Kategorie

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today. "It has been observed to

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today. "It has been observed toNewsroomhttp://www.blogger.com/profile/[email protected]

IT leaders face a multitude of major hurdles to the effective adoption and scaling of generative AI (genAI), including a talent shortage, poor data quality, lack of comprehensive AI governance, and risk mitigation and control.

Through 2025, at least 30% of genAI projects will be abandoned after organizations perform a proof of concept (POC) due to these and other challenges, according to a report by Gartner Research.

Escalating costs and unclear business value are other leading causes of genAI project failure, according to Gartner.

In a research paper on the 10 best practices for scaling generative AI across the enterprise, Gartner advised that in order to be successful, organizations must prioritize business value and focus on AI literacy and responsible AI. Organizations should also nurture cross-functional collaboration and stress continuous learning to achieve successful outcomes.

Gartner

Arun Chandrasekaran, a Gartner distinguished vice president analyst, said the greatest challenges facing organizations in genAI projects is the poor quality of existing data, integrating relevant data into genAI workflows, and governance of AI systems.

Many companies are already taking steps to ensure successful genAI projects. By 2027, more than 50% of enterprises will have implemented a responsible AI governance program to address the risks of genAI, up from less than 2% today, according to Gartner.

Chandrasekaran and other experts have long called out the fact that data hygiene, categorization, and security are lacking in most organizations. When poor data quality is combined with a genAI large language model (LLM) — well, garbage in, garbage out. GenAI platforms are little more than next-word, image or line-of-code prediction engines, so they generate responses based on the data they’ve been fed.

A lack of talent and inherent risks

Other causes of genAI problems include ineffective prompt engineering (the training up of LLMs), inadequate chunking or retrieval in Retrieval-Augmented Generation (RAG), and the complexity involved in fine-tuning an AI model.

“It is clear that a deficit in AI skills and expertise is adversely affecting enterprises,” Chandrasekaran said.

James Briggs, the founder and CEO of AI Collaborator, an AI managed service provider that assists businesses in AI implementation, agreed the top issue for most organizations is a lack of talent that can help implement, monitor, and continue to manage a genAI project. There are also a growing list of risks associated with deploying AI.

“Those [risks] include transparency, governance, and fairness issues that might arise when AI applications aren’t built on a solid responsibility framework,” Briggs said.

But as with any new technology, genAI comes not only with inherent risks but the potential to amplify existing ones. For example, poor or improper integration of genAI tools with other enterprise systems can lead to vulnerabilities, such as unsecured data and back doors.

Bad actors can leverage AI tools to rapidly spread misinformation and deepfakes, which can alter public opinion, according to business consultancy Deloitte.

There are also new and older regulatory risks that organizations rolling out genAI must consider, such as the National Institute of Standards and Technologies’ (NIST) proposed AI Risk Management Framework and new EU regulations for general-purpose AI systems.

Struggles also include mitigating genAI bias and outright hallucinations, where a genAI tool goes completely off the rails when creating a response to a user prompt.

“Furthermore, IT leaders remain concerned regarding the protection of their data, mindful of the ambiguously defined boundaries of model training and the potential legal liabilities,” Chandrasekaran said.

Because it’s so difficult to get the right genAI talent in the enterprise, startups who offer tooling to make it easier to bring genAI development in house will likely see faster adoption, according to Andreesen Horowitz, a venture capital firm that recently released a study on AI adoption.

Costs are high, but companies believe genAI benefits outweigh risks

The initial costs of genAI projects are negligible, according to Chandrasekaran, but they can quickly escalate as use cases expand, exacerbated by poor architectural decisions, a lack of expertise in inferencing optimization, and insufficient change management, thereby increasing the total cost of ownership of genAI.

Andreesen Horowitz recently spoke with dozens of Fortune 500 firms and their top enterprise leaders, and surveyed 70 more organizations, to understand how they’re using, buying, and budgeting for generative AI.

“We were shocked by how significantly the resourcing and attitudes toward genAI had changed over the last six months,” the firm said in a new report. “Though these leaders still have some reservations about deploying generative AI, they’re also nearly tripling their budgets, expanding the number of use cases that are deployed on smaller open-source models, and transitioning more workloads from early experimentation into production.”

