Transcript of a sponsored podcast panel discussion from The Open Group 2011 U.S. Conference on how enterprises need to change their thinking to face cyber threats.
Reuters: Pictures of the Year 2016 (Part 2)maditabalnco
This document contains 20 photos from news events around the world between January and November 2016. The photos show international events like the US presidential election, the conflict in Ukraine, the migrant crisis in Europe, the Rio Olympics, and more. They also depict human interest stories and natural phenomena from various countries.
The impact of innovation on travel and tourism industries (World Travel Marke...Brian Solis
From the impact of Pokemon Go on Silicon Valley to artificial intelligence, futurist Brian Solis talks to Mathew Parsons of World Travel Market about the future of travel, tourism and hospitality.
Gave a talk at StartCon about the future of Growth. I touch on viral marketing / referral marketing, fake news and social media, and marketplaces. Finally, the slides go through future technology platforms and how things might evolve there.
The Six Highest Performing B2B Blog Post FormatsBarry Feldman
If your B2B blogging goals include earning social media shares and backlinks to boost your search rankings, this infographic lists the size best approaches.
1) The document discusses the opportunity for technology to improve organizational efficiency and transition economies into a "smart and clean world."
2) It argues that aggregate efficiency has stalled at around 22% for 30 years due to limitations of the Second Industrial Revolution, but that digitizing transport, energy, and communication through technologies like blockchain can help manage resources and increase efficiency.
3) Technologies like precision agriculture, cloud computing, robotics, and autonomous vehicles may allow for "dematerialization" and do more with fewer physical resources through effects like reduced waste and need for transportation/logistics infrastructure.
32 Ways a Digital Marketing Consultant Can Help Grow Your BusinessBarry Feldman
How can a digital marketing consultant help your business? In this resource we'll count the ways. 24 additional marketing resources are bundled for free.
2024 State of Marketing Report – by HubspotMarius Sescu
https://www.hubspot.com/state-of-marketing
· Scaling relationships and proving ROI
· Social media is the place for search, sales, and service
· Authentic influencer partnerships fuel brand growth
· The strongest connections happen via call, click, chat, and camera.
· Time saved with AI leads to more creative work
· Seeking: A single source of truth
· TLDR; Get on social, try AI, and align your systems.
· More human marketing, powered by robots
ChatGPT is a revolutionary addition to the world since its introduction in 2022. A big shift in the sector of information gathering and processing happened because of this chatbot. What is the story of ChatGPT? How is the bot responding to prompts and generating contents? Swipe through these slides prepared by Expeed Software, a web development company regarding the development and technical intricacies of ChatGPT!
Reuters: Pictures of the Year 2016 (Part 2)maditabalnco
This document contains 20 photos from news events around the world between January and November 2016. The photos show international events like the US presidential election, the conflict in Ukraine, the migrant crisis in Europe, the Rio Olympics, and more. They also depict human interest stories and natural phenomena from various countries.
The impact of innovation on travel and tourism industries (World Travel Marke...Brian Solis
From the impact of Pokemon Go on Silicon Valley to artificial intelligence, futurist Brian Solis talks to Mathew Parsons of World Travel Market about the future of travel, tourism and hospitality.
Gave a talk at StartCon about the future of Growth. I touch on viral marketing / referral marketing, fake news and social media, and marketplaces. Finally, the slides go through future technology platforms and how things might evolve there.
The Six Highest Performing B2B Blog Post FormatsBarry Feldman
If your B2B blogging goals include earning social media shares and backlinks to boost your search rankings, this infographic lists the size best approaches.
1) The document discusses the opportunity for technology to improve organizational efficiency and transition economies into a "smart and clean world."
2) It argues that aggregate efficiency has stalled at around 22% for 30 years due to limitations of the Second Industrial Revolution, but that digitizing transport, energy, and communication through technologies like blockchain can help manage resources and increase efficiency.
3) Technologies like precision agriculture, cloud computing, robotics, and autonomous vehicles may allow for "dematerialization" and do more with fewer physical resources through effects like reduced waste and need for transportation/logistics infrastructure.
32 Ways a Digital Marketing Consultant Can Help Grow Your BusinessBarry Feldman
How can a digital marketing consultant help your business? In this resource we'll count the ways. 24 additional marketing resources are bundled for free.
2024 State of Marketing Report – by HubspotMarius Sescu
https://www.hubspot.com/state-of-marketing
· Scaling relationships and proving ROI
· Social media is the place for search, sales, and service
· Authentic influencer partnerships fuel brand growth
· The strongest connections happen via call, click, chat, and camera.
· Time saved with AI leads to more creative work
· Seeking: A single source of truth
· TLDR; Get on social, try AI, and align your systems.
· More human marketing, powered by robots
ChatGPT is a revolutionary addition to the world since its introduction in 2022. A big shift in the sector of information gathering and processing happened because of this chatbot. What is the story of ChatGPT? How is the bot responding to prompts and generating contents? Swipe through these slides prepared by Expeed Software, a web development company regarding the development and technical intricacies of ChatGPT!
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Things to Consider When Choosing a Website Developer for your Website | FODUUFODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfTechgropse Pvt.Ltd.
In this blog post, we'll delve into the intersection of AI and app development in Saudi Arabia, focusing on the food delivery sector. We'll explore how AI is revolutionizing the way Saudi consumers order food, how restaurants manage their operations, and how delivery partners navigate the bustling streets of cities like Riyadh, Jeddah, and Dammam. Through real-world case studies, we'll showcase how leading Saudi food delivery apps are leveraging AI to redefine convenience, personalization, and efficiency.
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
The realm of product design is a constantly changing environment where technology and style intersect. Every year introduces fresh challenges and exciting trends that mold the future of this captivating art form. In this piece, we delve into the significant trends set to influence the look and functionality of product design in the year 2024.
