Wednesday, September 18, 2019

Disaster Recover in the Age of Cloud and Edge Computing

Most companies are now running apps in the cloud and many are engaging in technology uses like Internet of Things (IoT), which calls for the installation of many computing services on the edge of the organization. The spreading out of computing services means that the IT department has less control and sometimes no control over the widespread resources in the organization. 

Traditionally, IT has had responsibility for disaster recovery and it used to conduct tests and organize the responses in the event of a shutdown or protracted outage of IT services. They still generally have that responsibility, but now, with cloud and edge computing, their task is a lot more difficult. With other people in the organization responsible for those spread-out resources, it can be a lot like herding cats.

IT's role becomes one of coordination and oversight. System and Disaster planning documentation must be standardized and distribute in ways that will survive outages. Testing must be carried out on a coordinated basis, perhaps rotated around the organization and certainly reviewed and supervised by IT.

IoT often means that devices are being brought into the system on the edge regularly. The data from such systems, can enter into the main system databanks quickly and used for analysis. Therefore it must be accurate and secure. Routines for adding in new data sources must be part of the oversight done by IT and easily adapted to the parts of the organization adopting IoT Systems. 

Living on the edge is risky and calls for extended controls to manage that risk.

Wednesday, July 17, 2019

How IoT, Big Data, AI and Blockchain all Tie in Together

IoT, or the Internet of Things, is one of the most rapidly growing elements of internet usage. As everyone knows by now, IoT involves "smart" devices, like home appliances, heating systems, alarm systems. cars, indeed almost any device imaginable. The devices are connected to the internet and generate loads of data.

But it goes beyond mere collection of data - big data. "Intelligent devices will continuously acquire, configure, restock, refresh, optimize, repair, and otherwise manage every material and virtual facet of our lives." So your refrigerator orders milk and butter when they run out. Or calls the repairman if your security system encounters a bug. This is increasingly accomplished through the use of Artificial Intelligence.

"Essentially, the IoT is becoming the world’s most pervasive transactional platform."

In order to be relied upon for business transactions, the IOT needs an infrastructure that can be trusted. That's where blockchain comes in. By ensuring that all data is cryptographically verified and tamper proofed in a distributed hyperledger that is shared by all commerce participants."

Most of our day-to-day activities will be automated in this fashion. That applies to business as well as homes.

And the big data can be analyzed using advanced analytics augmented by AI for financial management and reporting purposes. But that's another story.

For more on this, check out this link.

Monday, May 20, 2019

New Blog/Forum

The Zorba Research Blog is being published by the ThinkTWENTY Forum to be found at

Comments on the forum entries are encouraged.

Ten Questions Directors Should Ask About Cybersecurity Culture

A Board of Directors has a responsibility for overall cultural direction in an organization. To exercise this responsibility the organization must first have a cybersecurity culture that will minimize the risks. Cybersecurity culture is “the knowledge, beliefs, perceptions, attitudes, assumptions, norms and values of people regarding cybersecurity and how they manifest themselves in people’s behavior with information technologies.” (European Union Agency for Network and Information Security (ENISA), Cyber Security Culture in Organizations, Greece, 2017)

The directors need to ask the following questions:

1.     What are the business functions in the enterprise with the highest exposure to technology breaches?
2.     Is there a cybersecurity policy in place?
3.     Has the policy been infused into the cybersecurity culture of the organization?
4.     Has the policy been reflected in the operational processes of the organization, particularly in those areas of greatest risk
5.     Have people with the appropriate skills been empowered to implement those policies and procedures?
6.     What steps are being taken to reinforce the cybersecurity culture?
7.     Are appropriate educational and training programs in place?
8.     Is there a process in place for regular and periodic review of the health of the cybersecurity culture?
9.     Have the main policies and procedures supporting the cybersecurity culture been documented to provide a cohesive understanding of that culture?
10.  Are there steps in place for regular reporting and discussion with the Board of Directors involving the most responsible personnel?  

Monday, May 13, 2019

The Challenges of AI

Every hype cycle has a period in which implementation is beginning and the issues become clearer. AI is in that stage. The widespread hype over the past couple of years has been tremendous. But as the latest wave of new technologies enters into production, these issues are coming into focus.

AI is based on large volumes of data and various algorithms. The data can be used to "train" the algorithms. To do so, the data need to be not only voluminous, but clear of errors and bias. So it goes back to the quality of the data. As for the algorithms, they often start out as generalities, biased by social and economic norms that may not apply in a particular application. So the training is needed for that. Also, training is needed to enable the AI to adopt to changing circumstances. And the data must reflect those fairly.

These issues will not stop the advances of AI, nor will they slow it up very much. They just represent a normal part of the cycle - the learning cycle. They will make AI stronger in the end.

Thursday, May 02, 2019

Adopting Blockchain Applications

Although blockchain has not been widely adopted in business as yet, there are signs that this will change. One of the key aspects of blockchain is that it can be used to promote (or substitute for lack of) trust among users. For example, if there is a situation in the company where a database is needed, and there is a lack of trust among the users, then blockchain might be the answer.

Before adopting, the situation would need to be defined carefully, the processes involved mapped out, and a comparison made of what those processes would look like in a blockchain environment. Then it is possible to evaluate the monetary and non-monetary benefits of the blockchain approach to that situation. A blockchain expert could help with this.

Beyond that, the usual routines for new applications apply, including user involvement, testing, phase-in, etc.

Use of AI in Auditing

How are the big audit firms using AI? Gundi Jeffrey interviewed partners of Deloitte and MNP to address this question. The results are revealing and you can read them in the current issue of ThinkTWENTY20.

Thursday, April 25, 2019

IT Governance - Stay with the Basics

With a fast changing world, it's easy to lose sight of the basics. That can be costly. Some of the basic elements to remember  are:

  1. Stay in sync with business needs. Failure to do so could result in a proliferation of ad hoc "shadow" systems being developed.
  2. Don't let brand loyalty get in the way of good decisions, especially when more than one brand will get the job done.
  3. Remember right-sizing. Scale the jobs to what is needed.
  4. New tools will only work if there is the proper substructure in place, such as trained people who know how to ask the right questions.
  5. Go with phasing where possible, rather than big bang implementations.
  6. Do not make decisions in isolation.
  7. Be careful not to make decisions just for the sake of technology. The lustre of new shiny technologies can quickly wear off.
A good expanded summary of these elements can be found here.

Wednesday, April 10, 2019

Questions about Human/Machine Relationships

An article by Julie Teigland in the Ernst & Young website makes a number of fascinating predictions about the interaction of humans and robots in the future (probably the nearer future than most of us think).

1.     CEOs will manage a workforce that consists of both people and machines. 

As AI driven robots increase in their capabIlities and learn to work alongside humans, they will increasingly become a part of the work teams in organizations. It will get increasingly difficult to distinguish between the contributions of humans and robots – and thus more difficult to treat them differently.

2.     More and more of us will be gig workers.

We’re already seeing the gig economy. As this trend grows, hiring, management, and other HR practices will need to change radically.

3.     We will wear microchips.

As people wear microchips or have them implanted, it will become harder to distinguish them from humans. And harder to treat them differently. For example, when evaluating the performance of a human with a chip installed, do you evaluate the human or the chip?

4.     Work will become synonymous with education.

Change will happen so quickly that traditional education will become more ineffective. So learning on the job will become the norm. As this evolves, working and education will become synonymous.

5.     The days in the office will disappear. 

Virtual reality will become more common to the extent that people will be able to attend meetings, work in the office and attend social events without going anywhere. They will just don their helmet and they will be there.