D. Justhy's Blog

"Getting to Yes, Now!"

Blog

Why a Disciplined Process is More Important than Expensive Technology

We all have a good idea of what cloud computing is by now and why organizations and businesses are moving towards it. The cloud is scalable, versatile, flexible, secure and what not! Plus, with names like Microsoft and Amazon providing these services, you might think there is very little that can go wrong.

However, as we have seen in the past few years, things do go wrong. More often than not, organizations, in their eagerness to transition into the cloud, end up exposing their data to possible breaches.

In fact, security experts state that configuration errors are a common occurrence when companies move to the cloud. They usually happen when the company makes the mistake of providing access to outsiders such as vendors. Vincent Liu of security firm Bishop Fox says that improper configuration is the number one cause of data theft or loss.

The cloud is a juggernaut

Cloud computing is an unstoppable force and the problem with unstoppable forces is that you can’t slow them down in order to measure the exact impact that they might have. Gartner predicts that cloud computing will be worth around $247 billion by the end of 2017, as cloud infrastructure services continue to dominate the race.

Ironically, these are the very cloud services that are prone to configuration problems. Since rapid cloud adoption has mainly been the result of users looking for quick access to computing services, there really is inadequate focus on security. A lot of the transition occurs under the shadows with IT departments being left ignorant of the transition.

The need for governance

Pete Chronis, Chief Information Security Officer at Turner Broadcasting System Inc., blames the trend on the lack of proper governance within organizations. IT departments have to be informed about concerns such as online assets, how critical applications are connected, software patching, and high risk changes made by employees such as software developers.

However, with cloud computing, that’s impossible, as the application exists in the cloud instead of the organization’s own data center.

So, how can companies/organizations overcome this?

The answer lies in establishing a disciplined process to ensure that the transition is carried out with the right approval and in a secure manner. Employees or vendors cannot be trusted to focus on security at all times and the technology itself is dependent on the user’s expertise.

However, by creating a robust process, organizations can ensure that the transition to cloud services occurs with minimal risk. For instance, they could create measures that would alert IT departments when an employee purchases a particular service using the corporate credit card.

We Need to Become an Ethical Society Before AI Becomes Mainstream

A few months ago, researchers at Stanford University created quite a stir by testing an Artificial Intelligence (AI) program that could detect and identify homosexuals. The program used a machine learning algorithm to look at images and guess who is more likely to be a homosexual.

Now, despite the researchers claiming that their intentions were good (they wanted the AI to help in protecting homosexuals), the study attracted major criticism. LGBT advocates such as GLAAD and the Human Rights Campaign came out strongly against the idea of what is now jokingly being referred to as “the gaydar.”

They believe that the AI can be misused by governments to actually persecute homosexuals, which, to be honest, isn’t hard to believe.

There’s a bigger problem

Using AI to identify gay people is a problem alright, but, this particular case points to something even more insidious – the sheer lack of ethics when it comes to matters involving AI. Even at the research level, there is no ethical framework to guide researchers on AI-related projects. Rules are often made up ‘on the go’ and naturally, this problematic attitude has leaked onto the commercial side of things as well.

In a world where AI is beginning to seep into our daily lives, the ethical aspects of this major transition are growing to be a major concern. In fact, the problems are already at our doorstep.

When robots, bots and AI become mainstream, replacing roles (not jobs!) are people adequately trained and educated to cope with this dramatic shift? In case of driverless vehicles for example, how are we going to deal with the dilemma of having to choose between having people employed and reducing human error on the road?

The need for ethics

The problems with AI have very little to do with the actual technology, itself; they have more to do with the ethical systems that seem absent. We need measures in place to establish ethical frameworks that can guide researchers, product and service creators. Other than that, we also need to have more consensus on AI-related matters from the wider society as well as our governments.

Only then can AI prove to be as fruitful as advertised.

Ethics has played a primary role in all human endeavours and to neglect its function within the area of Artificial Intelligence would be foolish.

 

What Every Leader can Learn from Satya Nadella’s Reading List

Ever since Nadella took over the reins at Microsoft, things have only gotten better for the software giant. So, what makes this CEO unique and, needless to say, effective? Well, there are a ton of factors involved. However, if you were to ask Nadella himself, he would tell you that a lot of his leadership prowess comes from his voracious appetite for books.

