Immutable infrastructures often are refreshed frequently or run for relatively short periods, unlike traditional servers that host workloads that are online for years. The longer an instance runs in the data center environment, the higher the chance of an unanticipated configuration change. This rarely crashes an instance or renders a workload unavailable, but likely impairs performance or returns errors. An immutable infrastructure should support automatic application scaling as traffic demands change. To achieve resilience and allow for failures without application disruption, deploy instances in clusters behind load balancers. Automation processes can scale instances in response to traffic. An application performance management tool monitors objective measures of the workload's operation.
As to how Kaspersky ties into this data breach, the WSJ report says U.S. investigators believe the unnamed contractor's use of Kaspersky Anti-Virus (KAV) alerted the Russian hackers to the presence of the files. "Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA. But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding," the WSJ reported. One of the major unanswered questions in this story is what caused KAV to hit on these files?
The interesting thing here isn’t the form intelligence takes. It’s that intelligence is no longer housed internally in the brains of human workers but has moved outward into the virtual economy, into the conversation among intelligent algorithms. It has become external. The physical economy demands or queries; the virtual economy checks and converses and computes externally and then reports back to the physical economy—which then responds appropriately. The virtual economy is not just an Internet of Things, it is a source of intelligent action—intelligence external to human workers. This shift from internal to external intelligence is important. When the printing revolution arrived in the 15th and 16th centuries it took information housed internally in manuscripts in monasteries
In order for enterprises and security suppliers to remain on the front foot with hackers, they will also need to incorporate machine learning and artificial intelligence (AI) into their cyber security strategies, creating what Ghosh terms an “AI on AI” situation. “Security companies that fight these bad guys will also have to adopt machine learning. Now you have an AI on AI scenario, and it will propel us forward to adopt machine learning for real time,” he said. Where the technology comes into its own for enterprises is in the detection of cyber threats, he said. “The volume of data that’s available on certain types of threats like malware is effectively infinite,” he added. “The problem with sticking humans on a malware detection problem is that it’s not a good fit ...”
Companies like Netflix, Facebook and Amazon are great examples of how to capitalise on big data and ML capabilities to deliver superior customer experiences. Every organisation has the ability to capture and analyse big data, but it’s how to turn that insight into action that ultimately counts. Think about it this way—you can buy a gym membership, but if you don’t actually go to the gym and use the machines, you’ll never get the desired outcome. Unfortunately, this isn’t the mentality of most organisations, and many purchase ML software but don’t put in the extra effort for it to drive any real business value. Barriers like culture, budget constraints, internal talent, or just a lack of desire to change the status quo have plagued organisations and prevented them from transitioning from “early adopters” to “innovators.”
We are fast moving toward a world where hierarchical organizational structures will bend and break. Lots of diverse partners will come together in new ways to create new kinds of organizational structures that will be more fluid, less rigid. While this will feel like a radically new future, and in some ways it is a radically new future, there are deep roots in the past. The future that is about to happen has been brewing for a very long time. Packet switching, the core technology of the internet, was originally called by Paul Baran “hot potato routing,” a much more accurate name. The organization of the future will be shape-shifting, where hierarchies will come and go. Such fluid organizational forms will have no center, they will grow from the edges, and they won’t be controllable.
Issues surrounding data privacy are as legally unresolved today as they were two years ago, but the recent Equifax breach now puts a clear focus on them that strikes fear into the hearts of CIOs. The Equifax data that was breached was not big data. However, big data is a major privacy concern for IT because so much of it is coming into enterprise data repositories from so many sources; and it comes in many shapes and sizes. After Equifax, CIOs can rest assured that their CEOs and boards will be following their work in data privacy closely—and big data is one of the areas they'll be most concerned about. What operational steps can IT take to assure at a grass root level that sound data privacy practices are employed for their big data?
In the last ten years, another maturation has occurred in the CISO job, from being solely IT-centric to a leader that is now a trusted advisor to the highest levels of the organization in risk management and data protection. Of course, this is not to say that the responsibilities of a CISO are one-size-fits-all. You will find people holding the title covering multiple areas of the security spectrum, including traditional IT security, awareness, disaster recovery, forensics, operational response, endpoints, risk assessment and more. The scope and scale of the role depends upon the organization's size, finances, security focus and risk appetite. I do see an important differentiation occurring in the last few years: a distinct separation between IT security and information security.
With the overwhelming--and growing--amount of big data available today, the need for total automation for collection and analysis is in demand. Many companies are turning to data management platforms or other software solutions to collect, house, sort, and analyze information in a way that's easy for end-users to see and understand. This automation process works to streamline the analysis of data and can also put an end to fragmented data silos across an organization. "The idea of total automation is really popular right now," explains Taylor Wallick, Director of Digital Strategy at Centric Digital. "Digital tools today can allow you to deliver real-time information to various stakeholders throughout an organization without a single person having to dig through the data and build a presentation around it. ..."
If you already have basic load balancing setup, you might not know there are a few configuration options you can use to better suit your hardware. Say, for example, you have three servers running NGINX and are setup for load balancing. However, in that triad of hardware, you might have one server that's more powerful than the other two. Instead of having NGINX treat each of those servers as equals, it'd be nice to instruct the load balancer that Web Server 1 should get preference, Web Server 2 should fall next in line, and Web Server 3 should be the last in the chain of preference. NGINX has that very capability, right out of the box. In fact, setting up server priority, with NGINX, is as easy as setting up load balancing. It's called "server weight" and I'm going to show you just how simple this feature is to configure.
Quote for the day:
"Luck is a dividend of sweat. The more you sweat, the luckier you get." -- Ray Kroc