May 11, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
To encourage the “shift-left” movement—which advocates for testing early and often—many test tool vendors are exploring Copilot-like methods for script-based test automation. They anticipate that developers will use these tools to generate early test scripts with GenAI assistance. This trend highlights how AI-assisted technologies can optimize workflows by automating routine tasks and suggesting improvements, perfectly aligning with the proactive shift-left approach. However, should we narrowly define GenAI-driven test automation as merely an extension of tools like Copilot for creating Selenium-like scripts? Such a view greatly underestimates the transformative impact of AI in quality assurance (QA) testing. To truly leverage GenAI’s capabilities, we must expand our perspective beyond developer-centric models. While integrating testing earlier in the development process is beneficial, GenAI’s real strength lies in democratizing testing, fulfilling its core promise by enabling a broader range of participants, including manual testers, to effectively use no-code test automation tools.
Composable is a term used by Netlify frequently, and some developers see it as a marketing term that basically means “an enterprise version of Jamstack,” said Rinaldi. That’s not true, he said. “It’s really much more focused on the backend,” he said. “In fact, … it’s not even concerned with what kind of application you’re building on the frontend. You could have a composable architecture that talks to a mobile application, you could have it talk to a web application.” Whereas Jamstack was very focused on how developers build a website, composability takes a broader view — though it is more of a practice for large organizations, he added. “I have all these different APIs, now I need to create this whole kind of backend for frontend pattern where I might have a layer on the frontend that’s just trying to weave together all my backend APIs,” he said. “Now we need to get the customer data from the customer API to get the customer ID to then pass it to the orders API to get the orders. You’re weaving together this complex stuff, often coming from different systems and different APIs. And it was hard to pull all that together.”
“While the CTO is responsible for overseeing an organisation’s overall technology strategy and infrastructure, the CAIO’s primary responsibility is to identify opportunities for AI deployment, develop an AI strategy aligned with business goals, and oversee the execution of AI initiatives,” said Sachin S Panicker, Chief AI Officer, Fulcrum Digital Inc. Simply put, the CAIO oversees the development and implementation of AI projects across the company. This could involve collaborating with data scientists, engineers, and other technical teams. They might also manage partnerships with external AI vendors. ... It also becomes important to have a chief informational security officer, once the AI strategy is in place, who can guarantee the safety of generative AI tools within the organisation. The challenges posed by generative AI have become a significant headache for SaaS security teams.According to a recent Salesforce study, more than half of GenAI adopters use unapproved tools at work. The research found that despite GenAI’s benefits, a lack of clearly defined policies around its use may put businesses at risk. Most likely, CISO roles are also changing with generative AI.
领英推荐
The updates are meant to keep pace with developments in technology and business practices and extend the CSA's regulatory oversight to other entities and systems beyond physical assets. The amendments will enable the regulator to better respond to evolving cybersecurity challenges and operate on a risk-based approach in regulating entities, Puthucheary said. For instance, when the Cybersecurity Act was first established in 2018, it sought to regulate physical CIIs (critical information infrastructures). The minister noted that new technology and business models have since emerged, particularly with the advent of cloud computing. ... The updated legislation allows the government to make it clear the CII owner is responsible for the cybersecurity of its virtualized infrastructure, not third parties involved in the supply of the underlying physical infrastructure, he said. The Cybersecurity Act lists 11 CII sectors, which include water, health care, maritime, infocommunications, banking and finance, and aviation. The Act outlines a regulatory framework that formalizes the duties of CII providers in securing systems under their responsibility, including before and after a cybersecurity incident has occurred.
Data is reshaping the digital economy and its relevance in L&D cannot be overstated. By leveraging data analytics, NBFCs can gain valuable insights into existing employee skill gaps, learning preferences and performance metrics. ... From immersive virtual classrooms to mobile learning apps, technology has evolved and made the impossible to possible. By embracing innovative learning technologies, NBFCs can deliver personalised and on-demand training experiences that will empower employees to learn and grow as professionals. Furthermore, advent of artificial intelligence and machine learning have boosted the efficiency of L&D programmes by providing personalised recommendations, adaptive assessments, and real-time feedback. ... The success of Learning & Development (L&D) programmes now hinges critically on integrating cutting-edge technology to foster a culture of continuous learning and development. Leveraging data-driven insights and embracing advanced technologies, HR professionals can cultivate a growth mindset among employees, encouraging them to embrace new challenges and opportunities.
When hit with a cyber breach, the first thing you do is look at the incident response plan. "If you're discussing when you're in the middle of a breach, 'Should we call the FBI or not? Should we do that?' That's a problem," Powers said. "That's something you should already have planned for and had discussions. … When you're thinking instant response, you're thinking the plan first." Pasteris added that it is vital to know what your assets are, as things fall through the cracks. Not only should you know what applications you use, but how you are protecting those applications. "A lot of organizations don't keep track of their assets," he said. "How are they protected, how they do defense in depth around those apps." ... A big question, according to Jay Martin, security practice lead at Blue Mantis, is if and when you should call the FBI after a cyber breach, as a lot of companies worry about getting on the FBI's radar. "Do we call the FBI, not call the FBI?" he asked. "And what are they going to do for us when we call them?" There are advantages to calling the FBI, said Joe Bonavolonta, managing partner at global risk and intelligence advisory firm Sentinel, who served more than 27 years with the FBI, including a stint as head of the FBI counterintelligence program.?