Over the past several weeks, I’ve attended a few conferences where cybersecurity is making waves in new ways for enterprises. It is really refreshing to see, as cybersecurity is one place that enterprise vendors have needed to spend more time, but to be fair is a very complicated space to navigate.
CIO water cooler talk
As CIOs continue to navigate the confusing macroeconomic conditions, there are glimmers of hope on the horizon. The question is: How quickly will stability present itself and provide comfort to IT orgs in order to start spending again? There is a ton of pent-up demand to invest in a myriad of areas and CIOs are waiting on the sidelines to pull the trigger.
As mentioned in last week’s CIO In The Know newsletter, generative AI is one area that is getting considerable attention. There was a lot of conversation after the newsletter came out about how enterprise IT organizations are consuming generative AI.
At the same time, enterprises are identifying risks to using generative AI and putting up guardrails to protect their interests. The guardrails range from flat out blocking access to ChatGPT and other tools to more sophisticated policies around limiting use to areas outside of development and intellectual property.
Also in last week’s newsletter, I mentioned that many organizations are looking more toward consuming generative AI through incumbent, already-installed solutions versus using it as a core building block. It is the difference between using AI primitives versus integrated solutions. Enterprise IT organizations are struggling to amass the talent needed to truly consume primitives.
To that end, we are already seeing how companies like SAP, Microsoft and Cisco are bringing generative AI to the table within products. At Microsoft Build, Microsoft demoed how their co-pilots are helping in a myriad of ways. One demo showed how developers can use a co-pilot within the developer’s IDE to write better code and faster. At CiscoLIVE, Cisco demonstrated the ability to use natural language to establish network policies: Something like ‘Give Tim access to ACME application’. The system would then understand which devices needed to change, which policies needed to change and who needed to authorize or be notified. This kind of automation without prior configuration is very impressive.
In a related vein, geopolitics continue to weigh on CIOs through new regulatory requirements, sovereignty laws and general instability. Newly proposed legislation along with geopolitical instability are creating a nexus of concern around the limited flexibility in deployed systems along with the data they manage. This, in-turn, is opening the door to conversations that historically were challenging to have due to the amount of work, risk and costs involved. This will be a core space to watch in the coming few months to quarters.
The intersection of cybersecurity, data and now generative AI
Back to cybersecurity… Cybersecurity and data have long since been good bedfellows. The advent of generative AI is bringing a whole new opportunity to leveraging data for security purposes.
This trend has been evolving very quickly over the past few quarters as vendors start to get their arms around a) how to leverage generative AI and b) warm customers up to the idea of using it. That second part is actually harder than many perceive and requires a bit of trust in doing so.
At AWS re:Inforce, there was quite a bit of conversation about ‘zero trust’. Zero trust is not a new concept and many include ‘trust, but verify’ as part of their zero trust mantra. However, the conversation at re:Inforce was focused on changing the zero trust mantra to ‘verify, then trust’. The reasoning is that today’s world is a dangerous one and the true meaning of zero trust is needed.
Across the board, there has been a trend welling up where enterprise CIOs are desperately looking for a new approach to cybersecurity. Spending more, bringing more products in-house, adding to the CISO organization may all seem like fine solutions. However, CIOs are asking how far they should go as there are downsides to adding more products and costs to the environment too. Many believe it is time to rethink how they approach cybersecurity.
It seems the cybersecurity space is ripe for a renaissance. Are vendors ready to deliver it? Are customers ready to consume it? I expect to see more innovation coming out in the next few quarters.
I joined fellow independent analysts as part of the Independent Analyst Council (IAC) for a quick rundown of AI, Data, IBM Think and more.
In addition, I recently participated in a webinar with SAP on Modernizing ERP: Go from Running Your Business to Innovating Your Business.
On the webinar, I share why and how enterprises are and should consider modernization of their ERP. ERP is a complicated space, but critical for how companies need to operate moving forward. As mentioned above, factors are now pushing ERP changes to the forefront of strategic planning.
The webinar is available on-demand here:
What’s your take?
There was a lot of follow up conversation to the last newsletter around the four areas of technology investment. If you missed it, be sure to take a look.
Now it’s your turn. I’d love to hear from you and your perspective.
Be sure to subscribe to the CIO In The Know newsletter, CIO In The Know podcast and CxO In The Know podcast to ensure you do not miss an update. Also, if there are others you think would this newsletter valuable, please forward them a copy and encourage them to subscribe.
Originally posted on LinkedIn: https://www.linkedin.com/pulse/cio-know-2023-finally-start-renaissance-cybersecurity-tim-crawford
#CIO #CIOitk #CxOitk #newsletter #risk #cybersecurity #CISO #ERP #zerotrust #finops #gpt #ai #generativeai #LLM #LLMs #innovation #macroeconomic #podcast #newsletter