organizations, CIOs play a critical role in ensuring data security and managing IT infrastructure. However, as technology ecosystems continue to expand and diversify, CIOs face the daunting task of navigating a labyrinth of software solutions. This has started to lead many CIOs to seek consolidation of products and services. The primary aim is to simplify operations, streamline workflows, and ultimately enhance overall efficiency.

IT Management

CIO Influence - AI Security Imperatives for 2024: Collaboration Between Tech and Governments

Cisco’s recent findings from the Cybersecurity Readiness Index underscore a concerning reality: only a mere 15% of organizations demonstrate mature readiness to withstand cybersecurity threats, with a mere 22% adequately prepared to safeguard data. Concurrently, the 2023 Cisco AI Readiness Index reveals a stark truth: a staggering 86% of global organizations lack comprehensive readiness to integrate AI into their operations seamlessly.

AI/Security

Information Week - Is Self-Promotion a Viable Path to CIO?

I’ve talked to many women CIOs, and this isn’t an uncommon story, but it goes for males, too. I know a few CIOs who ascended to the CIO position because they were willing to wait for their bosses to retire -- but most had to self-promote themselves by seeking career advancement outside of their companies, and they saw self-promotion by seeking new employment as a viable path to CIO.

Tech Jobs

CIO Influence - Essential Skills for Future CIOs in 2024 and Beyond

CIOs must discern between valuable data and irrelevant information to optimize resources effectively. Strategic evaluation of data usage ensures alignment with business objectives, minimizing wastage of resources and time.

IT Management

Blocks & Files - Developing AI workloads is complex. Deciding where to run them might be easier

But connectivity is not simply an external concern. “Within the four walls of the data centre we’re seeing six times the cable requirements [as] customers are connecting their GPUs, the CPUs, the network nodes. …. so, where we had one cable tray for fibre runs, now we have six times those cable trays, just to enable that.”

AI

Information Week - How to Cope with AI Disappointment

“It’s important to have the right human intelligence upfront to manage the AI and to build it into the process. “Enterprises want to implement AI to make programs faster, but must first understand the intended result, the true result, as well as the problems that haven’t been addressed.”

Automation & Productivity

CIO Influence - Latest Trends in Networking Cloud Services

However, alongside the benefits, there has been a notable rise in cyberattacks targeting cloud environments, as highlighted by a 40% increase reported by McAfee in their 2023 report. Despite the advantages, the digital landscape presents distinctive challenges for networking cloud services. In this context, it is essential to delve into the critical aspects of the digital era and examine the hurdles that necessitate innovative solutions in cloud networking.

Cloud

Information Week - How to Develop an Effective Governance Risk and Compliance Strategy

“Compliance has for too long lived in a niche corner of business strategy, but with the AI boom bringing new outsized challenges to the GRC world, every department in an organization needs to understand and be aware of the day-to-day work involved in risk and compliance,”

Risk Management

Network Computing - 5G is Moving Downstream to Enterprises—And Everyone Stands to Gain from It

The same survey showed that almost two-thirds of MNOs consider private wireless networks as an important part of their enterprise strategy. While not discounting considerable consumer interest in 5G-driven services for things like gaming on the go, B2B enterprise is clearly the strongest 5G opportunity for MNOs in 2024, driving 5G indoors through on-premises public and private 5G networks.

5G

Information Week - How Leadership Missteps Can Derail Your Cloud Strategy

But there's another layer: the iceberg beneath the surface. Focusing merely on the initial outlay while overlooking ongoing operational costs is like ignoring the currents below, both can unexpectedly steer your budget -- and your company -- off course. Acknowledging and managing operational expenses is vital for a thorough and financially stable cloud computing strategy.

Cloud

sdxCentral - Enterprise networking in flux: Why readers flock to disruptors like Aviz, Cato, Nile and Versa

Our data shows that these outdated technologies and architectures have burdened network infrastructure consumers with significant technical debt, requiring substantial resources to maintain. Consequently, CIOs, Chief information security officer (CISO), CTOs and network operations teams find themselves unable to prioritize innovation, despite the demands from their CEOs and line-of-business executives.

Network Management

Information Week - How to Ready Your Company for The Cloud Revolution in 2024

By the end of the year, the world's first zero-touch call centers will likely be unveiled -- a testament to the strides made in GenAI. These centers will be equipped to perform tasks that surpass the abilities of traditional chatbots, such as handling customer histories, inventory management and sensitive communication tasks, all enhanced by advanced natural language processing.

Cloud

Forbes - Lessons From The Insurance Industry: Six Keys To Developing An Effective Data Strategy

Any path toward an effective data strategy begins with knowing where your data originates and the types of data you’re collecting. Consider whether you can combine data sources or if it’s time to retire others. Your initial understanding sets the stage for a more far-reaching and well-informed approach to the data’s ultimate deployment.

Data Management

Network Computing - Why Businesses Should Watch Wi-Fi-7 Closely

Wi-Fi 7 products offer significantly more performance for enterprise users and can support more users in denser environments compared to Wi-Fi 6. It is pitched as a match for streaming applications and is able to handle more users per Access Point (AP), which translates into fewer devices to manage and maintain in deployments.

Network Management

Forbes - Five Predictions For How SaaS Will Be Managed By IT, Software Asset Management And Procurement Teams In 2024

SaaS management is often referred to as a team sport. When it’s done right, it’s the joining of forces of the IT and finance organizations. This partnership makes sense, as these teams have a common goal of efficiency. While CFOs approach efficiency from a purchasing and cash flow perspective, CIOs are focused on maximizing investments and software utility.

IT Management

Network World - The tech world’s best kept secret: carrier-grade connectivity

“They are dependent on the network so why not go direct to the owner of world’s largest internet backbone that covers 350 points-of-presence (PoPs), which serve customers across 125 countries? By cutting out the middlemen, they gain access to capacity, performance and the best customer service.

Network Management

SiliconANGLE - Generative AI, IAM, culture-based programs will shape cybersecurity in 2024, Gartner says

To support organizations in their move to this model, Garter has developed PIPE (practices, influences, platforms, enablers), a framework guiding practices not traditionally used in security awareness programs — such as organizational change management, human-centric design practices, marketing and PR and security coaching.

AI/Security

sdxCentral - 3 ways new CIOs can build credibility with the C-suite

Tech talent and skills shortages are a major concern for boards for directors, That concern is well-founded as it can hinder enterprise growth. CIOs can address this challenge by adopting what Gartner describes as “a franchising digital delivery mindset.” This involves breaking down IT department walls and empowering other business areas to contribute to technology production.

IT Management

SiliconANGLE - Organizations need a business-driven AI strategy, not a CAIO

Given the speed of AI updates and changes, it is imperative that organizations operate in a dynamic, iterative, risk-adjusted, repeatable approach to better focus on the value that AI can bring to their organization. The key is a synergistic multidisciplinary approach to measurement, AI-ready data strategy, security, risk governance and talent shifts.

AI Management

Government Executive - OPM announces survey to analyze AI in government jobs

Last July, OPM completed the first step of its work, identifying 43 general and 14 technical competencies required for work with AI. And in a memo last week, Veronica Hinton, OPM’s associate director for workforce policy and innovation, announced the HR agency’s next task: surveying current federal employees who are already working with AI to confirm OPM’s initial list of skills.

Tech Jobs

CIO Influence - RAG Strategies for CIO Success: Harnessing Data Retrieval Potential

Enter retrieval augmented generation (RAG) is a sophisticated natural language processing (NLP) technique among the strengths of return- and generative-based AI models. RAG AI capitalizes on existing knowledge while possessing the ability to synthesize and contextualize information, thereby generating bespoke, contextually-aware responses, instructions, or explanations in human-like language. Unlike generative AI, RAG operates as a superset, incorporating the strengths of both generative and retrieval AI mechanisms

AI/Data

Computerworld - The highest-paid IT skills — and why you need them on your resume

The top 10 highest paid skills in tech can help workers earn up to 47% more — and the top skill among them is generative artificial intelligence (genAI), according to a new report from employment website Indeed and other sources.

Tech Jobs

Blocks & Files - Keepit has a unique approach to SaaS data protection

The backup software is an object store that prohibits the deletion of any data object or backup set. Every backed-up item is an object like a file or email. That means customers can restore files at the same speed whether they are a minute, a week, a month, a year or older. All objects are immediately addressable. There is no separate archive section for older data. Customers sign up for retention periods, with many having 99-year retention deals.

Data Management

CIO Influence - Top 5 Data Center Management Software for CIOs

Asset management within an enterprise data center is inherently intricate. It encompasses hardware and software sourced from various vendors alongside numerous applications and tools. Additionally, data center environments often interface with private cloud platforms from multiple providers. Each component, whether hardware, software, or cloud-based, carries its contractual terms, warranty agreements, user interfaces, and licensing requirements.

Data Management

CIO Influence - Multi Cloud Governance Strategies for CIO Leadership

Identity security poses a substantial threat, as most cloud services require user authentication. Cyber-attacks like phishing target cloud credentials, making user access control more challenging in multi-cloud environments. A robust cloud governance framework is essential to enforce security policies across all cloud systems and monitor credential compromises effectively.

Cloud

sdxCentral - GenAI, boardroom communications gaps top Gartner’s list of cybersecurity trends

Gartner noted that security behavior and culture programs (SBCPs) have gained traction to reduce human risks, as security leaders shift focuses from increasing awareness to fostering behavioral change. The firm expected half of large enterprise chief information security officer (CISO) will adopt human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption by 2027.

Security

CIO Influence - CIO Influence Interview with Chris Parker, Director Government Strategy at Fortinet

Active security in a modern IT infrastructure is seeing a convergence of security and networking. Whereas these often used to sit in separate teams, as two separate entities, now they’re the same system. At Fortinet, we are leading very strongly in the emergence of Secure Access Service Edge (SASE), a cloud architecture model that combines network and security-as-a-service and that also allows us to move data remotely and securely from point to point.

Security

appleinsider - Apple users are increasingly falling victim to malware, phishing, and viruses

FileVault, for instance, a "basic feature that provides critical protection of user data by encrypting it" was reportedly "found disabled on 36% of devices" surveyed. Then across 2023, "3% of [iPhones] devices had lock screen disabled and 25% of organizations had at least one user with lock screen disabled."

Privacy & Security

Forbes - Three Priorities That Enterprise CIOs Must Address In 2024

As such, it has remained at the periphery of the enterprise. However, as more legal and compliance work has been done to understand the ramifications of generative AI, in 2024, we can expect to see its use extend beyond marketing and engineering into areas like design, planning and strategy.

Tech Trends

Information Week - How to Build a Strong IT Risk Mitigation Strategy

“In order for the resulting risk score to be usable, the exposure data analysis needs to be highly automated, which generally involves setting up a data warehouse for key metrics,” he explains. “The impact analysis also needs to take into account system categorization, driven by confidentiality, integrity, and availability assessments.”

Risk Management

Network World - SASE, multicloud spur greater collaboration between network and security teams

SASE converges network and security solutions into an integrated architecture, so it makes sense that these groups would come together to implement and operationalize it. Multicloud adds significant complexity to networking and security at a time when both these groups are fighting to regain influence and control over cloud strategy. EMA believes that strong collaboration between the two groups can help both gain more credibility in the cloud

Network Management

Information Week - The Psychology of Cybersecurity Burnout

Employees who are not focused on cybersecurity often feel that safeguarding procedures represent an undue impediment to completing their assigned tasks. And cybersecurity professionals must contend with an ever-growing panoply of alerts and crises -- in the midst of a massive shortage of both workers and skillsets. Sixty-eight percent of respondents to a 2022 IBM survey of cybersecurity responders said they were often assigned to more than one incident at a time.

Security

Network World - IBM X-Force: Stolen credentials a top risk to network infrastructure

In terms of network infrastructure, nearly 85% of attacks on this sector were caused by exploiting public-facing applications, phishing emails, and the use of valid accounts. In 2023, X-Force saw attackers increasingly invest in operations to obtain users’ identities; there was a 266% uptick in infostealing malware, designed to steal personal identifiable information like emails, social media and messaging app credentials, banking details, crypto wallet data and more, the report found.

Security

CIO Influence - Top Healthcare Data Management Software and Tools Every CIO Must-know

Establishing a centralized repository, often referred to as the “source of truth,” is paramount for maintaining master data integrity. This repository encompasses essential identity information such as patient and provider identifiers, alongside reference details like standardized vocabularies used in daily operations. Implementing robust processes aligned with industry standards ensures smooth operations, aided by Healthcare Business Intelligence tools aimed at enhancing overall outcomes.

Data Management

Information Week - Solving the Non-Invasive Data Governance Puzzle

Employee non-adherence (or in some cases, lack of knowledge) to security and governance policies is one reason why more companies are using social engineering audits to review practices in user departments. Another reason for lapses in governance is employee stress, which in 2023, according to Gallup, was at 44% of all employees.

Data Management

CIO Influence - Streamlining NIS2 Compliance: The Microsoft Security Solutions Approach

One of the notable features of the directive is the introduction of heightened accountability measures. Through reinforced reporting requirements and increased penalties, organizations are urged to prioritize the enhancement of their security protocols. The deadline for compliance with NIS2 is set for October 17, 2024, after which adherence to the directive becomes legally mandatory.

Security

Information Week - Changing Role of the CIO

From tech strategy to artificial intelligence, talent, and transformation to value creation -- the CIO needs to have a tech-led answer for every question from the C-suite. The job is mercurial, the responsibilities expansive and the demands relentless. So how do you cope? With leadership: CIOs need to move beyond cost-cutting to expand their role and embrace the fact that they can be the chief insights officer in a business.

IT Management

Information Week - Talent Management: The Missing CIO Management Strategy

Then, in 2023, eight out of 10 technology leaders surveyed said that they were having to prioritize the upskilling of their employees. Now, in 2024, LinkedIn has reported a demand for IT skills in AI, cloud computing, cyber security, data science and other IT areas.

IT Management

SiliconANGLE - Metadata is the glue: federated data silos, metadata and governance

We believe that no single data platform will conquer them all. And that organizations will look to continue to break apart the compute or execution layer from the data storage layer in their composable data platform. In the research, we see organizations looking at ways to address their major challenges: costs of compute and storage, number of systems to manage, how to understand what data they have, and how to govern the use of that data. This research note digs into the last two issues around knowing what data you have and who can use it.

Data Management

CIO Influence - Balancing Act: Ethics and Privacy in the Age of Big Data Analytics

The significance of big data collection and analytics is increasing at a rapid pace. According to IBM, a staggering 90% of the world’s data has been generated in the past two years alone. This exponential growth in data holds profound implications across various industries, underlining the need for data analysis. Organizations leverage big data to drive informed decision-making, innovate products and services, and address complex challenges.

Data & Analytics

Information Week - Streamline Your IT Workforce by Consolidating Roles, Not Workers

“The third way to achieve these goals is by leveraging opportunities for employees to work on other teams or pods to support different parts of the product and technology,” Walters says. “This encourages knowledge sharing and helps retain talent by offering them additional learning opportunities.”

IT Management

SiliconANGLE - New report warns of ongoing rise of malicious emails bypassing secure email gateways

The Cofense 2024 Annual State of Email Security Report, based on 35 million employee accounts tracked by Cofense, identified more than 1.5 million malicious emails bypassing customer secure email gateways, or SEGs, last year, up 37% from 2022 and 310% from 2021. In context, the report notes that Cofense detected at least one malicious email bypassing their customer’s SEGs every 57 seconds.

Security

CIO Influence - What It Means To Be An ‘IT Pro’ In The Age Of Generative AI

With a simple prompt, an IT pro can fix long-standing business problems more quickly and easily than ever, whether that means pulling data for a board meeting where critical decisions will be made or instantly or knitting applications together to enable the delivery of new products and services. If being a data-oriented problem solver was a skill before, AI has made it a superpower.

Automation & Productivity

Information Week - Solving the Non-Invasive Data Governance Puzzle

Employee non-adherence (or in some cases, lack of knowledge) to security and governance policies is one reason why more companies are using social engineering audits to review practices in user departments. Another reason for lapses in governance is employee stress, which in 2023, according to Gallup, was at 44% of all employees.

Data Management

sdxCentral - Tech companies ditch degree requirements, focus on skills

The practice is gaining ground on the governmental level, too: Massachusetts Governor Maura Healey recently instituted skills-based hiring practices for state jobs, noting that “too many job applicants are being held back by unnecessary degree requirements.”

Tech Jobs

ZDNet - Does your business need a chief AI officer?

The rapid pace of development means it would be tough for anyone, let alone a CIO who's already responsible for managing day-to-day IT operations, to oversee the rollout of AI.

IT Management

sdxCentral - Dragos warns of rising ransomware, inaccurate vulnerability advisories

Dragos argues OT vulnerabilities should be addressed and mitigated differently from IT ones based on the strict operational requirements of OT systems, such as system uptime and vendor qualification processes.

Security

Strategies to Solve the IT Skills Gap in Enterprise Storage for Fortune 500 Companies

One effective strategy is to deploy autonomous automation into your storage infrastructure, so it reduces the level of complexity, thereby decreasing the dependence on specialized IT skills that are becoming harder to find. With the power of autonomous automation, an admin can manage PBs and PBs of storage easily and cost effectively. For example, a global Fortune 500 customer in Europe went from 15 people managing >75PBs of storage to only four people managing with the switch to Infinidat.

IT Management

sdxCentral - Cloud budgets are climbing, but execs leery of hidden costs

Unexpected cloud costs are the main factor driving the frequency of cost assessments. More than two-thirds of respondents reported negative impacts from unanticipated cloud costs in the last six months to a year. In 2022, 53% of respondents experienced surprise cloud costs.

Cloud

CIO Influence - Leveraging Big Data Analytics for Strategic Decision-Making: A Guide for CIOs

Chief Information Officers (CIOs) serve as linchpins in fostering data-driven decision-making within organizations, tasked with overseeing IT infrastructure and data management strategies. CIOs establish a coherent data strategy outlining data collection, storage, management, and analysis procedures, carefully considering factors such as data governance, security, and access control.

Data & Analytics

Network World - HPE and Juniper: Why?

The second of the two views is the most popular. A good M&A is based on the idea that there’s a lot of staff redundancy in the combination of two companies, and you can save a boatload of costs by merging and laying off employees. No revolutionary change in strategy, or in product plans. Economy of scale is the game. But consolidation is usually a response to commoditization, which means that at best, you’re circling the drain in a more favorable position (if that’s possible). Weak.

Network Management

CIO Influence - HP Reveals Security Threat Trends: Adversaries Target Endpoints

In Q4, a significant portion of intrusion attempts, with 84% involving spreadsheets and 73% involving Word documents, targeted vulnerabilities in Office applications, marking a departure from macro-enabled attacks. However, macro-enabled attacks remain prevalent, especially in instances utilizing low-cost malware like Agent Tesla and XWorm.

Security

VentureBeat - How AI is redefining data-based roles

AI will replace few if any data-related roles. Instead, AI-powered software will enhance their capabilities — and encourage ambitious data professionals to jump on acquiring whatever new AI-related skills may be demanded. Here’s a quick rundown of the impact AI will have on data roles across the organization.