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
Mental health has been in the news quite a bit lately. Dozens of U.S. states are currently suing Meta for contributing to the youth mental health crisis by inserting addictive features into their products, while the U.S. Surgeon General is touring the nation to bring awareness to the growing epidemic of loneliness and isolation. The country has endured periods of low national morale, such as in the 1970s when high inflation and the energy crisis worsened public sentiment following the Vietnam War. The current mood, however, feels different. Gallup recently reported that national mental health is at an all-time low, with few bright spots to lift spirits.
To better understand how Americans are feeling and their attitudes towards mental health in general, ThinkNow conducted a nationally representative quantitative survey of 1,500 respondents and found some interesting differences among ethnic, age and gender groups.
Technology
For example, 52% agree that technology and social media have a negative impact on mental health, but when broken out by race, 61% of Whites felt technology had a negative effect, and only 48% of Hispanics thought it did.
While technology has helped us keep in touch with friends and family in faraway places, it appears to have degraded our ability to connect in person. Staying connected online is a double-edged sword since the same news feed that brings us pictures of the grandkids and fluffy kittens also feeds us news about the wars in Israel and Ukraine, the dysfunction in Washington, the latest mass shooting and the climate crisis.
Hispanics may have a built-in defense against the isolation technology breeds, owing to their large, multigenerational households, strong social support systems, and tendency to use social media to stay connected with relatives abroad.
Age and Gender
When asked how individuals rate their mental health, men rate it higher than women by 11 percentage points, and Baby Boomers rank it highest at 83%, saying it’s good or excellent vs. 57% of Gen Z saying the same.
Gen Z spends the most amount of time on social media, so the notion that social media negatively affects mental health appears to be correlated. Unfortunately, Gen Z is also the generation that’s least comfortable discussing mental health concerns with healthcare professionals. Only 40% of them state they’re comfortable discussing their issues with a professional compared to 60% of Millennials and 65% of Boomers.
Race Affects Attitudes
As seen in previous research conducted by ThinkNow, Asian Americans lag other groups when it comes to awareness of mental health issues. Twenty-four percent of Asian Americans believe that having a mental health issue is a sign of weakness compared to the 16% average for all groups. Asians are also considerably less likely to be aware of mental health services in their communities (42% vs. 55%) and most likely to seek out information on social media (51% vs. 35%).
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Things to Consider When Choosing a Website Developer for your Website | FODUUFODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfTechgropse Pvt.Ltd.
In this blog post, we'll delve into the intersection of AI and app development in Saudi Arabia, focusing on the food delivery sector. We'll explore how AI is revolutionizing the way Saudi consumers order food, how restaurants manage their operations, and how delivery partners navigate the bustling streets of cities like Riyadh, Jeddah, and Dammam. Through real-world case studies, we'll showcase how leading Saudi food delivery apps are leveraging AI to redefine convenience, personalization, and efficiency.
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
The realm of product design is a constantly changing environment where technology and style intersect. Every year introduces fresh challenges and exciting trends that mold the future of this captivating art form. In this piece, we delve into the significant trends set to influence the look and functionality of product design in the year 2024.
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
Mental health has been in the news quite a bit lately. Dozens of U.S. states are currently suing Meta for contributing to the youth mental health crisis by inserting addictive features into their products, while the U.S. Surgeon General is touring the nation to bring awareness to the growing epidemic of loneliness and isolation. The country has endured periods of low national morale, such as in the 1970s when high inflation and the energy crisis worsened public sentiment following the Vietnam War. The current mood, however, feels different. Gallup recently reported that national mental health is at an all-time low, with few bright spots to lift spirits.
To better understand how Americans are feeling and their attitudes towards mental health in general, ThinkNow conducted a nationally representative quantitative survey of 1,500 respondents and found some interesting differences among ethnic, age and gender groups.
Technology
For example, 52% agree that technology and social media have a negative impact on mental health, but when broken out by race, 61% of Whites felt technology had a negative effect, and only 48% of Hispanics thought it did.
While technology has helped us keep in touch with friends and family in faraway places, it appears to have degraded our ability to connect in person. Staying connected online is a double-edged sword since the same news feed that brings us pictures of the grandkids and fluffy kittens also feeds us news about the wars in Israel and Ukraine, the dysfunction in Washington, the latest mass shooting and the climate crisis.
Hispanics may have a built-in defense against the isolation technology breeds, owing to their large, multigenerational households, strong social support systems, and tendency to use social media to stay connected with relatives abroad.
Age and Gender
When asked how individuals rate their mental health, men rate it higher than women by 11 percentage points, and Baby Boomers rank it highest at 83%, saying it’s good or excellent vs. 57% of Gen Z saying the same.
Gen Z spends the most amount of time on social media, so the notion that social media negatively affects mental health appears to be correlated. Unfortunately, Gen Z is also the generation that’s least comfortable discussing mental health concerns with healthcare professionals. Only 40% of them state they’re comfortable discussing their issues with a professional compared to 60% of Millennials and 65% of Boomers.
Race Affects Attitudes
As seen in previous research conducted by ThinkNow, Asian Americans lag other groups when it comes to awareness of mental health issues. Twenty-four percent of Asian Americans believe that having a mental health issue is a sign of weakness compared to the 16% average for all groups. Asians are also considerably less likely to be aware of mental health services in their communities (42% vs. 55%) and most likely to seek out information on social media (51% vs. 35%).
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
Creative operations teams expect increased AI use in 2024. Currently, over half of tasks are not AI-enabled, but this is expected to decrease in the coming year. ChatGPT is the most popular AI tool currently. Business leaders are more actively exploring AI benefits than individual contributors. Most respondents do not believe AI will impact workforce size in 2024. However, some inhibitions still exist around AI accuracy and lack of understanding. Creatives primarily want to use AI to save time on mundane tasks and boost productivity.
