October 20, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
While technical debt is a more familiar concept stemming from software development that describes the cost of taking shortcuts or using quick fixes in code, process debt relates to inefficiencies and redundancies within organizational workflows and procedures. Process debt can also have far-reaching effects that are often less obvious to business leaders, making it an insidious force that can silently undermine business operations. ... Rather than simply adding a new technology into an old process or duplicating legacy steps in a new application, organizations need to undertake a detailed audit of existing processes to uncover inefficiencies, redundancies, and inaccuracies that contribute to process debt. This audit should involve a systematic review of all workflows, procedures, and operational activities to identify areas where performance is falling short or where resources are being wasted. To gain a deeper understanding, leverage process mapping tools to create visual representations of workflows. These tools allow you to document each step of a process, highlight how tasks flow between different departments or systems, and uncover hidden bottlenecks or points of friction.
Now, we're seeing domain-specific models crop up. These are specialized models that focus on some industry or incorporate domain best practices that can be centrally trained and then deployed and fine-tuned by organizations. They are built on specific knowledge sets rather than the generalized corpus of information on which conversational AI is trained. ... By adopting domain-specific generative AI, companies can achieve more accurate and relevant outcomes, reducing the risks associated with general-purpose models. This approach not only enhances productivity but also aligns AI capabilities with specific business needs. ... The question now is whether this specialization can be applied to domains like networking, security, and application delivery. Yes, but no. The truth is that predictive (classic) AI is going to change these technical domains forever. But it will do so from the inside-out; that is, predictive AI will deliver real-time analysis of traffic that enables an operational AI to act. That may well be generative AI if we are including agentic AI in that broad category. But GenAI will have an impact on how we operate networking, security, and application delivery.?
A company’s post-mortem process reveals a great deal about its culture. Each of the top tech companies require teams to write post-mortems for significant outages. The report should describe the incident, explore its root causes and identify preventative actions. The post-mortem should be rigorous and held to a high standard, but the process should never single out individuals to blame. Post-mortem writing is a corrective exercise, not a punitive one. If an engineer made a mistake, there are underlying issues that allowed that mistake to happen. Perhaps you need better testing, or better guardrails around your critical systems. Drill down to those systemic gaps and fix them. Designing a robust post-mortem process could be the subject of its own article, but it’s safe to say that having one will go a long way toward preventing the next outage. ... If engineers have a perception that only new features lead to raises and promotions, reliability work will take a back seat. Most engineers should be contributing to operational excellence, regardless of seniority. Reward reliability improvements in your performance reviews. Hold your senior-most engineers accountable for the stability of the systems they oversee.
Small and medium-sized businesses (SMBs) are often the most vulnerable. This past July, a ransomware attack forced over 300 small Indian banks offline, cutting off access to essential financial services for millions of rural and urban customers. This disruption has severe consequences in a country where digital banking and online financial services are becoming lifelines for people’s day-to-day transactions. According to a report by Kaspersky, 53% of Indian SMBs experienced ransomware attacks in 2023, with 559 million attacks occurring between April and May of this year, making them the most targeted segment. ... For SMBs, the cost of paying ransomware, retrieving proprietary data, returning to full operations, and recovering lost revenue can be too much to bear. For this reason, many businesses opt to pay the ransom, even when there is no guarantee that their data will be fully restored. The Indian financial sector, in particular, has been a favourite target. This year the National Payment Corporation of India (NPCI), which runs the country’s digital payment systems, was forced to take systems offline temporarily due to an attack. Beyond the financial impact, these incidents erode trust in India’s push for a digital-first economy, impacting the country’s progress toward digital banking adoption.
AMD and Intel’s alliance was a surprise for many. But industry analysts said their partnership makes sense and is much needed, given the threat that Arm poses in both the consumer and data center space. While x86 processors still dominate the data center space, Arm has made inroads with cloud providers Amazon Web Services, Google Cloud and Microsoft Azure building their own Arm-based CPUs and startups like Ampere having entered the market in recent years. Intel and AMD’s partnership confirms how strong Arm is as a platform in the PC, data center and smartphone markets, the Futurum Group's Newman said. But the two giant chipmakers still have the advantage of having a huge installed base and significant market share. Through the new x86 advisory group, AMD and Intel can benefit by making it easier for data center operators to leverage x86, he said. “This partnership is about the experience of the x86 customer base, trying to make it stickier and trying to give them less reason to potentially move off of the platform is valuable,” Newman said. “x86’s longevity will benefit meaningfully from less complexity and making it easier for customers.”
“Cyber insurance is recognised as a core component of a robust cyber risk management strategy. While we have seen fluctuations in cyber rates and capacity over the last five years, more recently we have seen rates softening in the market,” Cotelle said. “The emergence and adoption of AI has clear potential to revolutionise how businesses operate, which will create new opportunities but also new exposures. “In the cyber risk context, AI is a double-edged sword. First, it can be exploited by threat actors to conduct more sophisticated attacks between agencies to address ransomware,” he said. ... He stressed, however, that one of the biggest challenges facing the cyber market is how it understands and manages systemic cyber risks. He said there is a case for considering the use of reinsurance pools and public/private partnerships to do this. “The continued attractiveness of the cyber insurance solution is paramount to the sustainability and growth of the market. “In recent years, we have seen work by insurers to clarify particular aspects of coverage relating to areas such as cyber-related property damage, cyber war or infrastructure which has led to coverage restrictions.”