Plus: Why AI Integration Is Actually About Trust |
| While AI is a technology, it can sometimes feel like it’s a race. Companies are under constant pressure to add AI applications to their enterprise systems. And it seems that on a daily basis, another company is announcing newer capabilities, faster processing, more tailored ideas and ever-more nuanced responses. Accenture, which focused its annual Technology Vision report on AI, homed in on the speed the technology is spreading, the autonomy AI is beginning to take on, and the deep need for trust in order to use it. The report looked at the “binary big bang” that AI technology brings to the enterprise—69% of executives believe it brings more urgency to enterprise system reinvention—but also focused on trust. More than three quarters of executives said AI’s true benefits will only be realized when the systems are built on a foundation of trust. And eight in 10 said trust strategy needs to evolve in parallel with technology strategy. Customers and employees who work with AI-enabled enterprise systems need to feel that they can trust the systems to be accurate and consistent. They want to easily find where the information came from, and it’s important they feel like the system is using AI responsibly. In its report, Accenture likens trust of an AI system to a parent’s trust of their children. As children grow and mature and take on more autonomy, parents need to trust them more—something they can do based on how they taught their children to act. AI systems are trained based on the guardrails and rules an enterprise establishes for them. The enterprise not only needs AI to work from accurate information that can be trusted, but it also needs to have appropriate guardrails. On the customer side, trust can be built through accuracy, but also through transparency. A potential customer may feel cheated if they discovered the agent they just chatted with was an AI bot after the fact, or that product images were not actual photos, but generated by AI. Trust is not merely “a consideration for businesses—it is the consideration,” the report states. While there are fairly straightforward ways to bring an AI platform to your enterprise, there’s no definitive way to build trust in it. This will differ depending on the company, its industry, its employees and the way AI is used. And unlike the age-old trust needed between company, employee and customer, this kind of trust resides solely in the way AI is set up and executed. So as companies move quickly into the future, developing AI solutions for their work—the Accenture report has forward-looking timelines that predict AI agents will be the primary users of enterprise digital systems by 2030, more than half of Fortune 500 companies will have autonomous supply chain management systems by 2030, and humanoid robots will address worldwide labor shortages by 2035—it’s important to build that trust now. A company that neglects the human side of AI integration could risk falling behind this timeline. Threat actors and attacks are always evolving, making cybersecurity a constant and ever-changing task. I talked to Sam Rubin, senior vice president of consulting and threat intelligence at Unit 42 by Palo Alto Networks, about what to expect in 2025 and how to prepare your systems. An excerpt from our conversation is later in this newsletter.
If you like what you read here, you can easily share it online and on your social media pages. This newsletter, and all previous editions of Forbes CIO, can be found on our website here. |
|
| In today’s CIO newsletter: |
|
| At CES last week, Nvidia CEO Jensen Huang used his time as a keynote speaker to introduce many new initiatives from the company known for its AI chips. In the week since, reporters and analysts have examined just what those new programs can do. One of Nvidia’s lesser-known efforts is their Cosmos physical AI model, which can bring a new and different understanding of the world in a warehouse or factory. Forbes senior contributor Patrick Moorhead attended a briefing about a partner initiative between Nvidia, Accenture and supply chain automation company KION that brings Cosmos to warehouses in order to optimize operations. “The fundamental idea of Cosmos is a model that understands the physical world like ChatGPT understands information and language,” Huang said at the briefing. Cosmos, which is an open model, has been trained on 9 million parameters, Huang said, allowing the system to create a detailed “digital twin”—or a digitized model of a physical system. Through this partnership, KION is digitizing physical information from warehouses. Nvidia’s Cosmos creates the digital twin, and Accenture uses its expertise to define and manage KPIs. It sets the stage for optimized planning for robotics and automation, too. At the briefing, Accenture CEO Julie Sweet said this technology can cut warehouse planning time in half, as well as reduce ongoing manual labor and operating costs by 50%. Nvidia is also getting into an area that is more familiar to most CIOs with Project Digits, its first personal AI supercomputer. Forbes senior contributor Janakiram MSV writes this machine, with a price tag starting at $3,000, targets developers and data scientists looking to build and customize generative AI platforms. But it can also be used by software vendors to run AI software at a customer location, enhancing privacy and confidentiality by reducing reliance on the cloud. The computer, which runs on Nvidia’s Grace Blackwell Superchip, is optimized for high-speed processing, power efficiency, and rapid response to complex queries. |
|
| Everyone needs to follow the rules, even the people who made them. Last week, the EU General Court found that wasn’t the case, ruling against the European Commission for failing to comply with GDPR protection regulations. It wasn’t a huge case; Forbes senior contributor Emma Woollacott writes the Commission was ordered to pay one person €400 in damages after his privacy was potentially breached while registering for an EC event in 2022. During event registration, the person chose to use his Facebook account to authenticate his login, and his data ended up on Meta-owned servers in the U.S., where it could potentially be accessed. (At the time, the EC hadn’t recognized the U.S. as having adequate protection on its servers for personal data of EU citizens.) “The individual concerned suffered non-material damage, in that he found himself in a position of some uncertainty as regards the processing of his personal data, in particular of his IP address,” the court said in a statement. So far this is the only claim of this kind, but Joe Jones, director of research and insights at the International Association of Privacy Professionals, said it could set the stage for many more minor GDPR claims. |
|
