CIO CIO

Active Directory (AD) holds the enterprise’s crown jewels, granting privileges to users that determine what data they can access and what level of control they have over the IT environment. It’s such a vital system that when AD goes down, business operations often go with it. Even worse, if attackers are able to compromise AD, they possess the keys to the corporate kingdom. AD is a high-priority target for cyber criminals because compromising it enables them to: Distribute malware and/or ransomware on a massive number of endpoints: Hackers can achieve such a large footprint on end-user devices and internal systems that recovery at scale becomes impossible. Steal intellectual property: Controlling or subverting AD enables attackers to hop from system to system to find, extract, and then destroy product designs, source code, and other valuable, irreplaceable IP. Using open-source tools that analyze the security of AD, criminal organizations can identify promising attack paths to comprise it. Cripple AD: Ransomware and other attacks that target AD with the goal of bringing it down can drive business operations to its knees. Given how vital AD is to IT and business operations, organizations should place a high priority on protecting it from attack. Privileged Access Management (PAM) is a category of security tools that manage and protect accounts that grant access beyond that given to ordinary business users, such as the rights that system administrators possess to the critical systems they manage. Privileged accounts rely on secrets such as passwords, keys, and certificates to control access to critical systems. PAM secures these secrets by storing and managing them in a secure vault. PAM also protects AD by reducing the attack surface, because it strictly controls access to privileged accounts and protects systems at different layers, such as Tier 0 domain controllers, which provide direct control over identities and privileges in the IT environment. Additionally, PAM prevents unauthorized access by enforcing least privilege and multi-factor authentication and by only provisioning elevated permissions temporarily. Through PAM, IT and security personnel gain increased visibility and control with forensic-level auditing and session recording at the host system. AI tools can rapidly detect anomalous behavior, which enables IT to respond quickly — in many cases, AI can automatically address the issue. PAM also addresses the well-known issue of giving too many privileges to individual users. Instead, with PAM, access requests and approval workflows grant just-enough elevated access and permissions just-in-time, and these permissions exist for only a limited amount of time. To adequately protect AD, PAM should vault and limit access to the AD domain administrator accounts and rotate them on regular basis. PAM should vault away all accounts that are members of the Domain Administrators group and establish a checkout/check-in process for them. Beyond vaulting, make sure privilege control is enabled for servers on all domain controllers to protect logins and to establish session recordings for any interactive sessions on these super-sensitive Tier 0 servers. Then, remove all privileges from domain administrator accounts, granting access only to individual assets instead of the entire domain, and do so with least privilege access on a just-in-time basis. Delinea provides PAM solutions that have consistently been recognized as leaders by top analysts firms, protecting privileged access in well-known organizations such as Saab, BP, BAE Systems, and the USDA. Learn why Delinea is trusted by thousands of companies. source

Cleveland Clinic and G42 have entered into a strategic collaboration to advance the adoption of artificial intelligence (AI) in healthcare, marking yet another major step in realizing AI’s potential in medicine. The partnership will create a joint task force to assess, prioritize, and expedite AI-powered efforts to enhance patient care, medical research, and operational efficiency. G42, based in Abu Dhabi, UAE, is a global technology pioneer specializing in AI, digital infrastructure, and big data analytics. M42, the group’s healthcare subsidiary, operates 480 clinics in 26 countries and has led large health projects such as the Emirati Genome Program and Abu Dhabi’s health information exchange, Malaffi. “Cleveland Clinic is committed to finding opportunities that improve patient safety, patient experience, patient outcomes, and access,” said Cleveland Clinic CEO and President Tom Mihaljevic, M.D. “Artificial intelligence offers a tremendous opportunity to continue to advance and fulfill our mission of caring for life, researching for health, and educating those who serve.” source

