February 03, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
On the international stage, companies are becoming more aware of the more active and robust policies they may face and the penalties they can carry. That has led to some patterns, Plaggemier says, developing around what is reasonable for companies to enact in relation to their sector and industry. “Do you have security or privacy tools or practices in place that are in line with your competitors?” she asks. While such an approach might be considered reasonable at first, competitors might be way ahead with much more mature programs, Plaggemier says, possibly making copying rivals no longer a reasonable approach and compelling companies to find other ways to achieve compliance. Data privacy regulations continue to gain momentum, and she believes it will be interesting to see what further kind of enforcement actions develop and how the courts in California, for example, manage. As CCPA and other state-level regulations continue into their sophomore eras, Plaggemier says at least a few more states seem likely to get on the bandwagon of data privacy regulation. Meanwhile, there is also some growing concern about how AI may play a role in potential abuses of data in the future.
Ideally, Enterprise Architecture supplies the context and insight to guide Solution Architecture. To address broad considerations, and align diverse stakeholder viewpoints, Enterprise Architecture often needs to be broader, less specific, and often less technical than Solution Architecture. ... Done well, Enterprise Architecture should provide long-term guidance on how different technology components support overall business objectives. It should not prescribe how technology is, or should be, implemented, but rather provide guardrails that help inform design decisions and prioritization. Additionally, most organizations have several technology components that support business operations; Salesforce is usually just one. Understanding how the various technology components work together will enable you to be a well-informed contributing member of a larger team. EA can help to provide valuable context about how Salesforce interacts with other systems and might spark ideas on how Salesforce specifically can be better utilized to support an organization.
In a statement shared with BleepingComputer late Friday afternoon, AnyDesk says they first learned of the attack after detecting indications of an incident on their product servers. After conducting a security audit, they determined their systems were compromised and activated a response plan with the help of cybersecurity firm CrowdStrike. AnyDesk did not share details on whether data was stolen during the attack. However, BleepingComputer has learned that the threat actors stole source code and code signing certificates. The company also confirmed that the attack did not involve ransomware but didn't share too much information about the attack other than saying their servers were breached, with the advisory mainly focusing on how they responded to the attack. As part of their response, AnyDesk says they have revoked security-related certificates and remediated or replaced systems as necessary. They also reassured customers that AnyDesk was safe to use and that there was no evidence of end-user devices being affected by the incident. "We can confirm that the situation is under control and it is safe to use AnyDesk.?
领英推荐
Unlike strategic objectives, which are rationally derived, visions are values-laden. They give meaning through an ideological goal. Since they are about what should be, they are, by definition, an expression of values and corporate identity. Thus, effective CEOs keep the vision malleable in relation to the business landscape but never change the values underneath. Not only that, but their personal values align with the organization and its vision — one reason for doing a values assessment in CEO succession. ... Some of the most catastrophic events in history have been the result of a psychopath's vision. Visions can be powerful, influential and morally corrupt — all at the same time. Conversely, real leaders create a vision that benefits the entire ecosystem, where the rising tide lifts all boats and makes the world a better place. Robert House, from the University of Pennsylvania, defined a greater good vision as "an unconscious motive to use social influence, or to satisfy the power need, in socially desirable ways, for the betterment of the collective rather than for personal self-interest." This is using the will to power for the betterment of humanity, to shape the future, rather than as a source of ruthless evildoing.
So what can we do to make sure we’re ready for this universal shift to voice-controlled tech and having natural language conversations with machines? Dengel suggests the answer lies in meeting the challenge head-on. This means drawing together teams made of technologists, engineers, designers, communications experts and business leaders. Their core focus is to identify opportunities and potential risks to the business, allowing them to be managed proactively rather than reactively. “That’s always the first step,” he says, “because you start defining what’s possible, but you’re doing it in the context of what’s realistic as well because you’ve got your tech folks involved as well … ” It’s a “workshop” approach pioneered by Apple and adopted by various tech giants that have found themselves at the forefront of an emerging wave of transformation. But it’s equally applicable to just about any forward-looking business or organization that doesn’t want to be caught off-guard. Dengel says that addressing a group of interns recently, he told them, “I wish I were in your shoes – the next five years is gonna be more innovation than there’s been in the last five or maybe the last 20 years
Gamification has been a great way to increase skills across the industry, and this has become particularly important as adversaries become more sophisticated and robust security becomes a critical piece to business continuity. ... We all love our extrinsic motivators, whether it’s stars or our green squares of activity on GitHub or even our badges and stickers in forums and groups. So why not create a reward system for security too? This makes it possible for developers to earn points, badges or status for successfully integrating security measures into their code, recognizing their achievements. ... Just as support engineers are often rewarded for the speed and volume of tickets they close, similar ideas can be used to advance security practices and hygiene in your organization. Use leaderboards to encourage a healthy competitive spirit and recognize individuals or teams for exceptional security contributions. ... This is in addition to the badges and other rewards mentioned above. I’ve seen recognition programs for other strategic initiatives in organizations, such as “Top Blogger” or “Top Speaker” and even special hoodies or swag awarded to those who achieve the title, giving it exclusivity and prestige.