Home Posts tagged resiliency

Tag: resiliency

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , , , ,

What is the future of analytics and AI? And how can organizations thrive in an era of disruption? We asked Bryan Harris, Executive Vice President and Chief Technology Officer of analytics software company SAS, for his perspective.

Q: What is your advice to technology leaders for improving organizational resiliency?

A: Right now, we are all in a race against disruption and data. Customer buying habits have changed. Work-life balance has changed. The financial climate has changed. So, how do you establish a data-driven culture to identify and adapt to change? Or, in other words, what is the learning rate of your organization?

This is why executing a persistent data and analytics strategy is so important. It allows you to create a baseline of the past, identify when change happens, adapt your strategy, and make new, informed decisions. This process is your organization’s learning rate and competitive advantage.

Q: How can AI and analytics help business and technology leaders anticipate and adapt to disruption?

A: We are creating data that is outpacing human capacity. So the question becomes: how do you scale human observation and decision-making? AI is becoming the sensors for data in the world we’re in right now. So, we need analytics, machine learning and artificial intelligence (AI) to help scale decision-making for organizations.

Q: What best practices do you recommend around developing and deploying AI?

A: When we talk to customers, we first show them that the resiliency and agility of the cloud allows them to adapt quickly to the changing data environment.

The second step is lowering the barrier of entry for their workforce to become literate in analytics, modeling and decision-making through AI, so they can scale their decision-making. Everyone has a different maturity spot in that curve, but those who achieve this outcome will thrive – even in the face of disruption.

I recommend the following best practices:

Think about the ModelOps life cycle, or the analytics life cycle, as a strategic capability in your organization. If you can observe the world faster, and make and deploy insights and decisions as part of AI workloads faster, you can see the future ahead of time. This means you have a competitive advantage in the market.Innovate responsibly and be aware of bias. We give capabilities and best practices to our customers that allow them to understand the responsibility they have when scaling their business with AI. And we are taking a practical approach to helping customers adhere to the ethical AI legislative policies that are emerging.Ensure explainability and transparency in models. You won’t have adoption of AI unless there is trust in AI. To have trust in AI, you must have transparency. Transparency is critical to the process.

Q: What does the future hold for AI and analytics?

A: Synthetic data is a big conversation for us right now. One of the challenges with AI is getting data labeled. Right now, someone must label, for example, a picture of a car, a house or a dog to train a computer vision model. And then, you must validate the performance of the model against unlabeled data.

Synthetic data, in contrast, allows us to build synthetic data that is statistically congruent to real data. This advancement represents a huge opportunity to help us create more robust models — models that aren’t even possible today because conventional data labeling is too challenging and expensive. SAS lowers the cost of data acquisition and accelerates the time to a model.

If, because of this innovation, they get insights about the future, companies gain a competitive advantage. But they must do it responsibly, with awareness of the bias that AI may inadvertently introduce. That is why we provide capabilities and best practices to our customers that allow them to understand the responsibility they have when scaling their business with AI.

For more information, download the SAS report – “4 Winning Strategies for Digital Transformation” – here.

Artificial Intelligence

Posted on Posted in Digital transformation, General topics Tagged with , , , , ,

Pandemic-era ransomware attacks have highlighted the need for robust cybersecurity safeguards. Now, leading organizations are going further, embracing a cyberresilience paradigm designed to bring agility to incident response while ensuring sustainable business operations, whatever the event or impact.

Cyberresilience, as defined by the Ponemon Institute, is an enterprise’s capacity for maintaining its core business in the face of cyberattacks. NIST defines cyberresilience as “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”

The practice brings together formerly separate disciplines of information security, business continuity, and disaster response (BC/DR) deployed to meet common goals. Although traditional cybersecurity practices were designed to keep cybercriminals out and BC/DR focused on recoverability, cyberresilience aligns the strategies, tactics, and planning of these traditionally siloed disciplines. The goal: a more holistic approach than what’s possible by addressing each individually.

At the same time, improving cyberresilience challenges organizations to think differently about their approach to cybersecurity. Instead of focusing efforts solely on protection, enterprises must assume that cyberevents will occur. Adopting practices and frameworks designed to sustain IT capabilities as well as system-wide business operations is essential.

“The traditional approach to cybersecurity was about having a good lock on the front door and locks on all the windows, with the idea that if my security controls were strong enough, it would keep hackers out,” says Simon Leech, HPE’s deputy director, Global Security Center of Excellence. Pandemic-era changes, including the shift to remote work and accelerated use of cloud, coupled with new and evolving threat vectors, mean that traditional approaches are no longer sufficient.

“Cyberresilience is about being able to anticipate an unforeseen event, withstand that event, recover, and adapt to what we’ve learned,” Leech says. “What cyberresilience really focuses us on is protecting critical services so we can deal with business risks in the most effective way. It’s about making sure there are regular test exercises that ensure that the data backup is going to be useful if worse comes to worst.”

A Cyberresilience Road Map

With a risk-based approach to cyberresilience, organizations evolve practices and design security to be business-aware. The first step is to perform a holistic risk assessment across the IT estate to understand where risk exists and to identify and prioritize the most critical systems based on business intelligence. “The only way to ensure 100% security is to give business users the confidence they can perform business securely and allow them to take risks, but do so in a secure manner,” Leech explains.

Adopting a cybersecurity architecture that embraces modern constructs such as zero trust and that incorporates agile concepts such as continuous improvement is another requisite. It is also necessary to formulate and institute time-tested incident response plans that detail the roles and responsibilities of all stakeholders, so they are adequately prepared to respond to a cyberincident.