Organizational culture includes values, norms, systems, symbols, language, assumptions, beliefs, and habits that influence employee behaviors and how people interpret those behaviors. It is important because culture can help or hinder a company's success. Some key aspects of Netflix's culture that help it achieve results include hiring smartly so every position has stars, focusing on attitude over just aptitude, and having a strict policy against peacocks, whiners, and jerks.
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
PepsiCo provided a safe harbor statement noting that any forward-looking statements are based on currently available information and are subject to risks and uncertainties. It also provided information on non-GAAP measures and directing readers to its website for disclosure and reconciliation. The document then discussed PepsiCo's business overview, including that it is a global beverage and convenient food company with iconic brands, $91 billion in net revenue in 2023, and nearly $14 billion in core operating profit. It operates through a divisional structure with a focus on local consumers.
Content Methodology: A Best Practices Report (Webinar)contently
This document provides an overview of content methodology best practices. It defines content methodology as establishing objectives, KPIs, and a culture of continuous learning and iteration. An effective methodology focuses on connecting with audiences, creating optimal content, and optimizing processes. It also discusses why a methodology is needed due to the competitive landscape, proliferation of channels, and opportunities for improvement. Components of an effective methodology include defining objectives and KPIs, audience analysis, identifying opportunities, and evaluating resources. The document concludes with recommendations around creating a content plan, testing and optimizing content over 90 days.
How to Prepare For a Successful Job Search for 2024Albert Qian
The document provides guidance on preparing a job search for 2024. It discusses the state of the job market, focusing on growth in AI and healthcare but also continued layoffs. It recommends figuring out what you want to do by researching interests and skills, then conducting informational interviews. The job search should involve building a personal brand on LinkedIn, actively applying to jobs, tailoring resumes and interviews, maintaining job hunting as a habit, and continuing self-improvement. Once hired, the document advises setting new goals and keeping skills and networking active in case of future opportunities.
A report by thenetworkone and Kurio.
The contributing experts and agencies are (in an alphabetical order): Sylwia Rytel, Social Media Supervisor, 180heartbeats + JUNG v MATT (PL), Sharlene Jenner, Vice President - Director of Engagement Strategy, Abelson Taylor (USA), Alex Casanovas, Digital Director, Atrevia (ES), Dora Beilin, Senior Social Strategist, Barrett Hoffher (USA), Min Seo, Campaign Director, Brand New Agency (KR), Deshé M. Gully, Associate Strategist, Day One Agency (USA), Francesca Trevisan, Strategist, Different (IT), Trevor Crossman, CX and Digital Transformation Director; Olivia Hussey, Strategic Planner; Simi Srinarula, Social Media Manager, The Hallway (AUS), James Hebbert, Managing Director, Hylink (CN / UK), Mundy Álvarez, Planning Director; Pedro Rojas, Social Media Manager; Pancho González, CCO, Inbrax (CH), Oana Oprea, Head of Digital Planning, Jam Session Agency (RO), Amy Bottrill, Social Account Director, Launch (UK), Gaby Arriaga, Founder, Leonardo1452 (MX), Shantesh S Row, Creative Director, Liwa (UAE), Rajesh Mehta, Chief Strategy Officer; Dhruv Gaur, Digital Planning Lead; Leonie Mergulhao, Account Supervisor - Social Media & PR, Medulla (IN), Aurelija Plioplytė, Head of Digital & Social, Not Perfect (LI), Daiana Khaidargaliyeva, Account Manager, Osaka Labs (UK / USA), Stefanie Söhnchen, Vice President Digital, PIABO Communications (DE), Elisabeth Winiartati, Managing Consultant, Head of Global Integrated Communications; Lydia Aprina, Account Manager, Integrated Marketing and Communications; Nita Prabowo, Account Manager, Integrated Marketing and Communications; Okhi, Web Developer, PNTR Group (ID), Kei Obusan, Insights Director; Daffi Ranandi, Insights Manager, Radarr (SG), Gautam Reghunath, Co-founder & CEO, Talented (IN), Donagh Humphreys, Head of Social and Digital Innovation, THINKHOUSE (IRE), Sarah Yim, Strategy Director, Zulu Alpha Kilo (CA).
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
The search marketing landscape is evolving rapidly with new technologies, and professionals, like you, rely on innovative paid search strategies to meet changing demands.
It’s important that you’re ready to implement new strategies in 2024.
Check this out and learn the top trends in paid search advertising that are expected to gain traction, so you can drive higher ROI more efficiently in 2024.
You’ll learn:
- The latest trends in AI and automation, and what this means for an evolving paid search ecosystem.
- New developments in privacy and data regulation.
- Emerging ad formats that are expected to make an impact next year.
Watch Sreekant Lanka from iQuanti and Irina Klein from OneMain Financial as they dive into the future of paid search and explore the trends, strategies, and technologies that will shape the search marketing landscape.
If you’re looking to assess your paid search strategy and design an industry-aligned plan for 2024, then this webinar is for you.
5 Public speaking tips from TED - Visualized summarySpeakerHub
From their humble beginnings in 1984, TED has grown into the world’s most powerful amplifier for speakers and thought-leaders to share their ideas. They have over 2,400 filmed talks (not including the 30,000+ TEDx videos) freely available online, and have hosted over 17,500 events around the world.
With over one billion views in a year, it’s no wonder that so many speakers are looking to TED for ideas on how to share their message more effectively.
The article “5 Public-Speaking Tips TED Gives Its Speakers”, by Carmine Gallo for Forbes, gives speakers five practical ways to connect with their audience, and effectively share their ideas on stage.