For decades, businesses have relied on MPLS and SD-WAN to connect branch offices and remote workers to critical applications. That worked when everything lived in the corporate data center. But the world shifted—applications moved to the cloud, workers became mobile, and cybercriminals got more creative. Meanwhile, many IT departments are stuck in the past, clinging to infrastructure that no longer meets the needs of the modern workforce. It’s time to rethink the way we connect and protect users, and that’s where the idea of the “Cafe-like Branch” changes the game. This approach embraces Zero Trust principles to deliver flexibility, simplify operations, and improve security. As workplaces evolve, it’s not just an option—it’s a necessity. The problem with networking like it’s 1999 Let’s face it: MPLS had its moment. Paying a premium to backhaul traffic to a central data center made sense when that was where all applications lived. But the second your workflows moved to the cloud—whether Salesforce, Zoom, Office365, AWS, or Azure —MPLS became, in a word, inefficient. Add high bandwidth costs and painful latency into the mix, and it’s no surprise companies started looking for a better option. Enter SD-WAN: cheaper than MPLS and designed for cloud-first traffic patterns. Sounds promising, right? Well, not exactly. SD-WAN solved the cost issue but left companies exposed in other ways: Implicit Trust Is a Problem: SD-WAN simply extends the corporate network everywhere using site-to-site VPNs, treating all traffic as “trusted.” This inherent trust means that if one user or device is breached, the attacker has access to the entire network. Complex Security Challenges: Attackers love SD-WAN—and that’s not something to brag about. The complexity of these systems makes them ripe for exploitation. The bottom line: these technologies didn’t anticipate the modern way we work. People aren’t tethered to desks; they work from coffee shops, airplanes, and kitchens. And IoT devices? They’re exploding across locations with little thought for enterprise-grade security. The concept of a traditional “branch network” just doesn’t apply anymore. What is the “cafe-like” branch? Think of your favorite coffee shop: No one sits there trying to extend the corporate network to your laptop, but you still have access to the tools you need (securely) over the internet. This is the essence of the Cafe-like Branch. Instead of extending the corporate network to every single employee over VPN or every branch, warehouse, or factory using SD-WAN, organizations securely connect locations—and the people and devices in them—directly to a Zero Trust Exchange. Here’s what makes the Cafe-like Branch model revolutionary: Branches operate like standalone islands: Each site connects securely to the Zero Trust Exchange using broadband, Wi-Fi, or 5G. There’s no more “extending the corporate network” to every single location. No more implicit trust: Every access request is verified by the Zero Trust model, which shifts security from “Connect first, secure later” to “Verify and secure first.” Workers and devices get access to only what they need—nothing more. IoT no longer a blind spot: With IoT devices proliferating in branches, factories, and warehouses, traditional methods like micro-segmentation have fallen woefully short. The Cafe-like Branch architecture enables you to classify and isolate devices automatically, securing environments without requiring costly hardware upgrades or downtime. By eliminating VPNs and simplifying architecture, the Cafe-like Branch model addresses the connectivity needs of today while securing the future. Transformative benefits for businesses When you implement the Cafe-like Branch, you’re not just keeping up with the times—you’re leapfrogging legacy constraints and transforming your network for the better. Here are the key benefits: Minimized attack surface: Hiding applications behind a Zero Trust Exchange minimizes the Firewall and VPN attack surface. You can’t attack what you can’t see. Prevent lateral threat movement: By removing implicit trust inherent in traditional networks, breaching a single user or IOT device doesn’t mean compromising everything on the network. Increased agility: Bringing up a new location only requires a broadband, 5G, or satellite connection. There’s no more “extending the corporate network” to every single location Cost efficiency: MPLS, NAC and expensive switches have long been a drain on budgets. The Cafe-like Branch eliminates these inefficiencies while simplifying the network architecture. Ready to rethink your network? The Cafe-like Branch isn’t a buzzword—it’s a call to action. The days of MPLS backbones, VPN-heavy environments, and SD-WAN vulnerabilities are numbered. Cyberthreats, IoT proliferation, and the demands of hybrid workforces require a total rethink of how organizations build their networks. It’s not just about better security or cost savings—it’s about building infrastructure fit for the way we work today and tomorrow. So, what are you waiting for? It’s time to trade legacy baggage for modern simplicity. The Cafe-like Branch is your key to reducing risk, cutting costs, and giving your workforce the flexibility they crave—all without sacrificing security. To learn more, visit – Zscaler Lightboard: Zero Trust Branch Like a Cafe. source