Andreessen Horowitz

Simply having an API to a model provider isn’t enough to build and deploy generative AI solutions at scale, according to Andreesen Horowitz. It takes highly specialized talent to implement, maintain, and scale the requisite computing infrastructure.

“Implementation alone accounted for one of the biggest areas of AI spend in 2023 and was, in some cases, the largest,” Sarah Wang, an Andreessen Horowitz general partner, stated in a blog post. “One executive mentioned that LLMs are probably a quarter of the cost of building use cases, with development costs accounting for the majority of the budget.”

Two separate surveys conducted last year by Gartner revealed that 78% of nearly 4,000 IT leaders surveyed believed genAI benefits outweigh the risks of implementing the tech. Because of the high cost of implementation, however, getting genAI deployments right the first time is critical to their success.

Another significant challenge for GenAI projects is demonstrating a strong return on investment (ROI). “The reality is that many organizations do not observe a financial return, compounded by difficulties in defining the ROI for AI initiatives in the first instance,” Chandrasekaran said.

Measuring the value of genAI implementations is “very specific to a use case, domain or industry,” Chandrasekaran said. “The vast majority of improvements will accrue to leading indicators of future financial value, such as productivity, cycle time, customer experience, faster upskilling of junior people, etc.”

Determine potential benefits up front

The first step in the genAI journey is to determine the AI ambition for the organization and conduct an exploratory dialogue on what is possible, according to Gartner. The next step is to solicit potential use cases that can be piloted with genAI technologies.

Unless genAI benefits translate into immediate headcount reduction and other cost reduction, organizations can expect financial benefits to accrue more slowly over time depending on how the generated value is used.

For example, Chandrasekaran said, an organization being able to do more with less as demand increases, to use fewer senior workers, to lower use of service providers, and to improve customer and employee value, which leads to higher retention, are all financial benefits that grow over time.

Most enterprises are also customizing pre-built LLMs, as opposed to building out their own models. Through the use of prompt engineering and retrieval-augmented generation (RAG), firms can fine-tune an open-source model for their specific needs.

RAG creates a more customized and accurate genAI model that can greatly reduce anomalies such as hallucinations.

Adoption of genAI by organizations will depend on six factors, according to Andreessen Horowitz:

• Cost and efficiency: The ability to assess whether the benefits of using genAI-based systems outweigh the associated expenses. Handling and storing large data sets can result in increased expenses related to infrastructure and computational resources.
• Knowledge and process-based work: A high degree of knowledge and process-based work vs. only field and physical work.
• High cloud adoption: Medium-to-high level of cloud adoption, given infrastructure requirements.
• Low regulatory and privacy burden: Functions or industries with high regulatory scrutiny, data privacy concerns, or ethics bias are not good candidates for genAI adoption.
• Specialized talent: Strong talent with technical knowledge and new capabilities, and the ability to help transform the workforce to adapt quickly.
• Intellectual property and licensing and usage agreements: Ability to assess licensing/usage agreements and restrictions, establish and monitor related compliance requirements, and negotiate customized agreements with relevant vendors.

Accessing genAI tools through cloud service providers is also the dominant procurement method, “as leaders were more concerned about closed-source models mishandling their data than their [cloud service providers], and to avoid lengthy procurement processes,” Andreesen Horowitz stated.

In order to help enterprises get up and running on their models, foundation model providers offer professional services, typically related to custom model development.

Best practices for deploying genAI

Along with partnering with a service provider, it’s also critical that organizations take steps to prepare for genAI implementations, the most critical of which is prioritizing the upskilling and reskilling of the workforce. That includes training around security and compliance — and ensuring that cloud provider licensing agreements address those concerns as well.

Deloitte’s genAI guide for CISOs recommends that organizations poised to gain the most from genAI adoption implement procedures to evaluate, negotiate, and oversee licensing agreements. Organizations should design methods to monitor genAI tools and set up guardrails or controls to address AI specific risks, such as innate biases.

