Lee Hickin

In recent years, vulnerable legacy enterprise networks have migrated to full cloud solutions to improve security, scalability, and functionality. However, this shift has often come at the cost of data sovereignty and data lifecycle ownership. I am confident that, eventually, we will need to consider a mix of data sovereignty solutions and offshore computer processing. A likely return to edge computing, which emphasises local data storage and enhanced protection, is on the horizon. I look forward to helping our customers diversify their computing storage and processing capabilities by shifting from cloud computing to edge computing. Let’s see how this plays out!

19

1 Comment

Everyone, AI security might just be another software issue to tackle! 📢 if you are Building an AI system? It's crucial to consider responsible AI practices from the start. Check out the Responsible AI Pattern Catalogue from CSIRO (I like how they illustrated it as a pattern) : Why it's a game-changer: • Guides you through critical questions at every development stage • Supports creation of RESPONSIBLE system architecture, sequence diagrams, and user stories • Helps integrate responsible AI principles into your UML and overall design • Promotes a "secure by design" approach • Minimizes technical debt related to AI compliance • Ensures your AI system is responsible and adaptable This catalog is like having an AI ethics expert on your team, prompting important considerations as you build! ❗ Remember: Addressing AI responsibility after development can be incredibly challenging or even impossible. The technical debt is immense. Start right, start responsibly! #responsibleAI #aiethis #softwareengineer #aicompliance #UML https://lnkd.in/gqchazFk

19

visionAI is doing some interesting stuff using CCTV in Manufacturing and Supply Chain, especially around Safety. They've released a unique scorecard for Manufacturers to see if AI & Cloud tech can help. Give it a go (like an Australian breakdancer) 😃 - take the scorecard!

15

In a recent incident, Google Cloud accidentally deleted the entire account of UniSuper, one of its major customers, causing extensive downtime. UniSuper, an Australian pension fund managing $135 billion with 647,000 members, was able to recover after a nearly two-week outage because of backups stored with another cloud provider. The incident underscores the importance of diversifying backup strategies. Whether through multi-cloud deployments or on-premises solutions combined with cloud services, safeguarding IT assets is crucial to prevent catastrophic data loss. #DataProtection #CloudBackup #ITSecurity https://lnkd.in/eTm2N2er

32

4 Comments

A few weeks ago, I posted about the Medisecure e-script exchange, which faced a major data breach. Patient and clinician data are now available to buy on the dark web. The company sought a government bailout due to having zero revenue after losing its duopoly e-script contract in Australia. Today, Medisecure has gone into administration. This situation raises critical issues about data security accountability. With the company winding up, who is responsible for safeguarding the personal and clinical information of the many Australians who used Medisecure’s e-script service? This quandary prompts a broader question being asked loudly: Will data security become a governance requirement for Australian businesses? Where will the lines be drawn? Interoperable electronic medical records drive better health outcomes in healthcare. However, achieving this requires a robust framework that protects data and provides fail-safes when companies close. How will we navigate this challenge? Who owns this responsibility? #DataSecurity #Healthcare #Escript #CyberSecurity #DataPrivacy #DigitalHealth #DataGovernance #HealthData #Medisecure #Australia

12

Imagine you woke up one morning to find all your online accounts inaccessible, financial information vanished, and important documents nowhere to be found. This nightmare scenario became a reality for half a million UniSuper members when a Google Cloud failure wiped out their data for an entire week. This isn't just a minor inconvenience – it's a major disruption to livelihoods and peace of mind. The lesson is clear: don't put all your faith in one cloud provider, no matter how big or reputable they seem. Protect yourself by diversifying your backups. Utilise a reliable 3rd-party service that operates independently of major players like Google or Microsoft. It's a small price to pay for ensuring your data remains safe and accessible, no matter what happens in the cloud. Need help setting up a robust backup strategy? Our IT experts can assess your needs and implement a solution tailored to your business. Don't wait for disaster to strike. Contact us today and safeguard your data. #DataResilience #BackupStrategy #CloudOutage #UniSuper #ITSupport

The Voluntary AI Safety Standard is out - Check out the 10 commandments of AI Safety, a great tool for getting your AI Projects from Pilot to Production #aiadoption #aiaustralia https://lnkd.in/g_zyGQaN

43

Come join me to hear some insights about trends in AI and what is happening in our Work Trend Index report. Looking forward to joining Haylix once again for a great session!