AI/Data

CIO Influence - Next Gen Cloud Computing Platforms for CIOs in 2024

Directly transferring an application to the cloud might not be the most efficient approach. Use a cloud migration to reassess your IT architecture for better efficiencies. Consider breaking applications into microservices for leveraging the service-based approach of Infrastructure as a Service (IaaS). Alternatively, explore Platform as a Service (PaaS) or Software as a Service (SaaS) options to streamline operations and reduce complexity.

Cloud

The Hacker News - How Businesses Can Safeguard Their Communication Channels Against Hackers

As for the review of permissions, the more people have access to a system, the more likely it is that someone will make a mistake that could result in a breach. Make sure that only those people who really need it have access to sensitive information.

Security

sdxCentral - Tech leaders can’t play it safe in 2024

While 60 percent of workers use genAI tools internally is impressive, more eye-catching is the fact that 50 percent will use AI to offer custom-facing tools, according to Forrester’s research. Guarani said Forrester is an example of this shift to custom-facing AI that lets its clients can now use genAI to search its entire library of research.

Automation & Productivity

Computerworld - Tech spending shifts to meet AI demand, forces a 'reshuffling of skills' for workers

The adoption of AI has the potential to reshape the workforce, though many employees could be looking at reskilling instead of separation. According to a 2023 survey of 1,684 C-suite executives by McKinsey Global Institute, about four in 10 respondents reporting AI adoption expect more than 20% of their companies’ workforces will be reskilled in the next three years; and 8% expect the size of their workforces to decrease by more than 20%.

Automation & Productivity

SiliconANGLE - Cloud optimization wanes as AI slowly lifts off

The other key takeaway from the data is AI has gained notable momentum on both dimensions since the announcement of ChatGPT. Survey data indicates that approximately 40% of new AI projects are being funded by taking funds from other budgets. Most sectors have seen contracting Net Scores on the vertical axis over the past several quarters and AI is the clear exception.

Cloud

Federal News Network - DoD wants to ‘popularize’ data patterns to leverage AI

“So if somebody has a data product, the value is realized because there’s a customer. Our goal is to enable each CTO and CIO across the department with the skills and the tools to be a product manager so that they can provide their customer with what they promised.”

AI/Data

Information Week - Keys to Maximizing Data Value

Jain believes that the most effective way to maximize data value is by ensuring that the data is well-connected and not isolated within silos. “When data elements are interconnected and form a unified fabric, they can collectively tell a more comprehensive story,” she says. “It’s about establishing a single source of truth within your organization where every piece of data contributes to a larger, interconnected narrative.”

Data Management

ITPro Today - Generative AI Adoption and Productivity: Finding Benefits Proves Challenging

Approximately 20% of employees who haven't experienced increased productivity with GenAI attribute that to corporate guidelines and subpar AI tool output, which results in additional review and editing time.

Automation & Productivity

Network Computing - How to Choose the Right Form of LTE Connectivity for IoT

LTE 450 is an alternative that operates on the 450MHz frequency band and is an energy-efficient and long-range option that provides a better solution than 3G. This option is suitable for less data-intensive applications commonly associated with LPWA technologies and perfect for smart meter connectivity.

IoT

CIO Influence - Effective Ways to Create a Culture of Security Awareness for CIOs

Establishing a Security Development Lifecycle (SDL) guides security practices in software and system development while designating security champions enhances peer education and awareness. Recognizing and rewarding individuals excelling in security practices through incentives contributes to a positive and motivated security culture within the organization.

Security

Information Week - How to Build an Effective IT Training Program

Education and training are necessary to keep your IT staff competitive, Craig advises. “Having your technology teams stay current on the latest information, tools and methods is crucial.” He believes that teams need to “understand emerging technologies and best practices so they can deliver maximum value back to the organization through an effective training program.”

Training & Certs

Network World - 5 Wi-Fi vulnerabilities you need to know about

A major vulnerability of the WPA/WPA2-Personal security protocol, particularly on business networks, is that a user with the Wi-Fi passphrase could snoop on another user’s network traffic and perform attacks. The enterprise mode of WPA/WPA2 provides protection against user-to-user snooping. But that requires a RADIUS server or cloud service to deploy, and requires more of the user or client device in order to connect. Thus, many enterprise environments still broadcast signals with the simpler WPA/WPA2-Personal security.

Security

Network Computing - Maui Teaches Us Why We Need to Change Our Data Protection Strategies

"If backups are so great, why then has every company that has paid ransom had backups?" This is because backups are not the most effective disaster recovery strategy. We now need to prioritize disaster recovery, and we need to find an affordable way to create DR for unstructured data that is separate from backups. We can no longer simply rely on backups as our primary means of data protection.

Data Management

CIO Influence - Top 10 Endpoint Management Software Picks for CIOs

Key factors contributing to its significance include centralized patch management for software updates, automation for IT efficiency, cost savings through reduced downtime, crucial support for remote work, robust data protection features, efficient asset management, proactive performance optimization, disaster recovery assistance, and seamless scalability to adapt to organizational growth and IT changes.

Security

SiliconANGLE - New report finds sensitive information at risk in 55% of generative AI inputs

In the last thirty days, more than half of data loss prevention or DLP events detected by Menlo Security included attempts to input personally identifiable information. The next most common data type that triggered DLP detections included confidential documents, representing 40% of input attempts.

AI/Security

CIO Influence - Top 20 Enterprise Data Storage Providers to Look Up in 2024

Modern storage solutions also enable seamless collaboration and file sharing across teams and devices, boosting productivity and accelerating decision-making. Integration with data analytics tools allows businesses to unlock valuable insights from their data, empowering data-driven decision-making and enhancing customer experiences.

Data Storage

InfoWorld - 5 things to consider before you deploy an LLM

Most enterprise LLM systems will be custom-trained in specific data sets. A disadvantage to the neural networks on which LLMs rely is that they are notoriously difficult to debug. As the technology progresses, LLMs may develop the ability to revise, erase, or “unlearn” something false that it has learned. But for now, unlearning can be quite difficult. What is your process or procedure for regularly updating the LLM, and eliminating bad responses?

AI/LLMs

Business Insider - Amazon, Microsoft, and Google say cloud cost-cutting is waning. Customers say cost controls are still a major barrier.

Companies often don't understand exactly what they're spending on in the cloud, the survey found. 65% said they were unsure of all their company's cloud instances. 35% reported cloud cost overruns in the last 12 months, nearly half of which were over $100,000 or $500,000.

Cloud

Information Week - Pressure to implement AI raises IT tensions

“To accommodate AI’s increased power and computing demands, more than three-quarters of companies will require further data center graphics processing units (GPUs) to support current and future AI workloads. In addition, 30% say the latency and throughput of their network is not optimal or sub-optimal, and 48% agree that they need further improvements on this front to cater to future needs.”

AI

CIO Influence - CIO’s Guide to Preventing Ransomware Attacks in B2B Enterprises

Endpoint detection and response solutions function by aggregating security events and indicators of compromise (IoC) from endpoint devices. Although IoCs alone may not identify attacks, they provide critical insights for security teams to detect ongoing threats. EDR tools excel in recognizing subtle activities, such as burrowing, where attackers quietly amass compromised privileges and accounts.

Security

Computerworld - Tech spending shifts to meet AI demand, forces a 'reshuffling of skills' for workers

CompTIA pegs the IT unemployment rate in the US at 2.3%, more than a full percentage point below the national unemployment average of 3.7%. Janco Associates, however, puts IT unemployment at 5.5%, more than a full point above the national average. And Janco’s data paint a far grimmer picture for 156,000 unemployed IT pros.

Tech Jobs

AiThority - JumpCould Finds Organizations Embracing AI Despite Security Concerns

With a strong majority of respondents both planning or actively implementing within the next year and advocating for AI investment, IT leaders clearly see potential benefits from deploying AI in their workplaces. But IT admins report notable concerns around their organizations’ current ability to secure against related threats—and personal concerns about AI’s impact on their career.

AI/Security

CIO Influence - Pervasive OT & IoT Anomalies Raise Critical Infrastructure Threats

“Network scans” topped the list of Network Anomalies and Attacks alerts, followed closely by “TCP flood” attacks which involve sending large amounts of traffic to systems aiming to cause damage by bringing those systems down or making them inaccessible.

Security

VentureBeat - How AI is strengthening XDR to consolidate tech stacks

XDR is riding a strong wave of support due to its ability to consolidate functions while limiting data movement, two high priorities for CISOs today. Those benefits are especially important in an era of security budgets being scrutinized more closely than before. Add to that the ability to bring in more telemetry data, including sources that are behaviorally based that can be used to identify anomalous behavior, including insider threats, and AI’s potential impact to improve XDRs continually is clear.

AI/Security

Network Computing - How Cisco Sees Silicon One Easing Network Convergence and Helping with AI

Recently, Cisco held a Tech Talk focused on Cisco’s Silicon One and how the company believes you can converge a network without compromising security, performance, and manageability. The discussion also shed light on how Cisco is dealing with the rise of AI and the role of the network.

AI/Networking

Information Week - How to Get Your Failing Data Governance Initiatives Back on Track

Despite leadership often recognizing the importance of data governance, it is in a relatively immature state at many enterprises. At large enterprises, data ecosystems are increasingly complex and often siloed, making governance no easy feat. Smaller enterprises may not even see the value of investing time and resources in data governance.

Data Management

SiliconANGLE - The role of data loss prevention tools in protecting against AI data exfiltration

One of the cybersecurity challenges associated with generative AI is the potential for attackers to utilize it for multivector social engineering attacks and creating clean malware code. Attackers are using gen AI to create language models that can launch targeted voice, email and text attacks, making it difficult to protect against because they appear legitimate. Additionally, generative AI is being used to create clean malware code, making it challenging to identify the actor behind the attack

Data Management

Government Technology - Vermont IT Modernization Takes a Relationship-First Focus

First, she wants to ensure tech decisions are made with end users’ experience in mind. Second and third, she aims to enhance standards and drive predictability, ensuring partners know what to expect in terms of financial costs and service capabilities. Finally, Reilly-Hughes has sights set on “simplifying and reducing complexities.”

IT Management

Computerworld - The AI data-poisoning cat-and-mouse game — this time, IT will win

One, it tries to target a specific company by making educated guesses about the kind of sites and material they would want to train their LLMs with. The attackers then target, not that specific company, but the many places where it is likely to go for training. If the target is, let’s say Nike or Adidas, the attackers might try and poison the databases at various university sports departments with high-profile sports teams. If the target were Citi or Chase, the bad guys might target databases at key Federal Reserve sites.

AI Ethics

Forbes - 18 Best Practices For Designing Seamless, Flexible And Efficient APIs

“An API’s design must hide the complexity of the underlying computations, no matter how intensive, convoluted and advanced the solution is at a lower level. Good interfaces are those that abstract complexity and provide universally intuitive access to data and functionalities that make sense for the average user.”

DevOps

eWeek - Generative AI and Cybersecurity: Ultimate Guide

In this guide, you’ll learn about generative AI’s pros and cons for cybersecurity, how major companies are currently using this technology to bolster their cybersecurity tools, and how you can use generative AI in ways that balance efficacy with cybersecurity and ethical best practices.

GenAI

Information Week - Growing Your Cloud Engineering Capabilities

Do you have all the cloud engineers you need? Companies are moving tech to the cloud, which means that the development of IT infrastructure skills in Linux, applications and containers, app deployment, security, data management, and cloud toolsets also must grow.

Cloud

sdxCentral - 5 hot data center jobs for 2024

Data center IT operations manager - As artificial intelligence (AI) and machine learning (ML) remain high business priorities in 2024, companies like Microsoft, Amazon Data Services and Google are hiring data center IT operations managers in Q1 2024.

Tech Jobs

Network World - AI-powered 6G wireless promises big changes

6G (sixth-generation cellular) will deliver significant improvements in security, resilience, reliability, latency, connection density, traffic capacity, spectrum efficiency, and user data rates, compared to 5G. It is expected to be 50 times faster than 5G, with a top-end, theoretical speed of 1Tbps, compared to 20Gbps for 5G. It can also handle 10 million devices per square kilometer, compared with 1 million for 5G, according to Keysight Technologies.

Network Management

Information Week - Investing In a Multi-Cloud Strategy to Maximize Efficiency

While the first significant wave of cloud adoption was driven mainly by the opportunity for cost savings, more recent moves to multi-cloud architectures are often caused by a desire for greater innovation. Many organizations are shifting their IT focus from cost savings and operational streamlining to generating revenue and innovation.

Cloud

ZDNet - This botched migration shows why you need to deal with legacy tech

Underestimating the importance of user buy-in will more likely lead to a resistance to change and is a key reason why businesses end up having to retain legacy systems. That retention results in higher operational costs, which adds strain on existing resources and creates a wider surface area that needs to be secured.

IT Management

CIO Influence - Gemini Advanced: All You Need to Know About Google’s Powerful AI Suite

The Gemini Advanced version, accessible through a Google One AI Premium subscription, unlocks the full potential of Ultra 1.0. This enhanced experience excels in reasoning, following instructions, coding, and creative collaboration. Imagine a personal tutor tailored to your learning style or a creative partner assisting with content strategy or business plans.

AI

Data Science Central - 10 Prominent Data Science Predictions 2024- Know What the Industry Experts Say?

Real-time data shall become the standard for businesses to power generative experiences with artificial intelligence. Data layers should support both transactional and real-time analytics. He further goes on to say that, the world of data science should expect a paradigm shift from model-centric to data-centric Artificial intelligence. Multimodal LLMs and databases will enable a new frontier of AI applications across industries.

Data & Analytics

Network Computing - Mike Twumasi Reveals DDI Use Cases

We’ll learn how DDI enhances security, simplifies management, and optimizes mobile device integration, contributing to increased productivity and secure mobility. We will also see how DDI empowers organizations to seamlessly incorporate and manage IoT devices, unlocking the opportunity for innovation and operational efficiency. Then, we will learn about the strategic role of DDI and bridging the gap between IT and operational technology.

Network Management

CIO Influence - CIO Influence Interview with Steve Stone, Head of Rubrik Zero Lab

In 2024, organizations will face a stiffer challenge in securing data across a rapidly expanding and changing surface area. One way they can address it is to have the same visibility into SaaS and cloud data as they have in their on-premises environments–in particular with existing capabilities. And that will be a major cybersecurity focus for many organizations next year. More will recognize that the entire security construct has shifted – it’s no longer about protecting individual castles but rather an interconnected caravan.

Data Security

Network Computing - Navigating Single Cloud, Multi-Cloud, and Hybrid Cloud Environments

On the other hand, single cloud deployments present their own set of challenges. These types of deployments can lead to vendor lock-in, meaning that it can be both expensive and challenging to transition workloads to another cloud platform in the future. It also limits the optionality that comes with multi-cloud and hybrid cloud deployments. Each cloud provider has its own set of strengths and weaknesses, so by locking yourself into one cloud provider, you must accept those attributes as they are.

Cloud

sdxCentral - Verizon’s 70 billion network data points highlight genAI potential (and challenges)

“AI and analytics engines are only as good as the data you put into them,” Silliman said. “We have an enormous body of data across Verizon, but it sits in 29,000 different data sources, which in many ways are fragmented, we don’t have common taxonomy. So the journey we’re on right now is bringing all of our data together into common platforms and common governance and taxonomy structures.”

GenAI

SiliconANGLE - Advancing data architecture for generative AI

The traditional solutions that technical professionals have previously used might not handle the velocity, variety and volume of data generated by modern application and analytical workloads. Because of gen AI, they must adopt new and recent approaches to data storage and delivery. These approaches can influence a wide variety of data ecosystems, including data lakes, warehouses and hubs.

AI/Data

The Hacker News - Unified Identity – look for the meaning behind the hype!

After these benefits, let's talk a downside: vendor lock-in. Unified identity sounds wonderful but betting the house on a single vendor is a high ask. And what if you already have some solutions in place that you're happy with? It's important to remember that not all unified identity vendors are the same; Some vendors offer modular identity platforms which allow you to keep what you want and unify what you need.

Security

Computerworld - The do-it-yourself approach to MDM

Open-source software has long been a part of every enterprise toolbox — and that includes managing mobile devices. Whether IT wants to go all in on open-source tools or integrate those tools with commercial offerings, it’s possible to develop a do-it-yourself approach to mobile device management (MDM).

IT Management

AiThority - Threat Intelligence Report Exposes the Impact of GenAI on Remote Identity Verification

Face swaps are created using generative AI tools and present a huge challenge to identity verification systems due to their ability to manipulate key traits of the image or videos. A face swap can easily be generated by off-the-shelf video face-swapping software and is harnessed by feeding the manipulated or synthetic output to a virtual camera. Unlike the human eye, advanced biometric systems can be made resilient to this type of attack.

AI/Security

Forbes - The Cyber Threats Every C-Level Exec Should Care About In 2024

Small to medium-sized businesses (SMBs) find themselves in the crosshairs of escalating ransomware attacks. Operating within the constraints of aging network infrastructures and grappling with insufficient cybersecurity budgets or enterprise-level cyberdefense tech stacks, these organizations are perceived as easy targets by cyber adversaries.

Security

CIO Influence - Understanding Alpha Ransomware and its Operational Framework

Based on the panel and various indicators like the ransom demand, it appears that the group exhibits talent but also demonstrates a certain level of amateurism within this realm. It is anticipated that in the coming days, an increase in victims may occur, leading to heightened visibility for the group, potentially resulting in widespread attention as they gather additional digital footprints.

Security

Information Week - Dealing With Deepfakes

“Five years ago, deepfakes were things that were complicated to build. You needed to be quite expert,” Newell recalls. “They were expensive. And to be honest, they didn't look very good. Now, they are extremely easy to make. There are tools that are essentially free. The level of expertise [required] is very, very low.”

Privacy & Security

ZDNet - Business sustainability ambitions are hindered by these four big obstacles

Despite the stated importance of sustainability to commercial success, only 37% of respondents believe sustainability is "very integrated" into the core of their business. Low integration of sustainability into key functions, such as finance and technology, means there is less opportunity for people on the sustainability team to understand the commercial opportunities for the business.

Sustainability

Information Week - Expect the Unexpected: How to Reduce Zero-Day Risk

A number of zero-day bugs in browsers, for instance, have emerged in the first month of 2024. A zero-day (CVE-2024-0519) in Google Chrome, allows for code injection. Attackers actively exploited the vulnerability, which Google has patched by this point. A zero-day bug (CVE-2024-23222) in Apple’s WebKit browser engine for Safari has also been exploited and patched. Attackers could leverage that vulnerability to execute code on impacted systems.

Security

sdxCentral - Comparing HPE’s and Juniper Networks’ networking portfolios – where’s the overlap?

Looking across at least 44 different switch product families from both HPE and Juniper Networks, the mid-tier level of HPE Aruba Networking and Juniper EX switches do appear to have similar use cases and target deployments. Certainly the management tier for each is different, the network firmware and service level agreements have varying degrees of differences, even when the basic networking specifications appear similar.

Network Management

Information Week - IT Security Hiring Must Adapt to Skills Shortages

Organizations must continue to expand their recruiting pool, account for the bias that currently exist in cyber-recruiting, and provide in-depth training through apprenticeships, internships and on-the-job training, to help create the next generation of cyber-talent.