Whether you are gearing up to get on a TED stage yourself, or just want to master the skills that so many of their speakers possess, these tips and quotes from Chris Anderson, the TED Talks Curator, will encourage you to make the most impactful impression on your audience.
See the full article and more summaries like this on SpeakerHub here: https://speakerhub.com/blog/5-presentation-tips-ted-gives-its-speakers
See the original article on Forbes here:
http://www.forbes.com/forbes/welcome/?toURL=http://www.forbes.com/sites/carminegallo/2016/05/06/5-public-speaking-tips-ted-gives-its-speakers/&refURL=&referrer=#5c07a8221d9b
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
Everyone is in agreement that ChatGPT (and other generative AI tools) will shape the future of work. Yet there is little consensus on exactly how, when, and to what extent this technology will change our world.
Businesses that extract maximum value from ChatGPT will use it as a collaborative tool for everything from brainstorming to technical maintenance.
For individuals, now is the time to pinpoint the skills the future professional will need to thrive in the AI age.
Check out this presentation to understand what ChatGPT is, how it will shape the future of work, and how you can prepare to take advantage.
The document provides career advice for getting into the tech field, including:
- Doing projects and internships in college to build a portfolio.
- Learning about different roles and technologies through industry research.
- Contributing to open source projects to build experience and network.
- Developing a personal brand through a website and social media presence.
- Networking through events, communities, and finding a mentor.
- Practicing interviews through mock interviews and whiteboarding coding questions.
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
1. Core updates from Google periodically change how its algorithms assess and rank websites and pages. This can impact rankings through shifts in user intent, site quality issues being caught up to, world events influencing queries, and overhauls to search like the E-A-T framework.
2. There are many possible user intents beyond just transactional, navigational and informational. Identifying intent shifts is important during core updates. Sites may need to optimize for new intents through different content types and sections.
3. Responding effectively to core updates requires analyzing "before and after" data to understand changes, identifying new intents or page types, and ensuring content matches appropriate intents across video, images, knowledge graphs and more.
A brief introduction to DataScience with explaining of the concepts, algorithms, machine learning, supervised and unsupervised learning, clustering, statistics, data preprocessing, real-world applications etc.
It's part of a Data Science Corner Campaign where I will be discussing the fundamentals of DataScience, AIML, Statistics etc.
Time Management & Productivity - Best PracticesVit Horky
Here's my presentation on by proven best practices how to manage your work time effectively and how to improve your productivity. It includes practical tips and how to use tools such as Slack, Google Apps, Hubspot, Google Calendar, Gmail and others.
The six step guide to practical project managementMindGenius
The six step guide to practical project management
If you think managing projects is too difficult, think again.
We’ve stripped back project management processes to the
basics – to make it quicker and easier, without sacrificing
the vital ingredients for success.
“If you’re looking for some real-world guidance, then The Six Step Guide to Practical Project Management will help.”
Dr Andrew Makar, Tactical Project Management
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
During this webinar, Anand Bagmar demonstrates how AI tools such as ChatGPT can be applied to various stages of the software development life cycle (SDLC) using an eCommerce application case study. Find the on-demand recording and more info at https://applitools.info/b59
Key takeaways:
• Learn how to use ChatGPT to add AI power to your testing and test automation
• Understand the limitations of the technology and where human expertise is crucial
• Gain insight into different AI-based tools
• Adopt AI-based tools to stay relevant and optimize work for developers and testers
* ChatGPT and OpenAI belong to OpenAI, L.L.C.
Impact of Security Issues on Doing Business in 2011 And Beyond
1. Impact of Security Issues on Doing Business in 2011 And
Beyond
Transcript of a sponsored podcast panel discussion from The Open Group 2011 U.S. Conference
on how enterprises need to change their thinking to face cyber threats.
Listen to the podcast. Find it oniTunes/iPod and Podcast.com. Download the transcript. Sponsor:
The Open Group
Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions, and you're
listening to BriefingsDirect.
Today, we present a sponsored podcast discussion in conjunction with The
Open Group Conference, held in San Diego in the week of February 7, 2011.
We’ve assembled a panel to examine the business risk around cyber security
threats.
Looking back over the past few years, it seems like threats are only getting
worse. We've had the Stuxnet Worm, The WikiLeaks affair, China originating attacks against
Google and others, and the recent Egypt Internet blackout. [Disclosure: The Open Group is a
sponsor of BriefingsDirect podcasts.]
But, are cyber security dangers, in fact, getting much worse or rather perceptions that are at odds
with what is really important in terms of security? In any event, how can businesses best protect
themselves from the next round of risks, especially as cloud, mobile, and social media activities
increase? How can architecting for security become effective and pervasive? We'll pose these
and other serious questions to our panel to deeply examine the cyber business risks and ways to
head them off.
Please join me now in welcoming our panel, we're here with Jim Hietala, the Vice President of
Security at The Open Group. Welcome back, Jim.
Jim Hietala: Hi, Dana. Good to be with you.
Gardner: And, we're here with Mary Ann Mezzapelle, Chief Technologist in the CTO's Office at
HP. Welcome.
Mary Ann Mezzapelle: Thank you, Dana.
Gardner: We're also here with Jim Stikeleather, Chief Innovation Officer at Dell Services.
Welcome, Jim.
Jim Stikeleather: Thank you, Dana. Glad to be here.
2. Gardner: As I mentioned, there have been a lot of things in the news about security. I'm
wondering, what are the real risks that are worth being worried about? What should you be
staying up late at night thinking about, Jim?
Stikeleather: Pretty much everything, at this time. One of the things that you're seeing is a
combination of factors. When people are talking about the break-ins, you're
seeing more people actually having discussions of what's happened and what's
not happening. You're seeing a new variety of the types of break-ins, the type of
exposures that people are experiencing. You're also seeing more organization and
sophistication on the part of the people who are actually breaking in.