7

Great catching up with you guys yesterday Edward Morris and Broderick Smith. Always a joy. Any company using AI in any significant way should attend this webinar: https://lnkd.in/g-4vmqEf If you're wondering why, watch the video below

6

Curious about the cloud complexities of Australian organisations? CRN’s inaugural Cloud Covered report delves deep into the hybrid cloud landscape. "Two decades of haphazard purchasing of SaaS and public cloud services has left many Australian organisations neither fully in nor fully out of the cloud." Explore insights from IT executives like Richard Wiltshire and Greg Wratt, navigating the nuances of hybrid environments for optimal cost and performance. Discover modernisation priorities, migration challenges, and industry perspectives from leaders like Paul Keen and Tomas Varsavsky. Read the report now! https://lnkd.in/g4sGsUmh Sponsored by Interactive and Rubrik #HybridCloud #CloudCovered

7

New update for Australian Electricity market demo, you need only to sync the repo from github to #MicrosoftFabric and run a setup notebook that will automatically : - Attach the lakehouse to the two other notebooks ( 5 minutes and daily) - Load data for 6 tables, by default , it use only 1 day. - Rebind the semantic model to the new Lakehouse - Rebind the report to the new semantic model thanks Jene Zhang and Yin Lin for the help https://lnkd.in/gwnAhMNg

40

3 Comments

Australia is waging a quiet yet critical battle on a new front—its software supply chains, and the stakes couldn’t be higher.   As these threats evolve, our critical systems are becoming targets, putting everything from healthcare to national defence at risk.   You can read some more thoughts on this shared with The Strategist, looking at how these stealthy attacks can infiltrate organisations and ripple across industries. It’s time to rethink how we defend our software supply chains with smarter prevention, strong frameworks, and greater urgency.   https://lnkd.in/gHWgcR65 #CyberSecurity #SoftwareSupplyChain #NationalSecurity #Australia #CriticalInfrastructure #OpenSource #SUSE Thanks to Jessica Vas, Santiago C., Hak Beng Ng, Derek So, RahulKrishna Gupta, Mikhail Nikitin, Joel Sequeira and Koichi Shikata for their support with this.

37

A lack of digital maturity is holding Australian businesses back from realising the benefits of #AI for #cybersecurity, according to #ManageEngine, an IT security, operations, and service management software firm.

1

It was a pleasure to deliver a talk last week at The Future Generation Enterprise Architecture (FGEA) Symposium hosted by ACS (Australian Computer Society) and organised by Asif Gill. I focused on data trust at scale, challenging some conventional views on data quality in distributed, at-scale, AI-amenable environments. Some lessons come from CSIRO's Data61 technology powering data.gov.au, the early years of hosting the Data Standards Body for Australia's Consumer Data Right (e.g. open banking), and cross-organisation/border/supply chain data flow projects, not to mention the science and tech development for data/AI safety. Here are a few key points and selected slides: 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠 𝐃𝐚𝐭𝐚 – 𝐁𝐞𝐲𝐨𝐧𝐝 𝐁𝐢𝐚𝐬 𝐚𝐧𝐝 𝐑𝐞𝐩𝐫𝐞𝐬𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧 * Distributed Trust: Ensuring data integrity across various organisations or on-device data without direct oversight. * Zero Trust: Unsupervised learning from online wild data is susceptible to data poisoning attacks and can't be easily cleaned up. * Trusted "License": It's about data rights and value redistribution, not just ownership or copyright. * Trusted Artificial: Synthetic data can be useful, but when should we trust it? 𝐓𝐞𝐬𝐭𝐢𝐧𝐠/𝐕𝐚𝐥𝐢𝐝𝐚𝐭𝐢𝐨𝐧 𝐃𝐚𝐭𝐚 – 𝐁𝐞𝐲𝐨𝐧𝐝 𝐇𝐮𝐦𝐚𝐧 𝐅𝐞𝐞𝐝𝐛𝐚𝐜𝐤 𝐚𝐬 𝐭𝐡𝐞 𝐆𝐨𝐥𝐝 𝐒𝐭𝐚𝐧𝐝𝐚𝐫𝐝 * Trust in Evaluation Data: Accidental data leaks can invalidate testing outcomes, so tread carefully. * Trust in Human Feedback: Often unreliable, using human feedback necessitates nuanced evaluation. 𝐒𝐲𝐬𝐭𝐞𝐦-𝐋𝐞𝐯𝐞𝐥 𝐃𝐚𝐭𝐚 - 𝐁𝐞𝐲𝐨𝐧𝐝 𝐌𝐨𝐝𝐞𝐥 𝐃𝐚𝐭𝐚 * Trusted Knowledge: It’s not just about training data. Addressing inconsistencies within your inference-time data sources and between external knowledge and AI knowledge is crucial. * Trusted Trade-off: It’s never about single-dimension optimisation. Balancing privacy, fairness, and accuracy requires stakeholder involvement before and after deployment in context. * Trusted Provenance: Ensuring data provenance throughout its lifecycle is essential to combat low-quality decision and misinformation. Feel free to reach out to me as we are seeking government and industry partners to further the research in these areas.

