February 02, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
A CISO now needs to start acting like a CFO on their very first day in the role. CISOs no longer have the freedom to prioritize business interests and subordinate cybersecurity, because they will be found liable for misrepresenting security practices in the event of a cyber-incident. CFOs can’t let some fraud, financial crime, absence of key stated controls, or insider dealing go while they ease into the role, and CISOs will need to start acting the same way regarding their company’s security program. While some may find this new era of CISO accountability a threat, they need to look at the massive opportunity as well — and the opportunity is quite big! Yes, CISOs will have more work to do with this new level of scrutiny and accountability. However, this new era will allow them to take a more senior and influential role in the organization, receive greater allocations of resources to maintain an appropriate level of perceived risk, prioritize critical enterprise security needs, and be fully transparent on what security issues their company is dealing with. And because CISOs and their respective companies will be more transparent and accountable, this should lead to greater trust in them from customers, board members, investors, employees, regulators, and the communities in which they operate.
Data architecture encompasses the design, structure, and organization of data assets. It involves defining the blueprint for how data is collected, stored, processed, accessed, and managed throughout its lifecycle. Data architecture sets the foundation for data governance by establishing standards, principles, and guidelines for data management. It encompasses aspects such as data models, data flow diagrams, database design, and the integration of data across different systems. Effective data architecture is crucial for ensuring data consistency, integrity, and accessibility, aligning data assets with the organization's goals and objectives. Data modeling is a specific aspect of data architecture that involves creating visual representations (models) of the data and its relationships within an organization. This process helps in understanding and documenting the structure of data entities, attributes, and their interactions. Data modeling plays a vital role in data governance by providing a standardized way to communicate and document data requirements, ensuring a collective understanding among stakeholders.?
The cloud providers sold the cloud as something that needed to be leveraged ASAP, so massive workloads and data sets were lifted and shifted to this new “miracle platform.” Three things occurred: First, it was more expensive than we thought. I use the unproven number of the cloud costing 2.5 times what enterprises believed it would cost to operate workloads and data sets in the cloud. This all blew up in 2022, when we also had the accommodation of workloads moved during the pandemic, many with unimproved applications and data sets. Second, poorly designed, developed, and deployed applications moved from enterprise data centers to the cloud, where applications still need to be better designed, developed, and deployed. We’re paying more for them to run in the cloud since we’re paying for the existing inefficiencies. ... Finally, enterprises aren’t learning from their mistakes. I’ve often been taken aback by the amount of lousy cloud reality that most enterprises accept. Although some have moved back to enterprise data centers, some are indeed funding application and data optimization. We’re still getting a C- in returning value to the business, our shared objective.
领英推荐
According to Bademosi, “”Integrating digital technologies is not just a trend, it is the next frontier in creating sustainable, resilient, and advanced infrastructure systems. As we look to the future, it is evident that digital technology will be at the heart of every innovation” The benefits of harnessing new technologies and transforming infrastructure seem limitless. But government agencies and industry partners may not know where to start. According to Bademosi, it begins by gauging the current state of critical infrastructure systems and what is needed for the future. What are the strengths, weaknesses, and potential opportunities available for infrastructure? Next, it’s important to foster collaborations across government agencies, industry leaders, and the communities that will be impacted by the proposed project. Industry partners and government agencies then need to empower their workforce with the training they need to deploy these technologies on future projects. Once training is complete, they can begin to experiment with these new technologies on smaller pilot projects, using them as workshops to test strategies.
We’re not going to argue that monoliths are perfect. But an intentionally designed monolith has a comprehensible solution to each flaw, and unlike a microservices architecture, each one you resolve creates a feedback loop of improvement with internal scope. To improve your monolith in some dimension — performance scaling, the ease of onboarding for new developers, the sheer quality of your code — you need to invest in the application itself, not abstract the problem to a third party or accept a higher cloud computing bill, hoping that scale will solve your problems. Of their experience, the Amazon Prime Video team wrote, “Moving our service to a monolith reduced our infrastructure cost by over 90%. It also increased our scaling capabilities. … The changes we’ve made allow Prime Video to monitor all streams viewed by our customers and not just the ones with the highest number of viewers. This approach results in even higher quality and an even better customer experience.” Since the Amazon Prime Video engineering team published their blog post, many have argued about whether their move is a major win for monoliths, the same-old microservices architecture with new branding or a semantic misinterpretation of what a “service” is.?
The surge of sensory data volume and network traffic generated by IIoT devices can overwhelm existing network infrastructure. Outdated hardware and bandwidth constraints can severely cripple the efficient operation of these interconnected systems. Scaling up and modernizing infrastructure becomes imperative in paving the way for a flourishing IIoT ecosystem. ... In the intricate game of cyber defense, network visibility reigns supreme. The map and compass guide defenders through the ever-shifting digital landscape, illuminating the hidden pathways where threats dwell. Organizations navigate murky waters without it, blind to threat actors weaving through their systems. Network visibility emerges as the antidote, empowering defenders with a four-pronged shield: early threat detection, where anomalies transform into bright beacons revealing potential attacks before they escalate. Secondly, it facilitates swift incident response, allowing isolation and mitigation of the affected area like quarantining a digital contagion; proactive threat hunting, where defenders actively scour network data for lurking adversaries and hidden vulnerabilities, pre-empting attacks before they materialize.?
Great insight on #DigitalTransformation! As Bill Gates once said, "The advance of technology is based on making it fit in so that you don't really even notice it, so it's part of everyday life." ???? Focus on embracing these changes, just as you would with the laws of nature. ??????