Tech Jobs

Dice - Tech Jobs with the Biggest Increases in Postings

If you’re currently on the job hunt, it’s also worth considering which jobs pay the most. Dice’s latest edition of the Tech Salary Report breaks down which types of engineers, managers, and other specialists have the highest earning potential; while managers (especially high-ranking ones such as CTOs and CIOs) can pull down huge paychecks, developers and engineers in “hot” arenas such as cloud and DevOps also earn high average pay:

Tech Jobs

GovTech - The Group Giving Arizona Local Government a Hand With AI

During a recent workshop event held by the group, “AI for Local Government Leaders,” speakers presented on several topics, including laying the groundwork for AI and cybersecurity and data privacy in AI. Through lecture-based information sharing and hands-on demonstrations, the workshop provided a space for government and industry members to better understand the risk and potential of the technology.

AI

Information Week - How to Build a Team of Talented Citizen Developers

The idea sounds great in concept -- allowing non-technical employees to create applications for use by themselves or others using pre-approved tools. Yet, in practice, building a citizen developer team requires comprehensive training, strong support, and close oversight.

Automation & Productivity

VentureBeat - Eight emerging areas of opportunity for AI in security

Vendor risk management and compliance automation. Cybersecurity now involves securing the entire third-party application stack as companies communicate, collaborate, and integrate with third-party vendors and customers, according to Menlo Venture’s prediction of how risk management will evolve.

AI/Security

Network Computing - Organizations Left Grappling for Solutions Amid Alarming Cloud Security Gaps

While 98 percent of the 1,600 IT security decision-makers polled said their organizations store and manage sensitive data in the cloud, over half believe their cloud security postures are weak. This fear stems from their reliance on traditional security tools designed to protect on-premises IT systems that have proven ineffective at securing cloud-based resources.

Cloud Security

Data Science Central - How to Enhance Data Quality in Your Data Pipeline

Data quality within a data pipeline is a multifaceted concept beyond mere accuracy. It involves ensuring that data is complete, consistent, reliable, and timely as it moves through various collection, processing, and analysis stages. Quality is crucial in a data pipeline because it directly impacts the validity of business insights derived from the data. Poor data quality can cause wrong decisions, slow work, and missed chances

Data Management

TechRepublic - Topic — Cloud Security Top 7 Cyber Threat Hunting Tools for 2024

Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. These are software solutions driven by advanced analytics, machine learning and artificial intelligence to detect abnormal patterns in a system’s network and endpoints. They use techniques like behavioral analytics, pattern matching, statistical analysis and AI/ML modeling.

Security

Data Science Central - 5 trends & advances that are set to define cloud security in 2024

So, there you have it, folks—the cloud security landscape of 2024 is shaping up to be quite the spectacle. From AI-enhanced defenses to uncrackable encryption and everything in between, it’s clear that the future of cloud security is all about being smarter, more integrated, and more proactive.

Cloud Security

ComputerWeekly - CIO interview: Stuart Birrell, chief data and information officer, EasyJet

The three years since have been focused on improvements in two major areas. First, modernising the key commercial systems – that is, the front-end EasyJet website, the booking engine behind it, and the airline inventory supporting it. Second, was to move completely away from in-house datacentres to the cloud.

Data Management

CIO Influence - CIO Strategies for an AI-Driven Future- Insights from Canva’s CIO Report

In response to this technological influx, Canva collaborated with Harris Poll to delve into how CIOs are grappling with “app sprawl,” the proliferation of applications in the workplace. This research sheds light on the strategies employed by CIOs to navigate the AI-driven landscape and make informed decisions about the selection of workplace tools that yield optimal outcomes.

AI

SC Media - Stop chasing shadow IT: Tackle the root causes of cloud breaches

For example, it’s common for industry analysts to label ransomware or data exfiltration a top cloud threat. Unfortunately, data exfiltration isn’t a threat, but an outcome of a threat. Similarly, ransomware isn’t the real threat, but a symptom. If we want to stop ransomware, we’ve got to stop ransomware from infiltrating our networks.

Security

Network World - Choosing a disaster recovery site

Not only that, but since the DR site is a full-scale replica, any time you add or change hardware in production, you need to do the same in the DR environment. And if you think about it, maintaining a DR site is like having a pool no one swims in: You still have to constantly clean and treat the water, trim the bushes, etc. It’s work that keeps ops resources busy but provides little tangible day-to-day value.

IT Management

CIO Influence - Top 10 Application Security Trends for CIOs in E-commerce

Unlike physical stores, online retail platforms face heightened vulnerability to fraudulent activities, owing to the lower risk of detection for fraudsters. Moreover, the convenience and accessibility inherent in e-commerce operations also render them appealing targets for cyber attackers, who can exploit factors like round-the-clock accessibility and remote access.

Security

Network Computing - IT Teams Are Not Prepared for 90-Day Digital Certifications

90-day digital certificates are a fast-approaching reality. While they will bring security benefits for businesses and help ensure digital trust across the web, they will also be a burden for unprepared IT managers.

Security

SiliconANGLE - Stop using servers to do things they’re not good at: How DPUs can change the data game

Servers are effective at many things but were never designed for the rigors of software-defined networking, storage and security. Servers excel in processing massive amounts of data, but they should not be performing functions such as network address translation, telemetry, firewall, storage-related services and, down the road, artificial intelligence functions such as AllReduce.

IT Management

Data Science Central - Your AI Journey: Start Small AND Strategic – Part 1

AI projects require significant data, technology, people skills, and culture investments to succeed. That means you will need the senior management support and fortitude to support those investments and stay the course as your organization learns to apply AI to derive and drive new customer, product, service, and operational value sources.

AI

Information Week - How Many C-Levels Does It Take to Securely Manage Regulated Data?

“I’ve seen a notable shift in the last few years to more C-suite and board leaders becoming active participants in cybersecurity conversations,” says Brent Johnson, CISO at Bluefin. “This was accelerated by the rapid transition to remote and hybrid work along with daily headlines, and coupled with mounting pressure to maintain regulatory compliance, securely managing data is no longer a concern just for CISOs.”

Security

VentureBeat - How to detect poisoned data in machine learning datasets

As AI adoption expands, data poisoning becomes more common. Model hallucinations, inappropriate responses and misclassifications caused by intentional manipulation have increased in frequency. Public trust is already degrading — only 34% of people strongly believe they can trust technology companies with AI governance.

AI Ethics

CIO Influence - IT Leaders Share their Insights on Data Privacy and Digital Transformation

As IT leaders strive to redefine new guidelines for privacy and security, they could shift budgets and strategies toward AI-led identity management and privacy-first campaigns. We spoke to the top IT leaders from data-driven organizations to understand how this year’s Data Privacy Day is a roadmap for building a reliable consumer data protection strategy in 2024.

IT Management

ZDNet - 4 ways to help your organization overcome AI inertia

"What's the smallest part of that purpose that you can start making a difference on? When you go down this path, and as soon as you mention things like AI, everybody goes for 'bigger is better.' It's like, 'What's the biggest problem? Can we solve world peace?' Instead, focus on the smallest problem where you can make a difference and use that as your model going forward."

Automation & Productivity

CIO Influence - Comprehensive Guide to Security Operations Center for CIOs

Gartner Predicts that by 2027, 50% of large enterprise CISOs will have adopted human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption.

Security

Network Computing - 5 Things You Can't Automate In Your Data Center

Theoretically, robots can automate much of the work of server deployment inside data centers. However, to do this work cost-effectively using robots, you'd need to operate on a massive scale. You'd also need server deployments that are sufficiently consistent and predictable to automate without the assistance of humans. Today, most server deployments just don't meet this criterion.

Data Management

CIO Influence - Navigating Business Outcomes in 2024: The Strategic Integration of Cloud Models

By leveraging the expertise of skilled professionals, embracing cutting-edge technologies, crafting a well-defined strategy, and streamlining operational processes, businesses can position themselves at the forefront of the cloud revolution, ready to embrace the opportunities that lie ahead.

Cloud

SiliconANGLE - Six cloud security trends we’re watching in 2024

Cybersecurity mesh architecture (CSMA) is a cyber defense strategy that is rapidly gaining ground, independently securing devices with their own perimeters (firewalls/network protection tools). CMSA helps provide a multi-layered defense against cyber threats, making it more difficult for attackers to penetrate an organization’s network successfully.

Security

VentureBeat - Why AI and behavioral analytics are stealth strengths of Gartner’s MQ on endpoints

Gartner writes in this year’s magic quadrant (MQ) for endpoint protection platforms, “the endpoint protection platform (EPP) market is no longer limited by vendors only offering EPP and endpoint detection and response (EDR) capabilities, and buyers are increasingly looking for fewer vendors to deliver a wider array of capabilities.” The report continues, “email security, identity threat detection and response and extended detection and response (XDR) are increasingly part of the purchasing decision.”

Security

CIO Influence - Advanced Endpoint Protection Strategies for 2024

The adoption of cutting-edge defense technologies is imperative in the evolving technological industry. A professional Advanced Endpoint Protection solution stands as the cornerstone, providing access to the ultimate security tools essential for safeguarding organizational assets. The undeniable trajectory towards the future involves the integration of AI and machine learning technologies into cyber defense strategies

Security

sdxCentral - Palo Alto Networks, CrowdStrike lead Forrester cloud workload security wave

The analyst firm noted the cloud workload security market has been witnessing a notable consolidation, as major players are expanding their functionalities to include cloud infrastructure entitlement management (CIEM) and data protection for prominent cloud infrastructure platforms such as Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP). There’s also increasing productized support for Oracle Cloud Infrastructure and Alibaba cloud platforms, especially in cloud security posture management (CSPM) functionalities.

Cloud Security

Network Computing - Evaluating the 2024 Cybersecurity Landscape

In 2024, expect to see the continued maturation of the cybersecurity business and platform vendors embrace the idea of delivering on cybersecurity-as-a-service. The tooling companies of yesterday want to be the business partner of today. There is far more value in the relationship of being a business partner vs. being a provider of a commodity technology solution. Platforms are critical to a business while tools are tactical to help at a given point in time.

Security

CIO Influence - Empower Your Cybersecurity: The OSINT Advantage

Fast-forward to the present day and the principles of OSINT find application in the domain of cybersecurity. Organizations, irrespective of their size, manage vast, public-facing infrastructures across diverse networks, technologies, and hosting services. Information, crucial for security, can be dispersed across employee desktops, legacy on-prem servers, cloud storage, embedded devices like webcams, and even concealed within the source code of active applications.

Security

Information Week - What Security Leaders Need to Know About the ‘Mother of All Breaches’

SecurityDiscovery regularly analyzes data from search engines. “We pay special attention to the misconfigured noSQL databases and Elasticsearch instances,” Diachenko tells InformationWeek. “We analyze them based on the size, based on the keywords, and other data that might lead us to uncovering some sensitive data that should not be exposed.”

Security

Information Week - 4 Top Data Management Challenges (And How to Conquer Them)

The biggest obstacle to overcoming data siloes is finding the right solution for storing large amounts of data while allowing easy access and use, Mahon says. He notes that making data readily available to the people who need it requires ample storage resources that are accessible to different team members in a form that supports collaboration, visualization and knowledge sharing.

Data Management

CIO Influence - AI’s Strategic Role in Shaping IT Security

However, the landscape isn’t solely marked by threats; there’s a beacon of hope in strategic investments. Organizations that extensively leverage security AI and automation demonstrate an average savings of USD 1.76 million compared to those that don’t embrace these technologies. This serves as a testament to the effectiveness of AI but also emphasizes the financial advantages of a proactive security stance.

Security

VentureBeat - Why AI and behavioral analytics are stealth strengths of Gartner’s MQ on endpoints

Gartner writes in this year’s magic quadrant (MQ) for endpoint protection platforms, “the endpoint protection platform (EPP) market is no longer limited by vendors only offering EPP and endpoint detection and response (EDR) capabilities, and buyers are increasingly looking for fewer vendors to deliver a wider array of capabilities.” The report continues, “email security, identity threat detection and response and extended detection and response (XDR) are increasingly part of the purchasing decision.”

Security

Information Week - Taking Plunge With Synthetic Data

Synthetic data shines when real data is scarce, sensitive, or too risky to use. “In scenarios where gathering ample and diverse data is impossible, challenging, or unethical, synthetic data steps in as a reliable alternative,” Zhu says. “It allows organizations to model complex situations without compromising privacy or safety.”

Data Management

Computerworld - It’s not just hype; genAI is already live at many companies

One of the more surprising aspects of the recent rise of genAI, according to the Workato study authors, is that many of the use cases are not coming from IT or the more technical parts of the workplace. Instead, researchers see a “democratization” of the technology, as line of business teams take advantage of it to automate their work or handle processes with particularly complex tool stacks.

GenAI

ITPro Today - Revealed: The Top Reasons Tech Professionals Quit

Tech professionals want clear pathways and career tracks to give them more incentive to stay with a business in the longer term. This needs to include clarity around new responsibilities and initiatives at each stage in order to avoid any sensation of the work becoming too stale or employees feeling like they're being underutilized.

IT Management

Blocks & Files - Two cloud file data services suppliers going gangbusters

Such services have a cloud-based object storage vault storing files, which are served to accessing customers’ distributed datacenters, remote sites and end-points – typically with local caching to speed access. The central cloud repository synchronizes any file state changes. Startups CTERA and Nasuni are two such suppliers, with Egnyte and Panzura also active.

Cloud

CIO Dive - Companies struggle to connect data to customer experience

“The importance of enterprise-wide data hygiene to inform CX efforts can’t be overstated,” Greene said. “CX leaders must be part of the effort to develop the capabilities now to leverage generative AI in the future.”

AI/Data

Datanami - Salesforce Report Highlights Struggles with Digital Transformation: 98% of IT Organizations Face Challenges

IT teams are often responsible for automation adoption, but remain cautious to allow business stakeholders to self-serve — only 22% of IT leaders report that their strategy to help non-technical business users integrate apps and data sources via APIs is up to date. Simultaneously, a skills gap within IT teams poses a hurdle. Closing this gap through strategic collaboration and upskilling is essential for organizations to best use automation for both innovation and efficiency.

Automation & Productivity

CSO - Assessing and quantifying AI risk: A challenge for enterprises

To counter the risks, organizations can thoroughly evaluate their exposure to AI, assess the risks, and set guiderails and mitigation strategies in place to deal with the most business-critical issues. The assessment strategies differ based on the kind of AI that’s involved, which generally falls into three categories: internal AI projects, third-party AI, and AI used maliciously by attackers.

AI/Security

InfoWorld - Most cloud-based genAI performance stinks

Performance is often an afterthought with generative AI development and deployment. Most deploying generative AI systems on the cloud, and even not the cloud, have yet to learn what the performance of their generative AI systems should be, take no steps to determine performance, and end up complaining about the performance after deployment. Or, more often, the users complain, and then generative AI designers and developers complain to me.

GenAI

VentureBeat - 10 reasons why securing software supply chains needs to start with containers

The Cloud Native Computing Foundations’ recent Kubernetes report found that 28% of organizations have more than 90% of workloads running in insecure Kubernetes configurations. The majority of workloads, more than 71%, are running with root access, increasing the probability of system compromises and sensitive data being exposed. Many DevOps organizations overlook setting readOnlyRootFilesystem to true, which leaves their containers vulnerable to attack and unauthorized executables being written.

Security

CIO Influence - Quantum Computing and IT Security: What Leaders Need to Know

Quantum computing, a relatively unfamiliar innovation, is poised to reshape business strategies. Unlike classical computers, quantum computing leverages the principles of quantum mechanics to tackle intricate problems beyond the reach of current technology. Despite not being fully mature, with McKinsey estimating 5,000 operational quantum computers by 2030, comprehensive capabilities for complex problem-solving may not emerge until 2035 or later.

Quantum Computing

Information Week - CEOs Deploy CIOs for Digital Leadership

Progressive CIOs are positioning their CxOs as co-leaders in digital delivery and turning technology decisions into shared leadership initiatives -- a recent Gartner survey of more than 2,400 CIOs found 45% of CIOs are driving the shift to co-ownership of digital leadership.

IT Management

Network World - Will 2024 be Wi-Fi 7’s breakthrough year?

With Wi-Fi 7, channel width expands from 160MHz to 320MHz, effectively doubling throughput, Dion observes. “For short distances, the modulation goes from 1024QAM to 4096QAM, which can improve throughput an additional 20 percent.” Additionally, flexible channel utilization (FCU) enables wider channel use, even in areas experiencing high levels of interference.

Network Management

Network Computing - Understanding SASE Architecture

By converging security and networking functions into a single platform, SASE provides a unified security posture. Solutions encrypt data in transit, leverage the cloud to identify and block threats, and offer several features, such as zero-trust network access and threat detection based on analytics.

Network Management

VentureBeat - How data engineers should prepare for an AI world

Inserting AI into data pipelines can greatly accelerate a data engineer’s ability to extract value and insights. For example, imagine a company has a database of customer service transcripts or other text documents. With a few lines of SQL, an engineer can plug an AI model into a pipeline and instruct it to surface the rich insights from those text files. Doing so manually can take many hours, and some of the most valuable insights may only be discoverable by AI.

AI/Data

Datanami - Cisco’s 2024 Data Privacy Benchmark Study Spotlights Growing Concerns and Trust Issues in Generative AI

Most organizations are aware of these risks and are putting in place controls to limit exposure: 63% have established limitations on what data can be entered, 61% have limits on which GenAI tools can be used by employees, and 27% said their organization had banned GenAI applications altogether for the time being. Nonetheless, many individuals have entered information that could be problematic, including employee information (45%) or non-public information about the company (48%).

Gen AI

VentureBeat - How enterprises are using open source LLMs: 16 examples

But it’s also true that people may have underestimated how much experimentation would happen with open-source models. Open-source developers have created thousands of derivatives of models like Llama, including increasingly, mixing models – and they are steadily achieving parity with, or even superiority over closed models on certain metrics (see examples like FinGPT, BioBert, Defog SQLCoder, and Phind).

AI/LLMs

Information Week - 8 Priorities for Cloud Security in 2024

“We’re seeing just so many problems coming out of the cloud because the rush to [adopt] the cloud moved faster than the trailing effort to secure the cloud,” John Kindervag, Illumio’s chief evangelist and creator of zero trust, tells InformationWeek.

Cloud Security

CIO Influence - Understanding the Complex Implications of AI for Cyber Security

“Organizations should not view AI as a silver bullet, however. Security teams that rely too much on AI can fall into a false sense of security and reduce human vigilance. But AI systems do make mistakes and sometimes fail in unexpected ways.”

Security

Information Week - Top 5 Skills Gaps Every Cloud Practitioner Needs to Close

The most prominent security factors in cloud data breaches, according to CrowdStrike, include unrestricted outbound access, neglected cloud infrastructure, and disabled logging -- roadblocks that can be alleviated with heavier cybersecurity training.

Cloud

VentureBeat - Study finds AI ‘revolution’ moving at a crawl in enterprises

“The survey suggests organizations may be hesitant to adopt GenAI due to the barriers they face when implementing LLMs,” said Markus Flierl, corporate VP for the developer cloud at Intel. “With greater access to cost-effective infrastructure and services, such as those provided by cnvrg.io and the Intel Developer Cloud, we expect greater adoption in the next year as it will be easier to fine-tune, customize and deploy existing LLMs without requiring AI talent to manage the complexity.”