97

6 Comments

TL;DR: Cloud disasters strike at any moment, often when you least expect it. 💸 This summer's CrowdStrike outage will end up costing Fortune 500 companies alone more than $5 billion in losses. ❌ Unisuper and Google Cloud made headlines when an inadvertent misconfiguration during the provisioning of their private cloud services led to the deletion of their entire private cloud subscription. (That left 620,000 members without access to their accounts for more than a week). How can you avoid a similar cloud disaster? Next Thursday, join our CEO, Ido Neeman, as he dissects high-profile incidents to explore what went wrong, and how your business can learn from these costly mistakes. Register now for our fireside chat with DZone on November 21st, and get a masterclass in cloud resilience in the process: https://lnkd.in/gqnNSKht

34

Why relying on a single big offshore vendor for all digital needs is a bad idea. $135bn UniSuper fund had it’s total Google Cloud data - including Google’s backup - deleted by Google itself: “UniSuper had duplication in two geographies as a protection against outages and loss. However, when the deletion of UniSuper’s Private Cloud subscription occurred, it caused deletion across both of these geographies." Every cloud service keeps full backups, which you would presume are meant for worst-case scenarios. Imagine some hacker takes over your server or the building your data is inside of collapses, or something like that. But no, the actual worst-case scenario is "Google deletes your account," which means all those backups are gone, too. Google Cloud is supposed to have safeguards that don't allow account deletion, but none of them worked apparently, and the only option was a restore from a separate cloud provider (shoutout to the hero at UniSuper who chose a multi-cloud solution).”

40

8 Comments

In a time of an increasing volume cyber-attacks, the Bureau of Meterology an Australian Government website still doesn't support HTTPS. 🔓 Sure most of the weather information is non-sensitive but is this acceptble for a government website in 2024? Who knows what backdoor API, or authentication data in plain text is lurking deep within our treasured rain-radar . . . 🤔 🌧 💻 To read up on the differences and security gaps between http and http-ssl/tls, have a read of this article: https://lnkd.in/gy7M7WZF

10

10 Comments

I'll be at AGE next week to discuss the future of AI in regulated industries. Successful IT deployments have always sought to leverage the strengths of innovation while mitigating the risks of new technology. AI introduces ongoing uncertainty, which can be viewed as risk, or more correctly as a new breed of IT which is fundamentally probabilistic and hence needs to fit within robust system frameworks. Gaming operators understand probability, and this sets them up well to safely take advantage of AI technology. How can operators cost effectively address ‘law of averages’ and ‘big number’ considerations? Lessons in quality assurance, regulatory supervision, and system design all carry over. See live demos of Xailient joint solutions at Booth 390: https://lnkd.in/gWcnq8gF

20

Australia's critical infrastructure landscape is undergoing a seismic shift. Recent reforms to the Security of Critical Infrastructure Act 2018 have dramatically expanded its scope from 4 to 11 sectors, introducing stringent new obligations for many organizations. With mandatory cyber incident reporting deadlines as short as 12 hours and comprehensive risk management program requirements, the stakes for compliance have never been higher. These changes herald a new era of critical infrastructure protection but also present significant challenges for affected entities. As cyber threats continue to evolve and geopolitical tensions rise, the urgency to adapt cannot be overstated. Senior executives must act swiftly to understand their new obligations, enhance security capabilities, and implement robust compliance processes. With enforcement set to ramp up from July 2024, the time to prepare is now. Download our full report to gain crucial insights and recommendations for navigating this complex regulatory landscape. AI Governance: https://lnkd.in/g5tGca6B Cybersecurity Governance: https://lnkd.in/g8rzauqh Pathfindr.ai Technics Publications Steve Hoberman, DMC #AIGovernance #ResponsibleAI #AICompliance #EthicalAI #AIPolicy #cybersecurity #cyberleadership #riskmanagement #dataprotection #cyberstrategy

4