June 17, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
The agility and flexibility to adjust sizing as needed are critical for resilience. "You can upscale or downscale based on growth, and this is why resilience is important. In case of any economic or external risks, we are prepared to run our operations, and our IT services are equipped to meet business demands," she said. ... Integrating technology to connect with suppliers and customers is crucial for mitigating risks and enhancing collaboration. "Accurate and agile information through integrations is crucial for resilience," Fernando said. Hela Clothing has automated plant and manufacturing flows to provide real-time visibility and efficiency, ensuring data availability for the business to recalibrate and move swiftly in response to capacity issues. "Security, data governance and skilled talent are the fulcrum of any resilient strategy," Najam said. Data is the new oil, but it needs to be refined to be valuable. Proper data governance and management are crucial for high-confidence analytics. Building strong partnerships with vendors and customers is also essential for a resilient organization.?
All the work around AI has further highlighted the value of data — for the organizations and hackers alike. That, along with the ever-increasing sophistication of the bad actors and the consequences of suffering an attack, has turned up the heat on CIOs. “Indications are that hackers/ransomware agents are becoming more aggressive. At the same time, operations and decision-making are increasingly dependent on data availability and accuracy. Meanwhile, the perimeter of exposure widens as remote workers and connected devices proliferate. This is an arms race, and the CIO must lead the charge by implementing better tools and training,” Carco says. ... Swingtide’s Carco sees a related issue that many CIOs face today, which is effectively managing vendors as the number of providers within the IT function dramatically grows. “CIOs are coming to recognize that an organization built for internal operations is not well-suited to managing dozens or hundreds of external providers, and the proliferation of contractual obligations can be overwhelming. In case of emergency, knowing who has your data, what their contractual obligations are to safeguard it, and how they are performing has become extremely difficult,” Carco says.
The issue starts with the mere task of importing billing data from cloud providers. Although all major public clouds generate bills that detail what you spent each month, they expose the billing data in a different way. Amazon Web Services (AWS) generates a large CSV file... For its part, Azure expects customers to import billing data using APIs. This means that simply getting all of your billing data into a central location requires implementing multiple data importation workflows. Once the data is centralized, comparing it can be challenging because each cloud provider structures billing data a bit differently. ... Consider, too, that GCP breaks cloud server spending into separate costs for compute and memory. AWS and Azure don't do this; they report billing information based only on the total resources consumed by a cloud server. Thus, if you use AWS or Azure, you need to disaggregate the data yourself if you want the level of granularity that GCP provides by default — and doing so is important if you need to make an apples-to-apples comparison of what you spend for both compute and memory across clouds.
The challenge of securing a SaaS environment demands a multifaceted security strategy and that starts with a strong SaaS security team. Providing education in line with employee’s job functions is essential. So, for security teams that means ongoing training and professional development opportunities so they are up-to-date on the latest threats and technologies. Training is particularly important when it comes to the tools they’ll be utilizing in order to fully take advantage of the capabilities offered. A security team is only as good as the tools they are given to work with so companies need to make sure that they’re deploying (and updating) advanced security tools that are tailored to cloud applications. Teams also need standardized processes for incident response, regular security assessments, and compliance monitoring as an established workflow lends itself to consistency across an organization especially with the diverse nature of the SaaS ecosystem. While not specific to setting up a security team, once the team is in place zero trust’s principle of “never trust, always verify” will go a long way to strengthening not only a SaaS security posture but that of the entire organization.
Cultivating an entrepreneurial mind-set is critical in this educational transformation. It encourages students to look beyond conventional career paths and to consider how they can make societal impacts through innovation. Entrepreneurial development cells and similar initiatives within universities play a crucial role by providing mentorship, resources, and support systems that propel students to explore innovative ideas and bring them to life. These programs are pivotal in aiding students to launch their own ventures, thereby enriching the start-up ecosystem directly. Moreover, there is a growing emphasis on integrating emerging technologies such as artificial intelligence (AI), machine learning, blockchain, and the Internet of Things (IoT) into the engineering curriculum and to some extent this has already happened too. This integration ensures that students are not only consumers of technology but also its creators. Project-based problems utilizing these technologies to address practical problems—such as developing AI-driven healthcare solutions or blockchain-based supply chain enhancements—highlight the tangible impacts of a robust educational framework.?
Empathy is critical to fostering an inclusive work environment and building a culture of trust. As a leader, one has to empower the team to have the courage to take risks, make tough decisions in the face of adversity, and remove the fear of failure. This is possible with open and honest communication with teams and continuous encouragement to proactively drive ‘difficult’ projects. Also, I believe a well-acknowledged team is a highly motivated team. Recognising achievers in your team keeps them motivated to keep outperforming and also fosters a culture of continuous improvement. While we keep achieving new milestones and grow exponentially as an organisation, it is equally important to recognise our talent and motivate them to grow. ... As a leader, one has to set clear expectations with their teams, provide support and mentoring, create a safe space for experimentation, encourage cross-functional collaboration, empower teams to take decisions, and invest in technology and infrastructure. As an organisation, Welspun Corp encourages its people to keep acquiring new knowledge, refine their skills, and adapt to change.?