GenAI

Network Computing - AI Drives the Ethernet and InfiniBand Switch Market

While most of the growth in the past in the switch market has come from front-end networks, Sameh Boujelbene of the Dell'Oro Group said in a release: “This rapid growth [of AI] necessitates the deployment of thousands or even hundreds of thousands of accelerated nodes. Connecting these accelerated nodes in large clusters requires a data center-scale fabric, known as the AI back-end network, which differs from the traditional front-end network used mostly to connect general-purpose servers.”

Network Management

CIO Influence - Top Cybersecurity Trends in Healthcare for CIOs in 2024

Data will undergo widespread sharing, collection, and analysis in the evolving healthcare landscape. Healthcare organizations will harness this untapped information to drive operational efficiencies and enhance consumer engagement. As this transformative journey unfolds, there is a growing need for organizations to prioritize data privacy and modernize data protection standards.

Security

Dark Reading - CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs' Evolving Role

An IANS survey found that a full 75% of CISOs are looking for a job change, as expectations for the CISO role have changed dramatically at public and private sector organizations because of new regulations and growing demands for accountability for security breaches.

Security

Information Week - Why a Chief Cyber Resilience Officer is Essential in 2024

Therefore, there is a growing need for efficient and effective responses to these threats that align risk management processes and business goals. Businesses need visionaries with a collaborative mindset and a holistic approach. However, cyber resilience hasn’t traditionally been the exclusive role of either the chief information security officer (CISO), chief information officer (CIO), nor others in the C-suite.

Security

sdxCentral - Decoding the true cost of cyberattacks and the financial forces driving cybercriminals

The report also found that ransomware attacks continue to plague organizations globally, with 71% of surveyed respondents experiencing such cyberattacks last year. Alarmingly, 61% ended up paying the ransom, with the highest average payment reaching $1.38 million. In addition to ransomware, phishing remains a significant threat, with 92% of organizations reporting an average of six credential compromises over the past year. The consequences of these attacks were primarily the loss or theft of sensitive information or a lawsuit.

Security

ZDNet - 90% of IT leaders say it's tough to integrate AI with other systems

IT leaders acknowledge that data silos and systems fragility are holding their companies back. Almost universal, 98% of IT leaders report facing challenges regarding digital transformation. Key drivers are the persistence of data silos at 81% and the fragility of tightly coupled and highly dependent systems at 72%.

AI

Network Computing - Which Cybersecurity Practices Matter Most? The Cyber Insurance Industry Offers Data-Driven Insight

One of the most basic findings of the research is also the most illuminating: About half of cybersecurity insurance providers require regular security assessments of their clients. In other words, they expect their customers to be able to prove, on a routine and recurring basis, that they conform to a variety of security best practices.

Security

Information Week - 3 Key Privacy Trends for 2024

Privacy’s importance can be seen in three trends that will emerge in 2024 at the intersection of privacy and human resources. First, we will see increasing regulation, both in the US and globally. Second, we will see an increasing demand and expectation for transparency around data collection and usage, particularly where AI acts on personal data. Third, we will see increasing adoption of AI in the employment context.

Data Privacy

CIO Dive - CIOs for hire shift focus as clients tackle cyber, AI rollouts

In 2022, Business Talent Group reported an 83% increase in demand for interim CTOs, CIOs, and CISOs between 2020 and 2021. By contrast, the company’s 2023 report, which was based on 2022 data, suggests a mere 9% increase in requests for those technology C-suite interim roles.

IT Management

CIO Influence - Key Takeaways from the 2023 Global Trends AI Report

Notably, the symbiotic relationship between AI/ML and edge computing emerges as a catalyst, unlocking next-gen data-intensive AI use cases. Successful scaling hinges on optimized infrastructure, with AI pioneers prioritizing high-performance computing (HPC) as a critical requirement for AI/ML applications. Enterprises with modern data architectures showcase efficient AI/ML data life cycle management across multiple venues, positioning them for effective AI project scaling.

AI Trends

sdxCentral - How to deal with security risks of end-of-life networking products

NRC noted in the paper that addressing the challenges with end-of-life network products requires understanding the perspectives of both vendors and users: Vendors face technical and financial challenges in providing post-purchase support. Identifying and particularly fixing product flaws after release demands significant time and resources. Supporting a product indefinitely is economically infeasible and some products become too out-of-date to even update it.

Network Management

CIO Influence - Critical Infrastructure Protection: A Primer for IT Leaders

Critical infrastructure encompasses physical and digital assets, core systems, and strategic networks. Recognizing 16 sectors of utmost significance, the Cybersecurity and Infrastructure Security Agency acknowledges that any disruption within these sectors can have profound socio-economic implications. Security teams, therefore, must carefully deliberate on key factors like the evolving threat landscape, system vulnerabilities, diverse threat actors, information sharing, and compliance with regulations to ensure effective critical infrastructure (CI) protection.

Security

The Hacker News - Cyber Threat Landscape: 7 Key Findings and Upcoming Trends for 2024

One example is the fake videos promoting cryptocurrency scams using celebrities such as billionaire Elon Musk and Ethereum creator Vitalik Buterin. The videos use images of these executives at events, but the original lines are replaced by an AI-synthesized voice. The images are only altered to ensure lip sync, which is another function of this type of AI.

Security

Information Week - Quick Study: IT Budgets and Cost Management

Chief information officers and other key stakeholders first need to identify the bleeding tech causing the bloat, then create a roadmap on what aspects of the tech bloat can be reduced.

IT Management

AiThority - AI Reshaping Business Leadership Practices and Workplace Dynamics within the Technology Sector

It highlights the necessity of emotional intelligence in building employee trust and the imperative to address employee burnout. Emboldify’s ‘Top Trends for Tech Leaders’ report identifies the evolution of management practices suitable for the modern workforce and the importance of adaptability and innovation in leadership, as AI continues to revolutionize employee, customer, and user experiences.

Automation & Productivity

Computerworld - 7 ways to leverage genAI for a better career

How much more are AI skills worth (beyond basic job security)? A recent survey by Access Partnership and Amazon Web Services (AWS) found that employers are willing to pay an average of 47% more to IT pros with genAI skills. And those salary premiums don't stop with IT. Companies are also willing to pay 43% more to AI-skilled sales and marketing workers; 42% more to finance, legal, and regulatory employees; 37% more to compliance workers; and 35% more to HR pros.

AI/Jobs

CIO Influence - Offensive Security Significance for Proactive Defense

Offensive Security: Involves a proactive approach to identify vulnerabilities and weaknesses within an organization’s systems. Ethical hackers, or “white hat” hackers, use penetration testing, vulnerability assessments, and other methods to simulate cyberattacks and discover vulnerabilities before malicious actors exploit them.

Security

Network Computing - APIs: The Key to Generative AI Success and Security

Our research shows both LLMs and the apps built to take advantage of them—whether advisors, agents, or assistants—will be deployed both on-premises and in the public cloud. While there appears to be a preference for public cloud, both locations are likely for all components that make up what is emerging as "AI Apps."

AI/API

Data Science Central - How (and when?) to hire a data scientist

Is this person focusing most of the time on understanding the business, identifying additional use cases, and mapping those use cases and business problems to analytical approaches? It matters whether that person is actually sitting down and working with the dirty data to create it in a better shape—which is closer to data engineering. Or maybe they are focusing only on machine learning models and optimizing them, or taking those models and integrating them into other business applications.

Data & Analytics

Information Week - Data Modernization: Turning an Ugly Duckling into a Swan

On corporate boards and in executive suites, there is verbal acknowledgement that without data quality, security, and integration (i.e., data modernization), there can be no artificial intelligence, which all companies want. Unfortunately, modernizing data is unglamorous, painstaking and often difficult to justify for budget funding.

Data Management

CIO Influence - Role of Encryption in Modern IT Security

An encryption system comprises three key components: the data, the encryption engine, and the key management. However, in application architectures, these components are typically distributed to mitigate the risk of compromising the entire system in case of a single component breach.

Security

Network World - AI, 5G and IoT spur edge data centers

Shifting from a centralized to a distributed data center strategy runs counter to the trend among hyperscalers, who are building massive data centers that can house 10,000+ racks and have a capacity of more than 80 megawatts (MW). By comparison, edge data centers are tiny, with a capacity between 500 kW to 2 MW. What they lack in size, they make up for with versatility. They can be deployed practically anywhere: on rooftops, in extreme locations, and in rural, underserved areas.

Data Management

Network Computing - Juniper Acquisition by HPE - What Might it Mean for Enterprise Customers?

From a switching standpoint, HPE may opt to designate Juniper switching hardware and software for the cloud service provider (CSP) segment. Juniper has a stronghold in this space and is a leader in designing and manufacturing custom ASICs. When it comes to the enterprise, however, decisions will need to be made as to whether Aruba will focus on campus edge and smaller data centers. This would include campus switching, Wi-Fi, and SD-WAN technologies.

Network Management

The Hacker News - 52% of Serious Vulnerabilities We Find are Related to Windows 10

The high average numbers of 'Critical' and 'High' findings are largely influenced by assets running Microsoft Windows or Microsoft Windows Server operating systems. Assets running operating systems other than Microsoft, such as Linux-based OS, are present, but these are reported proportionally far less.

Security

CIO Dive - How CIOs can respond to AI vendor red flags

There’s a certain amount of risk that comes with most generative AI solutions. Inaccurate outputs represent one common concern for executives. But CIOs can respond by upskilling employees in fact-checking and encouraging them to deploy a level of skepticism when assessing generated outputs. Other risks, though, aren’t as easily resolved.

Gen AI

CIO Influence - Identity & Access Management: Securing Your Cyber Gates

The statistics underscore the critical need for IAM. A staggering 80% of cyberattacks employ identity-based attack methods, emphasizing the urgency for robust IAM implementation, according to Crowdstrike’s report. Additionally, 3 out of 4 Chief Information Security Officers (CISOs) acknowledge the vulnerability of collaboration tools, with 94% expressing dissatisfaction with the security tools inherent in Microsoft 365, as per the Mimecast report. In this context, IAM emerges as a proactive defense and an essential strategy to navigate the evolving threat landscape.

Security

sdxCentral - Will Ethernet or InfiniBand be the star of data center AI networking?

Some large AI applications are handling trillions of parameters today, and that count will increase tenfold each year. “This rapid growth necessitates the deployment of thousands or even hundreds of thousands of accelerated nodes. Connecting these accelerated nodes in large clusters requires a data center-scale fabric, known as the AI backend network, which differs from the traditional frontend network used mostly to connect general purpose servers,” Boujelbene said.

Network Management

SiliconANGLE - 2024 IT spending outlook shows cautious start with optimistic finish

In addition, methods to reduce cost are shifting. No longer are consolidating redundant vendors and cloud optimization two of the more prominent techniques. Rather, staff reductions, project delays and limiting outside consulting spend are taking over the top spots — perhaps the first being a function of AI deployments.

IT Management

sdxCentral - IT spending to reach $5 trillion in 2024, despite CIO fatigue

Gartner forecasts that IT services will continue to see an increase in growth in 2024, becoming the largest segment of IT spending for the first time, overtaking communications services. Spending on IT services — which in Gartner’s forecast includes consulting, application implementation and managed services, infrastructure implementation and managed services, infrastructure as a service (IaaS) and hardware support — is expected to grow 8.7% in 2024, reaching $1.5 trillion due to enterprises spending on organizational efficiency and optimization projects, according to the research firm.

IT Management

Information Week - 7 Steps to Get Your Data Consolidation Project Off the Ground

It’s important to outline the consolidation project’s goals, Rudy says. Is consolidation an effort to improve data quality, create a new way to leverage data across systems, improve analytics, offload data for cost savings, meet regulatory requirements, or any other specific reason or reasons? “If you want stakeholders to come along on the journey, you’ll need to have clear objectives that make business sense and justify the effort of the consolidation project,” she explains.

Data Management

Information Week - MFA and Misinformation: What to Know About SEC’s X Account Hack

“There's a tendency to view social media accounts as not as important as an administrator account for your IT infrastructure, for example,” says Ropek. “But especially for organizations that do have a large public-facing component … I think there's an argument that says the risk of takeover of these social media accounts is significant and should be taken seriously.”

Security

CIO Influence - Building a Fortified Digital Perimeter with Network Security

Divide and secure your network by implementing Virtual LANs (VLANs) and subnets. VLANs offer segmentation without additional hardware, allowing tailored management for different departments. Subnets, operating at the IP level, enable communication between segmented networks. This strategy becomes crucial with the rise of IoT devices, as proper segmentation mitigates potential threats from these entry points.

Network Security

Network Computing - When the Cloud is the Problem, Not the Answer

If an application uses a lot of resources because it processes big data or renders images – or generates a huge number of metadata operations – it may result in higher cloud billing. Refactoring - making changes to existing applications to optimize them for the cloud, as opposed to taking a "lift and shift" approach - requires the most time and resources upfront, but it also has the potential to lower cloud storage costs. Refactoring balances resource use with demand and eliminates wasteful data bloat. This yields a better and longer-lasting ROI compared to applications that aren't cloud-native.

Cloud

Data Science Central - The future of cloud computing in business operations

Artificial Intelligence (AI) and Machine Learning (ML) are becoming increasingly integral to cloud computing. This integration is revolutionizing how cloud services are delivered and utilized. AI algorithms are enhancing the efficiency of cloud platforms, offering smarter data analytics, automating routine tasks, and providing more personalized user experiences. For instance, cloud-based AI services can analyze vast amounts of data to predict market trends, customer behavior, or potential system failures, offering invaluable insights for businesses.

Cloud

Network World - Who will enterprises trust to guide network transformation?

Over the years, one thing has remained constant, and that is the fact that enterprise IT pros who can’t find a trusted partner will hunker down on the status quo. They’ll reject new technologies, new players, new anything. Does that sound like what you’re hearing, and maybe doing, this year? When you’re asking how to transform networks in a low-trust environment, the answer you hear is likely “You don’t,” and that sounds familiar to many network professionals, too.

Network Management

CIO Influence - Cloud Security Essentials: Safeguarding Your Data in the Cloud

“When it comes to primary ways to protect your organizations against ransomware, the first one is really the most important one. And that’s just good, regular backups of data. And verifying that they work and doing that on a regular basis. Storing backups off site is number two because we find that a lot of backups that are in the cloud are still being hit. So to the extent that you can air gap or isolate your backups completely, that is highly recommended and makes it much much more difficult for the attackers to gain access there.”

Cloud Security

Network World - Dell data-protection report adds genAI to threat mix

Multicloud is still the preferred strategy for organizations for many reasons, not the least of which is avoiding vendor lock in. But data protection in such environments continues to be a major concern, with 79% of IT decision-makers saying they are not very confident that their organization can protect all the data across their public clouds.

Security

Information Week - Why Your Business Should Consider Using Intelligent Applications

When implementing intelligent applications, begin with a solid foundation using cloud-native tools and ensure that strong data hygiene is practiced. “Organizations should federate a company-wide, single source of data and create a set of data governance rules for ingesting and storing information in a way that eliminates duplicative sets,” Christian advises. From there, adopters should consider their business challenges, objectives, and opportunities, then focus on a small set of initial use cases.

AI/Data

Network World - 6 hot networking and data center skills for 2024

“We remain in a skills crisis,” says Paul Delory, research vice president at Gartner. “We’ve been in one for several years, and it has not abated. Lack of skills remains the biggest barrier to infrastructure modernization initiatives.” He adds that organizations struggling to hire outside talent to fill these skills gaps should prioritize efforts to train internal staffers to take on these roles.

IT Management

Network Computing - Tangoe State of IT Spending: A Look Back and Ahead

The large amount of cloud assets being wasted supports my point above regarding the need for clarity around the economics of moving to the cloud. Pay-per-use makes cloud expenses harder to track. Adding to that is the ease of provisioning for IT pros or even line-of-business people to provision new services or turn features on. What might start as a few pennies a day can grow quickly if left unmonitored.

IT Management

SiliconANGLE - Five network security predictions for 2024

Research from a recent Cloud Security Alliance (CSA) report shows a significant rise in investment in SaaS and SaaS Security resources. CSA data indicates a massive 66% of organizations report they have upped their spending on apps, while 71% have increased their investment in security tools for SaaS.

Network Management

sdxCentral - What’s Next: Chris Wright, Red Hat CTO and SVP, talks cloud native and open source

The places where I think people have been really successful … is going back even from the earlier days of cloud net new applications. So something is literally cloud native. It’s built in the cloud with cloud-native principles. Those are the areas. So whether you think that is net new applications or new interfaces to existing applications that might introduce new capabilities to a business. Maybe it’s a new way to engage with your customer base. Those are areas that are that are showing real success.

Cloud

SiliconANGLE - Gartner sees healthy 6.8% growth in 2024 IT spending

In a statement, Gartner Distinguished Analyst John-David Lovelock said consumer spending on devices and communication services plateaued over a decade ago, but “enterprises continue to find more uses for technology. IT has moved out of the back office, through the front office and is now revenue producing,” he said. “Until there is a plateau for how and where technology can be used in an enterprise, there cannot be a plateau in enterprise IT spending.”

IT Management

CIO Influence - CAASM Uncovered: Protecting Your Digital Assets

Gartner defines Cyber asset attack surface management (CAASM) as focused on enabling IT and security teams to overcome asset visibility and exposure challenges. It enables organizations to see all assets (internal and external), primarily through API integrations with existing tools and query consolidated data.

IT Security

Information Week - Quick Study: Optimizing Cloud Spending

The average organization has at least four cloud services, but their cloud spending includes an average of 35% waste. How many of those cloud services are delivering value? Or wasting money?

Cloud

Computerworld - How to create an AI team and train your other workers

“The one thing they’re not increasing at the same level is the investment in training and upskilling their own teams,” Villars said. “That’s about the IT teams and the subject-matter experts. But it’s also just training their employees on better AI behavior and practices so they can protect their information.”

AI

Network Computing - Leveraging Network Support with Non-IT Personnel

Moving more IT to the edge and then adding IoT devices complicates security and makes it easier for bad actors to gain access to networks and cause damage. This risk increases if you have uninformed or under-trained personnel in remote edge sites trying to maintain network health and security.

Network Management

ZDNet - Data is the missing piece of the AI puzzle. Here's how to fill the gap

Among the companies already deploying AI, the key barriers are often related to data, with some organizations taking steps toward trustworthy AI, such as tracking data provenance (37%) and reducing bias (27%). Around a quarter (242%) of companies are seeking to develop their business analytics or intelligence capabilities, which depends on consistent, high-quality data.

AI/Data

VentureBeat - New Deloitte gen AI report: Business leaders concerned about societal impact, tech talent

More than half of business and tech leaders are particularly concerned that the widespread use of gen AI will centralize global economic power and increase economic inequality. In addition, technical talent is seen as the number one barrier to AI adoption, followed by regulatory compliance and governance issues.