Leech outlines several other recommended actions:

Be a partner to the business. IT needs to fully understand business requirements and work in conjunction with key business stakeholders, not serve primarily as a cybersecurity enforcer. “Enable the business to take risk; don’t prevent them from being efficient,” he advises.Remember that preparation is everything. Cyberresilience teams need to evaluate existing architecture documentation and assess the environment, either by scanning the environment for vulnerabilities, performing penetration tests, or running tabletop exercises. This checks that systems have the appropriate levels of protections to remain operational in the event of a cyberincident. As part of this exercise, organizations need to prepare adequate response plans and enforce the requisite best practices to bring the business back online.Shore up a data protection strategy. Different applications have different recovery-time-objective (RTO) and recovery-point-objective (RPO) requirements, both of which will impact backup and cyberresilience strategies. “It’s not a one-size-fits-all approach,” Leech says. “Organizations can’t just think about backup but [also about] how to do recovery as well. It’s about making sure you have the right strategy for the right application.”

The HPE GreenLake Advantage

The HPE GreenLake edge-to-cloud platform is designed with zero-trust principles and scalable security as a cornerstone of its architecture. The platform leverages common security building blocks, from silicon to the cloud, to continuously protect infrastructure, workloads, and data while adapting to increasingly complex threats.

HPE GreenLake for Data Protection delivers a family of services that reduces cybersecurity risks across distributed multicloud environments, helping prevent ransomware attacks, ensure recovery from disruption, and protect data and virtual machine (VM) workloads across on-premises and hybrid cloud environments. As part of the HPE GreenLake for Data Protection portfolio, HPE offers access to next-generation as-a-service data protection cloud services, including a disaster recovery service based on Zerto and HPE Backup and Recovery Service. This offering enables customers to easily manage hybrid cloud backup through a SaaS console along with providing policy-based orchestration and automation functionality.

To help organizations transition from traditional cybersecurity to more robust and holistic cyberresilience practices, HPE’s cybersecurity consulting team offers a variety of advisory and professional services. Among them are access to workshops, road maps, and architectural design advisory services, all focused on promoting organizational resilience and delivering on zero-trust security practices.

HPE GreenLake for Data Protection also aids in the cyberresilience journey because it removes up-front costs and overprovisioning risks. “Because you’re paying for use, HPE GreenLake for Data Protection will scale with the business and you don’t have to worry [about whether] you have enough backup capacity to deal with an application that is growing at a rate that wasn’t forecasted,” Leech says.

For more information, click here.

Cloud Security

Posted on Posted in Digital transformation, General topics Tagged with , , , , ,

Does your organization need to improve security and upgrade its IT infrastructure? If so, you’re not alone. Those are the top two reasons for the rise in EMEA IT budgets, according to the Foundry 2022 State of the CIO study.

These priorities are in response to an ever-evolving business and security landscape. IT departments are under increased pressure to provide resiliency amid new and advanced cyberattack risks, ongoing supply-chain disruptions, digital transformation efforts, and the complex hybrid workplace.

It’s a tight balancing act to ensure both security and resiliency, especially if like most organizations, you have a lean IT staff or there are skills gaps within your teams. But that’s where managed services can help.

How to balance security with resiliency

Most organizations recognize the need to increase cybersecurity protections; this is the top priority among 63% of EMEA respondents to the State of the CIO survey.

It’s a significant challenge. Although digital transformation efforts were already underway prior to COVID-19, primarily driven by the need for speed and efficiency, the pandemic escalated those initiatives. In some cases, it created even greater complexity as enterprises bolted on solutions and tools for the remote workforce.

These implementations have also led to security gaps and vulnerabilities. As a result, many organizations are grappling to manage and protect a complex web of IT architecture that spans on-premises, hybrid and multi-clouds, and edge environments.

How can enterprises balance the needs for robust security and resiliency for ongoing business operations? It starts with those cybersecurity protections and gaining the ability to anticipate, protect against, withstand, and recover from any cyberattack to minimize disruption.

A cyber risk framework can help provide these capabilities. It should include:

End-to-end security assurance that provides reliable quantification of cyber risk throughout the enterprise. It also maintains and manages compliance via the consistent application of policies and controls, as well as threat management across the network, endpoints, and applications.

Integration of Zero Trust principles and technologies — from edge to cloud.  This includes data and application protections, cloud and network security, and digital identity services to ensure secure digital transactions and interactions.

Comprehensive security operation center (SOC) services that discover, prevent, and respond to advanced security incidents. Considering the significant need for security skillsets, the right technologies — including workflow automation and orchestration — and managed services must augment and enhance SOC operations management.

Incident response and recovery to minimize the impact of outages. Downtime is not an option, so the framework should address training, simulation exercises, automation of policies, and threat investigation capabilities.

This framework also delivers business value, including cost reductions, improved user experiences that lead to greater productivity, and continuous compliance.

For example, a multinational bank with headquarters in the United Kingdom implemented automated cyber recovery technology to improve its operational resilience. The solution has not only enabled recovery from cyberattacks in hours rather than days, it also has provided continuous security through 24/7 forensics.

Align with the right partner

Establishing a cyber risk framework that fits your organization and business can, by itself, be a daunting task – without even trying to implement it. That’s where a managed services provider such as Kyndryl can help.

The right provider must have deep expertise, a well-established solution portfolio, and a broad partner ecosystem to maximize your investment and business outcomes. Kyndryl will work closely to understand your enterprise’s cyber resiliency maturity level, then tailor a framework to best augment your existing resources — and ultimately help balance robust security and resiliency.

Learn more about Kyndryl’s approach to balancing security and resiliency here.

Cloud Security