In fact, he’s even recommended a few of them for the benefit of other leaders like him across the globe. So, let’s explore the CEO’s reading list and find out what we can learn from them.

Deep Learning by Aaron Courville, Yoshua Bengio, and Ian Goodfellow

Deep Learning is probably the only example of its kind to delve into the more intricate aspects of machine learning. The book discusses a wide range of topics connected to the primary subject. We are introduced to matters such as numerical computation, probability theory, linear algebra, optimization algorithms, and a whole lot more.

Nadella considers this book to be very beneficial for software engineers who aim to incorporate deep learning into their products and for anybody who aims to make a career in this area.

The Great Transformation by Karl Polanyi

 It is believed that Nadella read this book after it was recommended to him by his father. The Great Transformation explores the concept of society-driven economic change against the backdrop of the British economy during its developmental phase.

The Great Convergence by Richard Baldwin

 The Great Convergence discusses how telerobotics and telepresence will change the way people will cross borders from one location to another. Nadella states that he found quite a few analogies in the book to Microsoft’s HoloLens, which he thinks will have the same impact in the near future.

The Boys in the Boat by Daniel James Brown

Nadella credits his leadership abilities to this book. The story in the book focuses on an underdog crew team from the University of Washington that took part in the 1936 Berlin Olympics. Nadella believes this book to be an excellent lesson on teamwork, which is something he considers to be a core focus of his as a CEO.

Nonviolent Communication by Marshall Rosenberg

Nadella used this particular book to fix the combative culture that plagued Microsoft before his arrival. The book highlights the importance of collaboration, authenticity, self-awareness, and empathy in the workplace and in every other atmosphere that people might find themselves in.

Five Steps to Preventing Data Breaches

Data breaches are now practically a daily event. This isn’t just a casual statement; it’s a fact. Recent statistics indicate that there were over 100 million data breaches in the beginning of 2017 alone. Cybercriminals are using innovative and advanced methods to gain unauthorized access and the only way to fight them is to take strong pre-emptive measures.

Data is everything in today’s business world and if your data gets into the wrong hands, you are looking at some serious consequences. So, make sure you’ve got everything covered. Here are 6 key steps to help you out.

  1. Automate your security

To prevent data breaches, whether they’re caused by insiders or hackers, companies must work towards establishing robust IT policies throughout their data protection systems and network. They must carry out a periodic assessment of the technical and procedural controls that have been established.

In fact, automating these checks can go a long way in preventing breaches.

  1. Create awareness among end users

The end user can often end up being the vulnerability. However, companies can avoid this by offering awareness training. The training program must be focused towards altering the entire organization’s mind-set towards being focused on security.

Other than that, the training must also aid the end user in identifying threats.

  1. Protect information wherever it may be

We live in an information era and the perimeter approach to online security isn’t applicable anymore. Information must be protected wherever it is located; this includes storage and the various channels through which the information is shared.

Unified data protection policies must be enforced across the enterprise.

  1. Assess vulnerabilities periodically

Vulnerability assessments must be carried out on a regular basis. Sadly, most organizations do not do this often enough. A weekly vulnerability assessment would be ideal. Also, the assessments must be done for each and every system that’s connected to the network.

  1. Prevent data exfiltration

Even when incursions are successful, it is still possible to prevent the actual breach by using network software. Network software can identify data exfiltration and block it. Outbound transmissions can be prevented by leveraging a combination of security event management and data loss prevention solutions.

Every CEO’s Data Security Checklist

Data security is more important than ever if we are to go by the latest statistics on security breaches and data theft. Equifax is only the latest example; mind you, there are attempts being made to breach organizations as you read this.

Now, cybersecurity is a massive area of interest that requires the involvement of everybody in the organization; right from the top to the bottom. This obviously includes the CEO. CEOs play a critical role in ensuring that everything is in perfect shape security-wise.

After all, we are talking about the company’s reputation here. So, if you’re a CEO who hasn’t paid attention to your company’s cybersecurity situation, it’s high time you went through this checklist.

  1. Meet the IT team

Meeting the IT team on a regular basis keeps you aware of what’s going on with regard to your organization’s security concerns. Maybe, there are new challenges that require solutions at the policy level. Whatever the need might be, it is good for a CEO to stay updated in order for those problems to be solved.

