Today: As security threats skyrocket and regulations pile up, an already difficult job is getting harder, an Australian Google Cloud customer suffers an outage blamed on an "unprecedented sequence of events," and the latest enterprise moves.
Today: why global companies rolling out new security policies need to make sure their end users understand what they're trying to say, Microsoft hooks up with Mistral, and the latest funding rounds in enterprise tech.
Welcome to Runtime! Today: why global companies rolling out new security policies need to make sure their end users understand what they're trying to say, Microsoft hooks up with Mistral, and the latest funding rounds in enterprise tech.
(Was this email forwarded to you?Sign up here to get Runtime each week.)
Communication breakdown
Cybersecurity is a global issue, and multinational businesses that haven’t developed security policies and tech-support practices that take differences in languages, characters, and keyboards into account are at a disadvantage.
Global teams across an enterprise are likely to speak different languages, of course, but even those who all speak the same language might be using different keyboard layouts with different characters. Those differences, combined with subtle linguistic variations in meaning across American versus British English, can lead to miscommunication and confusion about password requirements that could hinder collaboration and even compromise security.
“This topic is incredibly relevant as attackers are taking advantage of organizations expanding to a new global footprint and entering new territories,” according toAvi Pichette, product manager at CyberArk, an identity security company that specializes in privileged access management (PAM) technology.
For example, if an English-speaking tech-support person has to reach out to someone in Japan, they can’t even tell that user, “‘click here and there’ unless the UI is exactly the same,” observedAlexandre Blanc, a security expert, consultant and speaker.
Blanc noted that it’s also important to understand that not all languages are typed out from left to right — Arabic and Hebrew are written right to left — particularly when setting up passwords for access.
Charles Givre recounted his own experience with language miscommunication while at Black Hat helping a Japanese student write a SQL query.
“We couldn't figure out why the query wouldn't work on his machine. It turned out that the Japanese keyboard has a different unicode character for the period.”
An IT support specialist based in the U.S. working for a global bank (who requested anonymity to tell the story) relayed a frustrating experience he had when trying to tell a user in the U.K. which characters to enter for her password reset.
The string included the punctuation mark that people in the U.K. call a “full stop” and the user didn’t know what the IT support person meant by the “period” key.
Multinational organizations can use AI to mitigate problems, in addition to establishing training and building the right security culture,
Givre pointed out that “OpenAI models were trained with multilingual data,” which makes it "more than capable of translating text written in a variety of languages into SQL queries,” he said.
Another way AI can be useful is by bridging character differences through smart mapping: AI algorithms can intelligently map characters from different languages and alphabets.
Security managers could then generate a password in Chinese characters or whatever form of alphabet is needed even if they were using an American keyboard.
But when it comes to pure translation, Blanc said generative AI is not on par with human translators who can understand not just the words being used, but their meaning.
As enterprises rush to embrace AI, CIOs are grappling with how to merge their enterprise’s IT past and future. Increasingly, in-house technology leaders are tasked with the seemingly impossible mandate of reaping the benefits of next-generation systems while simultaneously reducing legacy technical debt and costs and managing risk. Read more about The CIO Paradox on Runtime.
Microsoft's Mistral move
One of the loudest complaints about Microsoft's close partnership with OpenAI is that the "open" in OpenAI is quite the misnomer; there's nothing open about Sam Altman and Co.'s GPT models, which makes it harder for some companies to center those black boxes in their business plans. In response, Microsoft has been adding other models into its mix, and Monday it announced plans to link up with one of the more open foundation-model providers.
That investment is a drop in the bucket compared to the billions Microsoft has committed to OpenAI, but Mistral is the first foundation-model investment it has made outside that partnership. The European Commission said Tuesday it planned to investigate the Mistral deal alongside broader scrutiny of Microsoft's deal with OpenAI.
Enterprise funding
Glean raised "over" $200 million in Series D funding ($203.2 million, I'm told) that values the generative AI internal-search company at $2.2 billion.
Synadia scored $25 million in Series B funding to fund further development of Nats.io, an open-source communications platform for distributed applications.
Prowler raised $6 million in seed funding to build a company around its namesake open-source project, which was developed by two former AWS engineers to improve cloud security.
Codified now has $4 million in seed funding to help companies set data access and retention policies using code.
The Runtime roundup
GitHub Copilot Enterprise is now generally available, giving us a chance to see how many companies want to train a coding assistant on their own code bases for another $39 per user per month.
European regulators are taking a closer look at Microsoft's bundling of Entra AD with Microsoft 365 after complaints that Microsoft 365 users can't adopt a competing identity management product, according to The Information.
That didn't take long: Lockbit resurfaced Monday a week after several international law enforcement agencies said they had "completely disrupted" its operations, but it's not clear if the group's full capabilities remain intact or if it just figured out how to restore a backup website.
Sabre completed a four-year migration to Google Cloud that saw it close 17 data centers and move 50 petabytes of data into Google.
A MESSAGE FROM CANVA
A new report from Canva reveals how more than 1,360 CIOs are managing app sprawl and making decisions about which workplace tools in the AI era will drive the best results. Discover more.
Tom Krazit has covered the technology industry for over 20 years, focused on enterprise technology during the rise of cloud computing over the last ten years at Gigaom, Structure and Protocol.
Today: how international law enforcement agencies took down one of the most notorious ransomware operators, how two communities are dealing with a surge in data-center building, and the latest funding rounds in enterprise tech.
Today: As security threats skyrocket and regulations pile up, an already difficult job is getting harder, an Australian Google Cloud customer suffers an outage blamed on an "unprecedented sequence of events," and the latest enterprise moves.
Today: Figma's Abhi Mathur explains how the company created its collaboration tool and overhauled its databases for scale, Red Hat outlines an open-source AI platform strategy, and the latest funding rounds in enterprise tech.