As software code augmentation is a key use for genAI, companies should have assessment tools and model validation capabilities, as well as threat monitoring and detection that are aimed specifically at genAI models, Deloitte recommends.

“Above all, remember, a road map for Gen AI adoption should include close, constant collaboration for risk stakeholders, including cyber leaders, chief resource officers, an organization’s legal team, and more, to help understand and anticipate the risks,” Deloitte stated.

Research firm IDC’s advice for organizations to prepare for AI rollouts starts with clearly defining business objectives, use cases, and how value will be measured; making “build vs. buy” decisions at a use-case level; and partnering with trusted solution providers. Other steps include getting buy-in from company leadership; assessing and upgrading data infrastructure for AI-readiness; and establishing processes and controls around privacy, security, and responsible AI use.

IDC

GenAI initiatives will need to scale from a few users to thousands, and eventually they should be deployed across the enterprise. Scaling genAI requires a systematic approach to build vs. buy decisions for the many potential use cases in the organization, according to Gartner.

“This upfront decision will have a lasting impact and must be thought through carefully for each use case,” Gartner stated in its report. “Ideally, you want to build when the AI product can give you a competitive differentiation in your industry and when you have adequate skills and know-how for the build process.”

Organizations should run pilots to try new ideas, build muscle memory within the organization for what is or isn’t possible through genAI, and learn by experimentation.

Additionally, Gartner recommends that organizations:

• Design a composable genAI platform architecture. The genAI landscape consists of four critical layers — infrastructure, models, AI engineering tools, and applications. Ensure that your platform architecture is composable, scalable, and embedded with governance up front.
• Put responsible AI framework at the forefront of your genAI efforts by defining and publicizing a vision for responsible AI with clear principles and policies across focus areas like fairness, bias mitigation, ethics, risk management, privacy, sustainability, and regulatory compliance.
• Invest in data and AI literacy, because genAI will eventually be used by all or a large segment of employees. The ability to utilize AI in context with competency to identify relevant use cases, as well as implement and operate corresponding AI applications, is key. Also, partner with HR to set up career mapping clinics and open mic sessions to address the fear, uncertainty, and doubt (FUD) that exists around AI’s impact on skills and jobs.
• Create robust data engineering practices, because GenAI models deliver the most value when combined with organizational data; that includes training AI teams on best practices for integrating models with enterprise data via vector embeddings as well as emerging approaches for efficient fine-tuning. Invest in capabilities like capturing metadata, building knowledge graphs and creating data models.
• Adopt a product approach for genAI where timelines are ongoing and designed to continuously enhance customer value until the service or product is phased out.

Chatbots, Emerging Technology, Generative AI, IT Skills, IT Strategy, IT Training 

Google has agreed to purge billions of data records reflecting users' browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser. The class action, filed in 2020, alleged the company misled users by tracking their internet browsing activity who thought that it remained private when using the "

Google has agreed to purge billions of data records reflecting users' browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser. The class action, filed in 2020, alleged the company misled users by tracking their internet browsing activity who thought that it remained private when using the "Newsroomhttp://www.blogger.com/profile/[email protected]

The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, the United States, Colombia, Portugal, Brazil, Dominican Republic, and

The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, the United States, Colombia, Portugal, Brazil, Dominican Republic, andNewsroomhttp://www.blogger.com/profile/[email protected]

The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals "were lured with employment opportunities to that country but were forced to undertake illegal cyber work," the Ministry of External Affairs (MEA) said in a statement, adding it had rescued 75 people in the past three

The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals "were lured with employment opportunities to that country but were forced to undertake illegal cyber work," the Ministry of External Affairs (MEA) said in a statement, adding it had rescued 75 people in the past three Newsroomhttp://www.blogger.com/profile/[email protected]

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn’t enough – North Korea appears to be using revenue from cyber

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn’t enough – North Korea appears to be using revenue from cyber The Hacker Newshttp://www.blogger.com/profile/[email protected]

GitHub se pochlubil novou vychytávkou pro podnikové předplatitele Advanced Security. AI asistent Copilot jim nyní dokáže automaticky projít zdrojové kódy, najít v nich typické bezpečnostní chyby a rovnou navrhnout opravu. Zatímco Copilot lidsky vysvětlí, v čem je problém, samotnou chybu odhalí ...

