The person making the change may not fully understand the needs of the enterprise, and may make changes that aren't in alignment with those needs.
A dishonest employee could create back doors into the network, even into applications.
If security concerns aren't fully understood or taken into consideration, an implemented change could open the enterprise to financial loss, a loss of reputation or legal liability.
Even the most prudent efforts to segregate responsibilities could be made null if employees from multiple groups collude to make change that could cause harm. The Sarbanes-Oxley Act of 2002 had this in mind when it forced sign-off from executives stating that internal controls had been implemented and audited, thereby holding those executives liable for misleading or fictitious information to prevent collusion.
10. Back-0ut Plans
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