AI will transform industries more than the internet and the cloud. However, the potential for such a dramatic shift in innovation and productivity raises a critical question: are businesses ready to manage the technological changes and organizational complexities that AI has the potential to introduce? The Cisco AI Readiness Index measures how prepared global companies are to deploy AI solutions. Cisco surveyed more than 8,000 business and IT leaders across 30 countries to evaluate their readiness to integrate AI into their businesses. The assessment focused on six key pillars: Strategy, Infrastructure, Data, Governance, Talent, and Culture.   Insights from the Cisco AI Readiness Index  Low preparedness, high interest in AI  Only 13% of organizations worldwide are fully prepared to deploy and integrate AI applications into their businesses. Yet, 98% of companies surveyed reported an increased urgency to deploy AI technologies within the next six months.    Strategies must support business goals  Most organizations (61%) reported having an AI strategy in place or under development to support their business goals. However, only 21% possess the necessary graphical processing units (GPUs) and IT infrastructure to power AI applications. As a result, organizations are investing in AI infrastructure, including accelerated compute, reliable networking, and sufficient storage, to support their initiatives. With an ever-expanding attack surface and growing reliance on AI systems and data, companies are also heavily investing in cybersecurity to reduce risks, increase visibility, and protect sensitive information.  Powerful, scalable infrastructure is essential  More than three quarters (79%) of organizations anticipate needing more GPU resources to support growing AI workloads. Nearly all IT leaders surveyed agreed that AI will increase workload size and volumes, but only 10% believe their existing networks can scale to meet these demands.  AI depends on high-quality data  Organizations adopting AI must take a strategic and secure approach to data management to ensure it is organized, traceable, and high quality. Data remains siloed in 82% of surveyed organizations, and only 25% reported that their data is fully integrated with analytics tools.  Establish a clear AI governance plan  Organizations must develop clear governance plans to manage the development, deployment, and usage of AI solutions while ensuring fairness and preventing bias. Despite this need, 76% of respondents admitted their organizations lack comprehensive AI policies. Additionally, only 35% reported a detailed understanding of global data privacy standards.  Help employees build their skillsets  Only 19% of respondents believe their employees possess sufficient skills to maximize AI tools. Organizations must focus on training and upskilling employees while addressing concerns that AI may replace jobs.  Help employees embrace the possibilities of AI  Pressure to adopt AI affects 85% of surveyed organizations. Respondents indicated that organizations have about 18 months to implement AI strategies before facing significant business challenges. Leaders can foster a culture that embraces AI innovation by helping employees understand its implications and potential for accelerating growth across various functions.     AI-ready or not?   Is your business ready to leverage AI? Take Cisco’s AI Readiness Assessment and compare your readiness to other organizations in the survey.   source

source

Having managed and rescued dozens of projects, and helped others do so, I’ve noted that there is always one critical success factor (CSF) that has either been effectively addressed or missed/messed up: clarity around the roles and responsibilities for each project participant and key stakeholder. No matter how detailed and complete a project plan may be for any project, confusion or omission of participant roles and responsibilities will cause major problems. Enter the RACI matrix. The simplest and most effective approach I’ve seen and used to define and document project roles and responsibilities is the RACI model. Integrating the RACI model into an organization’s project life cycle (PLC) creates a powerful synergy that enhances and improves project outcomes. What is a RACI matrix? The RACI matrix is a project role and responsibility assignment chart that diagrams every task, milestone, or key decision to assign team roles across four categories: Responsible, Accountable, Consulted, and Informed. These categories indicate whether a team member is Responsible for an action item, is Accountable for it, should be Consulted on it, or simply be Informed of the action, milestone, or decision. The acronym RACI stands for the four roles that stakeholders might play at any point in a project. source