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge.

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge.Newsroomhttp://www.blogger.com/profile/[email protected]

Meetings have been problematic for decades. They’re often used as a catch-all solution to unresolved problems. And a chronic lack of meeting discipline means that, for all the time spent getting people together, little is accomplished. 

Now, in a post-pandemic remote work world, where hybrid work and flex work are common, meetings are turning into something like an ongoing crisis at many organizations. They’re harming productivity and causing havoc with employee morale. 

And yet with many remote workers saying they feel disconnected, the misguided consensus is that even more meetings are the answer.

How to connect the disconnected

A happy employee might be found in a home office. But there’s also an elephant in the room. The elephant is that many employees feel isolated, alone and disconnected from the people they work with and the mission of the company. 

It’s more than just a feeling. A recent Gallup survey found that only 28% of remote workers feel a connection to their employer’s mission or purpose, the lowest level since the COVID-19 pandemic.

That sounds like a strong case in favor of back-to-office mandates and against remote work trends. But it turns out only 33% of full-time office workers felt that connection. So, the lack of connection among workers is a problem for remote and in-office workers alike. 

The solution is more meetings, right? Well, not so fast. 

I talked to Molly Sands, who leads Atlassian’s Team Anywhere Lab. (The lab designs evidence-based practices for high performing distributed teams, according to the company’s website.)

“Meetings far and away are the most overused tool,” she said. “People are using them for everything, and they have far too many. This isn’t a new problem.” The problematic nature of meetings seems well understood: 80% of the people surveyed say they would be more productive if they spent less time in meetings, according to Sands. 

“More than half of people are saying they’re working overtime because they have so many meetings that they can’t get their work done during the day…. So this is an efficiency problem for companies.”

And while the overall in-office experience might reduce a feeling of isolation, Sands says there’s no evidence that meetings themselves make people feel more connected. 

Hybrid meetings, less connecting

Part of the problem is the new world of meetings — which tend to happen in real time over videoconferencing tools such Zoom, Cisco Webex, GoToMeeting, Google Meet, Microsoft Teams and BlueJeans — are less connection-enhancing than in-person get-togethers. These tools encourage meetings between people globally, which creates a new problem. 

The demand for two, several or many people to devote the same range of time to a real-time meeting is a major problem. It burdens some employees over others, depending on their time zone. (That 2 p.m. call for California is a 10 p.m. call for Germany — and a 6 a.m. call in Japan.)

And it undermines the goal of flex work, which is key for employee satisfaction. An employee working from home and needing a flex-work schedule isn’t getting that flexibility if half the day involves scheduled, real-time meetings. 

Another way the remote work revolution has affected office work is that, even for people in offices, a much larger percentage of meetings are with colleagues not present in the room. In-office workers now spend most of their time collaborating with co-workers who are not physically present. 

The result: office and remote workers alike feel increasingly disconnected while simultaneously being burdened by meetings. 

Sands’ research found that, in addition to a couple of short update meetings each week, the key to success is asynchronous written and video communication, focused on priorities and recognition. (The video communication took place using Atlassian’s Loom tool, with which people can record a video to overlay on desktop screens, presentation material and other content, then send to be viewed later when the recipient has time. Loom is an amazing tool, which Atlassian explicitly markets as a powerful way to replace some meetings. It gives the psychological impact of an in-person meeting without the need to sync up in real time and waste time on frequent and long meetings.)

Asynchronous video greatly reduces the burden of real-time meetings while providing many of the psychological benefits. It offers the time flexibility of email with the personal visual satisfaction of video calls. 

More to the point: “There are a lot of better ways now that new technologies have unlocked for us to share information, to connect,” says Sands.

The best part, in my opinion, is that we’re just getting started. 

Augmented or virtual meeting spaces?