The other piece of the puzzle has been that legal and regulatory bodies step in
and say, "You are now responsible for it." Therefore, people are paying a lot more attention to it.
So, it's a combination of all these factors that are keeping people up right now.
Gardner: Is it correct, Mary Ann, to say that it's not just a risk for certain applications or certain
aspects of technology, but it's really a business-level risk?
Key component
Mezzapelle: That's one of the key components that we like to emphasize. It's about
empowering the business, and each business is going to be different.
If you're talking about a Department of Defense (DoD) military
implementation, that's going to be different than a manufacturing
concern. So it's important that you balance the risk, the cost, and the
usability to make sure it empowers the business.
Gardner: How about complexity, Jim Hietala? Is that sort of an underlying current here? We
now think about the myriad mobile devices, moving applications to a new tier, native apps for
different platforms, more social interactions that are encouraging collaboration. This is good, but
just creates more things for IT and security people to be aware of. So how about complexity? Is
that really part of our main issue?
Hietala: It's a big part of the challenge, with changes like you have mentioned on the client side,
with mobile devices gaining more power, more ability to access information and store
information, and cloud. On the other side, we’ve got a lot more complexity in the IT
environment, and much bigger challenges for the folks who are tasked for securing things.
Gardner: Just to get a sense of how bad things are, Jim Stikeleather, on a scale of 1 to 10 -- with
1 being you're safe and sound and you can sleep well, and 10 being all the walls of your business
are crumbling and you're losing everything -- where are we?
Stikeleather: Basically, it depends on who you are and where you are in the process. A major
issue in cyber security right now is that we've never been able to construct an intelligent return
on investment (ROI) for cyber security.
3. There are two parts to that. One, we've never been truly able to gauge how big the risk really is.
So, for one person it maybe a 2, and most people it's probably a 5 or a 6. Some people may be
sitting there at a 10. But, you need to be able to gauge the magnitude of the risk. And, we never
have done a good job of saying what exactly the exposure is or if the actual event took place. It's
the calculation of those two that tell you how much you should be able to invest in order to
protect yourself.
So, I'm not really sure it's a sense of exposure the people have, as people don't have a sense of
risk management -- where am I in this continuum and how much should I invest actually to
protect myself from that?
We're starting to see a little bit of a sea change, because starting with HIPAA-HITECH in 2009,
for the first time, regulatory bodies and legislatures have put criminal penalties on companies
who have exposures and break-ins associated with them.
So we're no longer talking about ROI. We're starting to talk about risk of incarceration , and that
changes the game a little bit. You're beginning to see more and more companies do more in the
security space -- for example, having a Sarbanes-Oxley event notification to take place.
The answer to the question is that it really depends, and you almost can't tell, as you look at each
individual situation.
Gardner: Mary Ann, it seems like assessment then becomes super-important. In order to assess
your situation, you can start to then plan for how to ameliorate it and/or create a strategy to
improve, and particularly be ready for the unknown unknowns that are perhaps coming down the
pike. When it comes to assessment, what would you recommend for your clients?
Comprehensive view
Mezzapelle: First of all we need to make sure that they have a comprehensive view. In some
cases, it might be a portfolio approach, which is unique to most people in a
security area. Some of my enterprise customers have more than a 150 different
security products that they're trying to integrate.
Their issue is around complexity, integration, and just knowing their
environment -- what levels they are at, what they are protecting and not, and
how does that tie to the business? Are you protecting the most important asset?
Is it your intellectual property (IP)? Is it your secret sauce recipe? Is it your
financial data? Is it your transactions being available 24/7?
And, to Jim's point, that makes a difference depending on what organization you're in. It takes
some discipline to go back to that InfoSec framework and make sure that you have that
foundation in place, to make sure you're putting your investments in the right way.
4. Stikeleather: One other piece of it is require an increased amount of business knowledge on the
part of the IT group and the security group to be able to make the assessment of where is my IP,
which is my most valuable data, and what do I put the emphasis on.
One of the things that people get confused about is, depending upon which analyst report you
read, most data is lost by insiders, most data is lost from external hacking, or most data is lost
through email. It really depends. Most IP is lost through email and social media activities. Most
data, based upon a recent Verizon study, is being lost by external break-ins.
We've kind of always have the one-size-fits-all mindset about security. When you move from just
"I'm doing security" to "I'm doing risk mitigation and risk management," then you have to start
doing portfolio and investment analysis in making those kinds of trade-offs.
That's one of the reasons we have so much complexity in the environment, because every time
something happens, we go out, we buy any tool to protect against that one thing, as opposed to
trying to say, "Here are my staggered differences and here's how I'm going to protect what is
important to me and accept the fact nothing is perfect and some things I'm going to lose."
Gardner: Perhaps a part of having an assessment of where you are is to look at how things have
changed, Jim Hietala, thinking about where we were three or four years ago, what is
fundamentally different about how people are approaching security and/or the threats that they
are facing from just a few years ago?
Hietala: One of the big things that's changed that I've observed is if you go back a number of
years, the sorts of cyber threats that were out there were curious teenagers and
things like that. Today, you've got profit-motivated individuals who have
perpetrated distributed denial of service attacks to extort money. Now, they’ve
gotten more sophisticated and are dropping Trojan horses on CFO's machines
and they can to try in exfiltrate passwords and log-ins to the bank accounts.
We had a case that popped up in our newspaper in Colorado, where a mortgage
company, a title company lost a million dollars worth of mortgage money that
was loans in the process of funding. All of a sudden, five homeowners are
faced with paying two mortgages, because there was no insurance against that.