  1. Conduct an inventory of critical assets

Your organization obviously creates a ton of content and data footprint, and this is transmitted through various channels. The content and the data that you create are critical assets and you need to ensure that they are protected well enough.

The last thing you need is for your data and content to be compromised, so don’t compromise on their security. Fortunately, in the digital age these could be digital assets.

  1. Review your data security policies & processes

Data security policies as well as processes need to be reviewed on a periodic basis. The problem with data security is that the requirements keep changing as technology evolves and cybercriminals become more creative. As a result, reviewing and updating policies as well as the processes is a must.

As the CEO, you have to know what’s being done to keep up with the changing security trends as well.

  1. Establish an Incident Response Plan

Even if you’ve got the best security solution possible, things can still go wrong. When this happens, the only people you can depend on are your people – your employees, your partners. But, what happens if they have no clue to what an appropriate response should be?

This is exactly why you need an Incident Response Plan in place to ensure that mission-critical tasks can still continue. The plan must also include identifying the cause of the attack in order to ensure that another one can be prevented.

This certainly is not an exhaustive checklist but it sure is a good start for an enterprise of any size.

Equifax Data Breach: Humbled by a Business Strategy Breach

Google “security breach” and one of the first items of news you’re likely to come across would be about the recent breach at Equifax.

The Equifax hack led to the exposure of personal information that belonged to over a 100 million people. Naturally, the magnitude of the breach has stirred up discussions concerning ethics, legal liabilities, and public relations. Of course, Equifax has found itself in a great dilemma.

Now, we could spend all day debating where Equifax went wrong and what they should or could have done. However, that would be counterproductive. The best thing that other organizations can do right now is to learn from the mistakes made by Equifax. Here are a few key ones that are worth the observation.

Failure to protect data

The first round of reports placed the blame on an ignored bug within the Apache Struts application.

Now, we aren’t going to argue the authenticity of this report. But, it’s safe to assume that there were other vulnerabilities that existed as well. Single vulnerability points are rarely known to lead to breaches of this magnitude.

There are a few key questions that we need to ask. Firstly, why was so much data made available to a web application? Secondly, could there have been protective measures in place to avoid this kind of a compromise? Thirdly, should Equifax have assumed possible vulnerabilities in the web application?Finally, did Equifax do enough to prevent a data leak?

The answers to these questions need to deal with both, what caused the failure and what could have been done to prevent failure. It is necessary to look at the complete architecture in order to make sure that a single vulnerability does not impact the entire system. There must be other components withinthe architecture that can prevent further compromise.

Failure in detecting an intrusion

If protection doesn’t work, there must be robust detection capabilities in place to know that an intrusion is taking place. Equifax made a major mistake by allowing a single system to have access to all the data. Data access is a major area of concern and organizations must have the tools to assess data access at all times.

For example, network analytics is great when it comes to detecting strange or “out of the blue” activities. Similarly, behavioural analytics can be used to detect out of the ordinary access patterns.

It’s certainly NOT an IT only problem, especially in the digital age

 Most businesses which consider themselves to be ‘traditional’ in nature, would argue that these matters are for the back offices. However, the business models suitable for the digital age, would not tolerate that view point but would instead consider a business model that creates value in the digital age, and this would indeed consider the matter of data security well within the business strategy as well as the business model.

A data breach is breach to the business strategy.  Let’s have a business strategy that will minimize, prevent and then eventually eliminate data breaches

Three Superior Human Skills in the Digital Age

Technological advancements have allowed for organizations to stay connected to people within and outside the company walls. While face-to-face interaction isn’t the norm today, technology has brought forth the need for managers and subordinates to develop a specialized set of human skills that can help employees navigate these technological times.

In-season skills in the age of technology

While new skill sets are certainly prized, managers around the world stress on three traditional skills which are essential for employees of the digital age. In fact, managers and business leaders believe that these evolved traditional skills will help their personnel better manage the challenges and opportunities of new-age technology-based organizational environments.

Here are three superior human skills that you need to cultivate, in order to be successful in the digital age:

  1. Collaboration

With new technology being developed on a continuous basis, technical know-how will only get more specialized and out of reach. It’s important for personnel with this new knowledge to work together with their team, to facilitate sharing of technical knowledge and experiences.