Augmented reality and spatial computing promise to create an even better sense of connection through holographic avatars. That means many of the interactions in offices that do foster a sense of connection become possible just about anywhere. The “pop-in” can be replaced by the “pop-up” hologram. Those water cooler conversations and spontaneous collaboration and brainstorming can take place in virtual spaces. 

Artificial intelligence (AI) tools promise to revolutionize internal communication, helping organizations engender a sense of connection among employees, overcome communication barriers and surface the right data from organizational communication for better decision-making. 

The ability of generative AI (genAI) tools to slice and dice content means that communication can be served up to match recipients  learning styles, informational needs and specific languages. A single missive from a manager can be received by one employee with detailed complexity, another as bullet points, yet another as a spoken-word “voice mail.” 

AI can help break down silos and share more information from across an organization without overburdening employees with time consuming meetings. 

GenAI tools can also hoover up large bodies of back-and-forth information within an organization and perform sentiment analysis detailing for information managers and business leaders any points of frustration, confusion or lack of direction. AI tools can even tap into the communication hive mind and offer up micro-learning sessions for employees who are not understanding something.

It’s time for a total re-think on meetings

The bottom line is that now is a perfect time to reconsider every aspect of the meetings that happen every day at your company. They are now way too frequent, way too long and way too ineffective. It’s time to move to asynchronous and advanced forms of communications offered by a raft of new tools and new management practices.

Your overburdened, over-scheduled  employees will thank you.

Employee Experience, IT Strategy, Remote Work

**Až 60 % phishingových domén existuje méně než 10 minut **Safe Browsing vás kontrolou lokálního seznamu neochrání **Chrome proto kontroluje weby oproti databázi na serveru

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads that are decrypted

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads that are decryptedNewsroomhttp://www.blogger.com/profile/[email protected]

The global outage that last month prevented McDonald’s from accepting payments prompted the company to release a lengthy statement that should serve as a master  class in how not to report an IT problem. It was vague, misleading and yet the company used language that still allowed many of the technical details to be figured out. 

(You know you’ve moved far from home base when Burger King UK makes fun of you— in response to news of the McDonald’s outage, Burger King played off its own slogan by posting on LinkedIn: “Not Loving I.T.”)

The McDonald’s statement was vague about what happened, but it did opt to throw the chain’s point-of-sale (POS) vendor under the bus — while not identifying which vendor it meant. Classy.

The statement, issued shortly after the outage began — but before it had ended — said: “Notably, this issue was not caused by a cybersecurity event; rather, it was caused by a third-party provider during a configuration change.” A few hours later, it quietly changed that sentence by adding the word “directly,” as in “was not directly caused by a cybersecurity event.”

That insert raised all kinds of issues. Technically, it meant that there absolutely was a “cybersecurity event” somewhere — presumably not affecting McDonald’s or its POS provider — that somehow played a role in the outage. The most likely scenario is that either McDonald’s or the POS provider learned of an attack elsewhere (quite possibly multiple attacks) that leveraged a POS hole that also existed in the McDonald’s environment.

One of the two then decided to implement an emergency fix. And due to insufficient or non-existent testing of the patch, the company’s systems crashed. That would explain how the outage could have been indirectly caused by a cybersecurity event.

Let’s go back to the statement, where we find more breadcrumbs about what likely happened. In it, McDonald’s Global CIO Brian Rice said: “At approximately midnight CDT on Friday, McDonald’s experienced a global technology system outage, which was quickly identified and corrected. Many markets are back online, and the rest are in the process of coming back online. We are closely working with those markets that are still experiencing issues.”

Initially, those sentences would appear to have a contradiction. One sentence said the outage was “quickly identified and corrected” and the next says that many markets are still offline. If it had actually been quickly corrected, why were so many systems still offline at the time of the statement? 

The answer that seems to explain the contradiction is DNS. That would explain how the problem could have been “corrected,” but the correction had not reached everyone yet. DNS needs time to propagate and given the far-flung geographies affected (including the United States, Germany, Australia, Canada, China, Taiwan, South Korea and Japan), the one- to two-day delay that hit some areas is just about what would be expected with a DNS issue.

