June 08, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
Shadow engineering leaves security teams with little or no control over LCNC apps that citizen developers can deploy. These apps also bypass the usual code tests designed to flag software vulnerabilities and misconfigurations, which could lead to a breach. This lack of visibility prevents organizations from enforcing policies to keep them in compliance with corporate or industry security standards. ... LCNC apps have many of the same problems found in conventionally developed software, such as hard-coded or default passwords and leaky data. A simple application asking employees for their T-shirt size for a company event could give hackers access to their HR files and protected data. LCNC apps should routinely be evaluated for threats and vulnerabilities, so they can be detected and remediated. ... Give citizen developers guidance in easy-to understand terms to help them remediate risks themselves as quickly and easily as possible. Collaborate with business developers to ensure that security is integrated into the development process of LCNC applications going forward.
While we can't control disruptions, we can control our outlook on the future. Leaders must instill confidence in their teams, emphasising the inevitability of change and the collective ability to find positive solutions. Honesty is a form of optimism, so be honest with yourself and your teams about the issues at hand, resisting attempts to ignore or minimise them. ... Problem-solving is at the core of leadership, so leaders should be unafraid to ask questions, seek insights from others, and involve their teams and wider network in finding solutions. Remember, you do not have to tackle everything alone or have all the answers. When I face a complex problem, I dissect it into manageable pieces and think through each disparate part. ... The right relationships in your life, personal and professional, provide perspective and ideas which is essential for progress. Building a robust network—from friends and family to colleagues and industry peers—provides support and inspiration to maintain optimism and courage amid disruption. The more diverse your network, the more people you can call on to fuel your optimism and courage in the face of disruption.
Cybersecurity and sustainability are discrete functions in many enterprises, yet they could benefit greatly from being de-siloed. Sustainability and cybersecurity initiatives need C-suite awareness and resources to permeate an enterprise’s culture and actually achieve their goals. “It's not a one-person show anymore. It's really an ownership in that responsibility and a stewardship that cuts across functional leadership across … the entire organization,” says Lynch. In more mature organizations, cybersecurity already has board-level involvement, which can make it easier to see and act on its intersection with sustainability. But for many organizations, cybersecurity and sustainability are separate and even back-office functions. “The cybersecurity leader should not wait for someone to come [and] invite them into these conversations,” says Govindankutty. The stakeholders who need to be involved in cybersecurity and sustainability extend beyond an enterprise’s four walls. Third-party vendors are a vital part of an enterprise’s ecosystem.
领英推荐
The first step is to identify the narrowly defined vertical market segments that the company will focus on. The second step is to find a lighthouse customer or two to focus all the team’s attention on to define the minimum viable product (MVP). That is iterative as the customer and the product team go back and forth with features that are must-haves. Then the startup team tests that candidate MVP with a few other customers. ... If you ask any experienced entrepreneur, investor or board member what the most important thing a startup CEO must stay on top of is, it’s to know at all times how much cash they have, what the monthly burn rate is and how long the runway is before cash runs out. Many mistakes are excusable and recoverable, but running out of cash by surprise is neither. ... Culture is not pizza and beer on Fridays, foosball tables or little rooms filled with toys. It is about the values of the company and how they are espoused. It is about the tone the CEO sets and how they communicate with all of their constituents. And the importance of culture is not not just about company morale, although that is very important. It is about attracting and retaining the best talent. While it might be nice to think you can put this off while focusing on the first four things, you would be wrong.
Data from sensors offers a treasure trove of insights from the physical world for data scientists. From tracking temperature fluctuations in a greenhouse to analyzing the vibrations of industrial machines in a manufacturing plant, these tiny devices capture crucial information that can be used for groundbreaking research and development. The journey from collecting raw sensor data to actionable analysis can be riddled with stumbling blocks, as the realities of hardware components and environmental conditions come into play. The typical approach to sensor data capture often involves a cumbersome workflow across the various teams involved, including data scientists and engineers. While data scientists meticulously define sensor requirements and prepare their notebooks to process the information, engineers deal with the complexities of hardware deployment and software updates that reduce the scientists’ ability to quickly adjust these variables on the fly. This creates a long feedback loop that delays the pace of innovation across the organization.
When asked to rank the defining characteristics of a leading CIO, respondents were split between the conventional and contemporary, saying the traditional, more IT-centric qualities are just as important as the strategic and more customer-focused ones. While aligning tech vision and strategy with the business has been the role of CIOs and technology leaders for some time, the scope of their duties now extends deeper into the business itself. "Establishing and managing a tech vision isn't enough," said DiLorenzo. "Today's CIOs need to own all the various technology uses across their organizations and ensure they're actively coordinating and orchestrating their fellow tech leaders -- as well as their business peers -- to co-create a vision and tech strategy that aligns with, and furthers, the overall enterprise strategy." Getting to a leadership position also requires immersing oneself in the business, Shaikh advised. "Business acumen, which includes understanding various business functions and industry dynamics, can be cultivated by spending time in business units," she said. "This understanding is crucial for strategic thinking, to help identify opportunities where technology can impact goals."