April 12, 2024

April 12, 2024

Examing the Relationship Between AI and Architecture

Architecture is about tradeoffs. It is about spending money on one thing over another. It is about decisions. So when you tell me to develop productivity I think that is a great measure. But I also start wondering about quality. About satisfaction. Is that productivity a measure of one person? Every person? What toolset did they use? The same goes with content generation. An AI image is neat at first? But do we get tired of them? How do I measure the value of human created? Is there profit in that? Order management, electricity use, all of these measures are valuable. So when you hear about an AI business case… do you have a business case? Are the benefits REAL? ... Everything comes with pros/cons and we need a system in place to handle this change rate. This is true of all major human endeavors. Think of child workers during industrialization. Or the horrible cost to humanity of the intensity of urbanization and how it has endangered our planet. Only now are we coming to grips with all of that structural complexity. And even that is going to require decades more commitment. Technology and, specifically, AI is no different. 


The Pitfalls of Periodic Penetration Testing & What to Do Instead

While periodic penetration testing can provide a snapshot of your organization’s security posture, it often fails to account for the dynamic nature of cyber threats. Organizations must continuously test their security measures to effectively mitigate risks to identify and neutralize emerging threats in real-time. Organizations can leverage various approaches and tools to implement continuous cybersecurity testing, such as the Atomic Red Team by Red Canary, an open-source library of tests mapped to the MITRE ATTACK framework that security teams can use to simulate adversarial activity and validate their defenses. These tools can help prioritize and mitigate potential cyber-attacks by automating security testing and providing valuable insights into adversary tactics and techniques. Endpoint security testing and firewall testing are excellent starting points for implementing continuous cybersecurity testing. By simulating phishing emails, running PowerShell commands at endpoints, and monitoring VPN logins at the firewall level, organizations can proactively identify potential vulnerabilities and mitigate them before cyber attackers can exploit them. 


Generative AI Sucks: Meta’s Chief AI Scientist Calls For A Shift To Objective-Driven AI

Unlike current AI, which excels in narrow domains without grasping causality, objective-driven AI would be capable of causal reasoning and understanding the relationships between actions and outcomes. This shift would allow AI to plan and adapt strategies in real time, grounded in a nuanced comprehension of the physical and social world. Objective-driven AI is not just an incremental improvement but a leap toward machines that can truly collaborate with humans, offering insights, generating solutions, and understanding the broader impact of their actions. This vision represents a significant shift towards creating AI that can navigate the complexity of the real world with intelligence and purpose. ... Despite these challenges, LeCun is optimistic about the future, firmly believing that AI will eventually surpass human intelligence across all domains. This conviction is not grounded in wishful thinking but in a clear-eyed assessment of technological progress and the potential for groundbreaking scientific discoveries. However, LeCun also emphasizes that this evolution will not happen overnight or without a radical rethinking of our current approaches to AI development.


Strategies to cultivate collaboration between NetOps and SecOps

Collaborative culture starts at the top. The leaders of these teams need to collaborate and communicate consistently. They cannot have a turf war over each team’s roles and must understand each team’s responsibilities. Whether it’s shadowing a member of the other team for a day or taking opportunities to get to know other teams outside of work, establishing a collaborative culture is an important long-term investment for mutual success. ... AI and automation will blur the lines between these two teams, as projects focused on these elements are ones that can be tackled together. For example, having your vulnerability management tool automatically open tickets for other IT teams can create a feeling that the security team is dumping vulnerabilities over the wall.  ... The SecOps team tends to secure the budget as they take in risks to the company. For instance, if a project is done how does it reduce risks and if the project is not done, what risks does the company retain? The automation and AI tools are using network traffic (packet data) to create workflows/automation and AI tools are using this data to feed into Large Language Models. Both teams can utilize this AI LLM to solve network and security issues.


Down with Detection Obsession: Proactive Security in 2024

Now, as boards of directors and C-suites are expected to be more security savvy, they are asking important risk questions of their CISOs: Given all this spending on finding our problems, are we secure? Are we better off than we were a year ago or two years ago, or three years ago? And few security executives can answer those questions with comfort, because historically they were not focused on addressing risk, they were focused on discovering the risk. As time goes on and the security leader’s role becomes more business-centric, the benefits of taking a more proactive approach to security will continue to grow and shine. For example, the role of vulnerability management in providing improved risk reduction, achieving regulatory compliance, and cost savings. By actively seeking and addressing vulnerabilities, organizations can significantly reduce their overall attack surface, minimizing their chances of security breaches, data leaks and more. Many industries, like health care and financial services, have strict regulations governing the protection of sensitive data.


Agile development can unlock the power of generative AI - here's how

"The beauty of Agile is you see the fruits of your work quicker. You get feedback. And that's true with innovation generally -- the faster you can speed up cycle times, the better." Hakan Yaren, CIO at APL Logistics, said to ZDNET that another benefit of Agile is that it's well-suited to the modern digital environment. Analyst Gartner suggested that 80% of technology products and services this year will be built by people who are not technology professionals. Yaren said Agile -- with its focus on joined-up thinking and cross-business approaches -- is a good fit for the decentralized nature of modern IT. "With AI and cloud, the barriers to entry are becoming lower and people in the business are making IT decisions," he said. "Agile is the right methodology to deal with many of these processes because of the speed of change." However, Yaren has a warning for IT professionals: The complexities you face could increase as more line-of-business employees test emerging technologies. "Trying to connect these solutions, and making sure they're secure, reliable, and you can connect the dots across them, is becoming even more challenging," he said.

Read more here ...

To view or add a comment, sign in

More articles by Kannan Subbiah

  • January 09, 2025

    January 09, 2025

    It’s remarkably easy to inject new medical misinformation into LLMs By injecting specific information into this…

  • January 08, 2025

    January 08, 2025

    GenAI Won’t Work Until You Nail These 4 Fundamentals Too often, organizations leap into GenAI fueled by excitement…

  • January 07, 2025

    January 07, 2025

    With o3 having reached AGI, OpenAI turns its sights toward superintelligence One of the challenges of achieving AGI is…

  • January 06, 2025

    January 06, 2025

    Should States Ban Mandatory Human Microchip Implants? “U.S.

  • Janauary 05, 2025

    Janauary 05, 2025

    Phantom data centers: What they are (or aren’t) and why they’re hampering the true promise of AI Fake data centers…

  • January 03, 2025

    January 03, 2025

    Tech predictions 2025 – what could be in store next year? In 2025, we will hear of numerous cases where threat actors…

    1 Comment
  • January 02, 2024

    January 02, 2024

    7 Practices to Bolster Cloud Security and Keep Attackers at Bay AI tools can facilitate quicker threat detection…

  • January 01, 2025

    January 01, 2025

    The Architect’s Guide to Open Table Formats and Object Storage Data lakehouse architectures are purposefully designed…

  • December 30, 2024

    December 30, 2024

    Top Considerations To Keep In Mind When Designing Your Enterprise Observability Framework Observability goes beyond…

  • December 29, 2024

    December 29, 2024

    AI agents may lead the next wave of cyberattacks “Many organizations run a pen test on maybe an annual basis, but a lot…

Insights from the community

Others also viewed

Explore topics