Gen AI

CIO Influence - Understanding Data Management in IT Security

Transferring large data requires high-bandwidth networks, posing yet another challenge. Organizations are responding by upgrading to fiber optic cables and adopting technologies like network function virtualization (NFV) to enhance network performance. IT security is a paramount concern in the era of big data, with the volume and variety of data introducing new challenges

Network Management

VentureBeat - How enterprises are using gen AI to protect against ChatGPT leaks

Given how urgent the issue is to solve and how it all pivots on guiding user behavior, many organizations are looking to generative AI-based approaches to solve the security challenge. That’s why there’s growing interest in generative AI Isolation and comparable technologies to keep confidential data out of ChatGPT, Bard and other gen AI sites. Every business wants to balance the competitive efficiency, speed, and process improvement gains ChatGPT provides with a solid strategy for reducing risk

AI/Security

CIO Influence - 5 CIO Leadership Excellence Examples for Every Organization

It is imperative to overcome employee apprehension toward new technology or address a lack of understanding regarding its functionality. Employees may also feel overwhelmed by the myriad of options, making initiating changes challenging.

IT Management

sdxCentral - Google Cloud waives exit fees, will AWS and Microsoft follow suit?

From limiting what vendors customers can work with and increasing prices by five-fold if customers use competing clouds, to limiting interoperability of necessary software with competing cloud infrastructure and treating the multicloud operating model as taboo, customers are experiencing nearly 300% cost increases as a result of anticompetitive practices.

Cloud

Information Week - Merck's Cyberattack Settlement: What Does it Mean for Cyber Insurance Coverage?

The NotPetya malware damaged more than 40,000 of the pharmaceutical company’s computers, leading to major operational disruption, according to Cybersecurity Dive. Its insurers denied coverage on the basis of hostile/warlike action exclusions in their policies. A state appellate court ruled that the exclusion did not apply, and Merck was entitled to approximately $700 million, according to the Bloomberg Law report.

Security

Network Computing - Navigating 2024: Transformative Trends Shaping the Tech Landscape

Network-as-a-Service (NaaS) adoption reaches an inflection point in 2024 as enterprise demand for agile, cloud-like network services explodes. ABI Research predicts that by 2030 more than 90% of enterprises will adopt NaaS for at least 25% of their network services.

Tech Trends

sdxCentral - 7 cloud trends that will define 2024

For that reason, large companies will start to explore how they can simplify their network infrastructure to eliminate wasteful resources while maintaining high-speed performance and connectivity. This is clearly fueling the growth in software-defined cloud interconnects (SDCI) and network-as-a-service (NaaS) which can monitor and maintain a safe and private network on their behalf, making it easier for businesses to operate multi-cloud services through a single management portal.

Cloud

Network World - Marrying network, security operations saves money, bolsters enterprise defenses

Specifically, 43% of those polled pointed to reduced security risk as a benefit, and 40% said operational efficiency is a positive result of the increased collaboration. Some 40% reported the benefit of accelerated mean time to repair (MTTR) of network trouble, and 39% said faster detection/resolution of security issues is a sign of network and security collaboration success.

IT Management

sdxCentral - The hidden cloud fees businesses should watch out for in 2024

Businesses can reduce egress charges through various methods such as optimizing data transfer and analyzing data usage to assess and estimate how much they might be charged. Although, this can become quite technical and time-consuming because the fees are not typically fixed.

Cloud

VentureBeat - Job hunter’s guide to the top cybersecurity companies hiring in 2024

“Another aspect challenging the optimism for job seekers is the decline in resignations to pre-pandemic levels, resulting in a decrease in new hires. This trend signals reduced desperation among employers to fill vacancies, requiring job seekers to intensify their search for promising opportunities. This challenge is exacerbated in high-tech or cybersecurity fields, marked by significant industry consolidation and workforce reductions.”

Tech Jobs

CIO Influence - Enterprise Employee Use of Generative AI Apps Increases by 400 Percent, According to Netskope Threat Labs

While Netskope expects the total number of users accessing AI apps in the enterprise to continue rising moderately next year, there is an emerging population of power users who are steadily growing their use of generative AI apps. With use currently growing exponentially, the top 25% of users can be expected to increase generative AI activity significantly in 2024 as this group finds new ways to integrate the technology into their daily lives.

AI

Network Computing - Wi-Fi Alliance Wi-Fi Certified 7 Program to Drive Deployment

Performance improvements make Wi-Fi 7 ideal for streaming applications and for reducing congestion in crowded environments. As we reported in September, more users can run more bandwidth-intensive and latency-dependent applications without incurring performance problems. An enterprise can support more users with fewer APs, which translates into lower management costs.

Network Management

CIO Influence - Top 10 Digital Transformation Trends for Cloud-Driven Organizations

Organizations in the digital and tech industries encounter the challenge of managing hybrid clouds, multi-cloud architectures, and microservices within a dynamic landscape. Aligning with digital transformation trends, CIOs rapidly adopt new applications, resulting in a backlog of legacy systems requiring retirement. As these technologies become increasingly vital to their mission, businesses expect IT Ops to meet high service-level goals and achieve greater automation.

Digital Transformation

The Hacker News - Getting off the Attack Surface Hamster Wheel: Identity Can Help

This issue doesn't stem from a lack of tools. With each generation of attacks and the emergence of new attack surfaces, a plethora of specialized startups pop up, offering new tools to combat these challenges. Whether it's addressing business email compromise or other threats, there's always a new tool tailored just for the job. It's exhausting, it's expensive and it's just not sustainable.

Security

CIO Dive - How CIOs can overcome ‘AI-washing’ while vetting vendors

The FTC banned Rite Aid from using AI-based facial recognition technology for surveillance for five years as part of a court case settlement announced in December. The agency’s lengthy complaint raised Rite Aid’s obligation to ensure third-party service providers had appropriate safeguards, noting the company failed to obtain adequate documentation of vendor claims.

AI

Network World - IT job growth flattens as economic concerns persist

“Based on our analysis, the IT job market and opportunities for IT professionals are poor at best. In the past 12 months, telecommunications lost 26,400 jobs, content providers lost 9,300 jobs, and other information services lost 10,300 jobs,” said M. Victor Janulaitis, CEO at Janco, in a statement. “Gainers in the same period were computer system designers gaining 32,300 jobs and hosting providers gaining 14,000.”

Tech Jobs

Information Week - Customer Experience Is King, but CIOs Could Do More to Help

The end goal for most IT projects addressing the customer experience is to get these projects out the door on time. Success is measured by the timely completion of tasks. And it is left to the user -- whether it be sales, customer service, a standalone retail business unit, or a call center -- to figure out how the customer experience should present itself to the customer, and to define the business goals.

IT Management

Computerworld - Will super chips disrupt the 'everything to the cloud' IT mentality?

Apple has begun talking about efforts to add higher-end compute capabilities to its chip, following similar efforts from Intel and NVIDIA. Although those new capabilities are aimed at enabling more large language model (LLM) capabilities on-device, anything that can deliver that level of data-crunching and analytics can also handle almost every other enterprise IT task.

Cloud

CIO Influence - CIOs Approach to AI and Automation Adoption

In an industry driven by Artificial Intelligence and automation, CIOs face a critical juncture—an immense challenge and an unparalleled opportunity. Embracing these technologies empowers organizations with efficiency, agility, and a competitive edge. Hesitation risks operational inefficiencies and sluggish responses to market demands.

AI/Automation & Productivity

sdxCentral - Dell reveals data protection risks amid the rise of genAI and multicloud

The report sheds light on another concerning trend that more than half (60%) of the respondents lack confidence in their organizations meeting backup and recovery service level objectives, and 65% doubt their ability to fully recover systems or data in the event of a data loss incident.

Data Management

sdxCentral - 2024 quantum predictions in computing, AI and cybersecurity

Forrester’s 2024 predictions report for tech infrastructure: At least 10% of enterprises will publish post-quantum security plans. Even the most optimistic quantum computing scientists say that practical quantum computing is 10 years away. In 2021, IBM crossed the 100-qubit-per-processor barrier with Eagle; project Condor is targeting 1,121 qubits by the end of 2023, followed by Kookaburra with more than 4,158 by 2025

Tech Trends

Network Computing - Top 10 Reasons to Consider Replacing Your Existing SD-WAN

Even the best-intentioned acquirers still need to “rationalize” and reduce R&D costs, customer support, and channel programs to justify their acquisitions. These changes can disrupt the spirit of the company that built the products, and many teams lose their best people. Plus, as acquirers skimp on R&D or consolidate customer support, the focus on tech advancements, timely product updates, and skilled technical support diminishes.

Network Management

Information Week - The Rise of Dual Ransomware Attacks

These dual attacks can compound the consequences for victims: data encryption and exfiltration and financial losses. The FBI also noted that ransomware groups have been upping the pressure on victims since early 2022, leveraging malware, wiper tools, and custom data theft as negotiation tactics.

Security

CIO Influence - CIOs Budget in Cybersecurity: Essentials and Insights

Data Privacy and Cloud Security: Expected to grow by over 24% year-over-year in 2024, reflecting heightened organizational concerns, especially in response to emerging regulations impacting personal data and AI usage. Predictions indicate coverage for 75% of the global population by modern privacy regulations by 2025.

Security

Network Computing - Ethernet Holds Its Own in Demanding AI Compute Environments

Even with such a major vendor offering solutions in the AI space, many enterprises still want to use Ethernet. Many found that InfiniBand costs more, brings complexity not found with Ethernet, often has interoperability problems working with existing infrastructure, and is only offered by a limited number of vendors. In many cases, enterprises do not have the staff and expertise to use and manage the technology

Network Management

Information Week - What the NYT Case Against OpenAI, Microsoft Could Mean for AI and Its Users

CIOs and other leaders have to consider their enterprises’ use cases for AI and the potential risks. Is there a process in place, or are employees using AI tools on their own initiative? Is an AI model spitting out content that violates copyright law? “If AI-generated content is put into otherwise protected content like a blog post … it threatens potentially the entire blog post,” Campbell explains. “It's high-risk in the sense that you may not be able to gain protection for whatever the output is.”

AI Ethics

Network Computing - The Future of IT Infrastructure: Embracing the Multi-cloud Revolution 

Increasingly, we're seeing customers demanding more customization to get the right results for their projects, and this often means mixing cloud service providers so they can tick off all the requirements they need. For example, some platforms will be better at handling big data, while others could have outstanding AI and machine learning capabilities, so having the option to deploy both together is hugely beneficial.

Cloud

InfoWorld - Why cloud architects are paid well

The trend driving this rise in salaries is the increased premium placed on IT architecture or on those who not only know how to configure a cloud solution but most of what IT is responsible for. Architecture needs to span all systems, and those who are knowledgeable only about cloud systems, sometimes just a single brand, provide a diminished benefit.

Tech Jobs

Forbes - The Role Of People In Cybersecurity: Balancing Best Practices And Trust

In the first half of 2023, it was found that compromised credentials were the root cause in 50% of attacks, which makes it clear that organizations need to go beyond the implementation of cybersecurity solutions and go a step further to keep their data safe.

Security

CIO Influence - Crucial Role of CIOs in Data Management

CIOs are pivotal in defining a data strategy, a blueprint aligning an organization’s business goals with its data assets. Positioned between the overarching business strategy and data governance, this plan leverages data for maximal business impact.

Data Management

Information Week - Align IT With the Business

IT must still overcome its back-office reputation. Although digitalization is on every CEO’s mind, IT still has a decades-old reputation as a back-office cost center to contend with. This makes it difficult for CIOs to reposition IT as a strategic, forward-looking function that can produce revenue and strategic results.

IT Management

Network World - Should AI initiatives change network planning?

If enterprises are looking for a kind of lightweight large-language-model approach to AI, that would mean that the number of specialized AI servers in their data center would be limited. Think in terms of a single AI cluster of GPU servers, and you have what enterprises are seeing. The dominant strategy for AI networking inside that cluster is InfiniBand, a superfast, low-latency, technology that's strongly supported by NVIDIA but not particularly popular (or even known) at the enterprise level.

AI/Network Management

sdxCentral - Why successful SASE implementations rely on consultants and professional services

Mackay said that after the market evaluation, organizations will then typically go down one of two routes: Either they will approach the vendors directly (with some form of RFI / RFP process) or they will turn to a consulting firm to give them direct advice. Mackay noted that what is common in all of these different ways of looking at the market landscape is that they will want to run a  detailed proof of concept process with a shortlist of vendors, primarily to prove that the marketing hype is matched by the technology reality.

Security

Network Computing - Encrypted Traffic: The Elephant in the Room for a Successful NDR Strategy

There has been ongoing dialogue among IT decision-makers on the increasing need for network-based visibility. However, with more than 95% of all Internet-based traffic being encrypted, there is a need for real-time decryption as a requirement for a successful Network Detection and Response (NDR) strategy, which is somewhat of the elephant in the room among IT professionals.

Network Management

VentureBeat - Forrester identifies biggest barriers to generative AI success

The leaders also emphasized that they already have use cases in the pipeline. More than half of the respondents said they have identified multiple potential applications of the technology, including enhancing customer experiences (64%), product development (59%), self-service data analytics (58%) and knowledge management (56%).

Artificial Intelligence

CIO Influence - Applying Cost Consciousness to AI Innovation

Companies without strong cloud data cost governance will continue to see their cloud data costs skyrocket, while the data leaders who are proactively thinking about (and addressing) governance of their cloud data costs will be the cloud data cost “winners.” This means implementing the proper guardrails to identify and correct bad code, configuration issues, data layout problems, and oversized resources in the development stage—before going into production.

AI/Cloud

VentureBeat - Microsoft Copilot app is a stealthy AI launch that you should pay attention to

But under the hood, Copilot is powered by some of the most advanced AI around — we’re talking GPT-3.5 and even the new beefed up GPT-4 in certain modes. This isn’t your grandpa’s chatbot. Copilot can understand context, follow complex conversations, and generate hyper-realistic text and images using tools like DALL-E 3.

Artificial Intelligence

The Hacker News - 5 Ways to Reduce SaaS Security Risks

As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised identities, including cloud and SaaS credentials.

Security

VentureBeat - Cybersecurity New Year’s resolutions every enterprise leader (and user) should make

Still, it’s just important to integrate MFA in a way that presents the least amount of friction, experts advise. For instance, implement it only when extra authentication will help protect sensitive data and critical systems. The use of pass-through authentication and single sign-on (SSO) tools will also reduce password fatigue.

Security

AiThority - Experts Discuss HR & Future Of Work Predictions For 2024

“Currently, companies deliver standardized training across their workforce or employee segments in like-roles because it’s not scalable to tailor it to individuals. Often, we see the same training applies to senior, long-tenured people-leaders as it does junior-level staffers who are still early in their careers. Generative AI capabilities will vastly reshape how organizations build training personalized to each employee. It will also help organizations automate coaching, making it more efficient to deliver individualized support based on the precise needs of each employee.

Automation & Productivity

Information Week - 10 IT Trends to Watch for This Year

“2024 won’t just be about integrating AI into business operations. On the contrary, it’ll be a race to build an IT-first workforce that can capture the most value from AI tools,” says Charles Chow, Head of Marketing at Lumen Technologies Asia Pacific.

Tech Trends

Network World - Is it time to change your backup system?

I can't tell you how many times I've fixed "slow backup software" with better configurations - cleaned up snapshots, reduced unneeded redundancy or scope, tweaked multiplexing or network settings. If you think shiny new products inherently perform faster, you might be surprised. External issues such as bad disk layouts, cluttered repositories, and overtaxed hardware will tank speed no matter what software you run.

Data Management

InfoWorld - Using generative AI to overhaul data integration? Start here

Whether or not IT departments are involved in activating every tool, they often end up supporting them in one way or another. Not to mention the work it takes to integrate all these systems together to standardize operations and reporting from a source of “data truth.” In fact, according to a survey report on how the economy has affected the typical IT workload, respondents indicated that 48% of their time is spent integrating new applications and platforms.

IT Management

InfoWorld - 4 key devsecops skills for the generative AI era

“Developers, testers, and business analysts should learn how to write prompts [and learn] where generative AI does well and where it falls down,” says David Brooks, SVP and lead evangelist at Copado. “Adopt a ‘trust but verify’ mentality where you actually read all of the generated content to determine if it makes sense.”

AI/DevOps

CIO Influence - How Security Culture Will Define Success in the Era of AI

Some cybercriminals are also seizing the chance to weaponize AI to develop more insidious scams and create AI-manipulated content, such as voice cloning. If organizations don’t have the proper guardrails and defenses in place, they’ll be left vulnerable and potentially allow bad actors to gain access to sensitive information. Furthermore, if left untrained, employees may unintentionally misuse the technology and fuel bias or insider risk.

AI/Security

InfoWorld - How to unlock C-suite support for application modernization initiatives

A recent independent study by EvolveWare on the State of Application Modernization found that 40% of IT team respondents said that boosting productivity is a top priority for modernization, alongside retiring mainframe infrastructure (37%), and reducing the dependency on legacy code (36%).

IT Management

SC Media - Four ways companies can respond and more effectively comply with the SEC’s new cybersecurity rules

CISOs are at an important crossroads. Because of the existing scope and scale of ransomware and the growth of cybercrime, this is no time to stop paying attention to incident detection and response (IDR). CISOs must examine IDR processes and adopt aggressive target metrics such as zero dwell time while they shift their mindset and approach from one of adversary-oriented to risk management and business-oriented.

Security

VentureBeat - The password identity crisis: Evolving authentication methods in 2024 and beyond

While the concept has been talked about for some time, it has yet to be fully realized because it is complex to incorporate, particularly when it comes to legacy systems that already have numerous security controls in place. But with the increased growth of AI built-from-scratch ‘greenfield’ systems, experts say that 2024 will be the year zero trust becomes real.

Security

ITPro Today - Gartner Breaks Down GenAI: Is It Overhyped or a Game-Changer?

Within IT, there are three key business functions for which GenAI is being adopted, according to Chandrasekaran. "The first and foremost is in software engineering, where GenAI models are helping developers write code faster and even complete code within their environments," he said.

Artificial Intelligence

CIO Influence - Comcast Study Emphasizes Cybersecurity’s Significance in Remote Work Longevity

Nearly all surveyed companies (99%) foresee a heightened need for managed cybersecurity services. These services provide a security overlay to extend data protection, with disaster recovery and business continuity being the top-rated services (43%). Guidance from experts (40%) and managed detection and response (36%) are also high on the priority list as organizations seek comprehensive security solutions in their expanded remote work capacity.

Security

VentureBeat - Why attackers love to target misconfigured clouds and phones

“Novel exploits (zero-days) or even new uses of existing exploits are expensive to research and discover. Why burn an expensive zero-day when you don’t need to? Most bad actors can find a way in through the “front door”– that is, using legitimate credentials (in unauthorized ways).”

Security

Network Computing - Why Secure SD-WAN is a Pillar of Enterprise Cybersecurity

Modern enterprises often use various cloud providers for different infrastructure and application needs. This multi-cloud approach lets them select the best offering for different areas of their business, lock in the best prices, and improve user experience. Despite the benefits, this type of environment is complex to manage and challenging to secure. SD-WAN has emerged as the solution of choice for multi-cloud organizations because it provides an application-aware network infrastructure with uniform policies while simplifying management and reducing costs.

Network Security

sdxCentral - How a global telecom company relies on AI and ML for network management

Human analysis is critical to the process, because “you can have a poorly performing circuit that’s consistent,” he said, and machine-based anomaly detection won’t necessarily pick up on that because it doesn’t have reasoning skills.