Additionally, with team members working remotely from various corners of the world, collaboration with both people and machines becomes a priority to effect positive operational and strategic results.

  1. Communication

While technology has certainly been a blessing to organization-wide communication, it must be acknowledged that a lot of information gets lost in the system. Technology can only do so much when it comes to data processing, analysis, and communication. The rest is up to people.

From something as simple as tips on troubleshooting to highly confidential business information, employees need to learn how to navigate this complex technological landscape in order to effectively communicate pertinent information to their peers and supervisors.

  1. Emotional Intelligence

Technology has long been credited for being the cause of the loss of humanity in today’s organizational setting. While it’s debatable whether this is an undeserved allegation or not, the operational and strategic benefits of being emotionally responsible and responsive must be recognized.

The ability to sympathize, empathize and connect with people is a human gift, one that must be actively cultivated by employees across the organization. Being able to express and navigate emotions will help employees read non-verbal cues that data and technology fail to identify, allowing business leaders to take important decisions.

Human skills will only serve to complement digital know-how. Developing and cultivating these skills will equip employees with the skills needed to be successful in this digital age.

 

Nature First. People Second. Machines Later.

Technology specialists and business leaders have long predicted that technology will make people obsolete in workplaces and this prediction has partly come true. The World Economic Forum recently revealed that robotics and AI would result in loss of over 5 million jobs worldwide. Does this mean that we are prioritizing machines over people?

Machines in the form of automobiles and other carbon generators have had serious environmental impacts, leading to an enlarged carbon footprint and loss of biodiversity. It would seem that with the recent technological advances, we are not just putting machines over people; we are also putting them over nature.

But is this entirely true?

The new epoch

While technologies are reducing the human touch from the organization’s day-to-day operational activities and while they are having a negative impact on the environment; technological developments today are trying to preserve ecosystems and livelihoods.

Let’s address the issues individually. First, we have the problem of job automation leading to a loss of livelihood. Scientists and technology experts, including Tesla’s Elon Musk, believe that augmenting ourselves will help us avoid the threat of job automation.

Brain augmentation has become a reality. Scientists at Harvard are using technology – ultra-fine electronic meshes – to boost the human brain’s ability to receive, process and act upon neural inputs. This will allow our brains to behave like supercomputers, reducing our necessity to depend on actual computers. The objective is to use technology, not to replace people, but to complement and supplement their natural skills. An additional advantage of augmentation would be the easy identification of degenerative neural disorders, which will help doctors save millions of lives. It seems quite obvious that we are putting people ahead of machines.

Now for the second problem – technology’s impact on the environment. Google, on its 19th birthday, released a video of how the Charles Darwin Foundation was using its Street View software to map the Galapagos Islands, in an attempt to preserve this unique ecosystem.

Closer home you might see a carbon capture plant being set up. Global Thermostat and Carbon Engineering are two carbon capturing companies who plan to use technology to capture as much as 300,000 tons of CO2 emissions per year and use this carbon to make eco-friendly materials such as AirCarbon, which can in-turn, be converted to items such as chairs and baking soda. These are just a few of the examples of how technology is putting nature ahead of machines, and by extension, we are considering the well-being of people ahead of the welfare of machines.

A balancing act

While machines aren’t completely without blame, they mustn’t be blamed entirely either. At the end of the day, how we utilize technology and what we prioritize is up to us, as humans.

Harsh Realities of Digital Age Data Strategy

Businesses face multiple challenges when it comes to shaping their data strategy in the digital age. Choosing the right data, tools and technologies, hiring the right talent, handling analytics, building models that predict outcomes are some of them. Transformation of the business operations based on analytics and insights is the other major challenge facing organisations. What we mean here is ‘the ability to act on data’ as opposed to the ‘inability to act on data.’

Realities of digital age

Data which was historically easy to collect and process is now complex, unstructured and indeed, quite a lot in quantity as well. The huge influx of raw data from smart technologies, social media, videos and multiple other channels contain insights that are actionable. These insights further shape targeted strategies and informed decisions for businesses.

But, the question is whether the organisation is indeed ‘able to act on data?’ Does the culture, the available technology as well as other capabilities permit and enable appropriate action?

