Up Times
A crane delivering Bryley’s new AC unit to the roof (and removing the old one, center photo) on a recent Thursday.
A stitch in time and all that – Most of the time the infrastructure details a business needs to deal with are rarely as interesting as a flatbed truck (with accompanying police detail) delivering a new AC unit (about the size of a shed) to Bryley’s roof.
But its delivery served to remind me that replacing an AC unit before the old one failed meant Bryley could schedule the work on its terms – a planned afternoon on a day it chose. Replacing a unit after failure would have likely cost considerably more – in time, money, heat and disrupted work.
The reason we call this newsletter Up Times is because uptime characterizes how Bryley approaches its work. Having an uptime mindset is about keeping systems running well, instead of responding to problems after they happen. It’s akin to scheduling the AC delivery versus after-the-fact scrambling. But the stakes with IT are usually higher. Approaching IT with an uptime mindset gives operations a foundation of quiet reliability, so employees and ownership can remain focused on their work, and be less concerned about dealing with unexpected disruptions.
Infrastructure is mostly uninteresting – heating, cooling, electricity, plumbing. People just expect these things are going to work. It’s Bryley’s goal that the computer systems your employees work on are as unexciting as these – without drama, without unexpected expenses or downtime (boo). If that sounds like the kind of dependability your organization could use, reach out to Roy Pacitto to explore how Bryley can help your systems run smoothly in the background. Roy can be reached at 978.562.6077 x217 or email him.
Sometimes access can be needlessly – harmfully – outsized.
Admin Access for everybody!
That a problem?
How much thought goes into IT when a business is starting out? Most organizations begin with a single person or a group of like-minded people. That group then expands as business needs evolve and become clear.
Whether or not the organization has IT staff, speed usually wins – it’s rare to give computer use more thought than as a tool for getting work done, storing data, and driving sales.
Reasonable, for sure. But there is one issue that has been wrestled with in computing circles since just about its inception: how much access to give users. Too much, and the system becomes vulnerable in ways that aren’t obvious until something goes wrong. Too little, and access controls start to feel like they’re getting in the way of working … [5 min. read; audio available] Continue Reading >
Specialized parts used in military contexts may be subject to CMMC scrutiny. DFARS told us what data we were expected to protect. NIST SP 800-171 showed 110 areas of cybersecurity control. CMMC verifies those controls.
The visibility gap on the way to CMMC Compliance
Taking Care of Controlled Unclassified Information
In a small business with a million and one things to do – At the end of last year, a machine shop that had been supplying small parts to a defense contractor was audited on its handling of CUI (Controlled Unclassified Information). CUI is not classified military intelligence; it’s working documents like technical drawings, specs, contract pricing and supplier information. The audit showed that the shop couldn’t fully account for how CUI was being handled. The situation had to be remedied immediately or the contract was in jeopardy. No one had been intentionally negligent, and this needn’t have been an emergency — if the machine shop had understood the importance of being able to show its work … [6 min. read; audio available] Continue Reading >
Is that autonomous robot really getting a helping hand?
How now Waymo?
Autonomous vehicles actually (partly) remote controlled?
So Waymo’s are remotely monitored and can be controlled in what looks a bit like a really old computer game. The Waymo operators are at least in part in the Philippines (as in, lower-cost labor than local in-car drivers) and have to be legally permitted to drive in the state where the vehicle is actually moving around.
This reminded me of that recent humanoid so-called robot Neo that’s being marketed for cleaning your house. It is also remotely operated, training on the dataset of your home, supposedly. Privacy is an obvious concern. Not to mention, some strangers being able through the camera eyes to case the joint.
Waymo being remotely operated (and that’s an over-characterization, one remote overseer watches forty cars at a time) brings network-hacking possibilities with literal passenger and pedestrian lives at stake. I thought the idea was that autonomous vehicles were a local safety concern and now these are also clearly a network security issue.