As for throwing a vendor under the bus, consider the chain’s second update, which said: “In the coming days, we will be analyzing the issue and pushing for accountability across our teams and third-party vendors.” That’s fine. But the day before, the statement said that the outage “was caused by a third-party provider during a configuration change.”

The incident was only hours-old and the company wanted to be clear that it was the vendor’s fault. Methinks, Ronald, thou doth protest too much. Who hired the vendor? Whose IT team was managing that vendor? Did the McDonald’s IT team tell the vendor to fix it immediately? Was there an implication that if they cut a few procedural corners to make it happen, no one would ask questions? 

This line might be warranted if the third-party went renegade and made changes itself without asking McDonald’s. But that seems highly unlikely. And if it were true, wouldn’t McDonald’s have said so directly? Also, there’s a certain oddness to throwing someone under the bus while keeping the company’s identity secret. You don’t get points for blaming someone and then not saying who is being blamed. 

Then there is the franchisee factor at play here. McDonald’s doesn’t own many of its restaurants, but it does impose strict requirements, which includes that they have to use McDonald’s chosen POS system. (♩ ♪ ♫ ♬You deserve a break today, so we broke our POS, you can’t pay!♩ ♪ ♫ ♬)

Note: Computerworld reached out to McDonalds for comment hours after the initial statement was issued. No one replied. 

Mike Wilkes, director of cyber operations at The Security Agency, was one of several security people who saw DNS as the most likely culprit. 

“This looks like it was a DNS failure that turned into a global outage, a configuration error,” he said. “It was probably an insufficiently tested patch or a fat-fingered patch.” Wilkes noted that the outage did not impact the McDonald’s mobile app, which — if true — is another clue to what happened. 

Part of the delay was not merely that DNS needs time to propagate, but that McDonald’s would have needed to send the change via different DNS resolvers. “This was likely a DNSSEC (Domain Name System Security Extensions) change intended to improve their security.”

Wilkes also suspected that a TTL (time to live) setting played a role. “No one likely had time to lower the TTL to have a recovery time of five minutes,” he said, which would further explain the lengthy delays.  

Terry Dunlap, co-founder and managing partner of Gray Hat Academy, also believed the McDonald’s outage appeared to be an attempt to quickly block a potentially imminent attack. “They were saying ‘Give me a life vest. I don’t want to be drowned by the wave that is coming.’”

More strategically, Dunlap was not a fan of the statements McDonald’s issued.

“It’s much better to be proactive and as detailed as possible upfront,” he said. “I don’t think that the statements conveyed the level of warm and fuzzies needed. I would recommend going into more details. How did you respond to it? Why did it happen? What impacts have occurred that you are not telling me? (The McDonald’s statements) create more questions than answers.”

This appropriately raises yet again the enterprise risk coming from third-parties — especially those who, as might be the case with McDonald’s, act on their own and cause problems for the enterprise IT team. 

“Every company is being flyspecked for their third-party risk management right now,” said Brian Levine, a managing director with Ernst & Young (EY). “Third-party risk management is increasingly being put under the microscope today by courts, regulators and companies.”

McDonald’s did not initially file an SEC report on the incident. Given that Wall Street did not react in any serious way to the McDonald’s outage, it’s unlikely McDonald’s would consider the outage material. As for the third-party POS provider, it’s unclear whether it filed a report as its identity has yet to be confirmed. 

Among the important lessons here for all enterprise IT, is to give careful thought to outage statements. Anything beyond, “Something happened. We are investigating and will report more once facts are known and verified” is going to leave clues. 

Vague implications are not your friend. If you are ready to say something, say it. If you are not, say nothing. Splitting the middle as McDonald’s did won’t likely serve your long-term interests (not unlike eating McDonald’s food). But at least a quarter-pounder tastes good and is filling.

The McDonald’s outage statement was neither.

Data Center, Mobile Payment, Networking, Security

A Linux version of the multi-platform backdoor malware called DinodasRAT has been spotted in cyberattacks across several countries. The malware, also known as XDealer, is a C++-based threat that can harvest sensitive data from compromised systems.