Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Databases. Show all posts

Simplifying Data Management in the Age of AI

 


In today's fast-paced business environment, the use of data has become of great importance for innovation and growth. However, alongside this opportunity comes the responsibility of managing data effectively to avoid legal issues and security breaches. With the rise of artificial intelligence (AI), businesses are facing a data explosion, which presents both challenges and opportunities.

According to Forrester, unstructured data is expected to double by 2024, largely driven by AI applications. Despite this growth, the cost of data breaches and privacy violations is also on the rise. Recent incidents, such as hacks targeting sensitive medical and government databases, highlight the escalating threat landscape. IBM's research reveals that the average total cost of a data breach reached $4.45 million in 2023, a significant increase from previous years.

To address these challenges, organisations must develop effective data retention and deletion strategies. Deleting obsolete data is crucial not only for compliance with data protection laws but also for reducing storage costs and minimising the risk of breaches. This involves identifying redundant or outdated data and determining the best approach for its removal.

Legal requirements play a significant role in dictating data retention policies. Regulations stipulate that personal data should only be retained for as long as necessary, driving organisations to establish retention periods tailored to different types of data. By deleting obsolete data, businesses can reduce legal liability and mitigate the risk of fines for privacy law violations.

Creating a comprehensive data map is essential for understanding the organization's data landscape. This map outlines the sources, types, and locations of data, providing insights into data processing activities and purposes. Armed with this information, organisations can assess the value of specific data and the regulatory restrictions that apply to it.

Determining how long to retain data requires careful consideration of legal obligations and business needs. Automating the deletion process can improve efficiency and reliability, while techniques such as deidentification or anonymization can help protect sensitive information.

Collaboration between legal, privacy, security, and business teams is critical in developing and implementing data retention and deletion policies. Rushing the process or overlooking stakeholder input can lead to unintended consequences. Therefore, the institutions must take a strategic and informed approach to data management.

All in all, effective data management is essential for organisations seeking to harness the power of data in the age of AI. By prioritising data deletion and implementing robust retention policies, businesses can mitigate risks, comply with regulations, and safeguard their digital commodities.


The Future of AI: Labour Replacement or Collaboration?

 


In a recent interview with CNBC at the World Economic Forum in Davos, Mustafa Suleyman, co-founder and CEO of Inflection AI, expressed his views on artificial intelligence (AI). Suleyman, who left Google in 2022, highlighted that while AI is an incredible technology, it has the potential to replace jobs in the long term.

Suleyman stressed upon the need to carefully consider how we integrate AI tools, as he believes they are fundamentally labour-replacing over many decades. However, he acknowledged the immediate benefits of AI, explaining that it makes existing processes much more efficient, leading to cost savings for businesses. Additionally, he pointed out that AI enables new possibilities, describing these tools as creative, empathetic, and more human-like than traditional relational databases.

Inflection AI, Suleyman's current venture, has developed an AI chatbot providing advice and support to users. The chatbot showcases AI's ability to augment human capabilities and enhance productivity in various applications.

One key concern surrounding AI, as highlighted by Stanford University professor Erik Brynjolfsson at the World Economic Forum, is the fear of job obsolescence. Some worry that AI's capabilities in tasks like writing and coding might replace human jobs. Brynjolfsson suggested that companies using AI to outright replace workers may not be making the wisest choice. He proposed a more strategic approach, where AI complements human workers, recognizing that some tasks are better suited for humans, while others can be efficiently handled by machines.

Since the launch of OpenAI's ChatGPT in November 2022, the technology has generated considerable hype. The past year has seen an increased awareness of AI and its potential impact on various industries.

As businesses integrate AI into their operations, there is a growing need to educate the workforce and the public on the nuances of this technology. AI, in simple terms, refers to computer systems that can perform tasks that typically require human intelligence. These tasks range from problem-solving and decision-making to creative endeavours.