When you read through the details of what happened it was, it was clearly a Trojan horse that
had been put on this company's system. Somebody was able to walk off with a million dollars
worth of these people's money.
State-sponsored acts
So you've got profit-motivated individuals on the one side, and you've also got some things
happening from another part of the world that look like they're state-sponsored, grabbing
corporate IP and defense industry and government sites. So, the motivation of the attackers has
fundamentally changed and the threat really seems pretty pervasive at this point.
5. Gardner: Pervasive threat. Is that how you see it, Jim Stikeleather?
Stikeleather: I agree. The threat is pervasive. The only secure computer in the world right now
is the one that's turned off in a closet, and that's the nature. You have to make decisions about
what you're putting on and where you're putting it on. I's a big concern that if we don't get better
with security, we run the risk of people losing trust in the Internet and trust in the web.
When that happens, we're going to see some really significant global economic concerns. If you
think about our economy, it's structured around the way the Internet operates today. If people
lose trust in the transactions that are flying across it, then we're all going to be in pretty bad
world of hurt.
Gardner: All right, well I am duly scared. Let's think about what we can start doing about this.
How should organizations rethink security? And is that perhaps the way to do this, Mary Ann? If
you say, "Things have changed. I have to change, not only in how we do things tactically, but
really at that high level strategic level," how do you rethink security properly now?
Mezzapelle: It comes back to one of the bottom lines about empowering the business. Jim talked
about having that balance. It means that not only do the IT people need to know more about the
business, but the business needs to start taking ownership for the security of their own assets,
because they are the ones that are going to have to belay the loss, whether it's data, financial, or
whatever.
They need to really understand what that means, but we as IT professionals need to be able to
explain what that means, because it's not common sense. We need to connect the dots and we
need to have metrics. We need to look at it from an overall threat point of view, and it will be
different based on what company you're about.
You need to have your own threat model, who you think the major actors would be and how you
prioritize your money, because it's an unending bucket that you can pour money into. You need
to prioritize.
Gardner: How would this align with your other technology and business innovation activities?
If you're perhaps transforming your business, if you're taking more of a focus at the process
level, if you're engaged with enterprise architecture and business architecture, is security a
sideline, is it central, does it come first? How do you organize what's already fairly complex in
security with these other larger initiatives?
Mezzapelle: The way that we've done that is this is we've had a multi-pronged approach. We
communicate and educate the software developers, so that they start taking ownership for
security in their software products, and that we make sure that that gets integrated into every part
of portfolio.
6. The other part is to have that reference architecture, so that there’s common services that are
available to the other services as they are being delivered and that we can not control it but at
least manage from a central place.
You were asking about how to pay for it. It's like Transformation 101. Most organizations spend
about 80 percent of their spend on operations. And so they really need to look at their operational
spend and reduce that cost to be able to fund the innovation part.
Getting benchmarks
It may not be in security. You may not be spending enough in security. There are several
organizations that will give you some kind of benchmark about what other organizations in your
particular industry are spending, whether it's 2 percent on the low end for manufacturing up to
10-12 percent for financial institutions.
That can give you a guideline as to where you should start trying to move to. Sometimes, if you
can use automation within your other IT service environment, for example, that might free up the
cost to fuel that innovation.
Stikeleather: Mary Ann makes a really good point. The starting point is really architecture.
We're actually at a tipping point in the security space, and it comes from what's taking place in
the legal and regulatory environments with more-and-more laws being applied to privacy, IP,
jurisdictional data location, and a whole series of things that the regulators and the lawyers are
putting on us.
One of the things I ask people, when we talk to them, is what is the one application everybody in
the world, every company in the world has outsourced. They think about it for a minute, and they
all go payroll. Nobody does their own payroll any more. Even the largest companies don't do
their own payroll. It's not because it's difficult to run payroll. It's because you can’t afford all of
the lawyers and accountants necessary to keep up with all of the jurisdictional rules and
regulations for every place that you operate in.
Data itself is beginning to fall under those types of constraints. In a lot of cases, it's medical data.
For example, Massachusetts just passed a major privacy law. PCI is being extended to anybody
who takes credit cards.
The security issue is now also a data governance and compliance issue as well. So, because all
these adjacencies are coming together, it's a good opportunity to sit down and architect with a
risk management framework. How am I going to deal with all of this information?
Plus you have additional funding capabilities now, because of compliance violations you can
actually identify what the ROI is for of avoiding that. The real key to me is people stepping back
and saying, "What is my business architecture? What is my risk profile associated with it? What's
the value associated with that information? Now, engineer my systems to follow that."
7. Mezzapelle: You need to be careful that you don't equate compliance with security? There are a
lot of organizations that are good at compliance checking, but that doesn't mean that they are
really protecting against their most vulnerable areas, or what might be the largest threat. That's
just a letter of caution -- you need to make sure that you are protecting the right assets.
Gardner: It's a cliché, but people, process, and technology are also very important here. It seems
to me that governance would be an overriding feature of bringing those into some alignment.
Jim Hietala, how should organizations approach these issues with a governance mindset? That is
to say, following procedures, forcing those procedures, looking and reviewing them, and then
putting into place the means by which security becomes in fact part-and-parcel with doing
business?
Risk management
Hietala: I guess I'd go back to the risk management issue. That's something that I think
organizations frequently miss. There tends to be a lot of tactical security spending based upon the
latest widget, the latest perceived threat -- buy something, implement it, and solve the problem.
Taking a step back from that and really understanding what the risks are to your business, what
the impacts of bad things happening are really, is doing a proper risk analysis. Risk assessment is
what ought to drive decision-making around security. That's a fundamental thing that gets lost a
lot in organizations that are trying to grapple the security problems.