Network Management

SiliconANGLE - Here are the major security threats and trends for 2024 – and how to deal with them 

Over the past year, there were many things written about gen AI, ranging from Chicken Little to miracle cancer cures. One noteworthy comment comes from Check Point Software Inc.’s blog: “Hackers will see cloud-based AI resources as a lucrative opportunity. They will focus their efforts on establishing GPU farms in the cloud to fund their own AI activities.”

Security

VentureBeat - 11 data predictions for AI-centric enterprise growth in 2024

SQL is a database language that lacks a standardized approach to procedural logic which, for most applications, is embedded within an application server connected to a SQL database using a stateful, persistent session. This design approach for SQL made sense 50 years ago, but it is a painful legacy for modern, connectionless cloud services

AI/Data Management

Information Week - CIOs Battle Growing IT Costs with Tools, Leadership

She adds CIOs can optimize IT spend by implementing more rigorous, strategy-aligned software approval processes aimed at avoiding duplicative spend and ensuring contracts are rightsized for the business needs.  

IT Management

DarkReading - Why CISOs Need to Make Cyber Insurers Their Partners

To mitigate the losses driven by macro-view-based policies, insurance applications have become significantly more complex and require detailed conversations, interviews, and site visits, with the goal of creating a tailored policy. Organizations often are required to meet specific threshold conditions, such as utilizing multifactor authentication and endpoint detection and response capabilities, and must pass an “outside-in” scan of their environment, which is done by a neutral third party.

Security

VentureBeat - 16 Cybersecurity leaders predict how gen AI will improve cybersecurity in 2024

“It could improve by the ability to pick up patterns (like attack patterns or an emerging CVE or just certain behaviors that indicate an attempted breach or even predicting that the L3 DDoS attack is a distraction for the credential stuffing they are missing). I also think that AI will make it more difficult, too. Detectors can’t tell the difference between a human-generated and AI-generated phishing attack, so they’ll get much better,” Silva said.

AI/Security

sdxCentral - 6 steps to help CIOs keep their IT team happy (spoiler alert: think SASE)

IT professionals are often caught in a cycle of mundane activities, leaving them feeling unchallenged. Instead of having IT teams fill the time with endless maintenance and monitoring, CIOs can focus their IT teams on work that achieves larger business objectives. SASE automates repetitive tasks, which frees up IT to focus on strategic business objectives. In addition, the repetitive tasks become less prone to manual errors.

IT Management

VentureBeat - AI moves from theory to practice, zero trust gets real, and other 2024 predictions from Dell CTO

Dell, for instance, has roughly 380 AI-related ideas in the pipeline, he noted. But even as a large enterprise, the company probably only can handle just a handful of those. As he put it, enterprises might rush to do the first four projects on their lists — ultimately outpricing the fifth, which could have been the truly transformative one.

Tech Trends

CIO Influence - CIO Influence Predictions Series: Importance of AI and Anticipated Increased Use Of Visual Technology

With AI, in 2024, we will be able to process these documents in real time and also get good intelligence from this dataset without having to code custom models. Until now, a software engineer was needed to write code to parse these documents, then write more code to extract out the keywords or the values, and then put it into a database and query to generate actionable insights. The cost savings to enterprises will be huge because thanks to real-time AI, companies won’t have to employ a lot of staff to get competitive value out of data.

AI/Data & Analytics

Computerworld - USB-C explained: How to get the most from it (and why it keeps on getting better)

In other words, the older rectangular USB Type-A plugs we are so used to are slowly going the way of the dinosaur. This evolution is happening faster in some arenas than others. For example, the latest Mac Pro desktop has no fewer than eight USB-C ports for anything from sending video to a display to charging a phone.

Automation & Productivity

SiliconANGLE - The rise of observability and why it matters to your business

Full-stack observability is the capability to discover the real-time status of each technology stack component in a distributed IT environment. It involves holistically viewing cloud-hosted applications, services, infrastructure, on-premises IT, K8s (there’s your O11Y hint) infrastructure and more. O11Y uses telemetry data such as metrics, logs, traces and other information from the entire IT environment to provide complete end-to-end visibility to understand the connection and dependencies among IT components.

IT Management

Information Week - 5 Things You Can Do Today to Prepare for 2024’s Security Threats

There are not many things in IT that are entirely predictable, yet it’s a sure bet that network attackers will continue their nefarious activities throughout 2024. Fortunately, by being proactive, it’s possible to fortify your organization against cyberattacks. Here are six key insights, collected via email interviews, of the actions you can take right now to gain an upper hand on cybercriminals.

Security

Network Computing - 10 SD-WAN Providers & Solutions to Consider in 2024: An Overview

A software-defined wide-area network (SD-WAN) is a virtual WAN architecture that's service provider-agnostic. This allows enterprises to leverage any assortment of transport services to securely link to desired applications. The list of transport services includes broadband Internet, Multiprotocol Label Switching, and Long-Term Evolution (wireless).

Network Management

sdxCentral - Network management changes as observability spans multicloud

Security-related enhancements and cloud migrations lie behind much of the product activity in the area. Overall, the industry segment continues to address issues of cost, complexity and information volume that go hand in hand with log management’s wider use in the multicloud dominion.

Network Management

The Hacker News - Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices

According to Etay Maor, Senior Director of Security Strategy at Cato Networks, "We tend to talk a lot about security issues and solutions. This report puts a number behind threats and solutions and provides a lot of information to support claims of how a threat actor, a solution or a process impacts you financially."

Security

TechRepublic - Top 7 Cybersecurity Threats for 2024

Additionally, fileless attacks, where attackers use stolen credentials purchased on the Dark Web to gain access to systems without leaving behind traditional malware traces, are one of the biggest trends to look out for. And zero-day brokers — cybercrime groups selling zero-day exploits on the Dark Web to multiple buyers — are becoming increasingly prevalent.

Security

Network Computing - The Dawn of Universal Zero Trust Network Access

Universal ZTNA is a new concept. Given where the industry is going and the growing need to merge networking and security, with the emergence of the hybrid workforce, the idea will evolve and become a must-have technology soon. If you are on the frontline, a network leader, or an enterprise architect, now is the time to start researching and planning

Network Management

Information Week - Hot Jobs in AI/Data Science for 2024

“In 2024, we’ll also see the war for cyber and software development talent grow more contentious as a result of major privacy concerns and savings-driven budget reallocations born from the generative AI boom,” Hodjat says.

Tech Jobs

sdxCentral - How SASE tackles multicloud implementations, complexity

SASE is going to provide the “on-ramp into the different clouds a company might be using,” McGillicuddy said. As such, it can provide safe access to global points of presence (POPs), route traffic via SD-WANs, and apply services such as secure web gateways, cloud application security brokers,  firewall services and some things that you may not see on today’s hype cycles.

Cloud Security

CIO Influence - Understanding ISMS: A Comprehensive Overview

The crux of the ISMS framework centers on the meticulous evaluation and administration of risks. It operates as a structured methodology, delineating a balanced equilibrium between mitigating risks and the associated costs. Industries entrenched in rigorous regulatory landscapes like healthcare or finance often demand expansive security measures and robust strategies for mitigating risks. This necessitates a comprehensive scope of security activities within their ISMS framework.

Security

Network World - Cisco 2024: AI adoption will drive network modernization, data-center evolution

"GenAI will also be leveraged in B2B interactions with users demanding more contextualized, personalized, and integrated solutions," Centoni stated. "GenAI will offer APIs, interfaces, and services to access, analyze, and visualize data and insights, becoming pervasive across areas such as project management, software quality and testing, compliance assessments, and recruitment efforts. As a result, observability for AI will grow."

AI/Network Management

Government Executive - AI is a rising priority for federal chief data officers

“Advanced analytics, master data management, data integration, API strategies — all are going to help position those building blocks for really leveraging and driving ethical and explainable AI,” King said.

AI/Data Management

Computerworld - What leading Apple-in-the-enterprise execs expect in '24

"We first noticed the trend with mobile devices as frontline workers in industries like healthcare, aviation, and retail transitioned to iPhones and iPads as the primary computing device for some customer-facing roles. And on the Mac, we saw tremendous growth in the use of cloud identity services, indicating that the Mac is increasingly being used to access critical online services and data.

Automation & Productivity

Computerworld - Choosing a genAI partner: Trust, but verify

Logic and common sense have not always been the strengths of senior management when on a mission. That means the IT question will rarely be, “Should we do GenAI? Does it make sense for us?” It will be: “We have been ordered to do it. What is the most cost-effective and secure way to proceed?”

Artificial Intelligence

Network Computing - Signs That a Network Technology Has Outlived Its Usefulness

Frequent failures or incompatibility with newer systems are also key warning signs, he adds. "Most network managers are adept at spotting obsolete technologies, but challenges arise in balancing legacy systems with the need for innovation, often constrained by budgetary and operational considerations."

Network Management

SiliconANGLE - New report warns of a rise in AI-generated email fraud and phishing attacks

The report discusses several instances of AI-generated attacks detected by Abnormal, such as malware delivery attempts posing as insurance companies, Netflix impersonation for credential phishing, and invoice fraud by impersonating a cosmetics brand. The attacks use sophisticated language and lack the usual signs of phishing, such as grammatical errors, making them more convincing to potential victims.

Security

ITPro Today - Why FinOps Is a Pivotal Cloud Trend in 2023

Instead, it's cloud FinOps — a strategy that emphasizes cloud cost optimization. As of 2023, FinOps is exerting major influence on the way many organizations approach cloud computing. It has arguably become more important to cloud strategies than concepts like multicloud or hybrid cloud, key trends from years past.

Cloud

Forbes - Navigating The Cybersecurity Landscape In 2024: Anticipating Challenges And Opportunities

Artificial intelligence (AI) and machine learning (ML) will play an increasingly prominent role in cyberattacks in 2024. Expect cybercriminals to leverage AI and ML to automate and enhance their capabilities, making attacks more sophisticated and adaptive. Cybersecurity professionals must harness the power of AI themselves to stay one step ahead of these evolving threats.

Security

CIO Influence - Three Reasons an Organization’s CISO Should be Independent of its CIO

A key motivator for organizations to separate the CISO from the CIO is to provide that CISO with greater management responsibility and control over the cybersecurity program. This removes potential friction with the CIO over things such as budgetary constraints or security strategies. Further, an independent CISO ensures that cybersecurity remains an organization-wide priority, and security strategies align with broader business objectives – not just broader IT initiatives

Security

VentureBeat - How to protect unmanaged devices in today’s zero-trust world

When a contractor is onboarded, they often get access to shared productivity apps. As many organizations don’t have a process to delete a contractor’s access by cloud app or resource, credentials can live on for years – even decades – and lead to intrusion and breach attempts.  

Security

Information Week - How to Select the Right Industry Cloud for Your Business

“Strive to preserve flexibility and the ability to innovate,” he advises. The market is rapidly evolving, and monolithic implementations are giving way to user-friendly building blocks that are continuously improved. “These are proving to provide the greatest advantage,” Campbell observes.

Cloud

Network Computing - The Network’s Growing Strategic Role

“In our experience, companies that invest time and energy to understand their networks and collaborative relationships greatly improve their chances of making successful organizational changes,” said McKinsey. “Sophisticated approaches can map networks and identify the key points of connectivity where value is created or destroyed.”

Network Management

sdxCentral - Trellix CEO outlines how to educate employees on genAI risks

“I think the best way to do it is to have a policy and a regulated standard and then have some standardization,” Palma said. For instance, companies should procure enterprise licenses for approved genAI tools and allow IT teams to assess and ensure their security. This strategy is preferable than blocking these tools, as employees might seek unapproved alternatives, he added.

Artificial Intelligence

AiThority - Sonata AI & Cloud Rule 2024 IT Investments: Rackspace Survey

The survey also underscores the continued adoption of the cloud. When asked about the makeup of their organization’s IT infrastructure and how it will evolve over the next 12 months, edge computing, private cloud, and public cloud increased as a percentage of workloads, while data centers, colocation facilities, and mainframes declined.

IT Management

VentureBeat - The CISO risk calculus: Navigating the thin line between paranoia and vigilance

As the late Kevin Mitnick wrote, “as developers invent continually better security technologies, making it increasingly difficult to exploit technical vulnerabilities, attackers will turn more and more to exploiting the human element. Cracking the human firewall is often easy.”

Security

The Hacker News - Unmasking the Dark Side of Low-Code/No-Code Applications

While low-code/no-code (LCNC) apps and robotic process automations (RPA) drive efficiency and agility, their dark security side demands scrutiny. LCNC application security emerges as a relatively new frontier, and even seasoned security practitioners and security teams grapple with the dynamic nature and sheer volume of citizen-developed applications.

Security

Information Week - Clock Starts on SEC Cyberattack Rules: What CISOs Should Know

“Cybercriminals have shown that if they are willing to control the timeline, they are able to prompt people into action,” Pierson says. “If you tell people that we will expose your data within seven days unless you pay us -- that creates a time clock and a scenario where the power goes to the cybercriminal.”

Security

TechBullion - Big Data Analytics 101: Understanding the Basics and Benefits

It is the process of examining and uncovering patterns, trends, and insights from large and diverse datasets. Unlike traditional data analysis methods, Big Data Analytics deals with datasets that are too complex or massive to be processed by conventional data processing applications. This field leverages advanced analytics techniques, including machine learning, statistical analysis, and predictive modeling, to extract valuable information from vast pools of data.

Data & Analytics

CIO Influence - AI for Network Management Strategies in 2024

Customer patience is wearing thin and businesses are doing all they can to keep up with demands, most notably implementing AI more prominently in their workflows. In the networking space, AIOps, which is the use of AI to automate and streamline IT operations tasks, will be the biggest use case for AI in 2024.

AI/Network Management

Information Week - Data Leaders Say ‘AI Paralysis’ Stifling Adoption: Study

“I do think there’s a disconnect between the CIO and CDO and the chief executive. We should not, in the data and technology space, expect people to understand the layer of complexity that we have to deal with. What we should be doing is taking that complexity and creating a story and a narrative, so it makes sense to the other people in our organization and businesses we work with.”

AI/Data Management

sdxCentral - What is AI networking? Use cases, benefits and challenges

AI networking seeks to transform traditional IT operations and make networks more intelligent, self-adaptive, efficient and reliable. The technology uses machine learning (ML), deep learning, natural language processing (NLP), generative AI (genAI) and other methods to monitor, troubleshoot and secure networks.

AI/Network Management

Network World - How to lock down backup infrastructure

It’s the worst nightmare for those of us advocating backups as a ransomware recovery tool. If the last line of defense is taken out of the game, it defeats the whole reason we built the system in the first place. If hackers are able to delete or encrypt backups, or the backup server operating system itself, you will find yourself in an unenviable position.

Security

sdxCentral - Deloitte on Tech: Top cloud computing trends to expect in 2024

Much needs to be done to support this rise, though, including sizing systems for genAI. This means typically supporting training data with more database storage and keeping the storage of both structured and unstructured data. In many instances, enterprises will look to combine that data before it becomes training data, and that will likely work in the public clouds, given the ease of provisioning and scaling of cloud-based platforms.

Cloud

ITPro Today - State of Web Development Report Details Composable Architecture Benefits

Biilmann noted that developers are wary of a wide breadth of risks when it comes to AI implementation. Seventy percent are concerned about erroneous outcomes, and over half believe that leveraging AI can lead to new security issues and confidential data leaks. Fortunately, developers are already discovering best practices to help mitigate these risks, he noted.

DevOps

Blocks & Files - 2024 IT management trends: It’s generative AI and everything else

In 2024, GenAI will accelerate workload placement trends, with organizations reckoning with how and where to run large language models (LLMs) that fuel their GenAI applications. Some IT decision makers will choose public services.

IT Management

Information Week - 10 Ways to Run a Very Lean IT Operation

Use IT retirees. There are some excellent IT professionals who are retired and simply “sitting on the bench” and waiting to be called. One approach some small companies have used with some success is to advertise for IT help in particular tech areas, such as networks or systems. These companies often receive resumes from “old hand” IT retirees who have done these tasks for many years, don’t need much income, but are looking to stay active with IT. These retirees also can be excellent trainers of internal IT staff members.

IT Management

Computerworld - Making sense of genAI pricing in office apps

While it’s standard for software vendors to price similar services at different levels as they vie for market share and profitability, the relative novelty of generative AI brings some specific challenges. On one hand there’s the compute cost to process user queries and how quickly this cost might fall. Then there’s the question of what benefits these tools will actually provide to customers and, ultimately, how much organizations are willing to pay.

Automation & Productivity

Network Computing - Building Resilience in Uncertain Times: The Power Of Connected Networks

Connected networks are sophisticated peer-to-peer networks linking an organization with its stakeholders—suppliers, partners, customers, and competitors—across processes, systems, and geographies. They allow every stakeholder to see exactly how different parts of the ecosystem interact and impact the customer experience and business outcomes. This single-pane view creates opportunities for better decision-making for more economic leverage.

IT Management

CSO - AI dominates cybersecurity megatrends for 2024: Report

The top deck (first four) of the list included AI-related trends that SIA expects will make a substantial impact in the segment in the coming year. Topping the list was AI security, which refers to the cybersecurity practices for the protection of data, IP, and corporate integrity with the adoption of AI into businesses of all sizes.

AI/Security

Datanami - IDC Reports Robust Growth in Public Cloud Services with $315.5B Revenue in First Half of 2023

Software as a Service – Applications (SaaS – Applications) continued to be the largest source of public cloud services revenue, accounting for nearly 45% of the total in 1H23. Infrastructure as a Service (IaaS) was the second largest revenue category with 20.4% of the total while Platform as a Service (PaaS) and Software as a Service – System Infrastructure Software (SaaS – SIS) delivered 18.0% and 16.9% of overall revenue respectively.

Cloud

VentureBeat - How ConductorOne’s Copilot Improves Identity Governance with AI

Managing user and machine identities in multi-cloud environments is among their teams’ most challenging tasks. The most challenging areas of managing identities in a multi-cloud environment include getting permissions right while eliminating orphan accounts, monitoring access privileges and reducing the risk of stolen privilege access credentials.

AI/Security

Network Computing - Why Simple Cloud Computing Architectures May Be Better

It's not hard to understand why the typical organization today is attracted to cloud architectures that are more complex than necessary. Continuous improvement and endless optimization have become key mantras of the IT industry. If you were to suggest that a simple cloud architecture meets your organization's requirements and that there's no need to invest in more complex cloud setups or services, you'd probably sound unimaginative at best, or lazy and out of touch at worst.

Cloud

CIO Influence - Major Market Trends and Disruptions CIOs Must Be Ready for in 2024

With the launch of ChatGPT at the end of 2022, 2023 ushered in peak hype around AI. Vendors rapidly reacted to the stunning user adoption rates of ChatGPT by introducing their own versions of “generative AI” into their software, whether it involved real machine learning, LLMs, NLP, etc. – or if it was all smoke, mirrors, and buzzwords. There are some legitimate and very exciting uses of generative AI, but some marketers would lead you to believe its powers are far more ubiquitous than it really is – at least for the moment.