Mustafa Suleyman's perspective on AI highlights its dual role – as a cost-saving tool in the short term and a potential job-replacing force in the long term. Balancing these aspects requires careful consideration and strategic planning.

Erik Brynjolfsson's advice to companies emphasises the importance of collaboration between humans and AI. Instead of viewing AI as a threat, companies should explore ways to leverage AI to enhance human capabilities and overall productivity.

The future of AI lies in how we go about its integration into our lives and workplaces. The key is to strike a balance that maximises the benefits of efficiency and productivity while preserving the unique skills and contributions of human workers. As AI continues to evolve, staying informed and fostering collaboration will be crucial for a harmonious coexistence between humans and machines.



Canadian Telecom Provider Telus is Reportedly Breached

 

One of Canada's biggest telecommunications companies, Telus, is allegedly investigating a system breach believed to be fairly severe when malicious actors exposed samples of what they claimed to be private corporate information online.

As per sources, the malicious actors posted on BreachForums with the intention of selling an email database that claimed to include the email addresses of every Telus employee. The database has a $7000 price tag. For $6,000, one could access another database purported to provide payroll details for the telecom companies' top executives, including the president.

A data bundle with more than 1,000 private GitHub repositories allegedly belonging to Telus was also offered for sale by the threat actor for $50,000. A SIM-swapping API was reportedly included in the source code that was for sale. SIM-swapping is the practice of hijacking another person's phone by switching the number to one's own SIM card.

Although the malicious actors have described this as a Complete breach and have threatened to sell everything connected to Telus, it is still too early to say whether an event actually happened at TELUS or whether a breach at a third-party vendor actually occurred.

A TELUS representative told BleepingComputer that the company is looking into accusations that some information about selected TELUS team members and internal source code has leaked on the dark web.

The Telus breach would be the most current in recent attacks on telecom companies if it occurred as the malicious actors claimed. Three of the biggest telecommunications companies in Australia, Optus, Telestra, and Dialog, have all been infiltrated by attackers since the beginning of the year.

Customer data was used in a cyberattack that affected the Medisys Health Group business of Telus in 2020. The company claimed at the time that it paid for the data and then securely retrieved it. Although TELUS is still keeping an eye on the potential incident, it has not yet discovered any proof that corporate or retail customer data has been stolen.



Hacking of the US InfraGard Critical Infrastructure Intelligence Portal

 


One of the FBI's central databases had been hacked by a hacker. It appears to have been caused by a crucial security lapse on the part of the bureau, resulting in the possible theft of sensitive information. 

It has been reported by KrebsonSecurity that InfraGard has been used by hackers as a social media intelligence hub for high-profile people. 

An imperative aspect of the FBI's InfraGard program is that it links "critical infrastructure owners and operators with the FBI to provide education, information sharing, networking, and training regarding emerging threats and technologies." To put it simply, it is a database of people who are highly visible and who are concerned about security.  

A database with contact information for over 80,000 InfraGard members was listed on the Breached cybercrime forum for the cost of $50,000. It gives you access to the contact information of thousands of InfraGard members. 

A Python script from a friend was used to query the InfraGard API and obtain all of the user data after USDoD completed the sign-up process using email verification and then ran it to gather all of the data.  

One of the most concerning aspects of this data theft is that the FBI appears not to have conducted any security checks at all. The people's identities that were used to create this account have confirmed that they had never been contacted by the FBI before the account was approved. Although when the identities of people were used for this purpose. 

There has also been confirmation from the FBI to Krebs that they are aware of the possibility of a false account associated with the InfraGard system. They also stated that, currently, they are unfit to provide any additional information regarding the situation.  

A spokesperson for the USDA admitted that the $50,000 price tag placed on the databases was too high. As a result, it is imperative to make sure it is enforceable to allow for price negotiation if someone shows interest in purchasing it. While the InfraGard account is still active, there is nothing to stop hackers from contacting these high-profile figures at any time during the investigation.