Gardner: Jim Stikeleather, any thoughts about governance as an important aspect to this?
Stikeleather: Governance is a critical aspect. The other piece of it is education. There's an
interesting fiction in both law and finance. The fiction of the reasonable, rational, prudent man. If
you've done everything a reasonable, rational and prudent person has done, then you are not
culpable for whatever the event was.
I don't think we've done a good job of educating our users, the business, and even some of the
technologists on what the threats are, and what are reasonable, rational, and prudent things to do.
One of my favorite things are the companies that make you change your password every month
and you can't repeat a password for 16 or 24 times. The end result is that you get as this little
thing stuck on the notebook telling them exactly what the password is.
So, it's governance, but it's also education on top of governance. We teach our kids not to cross
the street in the middle of the road and don't talk to strangers. Well, we haven't quite created that
same thing for cyberspace. Governance plus education may even be more important than the
technological solutions.
Gardner: One sort of push-back on that is that the rate of change is so rapid and the nature of
the risks can be so dynamic, how does one educate? How you keep up with that?
8. Stikeleather: I don't think that it's necessary. The technical details of the risks are changing
rapidly, but the nature of the risk themselves, the higher level of the taxonomy, is not changing
all that much.
If you just introduce safe practices so to speak, then you're protected up until someone comes up
with a totally new way of doing things, and there really hasn't been a lot of that. Everything has
been about knowing that you don't put certain data on the system, or if you do, this data is always
encrypted. At the deep technical details, yes, things change rapidly. At the level with which a
person would exercise caution, I don't think any of that has changed in the last ten years.
Gardner: We've now entered into the realm of behaviors and it strikes me also that it's quite
important and across the board. There are behaviors at different levels of the organization. Some
of them can be good for ameliorating risk and others would be very bad and prolonged. How do
you incentivize people? How do you get them to change their behavior when it comes to
security, Mary Ann?
Mezzapelle: The key is to make it personalized to them or their job, and part of that is the
education as Jim talked about. You also show them how it becomes a part of their job.
Experts don't know
I have a little bit different view that it is so complex that even security professionals don’t
always know what the reasonable right thing to do it. So, I think it's very unreasonable for us to
expect that of our business users, or consumers, or as I like to say, my mom. I use her as a use
case quite a lot of times about what would she do, how would she react and would she recognize
when she clicked on, "Yes, I want to download that antivirus program," which just happened to
be a virus program.
Part of it is the awareness so that you keep it in front of them, but you also have to make it a part
of their job, so they can see that it's a part of the culture. I also think it's a responsibility of the
leadership to not just talk about security, but make it evident in their planning, in their
discussions, and in their viewpoints, so that it's not just something that they talk about but ignore
operationally.
Gardner: One other area I want to touch on is the notion of cloud computing, doing more
outsourced services, finding a variety of different models that extend beyond your enterprise
facilities and resources.
There's quite a bit of back and forth about, is cloud better for security or worse for security? Can
I impose more of these automation and behavioral benefits if I have a cloud provider or a single
throat to choke, or is this something that opens up? I've got a sneaking suspicion I am going to
hear "It depends" here, Jim Stikeleather, but I am going to go with you anyway. Cloud: I can't
live with it, can't live without it. How does it work?
9. Stikeleather: You're right, it depends. I can argue both sides of the equation. On one side, I've
argued that cloud can be much more secure. If you think about it, and I will pick on Google,
Google can expend a lot more on security than any other company in the world, probably more
than the federal government will spend on security. The amount of investment does not
necessarily tie to a quality of investment, but one would hope that they will have a more secure
environment than a regular company will have.
On the flip side, there are more tantalizing targets. Therefore they're going to draw more
sophisticated attacks. I've also argued that you have statistical probability of break-in. If
somebody is trying to break into Google, and you're own Google running Google Apps or
something like that, the probability of them getting your specific information is much less than if
they attack XYZ enterprise. If they break in there, they are going to get your stuff.
Recently I was meeting with a lot of NASA CIOs and they think that the cloud is actually
probably a little bit more secure than what they can do individually. On the other side of the coin
it depends on the vendor. I've always admired astronauts, because they're sitting on top of this
explosive device built by the lowest-cost provider. I've always thought that took more bravery
than anybody could think of. So the other piece of that puzzle is how much is the cloud provider
actually providing in terms of security.
You have to do your due diligence, like with everything else in the world. I believe, as we move
forward, cloud is going to give us an opportunity to reinvent how we do security.
I've often argued that a lot of what we are doing in security today is fighting the last war, as
opposed to fighting the current war. Cloud is going to introduce some new techniques and new
capabilities. You'll see more systemic approaches, because somebody like Google can't afford to
put in 150 different types of security. They will put one more integrated. They will put in, to
Mary Ann’s point, the control panels and everything that we haven't seen before.
So, you'll see better security there. However, in the interim, a lot of the software-as-a-service
(SaaS) providers, some of the simpler platform-as-a-service (PaaS) providers haven’t made that
kind of investment. You're probably not as secured in those environments.
Gardner: Mary Ann, do you also see cloud as a catalyst to a better security either from
technology process or implementation?
Lowers the barrier
Mezzapelle: For the small and medium size business it offers the opportunity to be more
secure, because they don't necessarily have the maturity of processes and tools to be able to
address those kinds of things. So, it lowers that barrier to entry for being secure.
For enterprise customers, cloud solutions need to develop and mature more. They may want to
do with hybrid solution right now, where they have more control and the ability to audit and to
10. have more influence over things in specialized contracts, which are not usually the business
model for cloud providers.
I would disagree with Jim in some aspects. Just because there is a large provider on the Internet
that’s creating a cloud service, security may not have been the key guiding principle in
developing a low-cost or free product. So, size doesn't always mean secure.
