January 22, 2022
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
Today’s environment is a unique one for leaders. Businesses cannot afford for leadership to be focused on just one part of the business—the world is too interconnected and moves too quickly. Which is why we’ve moved onto the era of technologists as CEOs. Every company is a technology company in today’s digital-first world. Industries are constantly being disrupted by the next big thing, which means businesses need modern CEOs that are equally comfortable managing the business as they are with technology. As so many organizations look to navigate digital transformation journeys, having a leader at the helm who understands the importance not just of having technology, but having the right technology, is critical. Technology is a strategic advantage for today’s organizations. Without a leader who can make those nuanced decisions, it’s impossible to create solutions that will be useful for customers. And customers must always be at the center of any CEO’s decisions. Rocket’s solutions touch the lives of so many every day – from withdrawing money from an ATM to swiping your credit card at a convenience store, our technology is critical to ensuring the lives of millions run smoothly.
Forward thinking, meanwhile, will spark an increase in long-term contracts that accommodate three-to-five-year planning horizons. Inflation and the war for talent also encourage extended contract periods, Lovelock noted. Longer-term deals offer CIOs greater certainty regarding cost and the availability of technical skills, he said. The skill shortage will also generate demand for external service providers such as consultants and MSPs. The Gartner forecast shows IT services growing to 7.9% year over year in 2022, hitting $1.3 trillion. The market watcher expects IT services' spending growth to trail only enterprise software, which tops the Gartner forecast with a projected 11% year-over-year increase. Business and technology consulting services will emerge as one of the fastest-growing sectors in IT services, growing at a 10% clip in 2022, Lovelock said. Cloud adoption will help drive that spurt. Gartner research suggests the vast majority of large organizations will hire external consultants to devise cloud strategies over the next few years.
The privacy watchdog said end-to-end encryption plays an important role in safeguarding privacy and online safety, protecting children from abusers, and is crucial for business services. The intervention follows the launch of a government-funded campaign this week that warns that social media companies are “blinding themselves” to child sexual abuse by introducing end-to-end encrypted messaging services. Stephen Bonner, the ICO’s executive director of innovation, said the discussion on end-to-end encryption had become too unbalanced, with too much focus on the costs, without weighing up the significant benefits it offers. “E2EE serves an important role both in safeguarding our privacy and online safety,” he said. “It strengthens children’s online safety by not allowing criminals and abusers to send them harmful content. “It is also crucial for businesses, enabling them to share information securely and fosters consumer confidence in digital services.”
领英推荐
What is truly alarming, however, is how far behind many public and private organizations are with their patch management procedures. We frequently find known vulnerabilities in our customers' business-critical applications that are several years old and still unpatched. This directive looks to change that, ensuring agencies and their third-party vendors develop plans to find and remediate these known vulnerabilities. Multiple studies demonstrate that detecting vulnerabilities and prioritizing the right patches quickly and efficiently are the largest challenges. By establishing a prioritized catalog of vulnerabilities, the directive seeks to give federal agencies a leg up. The onus on establishing a plan and process for remediation, however, still remains with the individual federal agencies. Nevertheless, we're glad to see the Biden administration take this critical step forward in improving the cybersecurity posture of the United States and, by extension, the companies that provide services to the federal government.?
There's a consensus among cybersecurity experts that many of the major ransomware operations work out of Russia, with the authorities willing to turn a blind eye towards attacks targeting the West. But following arrests throughout the region, some cyber criminals are wondering if the risk is worth it. "This is a big change. I have no desire to go to jail," wrote one forum member. "In fact, one thing is clear, those who expect that the state would protect them will be greatly disappointed," said another. There's even concern that administrators of the dark web communities – who would have details about their users – could be coerced into working for law enforcement following arrest. Such is the paranoia among some forum members and ransomware affiliates that they suggest moving operations to a different jurisdiction, although this is unlikely to be a realistic option for many. "Those that are seasoned in cybercrime understand that by moving outside of Russia, they'll be taking on an even greater risk of being arrested by international law enforcement agencies. These agencies that are keeping tabs on cyber criminals will be watching for such potential moves," Ziv Mador.
“Tech companies, enterprises, anyone writing software is dependent on open-source,” says Wysopal. “Now there is a recognition at the highest levels of government that this is a big risk.”?Easterly and other experts say that tech companies need to improve transparency. Adopting a Software Bill of Materials, as mandated by a 2021 executive order on cybersecurity from President Joe Biden, would help both developers and users better understand what is actually vulnerable to hacking when software flaws are discovered. Valsorda, who has managed to turn his own open-source work into a high-profile career, says that formalizing and professionalizing the relationship between developers and the big companies using their work could help. He advocates turning open-source work from a hobbyist pursuit into a professional career path so that critical infrastructure isn’t dependent on the spare time of a developer who already has a full-time job. And he argues that companies should develop systems to pay the people who maintain open-source projects their fair market value.