Main article – Cyber resilience: what is it and how to achieve it? The experts’ point of view
Cyber resilience? It’s certainly more effective than the cyber-reactive mode that most companies are in. It’s not easy to deal with a threat landscape powered by large-scale AI and well-funded malicious actors.
How to respond? Chris recently rounded up the best ideas in an expert panel. Start with this: Even if your organization avoids obvious mistakes, it still has a significant software footprint to manage:
But even if some basic security protocols are not followed, the reality is that for many organizations, especially those funded by public funds, outdated systems cannot simply be ripped and replaced on a large scale. Money is tight, budgets have been cut, and even the wealthiest and most forward-thinking company is only as safe as the day-to-day administrative procedures allow it to make a simple mistake.
Investing in new security technologies? Sure. But as this panel argues, this is a human problem/solution. Chris:
Part of the answer is to adopt a more human-centered approach to cybersecurity – policies that treat people as the strongest link, rather than the weakest, through a culture of open, blameless reporting.
Ensuring security requires going beyond the boundaries of the company:
However, another factor is recognizing that the broader supply chain – both upstream and downstream – is also a source of risk; no company is an island in a cloud-based world.
In Cyber Resilience: How to Achieve It When Most Businesses – and CISOs – Don’t CareChris takes a closer look at some surprising data. As he concludes, it all depends on your safety culture:
It is therefore essential to raise awareness of the risks and encourage reporting of breaches without blame, rather than continuing to stigmatize victims, a culture that still dominates the media. After all, if organizations such as national data centers and the U.S. Federal Reserve can be breached, then anyone can. The question then becomes how to address it without crippling the business and pushing away all newcomers, including customers, perhaps.
This all sounds true, but I will say this: If you are considering having a business with sensitive customer data in the cloud, so invest in whatever it takesMy healthcare provider, Harvard Pilgrim, was offline for months due to ransomware attack it wasn’t designed to recover from it. My own social security number has been compromised more than once, including a nefarious breach via Equifax in 2017 that exposed the half-@ssed nature of their approach.
So, with greater (cloud) efficiency comes greater accountability. Culture is important, but so is investment. Equifax has spent significant resources on legal compensation for its past mistakes. $1.5 billion later, their security is much stricter. Could they be compromised? Sure. But at least security is now a top priority, in line with the type of data stored online.
diginomica choice – my best stories on diginomica this week
Supplier analysis, diginomica style. Here are my top three picks from our vendor coverage:
Some other vendor choices, without the quotes:
Jon’s Tote Bag – Sarah looks How Rolls Royce is using AI to see beneath the rocks of complexityalthough in the pilot/experimental phase. Martin puts aside the sacred cows with A SaaD Future That Will End Honeypots? Onymos CEO Shiva Nathan Explains Why the Cloud Was Misconfigured. (SaaD, a rather unfortunate acronym, stands for Software as a Device).
Cath asks (and answers) the right question in As Pride Month draws to a close, what can tech employers do to support their LGBTQIA+ colleagues every day of the year? Finally, George asks a question I wasn’t looking forward to. Generative AI Accents Are Coming to Call Centers: Is This a Good Thing? I’m going to take a wait-and-see attitude on this, but if you ask me today, I’ll say no. Why not make your call center easier to use and empower your agents to resolve issues rather than giving them escalation phone numbers for another trip to another call center?
The best of the corporate web
My top 7
MIT robotics pioneer Rodney Brooks believes people vastly overestimate generative AI – Ron Miller, with a solid report here; though a few more sacred cows are now out to pasture. I’m not sure we’re wildly overestimating gen AI, but I think we’re overestimating the pace of gen AI improvements from here. We’re near the limits of training data scale. On to the quest for enterprise gen AI, where the focus has shifted from scale to improving production and integrating industry-specific processes. Robotics has similarities to gen AI (and self-driving cars) in terms of the difficulty of the “outlier” problem. But as Rodney Brooks says in his interview with Miller, in more controlled environments, things are promising:
We need to automate tasks that have already been cleaned. My company, for example, does quite well in warehouses, which are actually quite small. The lighting doesn’t change in these big buildings. There’s no stuff lying around on the floor, because people pushing carts would bump into it. There are no plastic bags floating around.
- How Adversarial AI Creates Superficial Trust in the World of Deepfake – Louis Colomb asks the powerful question of the day: “The growing trust gap is evident everywhere, from customers’ purchasing relationships with the companies they’ve trusted for years to elections in seven of the world’s ten largest countries. Telesign’s 2024 Trust Index provides new insights into the growing trust gap between customers and the companies they buy from and, more broadly, national elections. Deepfakes and disinformation are driving a wedge of distrust between companies, the customers they serve, and the citizens who are voting in elections this year.” . ”
- Incidents involving customers are on the rise, IT leaders say – The bright side is that most of these incidents are preventable. According to The New Stack: “51% of cybersecurity and IT leaders surveyed said that more than half of cybersecurity incidents in their organization are due to poor IT hygiene.”
- OpenAI Faces New Lawsuits Over Copyrighted Data Used to Train ChatGPT – Copyright lawsuits are multiplying. I think OpenAI will lose in these proceedings, but the end result will be a budgetary expense: paying license fees and maybe some fines. This will affect OpenAI’s profitability, but not its business model. The individual creators who played the most vital/unwitting role in shaping these systems are (and will be) the big losers. Nevertheless, companies that have subscribed to OpenAI should watch this closely.
- Where are we with enterprise generative AI? – Speaking of gen AI in the enterprise, here is a very good summary from Evangelos Simoudis on how enterprises are refining LLMs for better accuracy/relevance/usefulness. The fascinating industry-specific use cases are mostly still in the pilot phase.
- Redefining your relationship with data – Lora Cecere trains supply chain leaders on how to address the data quality challenge in innovative ways. The burning question is how machine learning and AI can contribute to data cleaning and quality efforts.
- “No Bot Is Itself Anymore”: Character.ai Users Report Sudden Personality Changes in Chatbots – This 404 attachment is not about the enterprise, but the lessons around bots and model/output drift with new releases are relevant. (Character.ai is second only to ChatGPT in consumer popularity.)
- Podcast Note – also check out my podcasts with Brian Sommer on Sage and AI Analyst Dayas well as a shorter overview of The CFO’s Dilemmas.
Hot flashes
Some of the biggest headlines from 404 Media this week, including: Lawsuit Alleges Microsoft Tracked Sex Toy Buyers With ‘Real-Time Recording’ Software. But again, I already gave the title of the article of the week:
I’ll kill you if you talk about AI again https://t.co/tp429pTciN
-> sorry guys, but the blog post title of the week contest ended early… I’m stopping it.
— Jon Reed (@jonerp) June 30, 2024
Yes, I know, celebrity speeches are an easy target, but as Bonnie Tinder pointed out, the irony is at its peak:
What Would Ted Lasso Say? Jason Sudeikis Just Ditched His SHRM Keynote to See Caitlin Clark https://t.co/RZbupQ1zkr
“Sudeikis was supposed to talk about mental health, workplace culture and empathy.”
-> hey, I can also understand that one might miss a celebrity’s speech!
— Jon Reed (@jonerp) June 30, 2024
Finally, Frank Scavo has been lucky enough to spot some mega-whiffs lately:
See you next time… If you find a #ensw piece that qualifies for both successes and failures – in a good or bad way – let me know in the comments as Clive (almost always. Most of the articles about Enterprise’s successes and failures are selected from my selection @jonerpnewsfeed.
