November 13, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
In response to current digital transformation demands, organizations are integrating emerging technologies at an unprecedented rate. Despite their numerous benefits, securing these technologies is challenging for technology leaders. The white paper identified more than 200 critical and emerging technologies reshaping the digital ecosystem. Beyond AI and IoT, technologies such as blockchain, biotechnology and quantum computing are rising on the hype cycle, introducing new cybersecurity risks. ... Quantum computing, while promising breakthrough computational power, presents grave cybersecurity risks. It threatens to break current encryption standards, and quantum computers can potentially decrypt data collected now for future access. "The threat of quantum computing underscores the need for quantum-resistant cryptographic solutions to secure our digital future," the white paper stated. ... The cybersecurity industry faces a critical shortage of skilled professionals capable of managing emerging technology security. Cybersecurity Ventures projected a shortfall of 3.5 million cybersecurity professionals by 2025. Gartner predicted this skills gap would cause more than 50% of significant incidents by 2025.?
A Solution Architect is more like a surgeon who operates on someone to fix a problem, and the patient returns to normal life in a short time. An Enterprise Architect is more like an internal medicine specialist who treats a patient with a chronic illness over a number of years to improve the person’s quality of life. ... Architects are most successful when they help projects to succeed. Commonality of process and technology can be beneficial for an organization. But once architects are merely policing projects and rejecting aspects based on strict criteria, they lose the ability to positively influence the initiatives. Solution alignment is best achieved through working collaboratively with projects early to convince them of the advantages of various design choices. The first deliverable many architecture teams produce is what I call the “red/yellow/green list”. You’ve all seen these. Each technology classification is listed down the page – for example: server type, operating system, network software, database technology, and programming language. Three “colour” columns follow across the page. “Red” items are forbidden to be used by new projects. Although some legacy applications may still use them, they need to be phased out. “Yellow” items can be used under certain circumstances, but must be pre-approved by some kind of review committee.?
The agentic AI approach is designed to help organizations handle complex business queries and workflows. The system employs specialist agents that work together to solve multi-faceted business problems. This approach is particularly valuable for organizations dealing with complex data environments and multiple business systems. “You ask a question to your agentic workflow, it breaks up the questions into a set of more specific questions, and then it routes them to agents which are specialists in various different areas,” Saha explained. For instance, a business analyst’s question about revenue might be routed to multiple specialized agents – one handling SQL queries, another using Python – before combining results into a comprehensive response. ... “We have put together a lot of instrumentation which lets people visually understand, for example, if you have a lot of clustering of data in the vector database, you can get a spurious answer,” Saha said. “You would be able to see that, if you see your questions are landing in areas where you don’t have enough information.” This observability extends to the platform’s governance capabilities, with real-time monitoring and intervention features.?
领英推荐
“AI can be incredibly powerful in DevOps when it’s implemented with a clear framework that makes it easy for developers to do the right thing and hard for them to do the wrong thing,” says Durkin. “Making it easy to do the right thing starts with standardizing templates and policies to streamline workflows. Create templates and enforce policies that support easy, repeatable integration of AI tools. By establishing policies that automate security and compliance checks, AI tools can operate within these boundaries, providing valuable support without compromising standards. This approach simplifies adoption and makes it harder to skip essential steps, reinforcing best practices across teams.” ... While having a well-considered strategy in place before embracing AI and DevOps is a must, Durkin and Govrin both offered up some additional tips and advice for getting AI tools and technologies to integrate with DevOps ambitions more easily. “In enterprise environments, deploying AI applications locally can significantly improve adoption and integration,” said Govrin. “Unlike consumer apps, enterprise AI benefits greatly from self-hosted setups, where solutions like local inference, support for self-hosted models and edge inferencing play a key role. These methods keep data secure and mitigate risks associated with data transfer across public clouds.”
The absence of command makes cybersecurity decision-making a tedious and often frustrating process for CISOs. They are expected to move fast, to anticipate and address security issues before they become realized. But without command, they’re stuck in a cycle of “selling” the importance of security investments, waiting for approvals, and relying on others to prioritize those investments. This constant need for buy-in slows down response times and creates opportunities for something bad to happen. In cybersecurity, where timing is everything, these delays can be costly. Beyond timing, the concept of command is critical for strategic alignment and empowerment. In organizations where the CISO lacks true command, they’re forced to operate reactively rather than proactively. ... If organizations want to truly protect themselves, they need to recognize that CISOs require true command. The most effective CISOs are those who can operate with full authority over their domain, free from constant internal roadblocks. As companies consider how best to secure their data, they should ask themselves whether they are genuinely setting their CISOs up for success. Are they empowering them with the resources, authority, and autonomy to act? Or are they merely assigning a high-stakes responsibility without the power to fulfill it?
While SaaS provides the infrastructure, AI is the catalyst that powers digital transformation at scale. Companies are increasingly adopting AI-driven SaaS platforms to streamline workflows, automate tasks, and make data-driven decisions. In the B2B SaaS sector, this combination is revolutionising how businesses operate, helping them personalize customer interactions, predict outcomes, and optimize operations. ... In manufacturing, AI optimizes supply chain management, reducing waste and increasing productivity. In the finance sector, AI-driven SaaS automates risk assessment, improving decision-making and reducing operational costs. The benefits of adopting AI and SaaS are clear: enhanced customer experience, streamlined operations, and the ability to innovate faster than ever before. Companies that fail to integrate these technologies risk falling behind as competitors capitalize on these advancements to deliver superior products and services. As businesses continue to adopt SaaS and AI-driven solutions, the future of digital transformation looks promising. Companies are no longer just thinking about automating processes or improving efficiency, they are investing in technologies that will help them shape the future of their industries.?