Is the Promise of GenAI Buckling Under the Weight of Economic Realities?
Story by Shane Snider
Key Points:
A Goldman Sachs report says investments in AI will reach $200 billion by the end of the year. According to research firm IDC, enterprises are expected to spend more than $40 billion in GenAI in 2024.
Just days before the August 5 stock market drop that wiped out $1.3 trillion in market capitalization, NVIDIA had announced that its AI chip that would power data centers would be delayed by three months because of a design flaw.
The bad news converged with other tech sector woes, including a global IT outage that shut down critical services and took days to remedy. CrowdStrike, the cybersecurity firm at the center of the outage, saw its share prices drop 44% in July.
On the vendor side, AI Infrastructure spending is happening, despite economic headwinds. Microsoft, Meta, and Google said they spent a combined $40.5 billion on land, infrastructure, and chips to boost their AI services, according to their most recent financial reports.
Money is certainly changing hands, but what is the return on investment for the average enterprise? There’s little evidence to show that GenAI implementation within an organization is causing a windfall of financial gains.
"We are in the early days, and ROI will remain elusive for both customers and vendors while we are in the experimentation phase. Chasing that metric requires an understanding of the value proposition, including willingness to pay, and behavioral changes," Amy Konary, senior vice president at Zuora, tells InformationWeek.
Welcome to InformationWeek's Big Picture!
You already know that every day at InformationWeek brings expert insights and advice to help today’s IT leaders identify the best strategies and tools to drive their organizations forward.
That means original reporting from our team of journalists and unique commentary you won’t see anywhere else! But in case you missed them, here are some of our other must-read favorites from this week:
Will the US-Russia Prisoner Swap Shape the Global Cyber Landscape?
Story by Carrie Pallardy
Key Points:
The cybersecurity community has raised questions about the impact of the exchange as cybercrime out of Russia continues to target businesses and critical infrastructure in the US. At least two convicted cybercriminals -- Roman Seleznev and Vladislav Klyushin -- were among the 24 people involved in the exchange.
Seleznev was convicted in 2017 and sentenced to 14 years in prison for his involvement in a $50 million cybercrime ring. In 2023, Klyushin was sentenced to nine years in prison for his participation in a $93 million hack-to-trade scheme.
“There has to be a conversation … about the damage that will be caused by these individuals. These cyber attackers being released and going back to countries where they are absolutely going to be promoted as heroes and put back into business,” James Turgal, VP of global cyber risk and board relations at cybersecurity advisory and services company Optiv, and a 22-year FBI veteran, tells InformationWeek.
“This involves the whole of society to include businesses in ways that we have not seen [in] state on state competition in the past,” Andrew Borene, executive director for global security at data and intelligence company Flashpoint, tells InformationWeek. “This should serve … as a wake-up call that the C-suite and the boards of directors need to pay attention to not only the cyber risk but also what's happening in the geopolitical picture writ large.”
As the world moves forward through a new cold war, cyberattacks and crime are going to continue playing a role with any enterprise as a potential victim.
Big Tech on the Brink of a Break Up
Story by Shane Snider
Key Points:
The 2020 case -- which combined another case filed by the U.S. Department of Justice and attorneys general from 38 states -- contended that Google held its dominance in the search market by unfairly blocking competitors in violation of Section 2 of the Sherman Act, which outlaws monopolies.
Court documents showed that Google worked hard to maintain its dominance in Android and Apple mobile devices, paying $20 billion in 2022 to be Apple’s preferred search engine. The decision came on the same day the top seven technology companies, Google parent Alphabet included, suffered a historic $900 billion-plus stock drop after a brutal day of trading. Alphabet shares were down more than 4% on Monday.
In his ruling, US District Court judge Amit Mehta wrote, “Google is a monopolist, and it has acted as one to maintain its monopoly … Sure, users can access Google’s rivals by switching the default search access point or by downloading a rival search app or browser. But the market reality is that users rarely do so.”
A second trial is expected to determine potential fixes -- including the possibility of breaking up Alphabet -- which would shake up the tech landscape Google has sat atop for years. The “remedy” phase of the case could be lengthy, potentially involving appeals to the US Court of Appeals, the District of Columbia Circuit, and the US Supreme Court.
Eliminating Technical Debt
Story by Lisa Morgan, CeM, J.D.
Key Points:
Technical debt is an inevitable challenge that has existed since the beginning of IT time, according to Ajay Sabhlok, chief information officer and chief data officer at zero-trust data security company Rubrik. “If it’s taking longer for your teams to address issues, you’ll quickly notice that you are developing technical debt because your technologies and processes are not optimized.” says Sabhlok in an email interview.
Technological advances promise to help. For example, low-code and generative artificial intelligence (GenAI) can reduce the amount of time it takes to create an application, so the time savings can be used for reducing technical debt. However, whether technical debt is addressed or not is a choice.
“To get rid of it or minimize it, you should treat this problem as a regular task -- systematically. All technical debt should be precisely defined and fixed with a maximum description of the current state and expected results after the problem is solved,” says Igor Zaporozhets, chief technology officer at enterprise software services provider Aimprosoft.
Regular attention to technical debt not only improves code quality and system performance but also creates a more proactive development environment. Just don’t try to boil the ocean. Start with small tasks and gradually scaling up as the team gets used to it.
Are We Truly Protected When Utilizing GenAI?
Story by Pam Baker
Key Points:
The question is where do we stand amid the quickening in AI evolution? Are we safe or not? Are we reacting to fear or responding to concerns? Fear of the unknown can be crippling -- while concerns based in fact are at the heart of meaningful risk mitigation.