Tech Trends

Network Computing - The Transformational Impact of Continuous Network Assessments

As a result, it's common for organizations to only conduct network assessments every few years – often driven by compliance mandates – frequently spending hundreds of thousands of dollars on outside consultants who take weeks or months to conduct them. Even worse, the labor-intensive assessments being conducted today are typically based on representative sample data rather than comprehensive observation of the live network. What this means is today's assessments only provide a glimpse of the actual network as it was at some point in the past, not an accurate, up-to-date, detailed view.

Network Management

Datanami - Privacera Unveils AI and Data Security Governance Predictions for 2024

“In 2024, we expect a large influx of innovations by enterprises of every scale adopting and deploying generative AI, and using sensitive data to train the underlying AI and Large Language models,” says Balaji Ganesan, co-founder and CEO, Privacera. “This transformation can only be successful with a unified data security governance strategy in place, and requires data leaders to apply controls to both, sensitive data and AI, in a consistent and scalable manner.”

AI/Security

CIO Influence - Role of LLMs and Advanced AI in Cybersecurity: Predictions from HP Inc. Executives

AI-powered security solutions for risk analysis, predictive intelligence, and identity and access management assist cybersecurity teams with unmatched ability to safeguard their digital infrastructure. However, there’s no guarantee that AI alone can protect everything your organization owns or stores. CIOs still lack 100% visibility into what their cybersecurity postures look like and what kind of preparedness is required to thwart a sophisticated cyber attack led by ransomware and zero-day attack vectors.

Security

VentureBeat - Protecting against new Kubernetes threats in 2024 and beyond

A wave of new attacks targeted Kubernetes in 2023: Dero and Monero crypto miners, Scarleteel and RBAC-Buster. Finding an initial foothold with a web app vulnerability, then moving laterally is the hallmark of a Kubernetes attack. Understanding the reality of these attacks can help protect your organization from current and future attacks targeting Kubernetes.

Security

CSO - Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey

The report revealed that smaller organizations are struggling on multiple levels to incorporate security observability as part of their security systems. They lack the resources to hire the right people to use the security tools. However, this also makes them prudent about spending, thus ensuring they avoid hype-driven adoption of the products. On the other hand, large organizations have access to a wide range of tools and products, but they struggle to integrate them for optimal performance.

Security

DarkReading - Municipalities Face a Constant Battle as Ransomware Snowballs

Sophos reported that more than a quarter of state and local government organizations (28%) in its survey admitted to making a payment of at least $1 million or more when it came to ransoms, a massive increase compared with the 5% that made that large of a payment in the 2022 data. Of the organizations whose data was encrypted in an attack, 99% got their information back, with 34% reporting that they paid a ransom and 75% relying on backups.

Security

CIO Dive - There will be a surplus of tech workers by 2026, executives project

As technology skills expand throughout the enterprise, nearly three-quarters of IT leaders say it’s more important for employees to have multiple skills than specialization. Creativity, emotion and critical thinking are the top contributions of the human workforce in a talent market shaped by AI.

Tech Jobs

Information Week - 10 Hot Technology Developments Right Now

In many ways the technology story of 2023 was all about artificial intelligence. In fact, in this list of hot technology trends, almost all relate in some way to AI. That begs the question of whether we’ll eventually stop calling out AI as a separate thing or if all technology will just incorporate AI in some way.

Tech Trends

Network World - Gartner: Just 12% of IT infrastructure pros outpace CIO expectations

Another key action incorporates enhanced analysis capabilities to measure the effectiveness of their programs and investments. While in uncertain economic times, I&O leaders must maximize the impact of technology. "According to the survey, 89% of leaders in highly effective I&O organizations formulate strategies for process transformation and optimization, and 82% identify opportunities to reduce technology costs through economies of scale or cross-enterprise synergies," Gartner says.

IT Management

Network Computing - Overspending on SaaS? 6 Ways to Cost Optimization

Before starting with cost optimization, you must first analyze where you’re overspending. Start with a thorough spend analysis using a spend management platform. Identify all your SaaS applications, licenses, associated costs, and the ROI they generate.

IT Management

Information Week - Massive Okta Breach: What CISOs Should Know

Okta recommends customers take several immediate steps to defend against potential attacks from the breach, including securing administrator access through multi-factor authentication (MFA), “admin session binding” that requires admins to reauthenticate in certain instances, “admin session timeout” set to a default of 12-hour session duration and 15-minute idle time, and phishing awareness.

Security

CIO Dive - Talent woes among top barriers to generative AI ambitions

Among the most in-demand positions for companies currently using the technology are AI programming and data analysis. AI talent leaving major tech providers isn’t enough to meet demand across industries, according to the firm.

Artificial Intelligence

CIO Influence - Building a Strong Data and Analytics (D&A) Strategy with a Culture Mindset

According to a McKinsey survey, 14% of C-level leaders spend 70 percent of their time making decisions. In most cases, these decisions are based on inefficient models. This inflates the cost of decision-making. Reliable data search and discovery tools improve the accuracy of the decision-making, with added layers of compliance and privacy guarded by a strong data governance framework.

Data & Analytics

Datanami - 10% of Organizations Surveyed Launched GenAI Solutions to Production in 2023

The survey highlights other challenges that might be causing a slow adoption of LLM technology in businesses, such as lack of knowledge, cost and compliance. Of the respondents, 84% admit that their skills need to improve due to increasing interest in LLM adoption, while only 19% say they have a strong understanding of the mechanisms of how LLMs generate responses.

AI/LLM

sdxCentral - Deloitte predicts genAI, specialized computing, industrial metaverse will top 2024 trends

Those technologies include generative AI; spatial computing and the industrial metaverse; moving beyond brute force compute to specialized compute; the evolution to DevEx; securing against innovative attack methods; and evolving from technical debt to technical wellness.

Tech Trends

CIO Influence - Cloud Optimization Strategies for Navigating Cloud Evolution in 2024

In this evolving landscape, the need for enhanced support from the ecosystem has become increasingly evident. Cloud providers rely heavily on various partners, including SIs, Independent Software Vendors (ISVs), and Resellers. These partners bring a crucial capability to the table: the ability to implement and integrate cloud solutions with existing environments, addressing use cases that enterprises struggle to tackle independently.

Cloud

CIO Influence - Featured Story of the Week: 2024 Enterprise Storage Trends for CIOs

Combining resilience (the ability to instill defensive security measures to repel attacks), detection (the ability to know when data is corrupted and whether a known good copy of data is free of ransomware or malware), and recovery (the ability to bounce back) from cyberattacks is the key to hardening storage infrastructure.

Data Storage

sdxCentral - What’s Next: Soni Jiandani, CVP of networking at AMD talks AI, DPUs and finding needles in the haystack

AI is going to have a dramatic impact on networking technology. It is ultimately changing everything. Your success with AI will depend on whether your infrastructure is able to support such powerful applications and the demands it makes. And while the cloud is emerging as a major resource, many enterprises have to also rely on the on-premise environments to accommodate for things like big data storage. Do I have enough? Can it scale with my models and AI-generated data from a networking infrastructure point of view

Network Management

SiliconANGLE - Analysis: Cisco brings AI capabilities to its revamped security portfolio

My research shows that enterprise-class companies have, on average, 32 security vendors. This is the average, and I’ve seen some companies with many more than this. I did some work with one of the government agencies, which had more than 200 vendors. One of the engineers there confessed there is so much paranoia around security that they deploy almost every point product from every startup to be more secure. The problem is, with security, more isn’t better, as keeping policies up to date is impossible across dozens of vendors

Security

Information Week - Security Questions to Ask After the ZeroedIn Breach

He says organizations should ask to what extent they must work with third-party suppliers and understand the security risk that they take on by using those services, whether it is software, data, or services. “It’s not enough that third party says, ‘Oh yeah, I am certified,’” Maor says. “Certification does not equal security.”

Security

Network World - 5 ways to boost server efficiency

Older servers are less energy efficient than new ones, says Jay Dietrich, Uptime Institute’s research director of sustainability. For example, Intel servers’ efficiency improved by 34% between 2017 and 2019 for CPUs running at 50% utilization, according to a recent report he co-authored. And AMD-based servers saw a whopping 140% improvement, he says.

IT Management

Government Executive - USDA unveils its new data strategy

The new strategy contains five areas of focus: data governance and leadership, data and analytics workforce, common data and analytics, open data architecture, and purposeful analytics.

Data & Analytics

Computerworld - The arrival of genAI could cover critical skills gaps, reshape IT job market

More than a quarter of those surveyed, however, called genAI a fad, comparing it to Meta’s recently launched Threads app — an upstart competitor to X/Twitter. “These leaders stated that they believe Gen AI to be just another fad [that] challenges for dominance quickly and then dies off just as fast,” the Kaspersky study said.

Automation & Productivity

CIO Influence - Future of Data Integration: How AI is Changing the Blueprint for Businesses

By unearthing these hidden connections, organizations gain a competitive edge, fuelling innovation and driving transformative change. As generative integration continues to evolve, it’s clear that it’s not just about simplifying the integration process – it’s about paving the way for a future where data-driven decisions are made with unparalleled clarity and confidence.

Artificial Intelligence

Forbes - How Can Businesses Make Sure That Their Cybersecurity Operations Are Robust?

Primarily, my focus will be on addressing questions such as "What are the essential components of your cybersecurity checklist?" and "How can you identify potential vulnerabilities within your systems?" Consider this a go-to, threat-proof checklist that guards your business against potential risks with proactive security measures at any time.

Security

VentureBeat - Breaches happen: It’s time to stop playing the blame game and start learning together

Unfortunately, the overwhelming reaction to such an incident is to ostracize the victim. In fact, up to 83% of consumers admit that they pause or end their spending with an organization after an incident. While understandable, that reaction misses the opportunity the industry has to learn and grow together after details of an incident become available.

Security

SiliconANGLE - Three strategies to develop edge skills in your organization

A common pitfall I&O leaders run into is to assume that the entire organization needs the same level of skill sets and expertise for edge implementation and operations. Edge implementations require diverse and specific skills, which makes it harder for an organization to be at the same expertise level. As a result, even if they have clarity around the skills needed for implementing these technologies in their organization, I&O leaders are unable to ensure the skills are in place before starting an edge initiative

Edge Computing

Forbes - 19 Tech Experts Bust Common Cybersecurity Myths And Misconceptions

The myth is that cybersecurity training is going to help everyone get smarter about security. The truth is that security training videos with a quiz at the end do not mitigate risk; they just add to people’s never-ending to-do lists. What we really need are tools that connect cybersecurity risk to specific activities as a way to help people practice better security hygiene.

Security

Government Technology - Cybersecurity Trends Point to More Sophisticated Attacks Ahead

Ultimately, turning the tide against ransomware means getting attackers to see the crime as more trouble than it’s worth. Recent years saw some states consider whether banning cyber extortion payments could help get us there. Federal officials said this year they’d been mulling whether to enact a widespread payments ban, though some cyber experts say such a move could involve painful short-term side effects and administrative challenges.

Security

TechBullion - Why should businesses outsource cybersecurity

The technicians are essential introductions to the day-to-day development landscape of cyberspace and technical engineers and technicians in cybersure security roles are often the gateways to mssps of mssps. who gets the benefit of the processes and techniques Potential threats are identified before they escalate, reducing the impact of cyber incidents This proactive approach to cyber security is industry practices meet, and provides companies with a strong defense against emerging threats.

Security

CIO Influence - CIO’s Roadmap to Aligning AI with Organizational Culture and Operations

A few tasks can be entirely automated with AI; however, in most instances, AI will enhance these tasks. Its role in democratizing access to knowledge will render services offered by knowledge workers more economical, thereby fostering increased demand and job opportunities. Gartner predicts creating over half a billion new human jobs by 2033 by introducing AI solutions for task augmentation or autonomous task delivery.

Artificial Intelligence

AiThority - Scality’s 2024 Predictions: AI, Hybrid Cloud and Ransomware Detection Will Define the Data Storage Landscape, While Hard Disk Drives Live On

Some all-flash vendors prognosticate the end of spinning disk (HDD) media in the coming years. While flash media and solid state drives (SSDs) have clear benefits when it comes to latency, are making major strides in density, and the cost per GB is declining, we see HDDs holding a 3-5x density/cost advantage over high-density SSDs through 2028.

Data Storage

Information Week - New Secure AI Development Rules are Historic, But Do They Matter?

These new guidelines are primarily directed at AI systems providers, whether those systems are built from scratch or on top of services provided by others. But the document authors urge all stakeholders to read the guidelines to help them make informed decisions about how AI is used in their organizations.

Artificial Intelligence

eWeek - Persistent Systems CTO Pandurang Kamat on Generative AI in the Enterprise

“The other concern is around AI ‘hallucinations, as they’re known, where these models can start making up things not backed by facts – that becomes a big concern. But there are a slew of grounding tools that have emerged and continue to get better. Additionally, there are a number of techniques, a series of very scientifically-based techniques, that you can use to ground and control these hallucinations.

Artificial Intelligence

Forbes - Doing More With Less: Cybersecurity Tools And Budget Efficiency

In an industry like cybersecurity that’s full of confusing acronyms and new products that vendors promise will improve your organization’s security, it’s easy to get swayed into spending money on products you don’t actually need. Now more than ever, it’s critical that companies look inward to optimize the cybersecurity tools they already have, using a mathematical, fact-based approach.

Security

VentureBeat - Generative AI is reshaping knowledge work. Are you ready?

As an IT leader, your company’s velocity and nautical mileage for adopting new solutions will vary. Yet even if gen AI holds great promise there is a sizeable gap in the number of technology tools available and the capabilities of employees to put them to use.

Artificial Intelligence

InfoWorld - The evolution of multitenancy for cloud services

These days we are focused on new, faster processors and reduced power consumption. More gains can be obtained by better optimizing the systems that manage how the processors and storage systems are allocated to tenant processes. If I were the CTO of a cloud provider, I would start there and then move to the CPUs and I/O systems, which are more important.

Cloud

SiliconANGLE - Amazon CTO Werner Vogels architects a more frugal future for the enterprise cloud 

“There is new AI and old-fashioned AI,” Vogels noted. “You should keep in mind that not everything needs to be done with these large language models. AI makes predictions, professionals decide.”

AI/Cloud

Computerworld - Super apps: the next big thing for enterprise IT?

“Super apps are designed to sit on top of the library of mini apps that have specific functionalities that users can download and use,” Helmer said. “Users can pick and choose and personalize their experiences by enabling some mini apps, which all have a similar user interface, and removing the ones that they don’t really care about.”

Automation & Productivity

CIO Influence - Is Private Cloud the Game-Changer CIOs Have Been Seeking?

Previously seen as a legacy-heavy, poorly managed, and outdated system lacking modern cloud architecture, the private cloud carried a stigma of high costs and inefficiencies. However, recent advancements have transformed this perception. Present-day private cloud infrastructure matches its public counterpart’s sophistication and operational efficiency, excelling notably in specific scenarios.

Cloud

Forbes - Unpacking The New SEC Cybersecurity Rules: What Every CXO Needs To Know

Prior to the SEC ruling, cyber was already becoming a bigger priority in the boardroom, though this new development has certainly heightened its visibility. Now, board members and CXOs must not only be aware and knowledgeable on cyber, but they must be able to understand the potential business impacts of a cyber breach, all within the context of managing cyber risk.

Security

TechRepublic - Gartner: By 2028, 70% of Workloads Will Run in a Cloud Computing Environment

“If there’s one fundamental area for enterprises, it is that you need to go house-by-house or closet-by-closet to really look at your application portfolio and decide what is best to do with it, what can be replaced what needs to be replatformed and what needs to be refactored,” Smith said.

Cloud

The Hacker News - Discover Why Proactive Web Security Outsmarts Traditional Antivirus Solutions

To be clear, we're not denying that an antivirus-approach solution is ideal for detecting and responding to threats, but there's no escaping the fact that it's limited by design: it's reactive. A traditional antivirus-approach solution flags known malicious signatures once they're already in your environment, so it only acts when detections match the signatures in its database.

Security

Network Computing - How to Speed Cyberattack Discovery

When deploying human-based threat-hunting capabilities, it’s helpful to think about the parallels to physical security leading practices, Morris says. “For example, human security guards, tasked with protecting critical assets, constantly inspect physical infrastructures and maintain the integrity of their responsible spaces by actively patrolling and investigating,” he explains. “The less static, routine, and predictable a defensive team is, the harder it is for attackers to anticipate defenders’ actions.”

Security

AiThority - Kolide Survey Finds 89 Percent of Knowledge Workers Use AI, But Businesses Fail to Provide Governance or Education

68% of companies allow AI use: There is a significant gap between the percentage of employees allowed to use AI (68%) and those who actually use it (89%), indicating a lack of oversight and scrutiny on AI-generated work.

Artificial Intelligence

Network Computing - Understanding Cisco’s Generative Artificial Intelligence Strategy 

Cisco’s approach to AI is multifaceted and deeply integrated across its portfolio. A key element of Cisco’s evolution toward gen AI is the development of Silicon One, a chip designed to handle massive workloads. Silicon One supports Cisco customers and hyperscalers in building AI-based infrastructure, encompassing advanced technology, data center networking, and optics.

Artificial Intelligence

Network World - Is anything useful happening in network management?

All 169 said they are interested in AI for network management, and 30 said that they have identified at least one option. Only 9 said that they have a budget for their identified option in 2024, and all of them reported a common problem with AI in network management--the problem of scope. Here, they mean two kinds of scope: the extent to which AI is specialized to their own network data, and the range of devices that AI can actually see.

Network Management

sdxCentral - Inside a new CISO’s first 90 days: How to start strong

Baer pointed out that many enterprises claim to be “flat” with complete lines of communication to leadership, “but the reality is all organizations have hierarchy,” as well as formalities and rituals, of sorts. It’s important to be clear on who makes decisions around business priorities, budgeting and hiring and firing.

IT Management

Automation.com - Five Cybersecurity Trends to Expect in 2024

Quantum computing is advancing rapidly, so forward-thinking cybercriminals will be stealing encrypted data that they cannot unlock with today’s technology but that they might soon be able to decrypt. The top targets will be organizations with large volumes of sensitive data, such as government and defense agencies, financial and legal firms, and large corporations with valuable intellectual property. To reduce risk, organizations should not treat encryption as a panacea but instead build a multi-layered strategy that includes data classification, risk assessment and mitigation, and incident detection and response.

Security

InfoWorld - Are we too focused on vendors? 

Are we too vendor-focused in the cloud computing market? A better question is, are vendors leading us down the wrong paths? Indeed, instead of tackling the core problems at hand, we’re distracted by the new features and the excellent new tools that are, if we’re honest, more fun to look at than solving actual problems.

Cloud

Datanami - New Dremio Report Highlights Surge in Data Lakehouse Adoption for Enhanced Cost Efficiency and Analytics

Amid the generative AI frenzy, a quieter revolution has been taking place: Open table formats—a foundational component of data lakehouses—are bringing full SQL functionality directly to the data lake. This enables organizations to move away from decades-old data warehouse architectures and their associated inefficiencies.

Data & Analytics

sdxCentral - Databricks CISO details how to shepherd a data and AI journey at scale

“They’ve heard the scary stories about AI can cause harm, and when their business wants to utilize AI, they don’t know if it’s in that tiny minority of AI that could likely cause harm, or if it’s in the majority that wouldn’t,” he said. “Security people tend to have a low tolerance for risk just instinctively. And so they’re likely to respond with ‘We shouldn’t do it’.”