You have to know about it, and that's where the sophistication of the business user comes in,
because cloud is being bought by the business user, not by the IT people. That's another
component that we need to make sure gets incorporated into the thinking.
Stikeleather: I am going to reinforce what Mary Ann said. What's going on in cloud space is
almost a recreation of the late '70s and early '80s when PCs came into organizations. It's the
businesspeople that are acquiring the cloud services and again reinforces the concept of
governance and education. They need to know what is it that they're buying.
I absolutely agree with Mary. I didn't mean to imply size means more security, but I do think that
the expectation, especially for small and medium size businesses, is they will get a more secure
environment than they can produce for themselves.
Gardner: Jim Hietala, we're hearing a lot about frameworks, and governance, and automation.
Perhaps even labeling individuals with responsibility for security and we are dealing with some
changeable dynamics that move to cloud and issues around cyber security in general, threats
from all over. What is The Open Group doing? It sounds like a huge opportunity for you to bring
some clarity and structure to how this is approached from a professional perspective, as well as a
process and framework perspective?
Hietala: It is a big opportunity. There are a number of different groups within The Open Group
doing work in various areas. The Jericho Forum is tackling identity issues as it relates to cloud
computing. There will be some new work coming out of them over the next few months that lay
out some of the tough issues there and present some approaches to those problems.
We also have the Trusted Technology Forum (TTF) and the Trusted Technology Provider
Framework (TTPF) that are being announced here at this conference. They're looking at supply
chain issues related to IT hardware and software products at the vendor level. It's very much an
industry-driven initiative and will benefit government buyers, as well as large enterprises, in
terms of providing some assurance of products they're procuring are secure and good commercial
products.
Also in the Security Forum, we have a lot of work going on in security architecture and
information security management. There are a number projects that are aimed at practitioners,
providing them the guidance they need to do a better job of securing, whether it's a traditional
enterprise, IT environment, cloud and so forth. Our Cloud Computing Work Group is doing work
on a cloud security reference architecture. So, there are number of different security activities
going on in The Open Group related to all this.
11. Gardner: What have you seen in a field in terms of a development of what we could call a
security professional? We've seen Chief Security Officer, but is there a certification aspect to
identifying people as being qualified to step in and take on some of these issues?
Certification programs
Hietala: There are a number of certification programs for security professionals that exist out
there. There was legislation, I think last year, that was proposed that was going to put some
requirements at the federal level around certification of individuals. But, the industry is fairly
well-served by the existing certifications that are out there. You've got CISSP, you've got a
number of certification from SANS and GIAC that get fairly specialized, and there are lots of
opportunities today for people to go out and get certifications in improving their expertise in a
given topic.
Gardner: My last question will go to you on this same issue of certification. If you're on the
business side and you recognize these risks and you want to bring in the right personnel, what
would you look for? Is there a higher level of certification or experience? How do you know
when you've got a strategic thinker on security, Mary Ann?
Mezzapelle: The background that Jim talked about CISSP, CSSLP from (ISC)2, there is also the
CISM or Certified Information Security Manager that’s from an audit point of view, but I don't
think there's a certification that’s going to tell you that they're a strategic thinker. I started out as a
technologist, but it's that translation to the business and it's that strategic planning, but applying it
to a particular area and really bringing it back to the fundamentals.
Gardner: Does this become then part of enterprise architecture (EA)?
Mezzapelle: It is a part of EA, and, as Jim talked, about we've done some work on The Open
Group with Information Security Management model that extend some of other business
frameworks like ITIL into the security space to have a little more specificity there.
Gardner: Last word to you, Jim Stikeleather, on this issue of how do you get the right people in
the job and is this something that should be part and parcel with the enterprise or business
architect?
Stikeleather: I absolutely agree with what Mary Ann said. It's like a CPA. You can get a CPA
and they know certain things, but that doesn't guarantee that you’ve got a businessperson. That’s
where we are with security certifications as well. They give you a comfort level that the
fundamental knowledge of the issues and the techniques and stuff are there, but you still need
someone who has experience.
At the end of the day it's the incorporation of everything into EA, because you can't bolt on
security. It just doesn't work. That’s the situation we're in now. You have to think in terms of the
framework of the information that the company is going to use, how it's going to use it, the value
that’s associated with it, and that's the definition of EA.
12. Gardner: Well, great. We have been discussing the business risk around cyber security threats
and how to perhaps position yourself to do a better job and anticipate some of the changes in the
field. I’d like to thank our panelists. We have been joined by Jim Hietala, Vice President of
Security for The Open Group. Thank you, Jim.
Hietala: Thank you, Dana.
Gardner: Mary Ann Mezzapelle, Chief Technologist in the Office of the CTO for HP. Thank
you.
Mezzapelle: Thanks, Dana.
Gardner: And lastly, Jim Stikeleather,Chief Innovation Officer at Dell Services. Thank you.
Stikeleather: Thank you, Dana.
Gardner: This is Dana Gardner. You’ve been listening to a sponsored BriefingsDirect podcast in
conjunction with The Open Group Conference here in San Diego, the week of February 7th,
2011. I want to thank all for joining and come back next time.
Listen to the podcast. Find it oniTunes/iPod and Podcast.com. Download the transcript. Sponsor:
The Open Group
Transcript of a sponsored podcast panel discussion from The Open Group 2011 U.S. Conference
on how enterprises need to change their thinking to face cyber threats.
You may also be interested in:
• Examining the Current State of the Enterprise Architecture Profession with the Open
Group's Steve Nunn
• Infosys Survey Shows Enterprise Architecture and Business Architecture on Common
Ascent to Strategy Enablers
• The Open Group's Cloud Work Group Advances Understanding of Cloud-Use Benefits
for Enterprises