| After arguments before the Supreme Court last Friday, many expected the high court to uphold the federal government’s ban or forced sale of TikTok this morning. No decision came down on the case, and it appears to be the high court’s last release of opinions or orders until next week, after the January 19 effective date of the law. After oral arguments last week, it seemed the Supreme Court was prepared to uphold the law. Justices said they could see the national security reasons for it, which passed Congress with bipartisan support because the Chinese government has used data generated by the popular social app to spy on some Americans. And without any ruling from the Supreme Court indicating something else needs to happen or a speedy sale to a U.S.-friendly entity, TikTok will be dropped from app stores and U.S. hosting platforms starting on Sunday—though both President Joe Biden and President-elect Donald Trump are reportedly considering ways to delay its effective date. Reports this week indicated that China is considering selling the app to Elon Musk, who bought then-publicly traded Twitter for $44 billion in 2022. Billionaire investor, entrepreneur and former Los Angeles Dodgers owner Frank McCourt has made a bid to buy the app through an entity he owns known as Project Liberty. While TikTok owner ByteDance has said the app was not for sale, Forbes’ Phoebe Liu and Matt Durot talked to several analysts about how TikTok might be valued if a sale would take place. |
|
| | | Palo Alto Networks Unit 42 Leader Details Cybersecurity Outlook For 2025 |
|
|
|
| As the calendar advances, so do the technological abilities of bad actors trying to breach your systems. I talked to Sam Rubin, senior vice president of consulting and threat intelligence at Unit 42 by Palo Alto Networks, about what to expect on the cybersecurity front in 2025, and how to prepare for it. This conversation has been edited for length, clarity and continuity. What is your overview for threats that are to come in 2025? Rubin: I think we’re at a very interesting time as it relates to threat actors adopting gen AI and integrating that into how they’re using it as a tool to attack organizations. What do you predict in terms of threat actors using gen AI? Is this something that is up and coming, or that you’ve seen starting? I would put it in this sort of experimental mode. It’s being used. We see it in the phishing message that is so well-crafted, and targeted and specific to that organization and that individual. We see it in the deepfake attacks that use [the] voice of an employee targeting the help desk for social engineering. There’s been some great research from OpenAI, where they have known nation states—North Korea, Iran, Russia, China—using their platform to do reconnaissance and research. In addition to that, we have a red team. Our penetration testers are hackers that are hired to help do this by organizations. We are starting to use it as well, and we’re using it for resource development, building the infrastructure and the tools that we can use to hack organizations. You know that the threat actors are doing this as well. You said in 2024, the intertwined nature of business made a lot of cybersecurity events much larger, in terms of the number of people who are impacted. Do you see that as a defining feature going forward in 2025? Yes, absolutely. It’s the software supply chain that we all rely on, and there’s a couple of facets here. More and more we rely on a handful of SaaS applications and platforms to operate digitally. Most software is made up of open source components, and a lot of these open source components are made up of a series of other open source components. Think of it like a nested Russian doll. It’s very hard, and oftentimes just not done, [to] understand the full build of materials of the different software components that are incorporated into the software you’re using. When there’s a vulnerability in a part of that chain, it creates a weakness in the entire ecosystem. And then when there’s applications that are widely used, they're all of a sudden thousands or tens of thousands of vulnerable organizations as a result. Knowing what you know about the threat landscape in 2025, what would you suggest that a CIO or a CISO do to get ready? The first is visibility. The second one is simplicity, or eliminate complexity. And the third one is have the right experts either on your team or at your call. On the visibility side, it’s being able to see the entire estate so you can view what’s going on. When we do incident response and come in after something bad has happened, you can almost always find things in the logs, but the systems are so big, there’s so much data that the organizations aren’t able to operationalize it to see the signal and the noise. If you are leveraging systems that are less complex, that are consolidated, that bring in best of breed technology like AI and automation, it enables you to see what’s going on and empower your team to take action early before things escalate to a major incident. It’s still going to take that level of cybersecurity expertise. Whether an organization can have those resources internally or they have an external party like Unit 42 on speed dial, you need the experts. A lot of organizations will outsource certain parts of their security operation function for a team that’s doing something like managed detection response. And certainly they’ll have a team on call for a retainer in case they need to pull the fire alarm. |
|
|
| The Justice Department and FBI confirmed in a statement this week that they remotely deleted a version of PlugX malware they said was created by Chinese threat actors. |
|
4,258 | U.S. computers from which the FBI deleted the malware | |
| 9 | Warrants the Justice Department and FBI received in order to perform this operation | |
| ‘They did not otherwise impact the legitimate functions of, or collect content information from, infected computers’ | The law enforcement statement says about the operation |
|
| People of different ages and experience levels look at work in their own ways. As new Generation Z college grads join your team, here are some tips for coaching them. Is 2025 the year you build your personal brand? Here are three steps to create one that is authentic and differentiated. |
|
| | From a lawsuit accusing him of securities fraud to having his X posts monitored by the British Homeland Security Group, Elon Musk is currently facing several serious controversies. But there’s also a less serious controversy percolating about the world’s richest man. What is it? | | A. | Whether a custom-made T-shirt with Gothic style lettering that he wore to Mar-a-Lago says “Dark MAGA” or “Dank MAGA” | | B. | If he’s actually good at playing video games | | C. | He spent an entire day debating which floor of a Washington, D.C. federal office building to establish offices for DOGE, based on the view | | D. | Whether he started drinking Diet Coke as a way to impress Trump, a well-known lover of the beverage |
| | Check if you got it right here. |
|
|
