September 30, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
The next big thing in AI will likely be advanced multimodal models that can seamlessly integrate and process different types of data, including text, images, audio, and video, in more human-like ways, says Dinesh Puppala, regulatory affairs lead at Google. "We're moving beyond models that specialize in one type of data toward AI systems that can understand and generate across multiple modalities simultaneously, much like humans do," he notes. Advanced multimodal models will enable more natural and context-aware human-AI interactions. "They'll be better at understanding nuanced queries, interpreting visual and auditory cues, and providing more holistic and relevant responses," Puppala predicts. ... Metacognition in AI -- systems that can think about the way they think -- is on the mind of Isak Nti Asare, co-director of the cybersecurity and global policy program at Indiana University. "This capability, often described as AI self-awareness, is a necessary frontier to cross if we are to build trustworthy systems that can explain their decisions." Current AI systems, while advanced, often operate as "black boxes" where even their creators cannot fully explain their outputs.?
The first crucial step in migrating from a mainframe to the cloud is the discovery phase. During this phase, organizations must conduct a thorough assessment of their current mainframe environment, including architecture, applications, data, dependencies, and workflows. This comprehensive understanding helps in identifying potential risks and planning the migration process effectively. The insights gained are crucial for setting the stage for the subsequent cost-benefit analysis (CBA), ensuring all stakeholders are on board with the proposed changes. A detailed CBA is essential to evaluate the financial feasibility and potential returns of the migration project. This analysis should account for all costs associated with the migration, including software licensing, cloud storage fees, and ongoing maintenance costs. It should also highlight the benefits, such as improved operational efficiency and reduced downtime, which are crucial for gaining stakeholder support. ... Effective risk management is crucial for a successful migration. This involves ensuring the availability of subject matter experts, comprehensive planning, and addressing potential issues with legacy systems.?
“Expected to do more with less,” CISOs are shifting their focus, Kalinov adds. “Instead of beefing up their internal teams, they’re focusing on risk management, regulatory compliance, and keeping C-suite executives aware of the evolving security landscape,” Kalinov says. James Neilson, SVP of international sales at cybersecurity vendor OPSWAT, believes the increasing allocation of security budgets toward software and services rather than staff reflects the CISO’s evolving role from managing internal teams toward becoming a more strategic, technology-driven leader. “This trend also indicates that they’re taking on a more prominent role in risk management, ensuring that outsourced services complement internal capabilities while maintaining agility in response to evolving threats,” Neilson says. As a result, security organizations are also undergoing a shift from traditionally siloed, in-house approaches toward a more integrated, outsourced, and technology-driven model, Neilson argues. ...?“Organizations increasingly rely on elements of external managed services and advanced automation tools to manage cybersecurity, focusing internal resources on understanding the business and its risks, defining higher-level strategy, oversight, and risk management,” Neilson contends.
领英推荐
The issue is that most of the most prevalent chatbots capture whatever information users put into prompts, which could be things like proprietary earnings data, top-secret design plans, sensitive emails, customer data, and more — and send it back to the large language models (LLMs), where it's used to train the next generation of GenAI. ... ChatGPT’s creator, OpenAI, warns in its user guide, "We are not able to delete specific prompts from your history. Please don't share any sensitive information in your conversations." But it's hard for the average worker to constantly be thinking about data exposure. Lisa Plaggemier, executive director of NCA, notes one case that illustrates how the risk can easily translate into real-world attacks. "A financial services firm integrated a GenAI chatbot to assist with customer inquiries," Plaggemier tells Dark Reading. "Employees inadvertently input client financial information for context, which the chatbot then stored in an unsecured manner. This not only led to a significant data breach, but also enabled attackers to access sensitive client information, demonstrating how easily confidential data can be compromised through the improper use of these tools."
“Once we achieve that goal, we're looking at what's next beyond that?,” Walker says. “As you look beyond just wind and solar, we need to look at what else is in our tool belt, especially looking further ahead to 2040 and how we're going to reach those ultimate goals, and carbon-free energy sources are the next evolution of that.” When asked whether carbon-free energy to the company means nuclear, geothermal, or something else, Walker says the company is open. “We're not limiting the options; we're looking beyond the traditional renewable sources and seeing what else there is. Carbon-free energy sources are going to be one of the tools that we're going to double down on and start looking at.”?... When asked if AWS will look to acquire more data centers close to nuclear plants or merely sign more PPAs that involve nuclear power, Walker says the company is looking at “all of the above.” “We haven't limited our options in terms of capacity. Depending on where we're building and at the rate we need to scale, [it's] certainly going to be part of the conversation.” Longer term, fusion energy could perhaps power the company’s data centers. Microsoft and OpenAI have invested in Helion, which is promising to crack the elusive technology before 2030. Google has invested in Tae Technologies.
Securing continuous development processes is an extension of collaboration security. In most organizations today, multiple individuals on multiple teams write code every day — fixing bugs, adding new features, improving performance, etc. Consider an enterprise with three different teams contributing to the application code. Each is responsible for its own area. Once Team 1 checks in updated code, the build manager needs to ensure that this new code is compatible with code already contributed by Teams 2 and 3. The build manager creates a new build and scans it to ensure there are no vulnerabilities. With so much code being contributed, automation is critical. Only by automating the build creation, compatibility, and approval cycle can a business ensure that each step is always taken and done in a consistent manner. ... For larger enterprises, which may have thousands of developers checking in code daily, automation is a matter of survival. Even smaller companies must begin putting automated processes in place if they want to keep their developers productive while ensuring the security of their code.