Investing in the right kind of PCs helps businesses innovate, become more secure and adapt to new ways of working. They also ensure that enterprises have a foundation from which to implement crucial AI-driven improvements that can boost productivity and growth. According to Michael Nordquist, Corporate Vice President of Client Product Marketing at AMD, IT leaders are currently weighing the merits of upgrading to AI PCs. “With Windows 10’s end of support approaching, IT decision-makers are caught between needing to invest and managing budget constraints,” he says. “Despite this, the buzz around AI is pushing IT leaders to consider how AI-enabled PCs can enhance productivity and manageability. AMD’s focus is on building AI PCs that both deliver classical reliability and offer a foundation for emerging AI functionalities.” A new era of security and manageability As enterprises upgrade to AI PCs, endpoint security will remain a priority. Nordquist, speaking in a CIO webcast, commented: “Since 2020 AMD has worked closely with Microsoft and OEM partners to better protect devices from firmware vulnerabilities and browser-based attacks. Today, we’re working together to embed future-ready AI capabilities like Microsoft Pluton into AI PCs for robust, hardware-based security.” The effective management of enterprise PC fleets is crucial for security and productivity in a globally distributed, hybrid workforce. In the age of AI PCs, management processes will become increasing automated and self-service. Where IT does need to step in, they will be able to do so remotely. “Thanks to advanced technologies like Microsoft Autopilot, IT teams can deploy PCs directly to employees’ homes with pre-loaded OS and automated system builds,” says Nordquist. “When challenges arise, AI PC processors can step into the breach. Our AMD Ryzen™ PRO processors, for example, come with ‘autoband’ technology that quickly restores systems to a safe state in the event of system issues. Processors like these can ensure seamless provisioning, deployment, and maintenance processes, making the transition to AI PCs smooth and cost-effective.” Powering the future of work Once deployed, AI PCs will help enable new ways of working within enterprises. According to Nordquist, one of the most important developments with AI PCs is the addition of Neural Processing Units (NPU), which are custom-built to run AI capabilities. Although NPUs have already been used for basic applications like video conferencing transcription, they promise to do much more. “Microsoft Copilot + PCs are ushering in the next wave of AI experiences, leveraging large language models to create complex presentations and videos with just a few keystrokes. What started as novelty in software development—using AI to generate or validate code—has quickly become essential. If you’re not integrating AI, you’re falling behind,” adds Norquist. For IT leaders considering making the move to AI PCs, weighing up the underlying technology will be critical. Nordquist concludes: “AMD has engineered our AMD Ryzen™ AI PRO systems to simplify IT challenges, integrating top-tier performance, security, manageability, and long battery life. With AMD Ryzen™ AI PRO processors, IT professionals can rest easy knowing that they are empowering workers with a tool that excels in every aspect necessary for modern computing. By empowering end users with high-performing PCs that also prioritize creative capabilities, we enable them to deliver the most value in their roles.” Watch the whole webcast below. source

This means that enterprises will almost have a guarantee that their agents are appropriately vetted for security, privacy, and performance-related considerations and this confirmation will help enterprises have more confidence in adopting agentic technologies, said Arnal Dayaratna, research vice president at IDC. Another point of advantage is the no additional cost factor of the Studio. Futurum’s Hinchcliffe said that the pricing strategy is an aggressive play against rivals who charge, such as Salesforce’s Agentforce, which sometimes charges $2 for a transaction. However, he pointed out that the actual value of the new offering will depend on how open-ended the agent orchestration is. “If Oracle’s approach remains tightly constrained to Fusion Applications, enterprises looking for broader AI autonomy and orchestration may still turn to AWS, Google, or Microsoft,” he said. source

Congratulations to these ‘movers and shakers’ recently hired or promoted into a new chief information officer, senior IT, or board role in Australia. John Granger joins Healthscope Healthscope has appointed John Granger as Chief Information Officer. After an eight-year stint as CIO at Cleanaway Waste Management Limited, Granger brings deep technology leadership to Australia’s largest private hospital network. Dan Chesterman appointed at Teachers Mutual Bank Teachers Mutual Bank has appointed Dan Chesterman as Chief Information Officer. His background includes technology leadership roles at ASX, Commonwealth Bank’s CommSec & Private Bank, and Accenture, with extensive experience in financial technology consulting. source