May 04, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
Identity needs to be foremost in any security strategy since we’ve ample evidence it remains a frequent target. Most breaches today originate with identity through human error, social engineering or phishing. Solutions providers like Cisco are offering cybersecurity tools that bring together the worlds of identity, networking and security to detect and prevent these identity threats. Solutions like Cisco Duo, Cisco Identity Intelligence, and Cisco Secure Access can minimize exposure. Cisco Duo protects access to applications and data with strong multi-factor authentication, while Cisco Secure Access emphasizes secure remote connectivity to prevent unsanctioned users from gaining access. Additionally, Cisco Identity Intelligence uses AI to analyze user behavior and identity data to proactively clean up vulnerable identities and to detect identity-based security threats. Most organizations use a variety of solutions collected over the years that now reside in the cloud, on premises or in hybrid environments. That’s why an platform approach is so important. It also needs to be easy to deploy and easy for end users to manage.
Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security architecture that is composable and scalable with easily extensible interfaces, a common data schema and well-defined interfaces and APIs for interoperability. ... A CMSA proactively blocks attacks through a variety of controls and system design principles. Leveraging advanced machine learning for anomaly detection and employing Secure Access Service Edge (SASE) for dynamic, secure cloud access, CSMA ensures robust encryption standards for data at rest and in transit. Network segmentation and micro-segmentation, paired with continuous authentication and strict authorization, can restrict lateral movement. These components, alongside continuous compliance monitoring and risk management tools, orchestrate a multi-layered defense strategy that preempts cyber threats by dynamically adapting to the evolving security landscape and ensuring continuous protection against potential vulnerabilities and unauthorized access attempts.
Digital debt represents the time and energy spent managing digital tasks, impeding core job responsibilities. At the same time, while their employees are trying to manage digital communication and creative thinking, organizations are constantly chasing after cutting-edge software solutions to stay ahead in the competitive market. In that race, they are piling up their tech balance sheets with the lesser-known but omnipresent “technical debt.” ... Leaders face the daunting task of balancing short-term gains with long-term sustainability, promoting accountability and continuous improvement within their teams. Increasing digital debt hampers organizational agility, raises maintenance costs, heightens the risk of failures and diminishes employee morale, highlighting the imperative for effective leadership in managing debt accumulation. Rather than chasing the newest trends and platforms, leaders should focus on their employees and the ease of doing business not only for the customers but also employees.
Recommended by LinkedIn
Kuzniak mentioned that enhancing the developer experience is as crucial as improving user experience. Their goal is to eliminate any obstacles in the implementation process, ensuring a seamless and efficient development flow. They envisioned the ideal developer experience, focusing on simplicity and effectiveness: For the AI implementation, we’ve established key principles:Simplicity: enable implementation with just one line of code. Immediate Accessibility: allow real-time access to prompts without the need for deployment. Security and Quality: integrate security and quality management by design. Cost Efficiency: design cost management and thresholds into the system by default. Kuzniak mentioned that their organizational structures are evolving in the face of the technology landscapes. The traditional cross-functional teams comprising product managers, designers, and developers, while still relevant, may not always be the optimal setup for AI projects, as he explained: We should consider alternative organizational models.
"Our experience is that [GenAI-powered] software coding tools aren't as security-aware and [attuned with] security coding practices," he said. For instance, developers who work for organizations in a regulated or data-sensitive environment may have to adhere to additional security practices and controls as part of their software delivery processes. Using a coding assistant can double productivity, but developers need to ask if they can adequately test the code and fulfill the quality requirements along the pipeline, he noted. It's a double-edged sword: Organizations must look at how GenAI can augment their coding practices so the products they develop are more secure, and -- at the same time -- how the AI brings added security risks with new attack vectors and vulnerabilities. Because it delivers significant scale, GenAI amplifies everything an organization does, including the associated risks, Shaw noted. A lot more code can be generated with it, which also means the number of potential risks increases exponentially.
Today, being an entrepreneur seems to be as easy as twiddling your thumbs and clicking (or swiping) on a few buttons on an app on a smartphone. Hard work? Unlikely! Just click the right settings or prompts and 'Voila!' let the machine do the hard work! Humans were born with the anatomy and physique to be hunters, gatherers, lumberjacks, climbers, and runners. We were blessed to be physically active and agile. Unfortunately, the human race has just been through an entire century of changing those mannerisms into becoming desk-bound, delivery-service complacent hermits. ... Is a person truly an entrepreneur, when all they did was click a button and the rest of it was automated? If they built the hardware, software, and automation themselves? Then in my eyes, it's clearly entrepreneurial. But if another created the machine and they used it, are they really an entrepreneur? Having produced and directed many TV shows exploring and exposing advanced tech and innovation positively, I am clearly bullish on our technologically supercharged future.
Nice share Kannan Subbiah
Realtor Associate @ Next Trend Realty LLC | HAR REALTOR, IRS Tax Preparer
7moThanks for sharing.