“Companies are jumping in feet first into AI when they are not even covering the basic vulnerabilities, like the data being wide open. It may sound harsh, but it’s a dumpster fire out there,” says Matthew Radolec, VP of Incident Response and Cloud Operations at Varonis.
AI flaws also create vulnerabilities with data leaks and data harvesting ranking high on the list. Data leaks can lead to high and prolonged exposures such as ChatGPT’s first data breach, which exposed user data to about 1.2 million OpenAI users over the span of nine hours.
“To give one particularly scary example: Stable Diffusion is the world's most popular text-to-image model. In December 2023, some Stanford researchers discovered that one of the training datasets that Stable Diffusion was trained on -- called LAION-5B -- contained over 1,600 images of child pornography. But virtually no companies or agencies have infrastructure in place to track which applications use which models, and which models are trained on which datasets,” says Marc Frankel, CEO at Manifest, a supply chain technology security company.
“A large majority of the AI community is not focused on security of the AI vs the ability to generate and extract value. This is not to say that security of GenAI systems is not being considered from both researchers and practitioners, it is just, unfortunately lagging behind,” says Jeff Schwartzentruber, PhD, CISSP, senior machine learning scientist at eSentire, a managed detection and response company.
Latest Major Tech Layoff Announcements
Original Story by Jessica C. Davis, Updated by Brandon Taylor
Key Points:
As COVID drove everyone online, tech companies hired like crazy. Now, we are hitting the COVID tech bust as tech giants shed jobs by the thousands.
Updated August 10, 2024 with layoff announcements from Cisco, Branch, and Dell Technologies, and Intel Corporation.
Check back regularly for updates to our IT job layoffs tracker.
Commentary of the Week
Story by Lance Spitzner
Key Points:
The scale of the event, rapid surge in commerce, and global audience made it a highly attractive target for hacktivists and financially motivated cybercrime. The French government’s cybersecurity agency warned in July that ransomware attacks against officials, athletes, and volunteers would be “inevitable” during the summer games.
In addition, a July 18 Forbes report citing Mandiant (part of Google Cloud) threat intelligence data indicated that the Olympics may face elevated risk from Russian-backed Advanced Persistent Threat (APT) groups due to France’s financial and military support for Ukraine.
The 2024 Verizon Data Breach Investigations Report found that the human element was involved in 68% of the 30,458 breaches it analyzed. Cybersecurity isn’t just a technical challenge anymore -- it’s a human issue at its core.
Mitigating human risk is an ongoing process that requires commitment from all levels of an organization. However, when cultivating any enterprise-wide mitigation effort, it is critical to first differentiate human risk by its four varying forms.
Unlike malicious insiders, managing the other three forms of human risk -- negligence, error, and victims -- comes down to a common yet often overlooked theme: simplification. At the core of human risk mitigation is a comprehensive and company-wide security awareness training program, which should be continual, engaging, and tailored to current threats, best practices, and employee interests.
Podcast of the Week
Podcast and Story by Joao-Pierre Ruth
Key Points:
New technologies can rise or stumble depending on the monetary investment put into its development. OpenAI introduced an enterprise API to go after more of the business market. Yet, there are reports the company might lose $5 billion this year and potentially run out of money in 12 months.
Is AI investment a substantial part of current enterprise IT budgets? How does the investment trend in AI compare with other tech? Is AI investment just a cost with no clear path to an ROI?
In this episode of DOS Won’t Hunt, John Lovelock (bottom right in video), chief forecaster with Gartner; Steve Ross (top center), director of cybersecurity with S-RM; Erin McFarlane (bottom center), vice president of operations with Fairmarkit; Sreekanth Mallikarjun, Ph.D. (bottom left), chief scientist and head of AI innovation with Reorg; and Ryan Johnson (top left), chief product officer with CallRail, offer their insights on what is happening with AI investment, what enterprises are exploring, and what the expectations might be for the money put into the technology.
REGISTER NOW!
"The CIO's Guide to Automation to Solve Workplace Shortages, Alert Fatigue, & More"
This FREE, LIVE webinar launches on Wednesday, August 14 at 1pm ET:
Presented by InformationWeek and Automox
Our featured keynote speakers are:
Rachel Lockett, CISSP - Author & former CIO, Pohlad Companies
Jason Kikta - CISO, SVP of Product Automox
Alert fatigue and exhaustion are eroding the effectiveness of your security teams. But persistent talent shortages means the cavalry isn’t riding to the rescue anytime soon.
This webinar covers strategies and tactics in using AI and automation to restore sanity and provide plenty of backup for your security warriors.
In this webinar, attendees will learn:
Automation use cases
How to create competitive advantages and enable innovation
How to consolidate redundant alerts through automated threat detection and response that increase productivity and efficiency
Overcoming automation challenges
Pathways to safe automation
Request Your Free Research Report Now:
“IT Pros Love, Fear, and Revere AI: The 2024 State of AI Report”
An InformationWeek Report | Sponsored by Palo Alto Networks
Is AI a boon or a bane to job security? A security tool or a vulnerability? Mature enterprise technology or immature toy? Essential enterprise technology or threat to humanity? According to survey respondents, it’s all of the above.
Download this report to learn how IT departments are investing in AI now and what’s guiding their plans for the future.
This is just a taste of what’s going on. If you want the whole scoop, then register for one of our email newsletters, but only if you’re going to read it. We want to improve the sustainability of editorial operations, so we don’t want to send you newsletters that are just going to sit there unopened. If you're a subscriber already, please make sure Mimecast and other inbox bouncers know that we’re cool and they should let us through.
And if you’re thinking about subscribing, then maybe start with the InformationWeek in Review; it only arrives on our new look Saturdays.