March 24, 2023
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
“CFOs should be aware of the increasing risks of cyber threats, including the potential impact on financial performance, reputation, and customer trust,” said Gregory Hatcher, a former U.S. special forces engineer and current founder of cybersecurity consulting firm White Knight Labs. “This includes both external cyber threats and the risk of insider threats posed by disgruntled employees or those with privileged access.” ... “The most commonly overlooked aspects of cybersecurity when transitioning to cloud operation and storage are the cloud provider’s security protocols and compliance requirements,” Hatcher said. He also mentioned the need for employee training on how to securely access and handle cloud data, as well as the potential risks of third-party integrations. Hatcher still recommends executives transfer data sets to the cloud, but with cybersecurity as a large consideration during the process.... “However, it’s essential to choose a reliable cloud provider and ensure compliance with data protection regulations. Keeping data in-house can be risky due to limited resources and potential vulnerabilities.”
Vulnerabilities are made possible by bugs, which are errors in source code that cause a program to function unexpectedly, in a way that can be exploited by attackers. By themselves, bugs are not malicious, but they are gateways for threat actors to infiltrate organizations. These allow threat actors to access systems without needing to perform credential harvesting attacks and may open systems to further exploitation. Once they are within a system, they can introduce malware and tools to further access assets and credentials. For attackers, vulnerability exploitation is a process of escalation, whether through privileges on a device or by pivoting from one endpoint to other assets. Every endpoint hardened against exploitation of vulnerabilities is a stumbling block for a threat actor trying to propagate malware in a corporate IT environment. There are routine tasks and maintenance tools that allow organizations to prevent these vulnerabilities getting exploited by attackers.
A serverless function is designed to strip away as much of that “server-ness” as possible. Instead, the developer who writes a serverless function should be able to focus on just one thing: Respond to an HTTP request. There’s no networking, no SSL configuration, and no request thread pool management — all of that is handled by the platform. A serverless function starts up, answers one request and then shuts down. This compact design not only reduces the amount of code we have to write, but it also reduces the operational complexity of running our serverless functions. We don’t have to keep our HTTP or SSL libraries up to date, because we don’t manage those things directly. The platform does. Everything from error handling to upgrades should be — and, in fact, is — easier. ... As enticing as the programming paradigm is, though, the early iterations of serverless functions suffered from several drawbacks. They were slow to start. The experience of packaging a serverless function and deploying it was cumbersome.
领英推荐
Alongside the positive media coverage, the GPT limitations have been widely documented. This is partly due to their training on vast amounts of unverified internet data. Generative AI tools can potentially provide users with misleading or incorrect information, as well as biased and even harmful content. In fact, the developers of ChatGPT make their users aware of all these limitations on its website. Copyright and legal issues have also been raised. And even the introduction of the GPT-4 version, with more advanced algorithms and larger databases, enabling it to have a much better understanding of nuances and contexts, does not eliminate its flaws, as OpenAI CEO Sam Altman wrote on Twitter.?Any enterprise looking to implement generative AI tools needs to have strategies in place to mitigate any limitations. The key to managing these is human supervision and control. Deploying a team of conversational designers/moderators overseeing what knowledge is searched and which GPT capabilities are used, gives control over what information is passed on to users.?
“Regardless of the level of demand, though, my approach to hiring is the same,” he says. “I’m usually looking for the right mix of 'security-plus' people.” That means the right mix of core cybersecurity competencies, as well as some other experience in a related technical or compliance field. “It’s not enough to know just security,” he says. “We’re big on cybersecurity pros who aren’t afraid to go broad and get involved in the business aspects of their projects so they can relate to the teams they’ll be working with.” He says he recommend honing technical skills related to zero trust, cloud, automation -- and don’t forget soft skills like communications, project management, and leadership. “In many generalist security roles, people will be expected to cover a lot of ground and focusing on those soft skills can really set a candidate apart,” he says. Mika Aalto, co-founder and CEO at Hoxhunt, notes organizations are still hiring, but there is a lot more talent competing for the same jobs these days.?
Generative AI has the potential to have a huge impact on the economy and society in the coming decade. AI-powered tools can help us automate mundane tasks, freeing up more time for us to focus on more creative tasks. AI can also help us find new ways to solve problems, creating new jobs and opportunities. AI can also be used to create new products and services. AI-powered tools can help us create new products and services that are tailored to the needs of our customers. AI-powered tools can also help us make more informed decisions, allowing us to better understand our customers and their needs. A survey from the World Economic Forum predicted that by 2025, machines will eliminate 85 million jobs while also creating 97 million new employment roles. Shelly Palmer, a professor of advanced media at Syracuse University, says that jobs like middle managers, salespeople, writers and journalists, accountants and bookkeepers, and doctors who specialize in things like drug interactions are “doomed” when it comes to the possibility of AI being incorporated into their jobs.
Next Trend Realty LLC./wwwHar.com/Chester-Swanson/agent_cbswan
1 年Well said.