This parallels the recent CISA advisory about industrial robots having the high-severity vulnerabilities of networked devices; they are not dumb appliances performing a rote task … [7 min. read] forbes.com
Too accessible? Too easy? Too problematic? Too late?
Fighting the rise of deepfakes
Past MIT Algorithm AI newsletter author Melissa Heikkilä demonstrates the ease of making a deepfake. The video also shows how we look past legitimate tells (which are pretty tough to notice even when you see the process unfold before your eyes and ears – a deepfake hunting company scours for micro-anomalies in 16,000 audio samples per second).
There are no easy answers to the day-to-day problems deepfakes pose for businesses (like spoofed messages to co-workers) and especially for women in general.
But there are emerging strategies, and the final word was granted Claire Leibowicz of The Partnership on AI: I want to make sure that people … [don’t] have this sense of resignation, that this [deepfake tech] is here and therefore we can’t do anything about it … [24 min. watch] youtube.com
Among the nineteen annual Verizon cyber-breach studies, 2025 was different. Verizon offers that the attack-approach changes have to do with automation and AI.
Manufacturing sees more ransomware and credential-based attacks
For manufacturers: ransomware appeared in 61% of breaches; stolen credentials and vulnerability exploitation are top attack vectors, per Verizon research.
Within manufacturing specifically, Verizon recorded 3,627 incidents, of which 2,713 involved confirmed data disclosure, The Manufacturer reports. And most notably, vulnerability exploitation is the attack vector for almost a third of all breaches.
What this means to you: a good program of vetting and applying patches has become of highest importance. And good data-handling practices, including restricting permissions to those who actually need the data to do their work. And as an organization, only collecting and holding the data you need cuts your risk. Endpoint Detection and Response (EDR) software has the ability to detect an attack and limit its resultant damage.
If you need help with these things, reach out to Roy at Bryley or if you’re a Bryley client the Client Services team via the portal … [3 min. read] themanufacturer.com
Cybercrime tops poll.
Hartford study of 500 businesses shows cybersecurity is chief concern
Concerns around phishing, ransomware and data breaches that can disrupt operations and damage trust
The Hartford’s annual study of $10 million+ companies shows that many view cyber-threats as an evolving and escalating challenge. When employee or client data is compromised, the report explains, the resulting breaches can have lasting impacts for a company’s reputation and its clients’ trust … [5 min. read] thehartford.com
Zach Dissington’s way to visualize AI use in the world.
You wouldn’t know
The online world is small. The subset of those who use AI is even smaller.
I log into LinkedIn and feel behind on AI every single time, Alexander van Rossum writes. Not because I’m not using it — I build with it daily. My apps are built with it. This site is maintained by an AI agent … and I still close LinkedIn feeling like I missed something.
More than one in nine adults report elevated anxiety about not keeping up with AI, and the phenomenon is acute enough that therapists are seeing it as a distinct category of workplace stress. Some workers are secretly adopting AI tools … because the anxiety of not using them has become its own pressure.
Van Rossum describes an algorithmic-driven force on influencers and would-be influencers to keep the AI content jazzy: The people who make you feel most behind are almost certainly optimizing for impressions … the people who are actually ahead of you are too busy to post consistently … [5 min. read] hackernoon.com
Note: The section directly above is Bryley’s curated list of external stories. Bryley does not take credit for the content of these stories, nor does it endorse or imply an affiliation with the authors or publications in which they appear.
Get Up Times, useful tech news by New Englanders in Your In-Box
- Subscribe to Up Times, the monthly New England-centric technology newsletter.
- Up Times covers:
-
- Trends in New England tech
- Security tips you can implement now
- Updates on regional and national laws and compliancies
- IT-related developments
- Networking and cybersecurity challenges New England business managers are facing
- In continuous publication since 2000, Up Times arrives monthly in your email box.
Sign up for Up Times to have tech news and tips delivered monthly via email