Regardless of where an organisation stands in their digital age journey, the first step for any organisation pursuing a digital age data strategy is to acknowledge and accept its position on a scale that measures their ‘ability to act on data’ as well as ‘inability to act on data’.

Once there is an honest introspection and acceptance of this reality, it is then a question of what needs to be done as the ‘next best action.’

Whether you are a CEO, COO, CDO or indeed a member of your company’s board, this honest introspection will certainly create opportunities which were previously not visible. This is sufficient clarity needed to empower the ‘datapreneurs’ of the organisation.

Datapreneurs shape data strategy

Datapreneurs by design pursue ‘enterprise value’.  There is indeed no time for petty politics and energy drains, that most large organisations suffer with. Empowered datapreneurs positively energise the organisations.  This in turn creates a ‘winning’ mindset within the wider organisation.

When this energy collides with data – magic happens!

Decisions are made more often, timing of those decisions would be just right and more importantly the reasons for the decisions would be in pursuit of value that is indeed for the betterment of the business eco-system the organisation operates in  whether this is just seen as the enterprise as a whole or indeed the whole world.

Three visible signs that your data strategy is working

A winning data strategy manifests in many ways.  Here are three obvious ones:

• Commoditising the technology infrastructure – There is evidence that your investments are being utilised in the right manner at scale.

• Industrialising data integration – Efficiencies are pursued ruthlessly, sweating every dollar and every byte of available data.

• Pervading reporting, analytics, and visualisation throughout the organisation – A culture that lives and breathes on data.

This is evidence that the combination of people, processes and technologies are in harmony creating value for the purpose of the enterprise.

With out a sound data strategy – there is a plethora of activities, maddening rush of just doing work for the sake of work and more importantly, there is a gross neglect of creating value for the shareholders, customer and other partners in the eco-system. Would you want your organisation without a sound data strategy?

How Video Marketing Can Be A Powerful Tool for Chief Data Officers

 

As data continues to grow as a major asset, Chief Data Officers (CDO) occupy center stage in the management of data. The huge data volume without appropriate and adequate consumption can cost companies billions of dollars, starting with opportunity costs. Consequently, CDOs are pressured to make their business case almost every time they are expected to invest a dollar, whether it is for regulatory responses or indeed growth and innovation pursuits, such as cloud migrations, for example.

It Hurts To Be A CDO Who Cannot Tell Stories With Data

A recent survey indicates that the volume of data within an enterprise will expand by 33% within thenext one year. Faster and more accurate data analytics will be the major demands from CDOs in the digital era.

Value creation with data is a key pressure point for any CDOs. And then, both the Chief Operating Officers as well as Chief Financial Officers expect and demand. Of course, the rest of the C-Suite also expects the CDO to deliver. In this context, it is imperative that the CDO of the digital age knows how to convince their organisations, C-Suites and indeed the boardroom. Any inability to convince or effectively demonstrate the value of data is a certain disaster. Such failures translate into millions or even billions of dollars of losses which neither the company nor the CDO can afford to accept. This is usually through miss-spending or failed projects or programs. In ability to invest in innovation investments is also very expensive.

Traditionally the Chief Information Officer, the Chief Financial Officer or the Chief Operations Officer handled data management.  Regardless of which ‘x’ in the CxO – It is imperative that the leader know how to manage and create value with data.

CDO, for that matter any leader, needs to have the ability to influence his followers.  More so, is the case of a CDO, who needs to help his or her organisation ‘visualize’ and more importantly create value with it. Story telling is a mandatory skill for a CDO.

Use Of Video Marketing To Create & Sell Stories

In this context, video marketing can be a powerful tool to create data centric stories in a format that appeals to people’s emotions. Value cases for data usage can be created using video marketing effectively.

CDOs can communicate the business value of data better, through video marketing in the following ways:

  • Demonstrate the use of certain actionable analytics to improve the bottom line
  • Creating transparency of the data and technology landscapes through videos
  • Feature personal stories of staff and people involved in creating value with data for the organisation

Video marketing, potentially bridges the gaps between the boardroom, the C-Suites and the entire organisation as it is one of the best forms of communicating in this digital age. If done right, there is no reason, why this cannot become a part of the mainstream organisational process.