AI/Security

VentureBeat - How generative AI will enhance cybersecurity in a zero-trust world

CISOs and CIOs continue to weigh the benefits of deploying generative AI as a continuous learning engine that constantly captures behavioral, telemetry, intrusion and breach data versus the risks it creates. The goal is to achieve a new “muscle memory” of threat intelligence to help predict and stop breaches while streamlining SecOps workflows.

AI/Security

CIO Influence - The Impact of AI on Security Issues

A manipulated data set changes the way the AI will respond to a query for anything related to the data. The input data drives the response and if the data is changed, then the response would change. So if someone wants to provide misinformation to an audience, they just need to change the input data with the misinformation

AI/Security

The Hacker News - Experts Uncover Passive Method to Extract Private RSA Keys from SSH Connections

In other words, a passive adversary can quietly keep track of legitimate connections without risking detection until they observe a faulty signature that exposes the private key. The bad actor can then masquerade as the compromised host to intercept sensitive data and stage adversary-in-the-middle (AitM) attacks.

Security

DarkReading - Researchers Undermine 'Windows Hello' on Lenovo, Dell, Surface Pro PCs

By default, Windows Hello requires that fingerprint readers are "match-on-chip" (MoC), as opposed to "match-on-host" (MoH). MoC means that they have microprocessors and storage built in, eliminating the need to process and store sensitive biometric data on the host computer. That way privacy is maintained, even if the host is compromised.

Security

Information Week - How to Avoid Security Concerns While Implementing Automation

A recent survey reports that the majority of automation projects fail to take off due to their complexity. For those that do manage to reach the execution stage, there is a 50% chance of them failing. A vast majority of business leaders are not happy with their robotic process automation (RPA) implementation speed.

Automation & Productivity

sdxCentral - How to navigate the private network adoption market

This number of choices is good for those that need it, but can be daunting for a decision-maker who is tasked with picking a long-term private network path for a large-scale organization. This difficulty is further enhanced by the private network market’s lack of maturity, which means a decision made today could run into a support void tomorrow.

Network Management

Network Computing - Candy Alexander Explains Why Bandwidth and Security are Both in High Demand

"Again, it's data that has become more important than ever before. One of the biggest challenges of providing ubiquitous secure access is that users now need to be able to access data from anywhere, at any time, and on any device. This can be difficult to manage due to several factors, such as the ever-increasing volume of data and the velocity at which it is generated."

Network Management

sdxCentral - DNS at 40 keeps improving with better security

“RFC 9461 provides the mapping for the DNS service type, allowing DNS servers to offer alternative endpoints and transports, whereas RFCs 9462 (DDR) and 9463 (DNR) provide endpoints with the capability to discover encrypted resolvers,” Campling explained. “This means that endpoints are not reliant on software having resolver details hard-coded into them and should support much greater choice, ultimately benefiting users.”

Network Management

SiliconANGLE - How IT teams can empower every individual to drive their own productivity 

When so many business functions require implementation support, and there aren’t enough technical skills or IT people to address everyone’s needs, many companies are stuck in stop-and-go business patterns. As the demand for automation increases, IT leaders should take a new approach to scaling it across their functions — one that’s composable, accessible, and user-driven.

IT Management

sdxCentral - Gartner names 5 leading access management platforms

Gartner identifies the must-have capabilities including a directory or identity repository for users; identity administration for integrated applications basic life cycle management and profile management capabilities and the system for cross-domain identity management; SSO and session management, compatible with standard identity protocols and APIs for accessing standards-based and legacy apps; and user authentication including commodity MFA and authorization enforcement.

Security

SiliconANGLE - Managing in 2024: How generative AI will scale insight

In addition to this scaled human insight, gen AI may also scale itself, aggregating siloed information into an overall depiction of the business in all its complexities and dependencies, such as the production process, supply chains or external economic events. Insights from one part of the company, such as marketing or manufacturing, can be scaled to a new type of collective insight.

Artificial Intelligence

VentureBeat - How to apply natural language processing to cybersecurity

The overlap between NLP and cybersecurity lies in analysis and automation. Both fields require sifting through countless inputs to identify patterns or threats. It can quickly process shapeless data to a form an algorithm can work with — something traditional methods might struggle to do.

Security

SiliconANGLE - Cloud security continues to give IT managers headaches. Here’s why 

The reports show that despite reams of details on best security practices, organizations don’t do well with their implementation, follow-through or consistent application. For example, consider well-known practices such as the usage of complex and unique passwords, collection of access logs and avoidance of hard-coded credentials.

Security

VentureBeat - Generative AI is a toddler — don’t let it run your business

Cutting-edge technology and young kids may initially seem completely unrelated, but some AI systems and toddlers have more in common than you might think. Just like curious toddlers who poke into everything, AI learns through data-driven exploration of huge amounts of information. Letting a toddler run wild invites disaster, and as such, generative AI models aren’t ready to be left unattended either.

Artificial Intelligence

SC Media - Veterans are the key to the cybersecurity talent shortage

Industry-specific knowledge also becomes invaluable, particularly for IT organizations competing for business in the military or other government branches. Security clearances are often a prerequisite for doing business with government entities, and veterans transitioning to the private sector with these clearances in hand can give their new employers a competitive edge.

Tech Jobs

Network Computing - Is Your Infrastructure Ready? What You Need to Know Ahead of an AI Investment 

There are skills, technologies, and practices that need to be put in place to successfully see a return on your AI investment. The AI tech stack is still forming, but it is rapidly shaping up to include a broad range of technologies and capabilities that many organizations today do not possess.

Artificial Intelligence

CFO - CFOs Must Boost Their Cybersecurity Savvy, Former FBI Agent Says

Today’s executives need to change their mindset and take the time to become cyber savvy, said Cordero. So what does a CFO well-trained in cybersecurity look like? “I define [them] as an executive who understands the different facets of cybersecurity as an enterprise risk,” Cordero said.

Security

TechCrunch - 3 skills could make or break your cybersecurity career in the generative AI era

In addition to its benefits, generative AI introduces data security and privacy concerns that we can’t disregard. While candidates should know how to use this technology to their advantage, they must also understand how large language models (LLMs) can leverage and compromise organizations’ internal data. Unsurprisingly, nearly half of executives worry that the integration of generative AI will result in new attacks against their AI models, services, or data.

Security

CIO Influence - Evolving Cyber Threats: AI’s Role in Reshaping the Landscape

The importance of AI in cybersecurity cannot be overstated. It acts as a proactive shield, not merely reacting to known threats but actively anticipating and adapting to emerging risks. By leveraging machine learning algorithms, AI systems continuously refine their understanding of evolving attack vectors, enabling security teams to fortify their defenses preemptively.

Security

The Hacker News - How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography

By concealing malicious links within QR codes, attackers can evade traditional spam filters, which are primarily geared towards identifying text-based phishing attempts. The inability of many security tools to decipher the content of QR codes further makes this method a go-to choice for cybercriminals.

Security

Dark Reading - Detection & Response That Scales: A 4-Pronged Approach

"When you operate completely silent and disjointed, it puts your teams completely out of touch with your organization and inhibits their ability to work side by side with partner teams," he says. "The detection capability doesn't scale. We need the rest of the organization to be in lockstep with us and working alongside us — that's what defines a modern detection and response approach."

Security

InfoWorld - A cloud professional’s cloud predictions for 2024

Second, generative AI is getting most of the attention in the cloud space. As I stated before, cloud conferences are now generative AI conferences as cloud providers see a huge windfall in cloud services to support net-new generative AI systems. Generative AI systems need an enormous number of resources compared to other stuff.

Cloud

Forbes - In Promoting Cybersecurity, Everyone Has A Role

 Nearly every day we learn about a cyber intrusion or creative way that either criminal organizations or state actors are exploiting vulnerabilities. Just last month, researchers discovered a cheap streaming device that came with secretly installed malware right out of the box, which then served as a node in an organized crime scheme.

Security

DarkReading - IT Pros Worry Generative AI Will Be a Major Driver of Cybersecurity Threats

Even with generative AI making the list of top three cybersecurity threats over the next 12 months, it was clear from the report that generative AI is viewed as both a positive and negative development. Respondents say generative AI would increase productivity (43%), ensure the business is more protected against cyber threats (42%), and ensure employees are trained in cybersecurity fundamentals (36%). On the negative side, there are fears that generative AI will open new avenues for attack (67%) and put businesses at greater risk of attacks (58%).

Artificial Intelligence

sdxCentral - How standards will eliminate SASE and zero-trust confusion

Because SASE encompasses both networking and security, it can require a change in how organizations think about security when considering SASE’s integrated approach. The mixture of solutions from different vendors in different departments can lead to siloed thinking and mismatched skill sets between networking and security teams. It is important that a common language set is defined to create tight coupling among these teams. A fragmented vendor ecosystem and lack of common terminology underscores this need.

Security

Forbes - Three Questions To Ask Third-Party Vendors About Cybersecurity Risk

Search for providers that not only have well-defined security policies and procedures in place but are also transparent about these practices. This means the vendor provides public access to their security policies and procedures, and their policies address all aspects of cybersecurity, including incident response, data security and vulnerability management.

Security

Information Week - To AI Hell and Back: Finding Salvation Through Empathy

Dante needed guides to help him on his journey through Hell. In the modern AI landscape, Iannopollo said, business leaders will need their own guides. “Welcome to the nine circles of Hell,” she told the audience. “This is the place where AI hallucinates, where AI produces bias and discrimination … Hell is the place where IP abuse and privacy violations and security breaches happen.”

Artificial Intelligence

Network Computing - Spider-Man, the Multiverse, and IPv6

Many versions of Linux and Windows now prefer IPv6. Beyond that, embedded versions of Linux are common in IoT devices, and these devices have proliferated across environments. If you are not engaged with that plane when these IoT devices reach out to your network requesting an IPv6 address, you may not even know. It's not unusual for organizations to have a considerable number of these rogue devices that are generally unmanaged, which creates risk within the organization.

Network Management

Datanami - Redpanda Unveils State of Streaming Data Report on Industry Trends, Ecosystem Components and Challenges

The report shares what’s driving companies to migrate their systems from batch processing to real-time systems and the challenges they face. Based on a third-party survey of 300 engineering organizations familiar with streaming data, the report is the first comprehensive, independent study on the current state of the streaming data industry.

Data Management

Information Week - Top US Gov’t CISO Details Zero-Trust Strategy Race

"The things we’ve been talking about for the past decade and working about … it’s all happening to us right now. We needed to figure out how we’re going to galvanize and try to insert energy and focus into federal agencies to really drive forward on the things that we’d been working on for well over a decade. But we were struggling to make meaningful progress.”

Security

Datanami - HPE Research Highlights Rising Challenges in Meeting Enterprise Data Demands

For many organizations, AI will put their IT organizations at a crossroads. Capturing value from data to thrive in the era age of AI-enabled insight will require enterprises to rapidly mature their approach to hybrid cloud and how they store, manage and protect data across its lifecycle.

Data Management

CIO Influence - Shining a Spotlight on User Identity and Device Trust in Cybersecurity

While the rising volume of cyberattacks in financial services and across other industries could be due to increasingly sophisticated cybercriminals, this is largely a misconception. The truth is that hackers are using many of the same tactics they’ve been successfully employing for the last decade, the majority of which are aimed at exploiting user identities or compromising endpoint devices (PCs, laptops, phones, etc.). However, today’s cybercriminals have the advantage of a range of toolkits that open up hacking to “entry-level” threat actors with minimal technical skill

Security

Information Week - The IT Jobs AI Could Replace and the Ones It Could Create

Knowledge base managers and data scientists will be essential roles for enterprises as more and more data is fed into large language models (LLMs). “It's still a garbage in, garbage out problem, and if AI will now do more of our work, what we feed them is more important than ever,” says Katz.

Tech Jobs

CIO Influence - Unlocking the Code: Key Differences Between Networking and Cloud Computing

Cloud networking involves orchestrating and delivering network resources and services utilizing cloud infrastructure. Serving as a form of IT architecture, it empowers organizations to establish connections among users, applications, and data irrespective of their geographical locations. The versatility of cloud networking manifests in its ability to form private cloud networks—segregated from the public Internet—and public cloud networks, accessible to anyone with Internet connectivity

Network Management

Computerworld - The end of the standalone application

That said, in the world of Linux, we still have "our" software. I'm writing this on LibreOffice; when I need to work with images, I use GIMP; and instead of Outlook for e-mail, I use Evolution. Of all the major software vendors in the Windows world, only Microsoft has continued to offer standalone software.

Automation & Productivity

CIO Influence - Discover Business Intelligence’s Transformative Role in CIO Leadership

Business intelligence tools have revolutionized the way organizations access and analyze data, making it possible to harness a wealth of information that would have been impenetrable and indecipherable otherwise. In this context, the Chief Information Officer (CIO), who is responsible for managing all the organizational-level information, plays a pivotal role. By leveraging previously untapped data sources and employing advanced BI techniques, a CIO can drive transformation across multiple facets of the organization, fueling its journey toward a data-driven and future-ready future.

Data & Analytics

Information Week - Balancing Act: Knowing When AI’s Risk is Worth Reward

In the near term, GenAI will be very attractive for senior-level workers, Mellen said. “Ultimately, generative AI and security tools are going to be very useful for those folks who are experienced and more senior level because they have been itching for a tool that is going to help them validate what’s happening in the environment and respond faster.”

Artificial Intelligence

SC Media - Gone phishing: Hackers leverage automation to launch MFA attacks and SEO poisoning

We’ve seen cybercriminals turn to real-time MFA-bypassing solutions, like “in-the-middle” techniques, MFA fatigue, and OAuth consent phishing. In fact, these types of “in-the-middle” techniques are some of the most frequently-observed methods used to gain access to MFA-secured networks in 2023

Security

Network Computing - A Threat Actor’s Playground: Why Security Teams Must Decrypt HTTPS Traffic

Yet many security teams do not enable decryption at the firewall due to the potential complications it can present. Decrypting and then re-encrypting traffic passing through a gateway requires considerable compute resources, including next-gen firewalls (NGFW) or unified threat management (UTM) appliances, and can impact network performance.

Security

sdxCentral - Do answers to AI infrastructure challenges lie in networking, not GPUs?

“We are the network operating system that can straddle switching and routing; that can straddle cloud, telecom service providers and enterprise; that can bring efficiencies inside the core of a data center, between data center capacities and between GPU clusters; and then extend that into the edge of the network,” Ayyar said.

Network Management

Network Computing - The Bottom Line on Upcoming Non-Terrestrial Network (NTN) Services

A year ago, the focus was on how much time it would take big-name players such as Iridium, SpaceX, OneWeb, AST, Viasat, Amazon (Project Kuiper), and others to launch enough LEOs into space to build constellations of birds to be considered viable for enterprise IT. Delays have slowed some players, such as Amazon, which recently launched its first two LEOs for its internet service into space recently. But by comparison, Musk's SpaceX has launched thousands and is offering services internationally.

Network Management

The Hacker News - The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest

As more vendors attempt to challenge the dominant players in the SIEM category, demand is increasing for solutions that offer automation, which can cover 80%, while also offering customization capabilities to cover bespoke use cases - the remaining 20%.

Security

Network Computing - QoS in the Era of Pervasive Video and Edge Apps

Among vendors in the end-to-end network QoS space are Fortinet, Solarwinds, ManageEngine, and others, as well as Opensource providers like OpenNMS. The focus is on providing a single network management framework that can address QoS while also reducing the number of different tools from assorted vendors that network analysts use. The tradeoff for sites using a single, overarching set of tools is that they might sacrifice some network management autonomy and risk vendor lock-in by going for an all-in-one solution.

Network Management

The Hacker News - When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules 

SaaS applications are part of the modern supply chain, and as such they should undergo proper vendor risk assessments and user access reviews prior to connecting them to company data. With Shadow IT, breached applications, non-compliant applications or malicious applications go unnoticed.

Security

Information Week - Considering a Career as an IT Hardware Engineer?

“There are free tools, such as KiCaD, that allow the hobbyist community to thrive alongside professionals. “Even at the high school level there are many associations and clubs, such as FirstRobotics, where students can learn through hands-on experience.”

Tech Jobs

sdxCentral - AT&T: Our network is the ‘next killer app’

“To date in the wireless industry, and surely in the telecom industry, the connectivity networks have really been closed boxes where partners would provide to us a system that worked great. It was all integrated hardware, software and applications in that system and if you needed help with it you generally had to call the partner: ‘hey, Cisco; hey, Nokia, Ericsson, can you help me with this?’ We’re really working on breaking that up into open disaggregated networks.”

Network Management

CIO Influence - As Companies Eye Generative AI to Improve Productivity, Two-thirds Admit to GenAI-related Security or Misuse Incidents

The newness of these programs is likely why. While the majority (84%) of respondents have invested or are planning to invest in GenAI, 71% of these GenAI operations were launched within the last two years, and nearly half (49%) were launched in just the last 12 months. Of those respondents whose businesses have adopted AI, 85% are concerned about its privacy and security risks.

Privacy & Security

sdxCentral - HPE program makes, not takes, cybersecurity talent

“With this mindset, the talent pool becomes an ocean,” Ford said. “In the two years that we have been doing this, I can say confidently that we have discovered people with unique and valuable experience who would most certainly have been overlooked had we employed conventional hiring methodologies.”

Tech Jobs

CIO Dive - 5 OpenAI, ChatGPT updates for CIOs to watch

Companies can create tailored versions of ChatGPT, called GPTs, within the tool’s app for a specific task without any coding knowledge. Once created, users can publish the GPTs for public use or share them only for a company’s internal use.

ChatGPT

eWeek - 20 Top Artificial Intelligence Certifications 2023

AI certifications demonstrate understanding and competence in various aspects of AI, such as machine learning, natural language processing, computer vision, robotics, and AI software.

Training & Certs

sdxCentral - Why IPv6 matters for SD-WAN and why vendors are certifying their products

“While there is continued migration to IPv6, at times, it does require an upgrade or replacement of hardware and software,” Sheu said. “This includes upgrading routers, switches, and other network equipment as well as updating software.”

Network Management

Computerworld - Q&A: ServiceNow CIO sees an 'iPhone moment' for genAI

ServiceNow is now implementing genAI through an internal pilot program. Leveraging its own platform and third-party LLMs, the company has gone live with 15 genAI pilots across multiple departments, including customer service, IT, HR, and sales.

Artificial Intelligence

Information Week - Getting Aggressive with Cloud Cybersecurity

With cloud native infrastructures deployed across the enterprise, typical endpoint and intrusion detection tools are not sufficient to identify attacks or vulnerabilities in a non-VM infrastructure, cautions Accenture Federal Services’ cyber chief technical officer Dave Dalling via email. “Real-time automated responses can quickly shut off attacks and prevent lateral movement through credential stealing and role escalation.”

Security

Computerworld - It’s time to take your genAI skills to the next level

A new study found that employees with skills in artificial intelligence (AI) can earn salaries as much as 40% higher than peers without AI skills. But the real value, they found, was combining AI skills with a wide range of other skills. The secret to commanding higher salaries is something called “complementarity” — the ability to combine valuable non-AI skills with AI skills

Tech Jobs

Network World - 2024 network plans dogged by uncertainty, diverging strategies 
<