September 04, 2023
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
Cloud finops teams can evaluate the performance and scalability of cloud infrastructure. Monitoring key performance indicators such as response times, latency, and throughput can identify bottlenecks or areas where the current architecture limits scalability and performance. Since finops normally tracks this through money spent, it’s easy to determine exactly how much architecture blunders are costing the company. It’s not unusual to find that a cloud-deployed system costs 10 times more money per month than it should. Those numbers are jarring for most businesses. Remember, all that money could have been spent in other places, such as on innovations. ... However, there are more strategic blunders, such as only using a single cloud provider (see example above). Maybe it seemed like a good idea at the time. Perhaps a vendor had a relationship with several board members, or there were political reasons for the limited choices. Unfortunately, the company still ends up with a great deal of technical debt which could have been avoided.
Quantum computing, though it might be a decade or two away, presents a threat to IoT devices that have been secured against the current threat and which may remain in place for many years. To address this threat, governments are already spending billions, while organisations like NIST and ETSI are several years into programmes to identify and select post-quantum algorithms (PQAs) and industry and academia are innovating. And we are approaching some agreement on a suite of algorithms that are probably quantum safe; both the UK’s NCSC and the US’ NSA endorse the approach of enhanced Public Key cryptography using PQA along with much larger keys.?The NCSC recommends that the majority of users follow normal cyber security best practice and wait for the development of NIST standards-compliant quantum-safe cryptography (QSC) products. That potentially leaves the IoT with a problem. Most of these enhanced QSC standards appear to require considerable computing power to deal with complex algorithms and long keys – and many IoT sensors may not be capable of running them.
Industry cloud platforms allow businesses operating in the same sector to share or sell data, technologies, and processes to each other. The potential benefits can be significant, as an industry cloud enables interrelated members of a supply chain to access insights derived from potentially expanded data sets. An industry cloud can offer companies an exciting opportunity to exploit existing data they are not leveraging in a constructive way. ... Joining an industry cloud can offer significant benefits for companies, but many may reflexively balk at the idea of sharing or selling data. Consequently, it’s important that a company has a supportive constituency when considering an industry cloud. Each type of vendor has its own challenges in developing an industry cloud platform. For industry clouds driven by supply chain leaders, the most important requirement will be reexamining tools and methodologies to meet the needs of less sophisticated supply chain participants. Avoiding the temptation to abandon the industry cloud and retreat to a standard cloud for internal use is also a challenge.
领英推荐
Threads is very easy to both download and sign up for, as it integrates seamlessly with a user's Instagram account when first signing up for the platform. However, this seamless integration could pose security risks, according to a blog from AgileBlue. Instagram, Facebook, and now Threads are all owned by Meta and for many users, each of their Meta accounts share the same login credentials between each of the platforms. "This makes it much easier for malicious actors to access information as gaining access to just one account ultimately gives them access to all Meta accounts," the blog said. In fact, as of writing, only users with an Instagram account can create a Threads account, so if an individual wants to sign up for Threads, they will first have to create an Instagram account. "If an employee's Threads account is compromised, malicious actors can impersonate the employee to gather information or spread misinformation within their close circle," Guenther says.
Management must learn and share the benefits of these systems, make it crystal clear how data will be handled, and put protection in place to ensure personal data remains personal. Communication is critical here. It's also critical in securing the inevitable weak point of any form of security protection — the users themselves. With that in mind, companies should invest in training staff in security awareness and encourage them to update devices as and when those updates appear. Companies should also set standards — and devices that don’t meet those standards, in terms of security protection, should not gain access to corporate systems. This is all common sense stuff, really. We know the security environment is extremely challenging — even police forces are regularly hacked. In that context, it makes total sense to think about how to manage the devices connected to your systems and to put in place the software, security, and user education it takes to protect your business environments. The cost of device management is relatively negligible compared to the consequences of a successful ransomware attack, after all.
To some, it may seem odd to present these as parallel, equivalent pressures on businesses. Surely, the continued viability of civilization as we know it should far outweigh any governmental or regulatory proposal in our thinking about the future? The importance of the changing regulatory environment, however, lies not just in its ability to trigger business action: it is a real opportunity for businesses to transform themselves to a more meaningful, consequential sustainability approach. A report co-authored by the WEF and Boston Consulting Group, ‘Net-Zero Challenge: The supply chain opportunity’, found that the supply chains of just eight sectors, including food, construction, and fashion, account for more than 50% of global emissions. It also found that 40% of the emissions could be abated with already-available measures like circular manufacturing and renewable energy. Even achieving net zero emissions in those supply chains, according to the report’s investigations, would only raise costs for end-consumers by 1%-4% on average.