Daily Tech Digest - May 02, 2018

Next Port of Call — Digitization of Automotive Retail

Image Attribute: Inside a car showroom / Source: Mercedes-Benz of Encino/Flickr
As per the Cox Automotive's survey, for every retail sale, customers visit the auto dealer only two to three times (at maximum), including to sign the contract and to take the custody of the vehicle. However, the consumers are also taking the unbeaten path - like - initiating the buying process online by “building a vehicle” to their specifications and then searching inventory in a specific geography. The buyer evaluates their current vehicle’s trade-in value based on its model, option content, age, and condition. The financial institution (either traditional bank or newer online lenders) reviews, selects and approves financing and the consumer’s choice of purchase or lease in real time. Then the purchase process shifts from digital to more traditional retail, when the consumer arrives at the dealership to test drive the vehicle and sign the necessary paperwork to take ownership. Some dealers, taking advantage of their close proximity to the customer, further emulate the new online purchasing model by delivering the vehicle directly to the customer’s home at no charge.


Resolving who actually owns security in agile development

As we know, the developers’ main focus is getting a working product out the door as fast as possible, while the security folks want to reduce the chances that the product will contain vulnerabilities. Ideally, the developers would be able to code without any interruption or inference from the security folks. However, since developers are only human, there will always be flaws in the code that they write themselves, as well as issues in the code that they take from third-parties like open source repositories from sources like GitHub. We know that it is cheaper in terms of time and money to catch and fix vulnerabilities early in the process rather than later, especially when your developers have built more features on top of imperfect code. Moreover, we see a bottleneck occurring when security issues are left unaddressed until a short while before release (when stress levels are particularly high).


Shifting a Corporate Culture at Scale — and with Speed


Speed was very important in decision making. The culture of the prior organization was to extensively “discuss and deliberate.” As an example, the first meeting I was at had 25 people. My first call had 100 people. People were coming into meetings who were not necessarily contributing but who were transcribing and communicating to others; they weren’t the people who were supposed to take the action. One of the first meetings I had on July 14 was a review of the business. I had a stack of paper on one side, a stack of paper on the other side. I said, “I’m going to make a policy decision: no more paper.” And of course, I got a call that evening, saying, “Hey, I don’t know if you are aware of the fact you work for Xerox.” And I said, “Oops.” I said no more paper because the idea is to quickly convert people from the previous approach. People are showing up, and they’re basically reading off the presentation. So we changed that. But organizational structure is the clearest way to inform you as to how successful you will be.


State of Cybersecurity 2018: Enterprises Can Do Better

It seems that over the past 12 months, security has slipped down the boardroom agenda. According to the survey results, only 20% of organizations have their security function reporting to the CEO or main board. This represents an even lower figure than the 24% from last year (although the question in the previous year was phrased slightly differently). Also, 57% of the practitioners surveyed believed that their main board was adequately supporting security initiatives, a 10% decrease from the 67% figure from the previous year. On the bright side, 64% of enterprises were expecting to increase their cybersecurity budget this year, which also means that in 36% of enterprises, the expectation is to make do with the same or less money on their security efforts. That is an improvement over last year (where only 50% of respondents expected a security budget increase) but still shows a degree of complacency or risk-optimism in a sizable number of organizations.


Rip and replace your RDBMS? No – build cloud apps instead.

man-changes
“Customer success” is not just a nice way to give a new name to services. It is very much a mindset and a model that says you have to really understand what your customer is trying to achieve." That advice also means architecture planning, tying DataStax into an array of tools and vendors, from the storage layer to the security layer to the middleware layer: “How we interact and engage with our partners is all very important.” So is this a revenue play for DataStax, or is it about solidifying the customer relationship and making sure the projects deliver? Bosworth says it’s very much the latter. Without opening the entire financial kimono, he offered this: "We don’t share a lot of financial information. One thing I can tell you is our gross margins run north of 75 percent – that’s our blended gross margin as a company. That’s really how you can figure out if a company is a services company or a software company. Certainly anything upwards of 70 percent puts you in the software category. … kind of time-to-impact if you will."


University of San Francisco GE Digital Transformation Case Study

“Improving the productivity of existing assets by even a single percentage point can generate significant benefits in the oil and gas sector (and in other sectors). “The average recovery rate of an oil well is 35%, meaning 65% of a well’s potential draw is left in the earth because available technology makes it too expensive,” explains Haynes-Gaspar. “If we can help raise that 35% to 36%, the world’s output will increase by 80 billion barrels — the equivalent of three years of global supply. The economic implications are huge.” GE bet big on the Industrial Internet. The company put sensors on all of their products including gas turbines, jet engines, and other machines; connecting them to the cloud; and analyzing the resulting flow of data. The goal: identify ways to improve machine productivity and reliability. And it didn’t take long for GE engineers to realize that they could find interesting and unique patterns in the data.


Car hackers find remotely exploitable vulnerabilities in Volkswagen and Audi vehicles

Car hackers find remotely exploitable vulnerabilities in VW, Audi cars
The researchers noted, “Based on our experience, it seems that cars which have been produced before are not automatically updated when being serviced at a dealer, thus are still vulnerable to the described attack.” I encourage you to read their research paper, which delves into their attack strategy and technical system details, but it does not fully disclose the details of the remotely exploitable vulnerability because that, they believe, would be “irresponsible.” The researchers said they want to protect future cars but ask, “What about the cars of today or cars that were shipped last week? They often don’t have the required capabilities (such as over-the-air updates) but will be on our roads for the next fifteen years. We believe they currently pose the real threat to their owners, having drive-by-wire technology in cars that are internet-connected without any way to reliably update the entire fleet at once.” The hacked car models were from 2015, so if you have an Audi or Volkswagen, then contact to your dealer and ask about a software update.


Collaboration with utilities seen as first step in growth of smart cities

Berst said cities can invest in becoming a smart city in small ways. From installing smart street lights to putting in solar rooftops and other distributed renewable energy sources, to providing residents with electric car charging stations, cities can not only provide a more environmentally friendly atmosphere, but also save money. Installing smart street lights, such as through the Urbanova initiative for example, can save a city millions in electricity costs. “Smart street lights have a pay-off of three years or less. It’s one of the lesser expensive on-ramps that can lead to a deeper collaboration,” Berst said. “While those trucks are there installing the LED street lights, why not have them snap in a communications network into that existing infrastructure while they are up there? Now, not only do you have smart street lights, but an entire communications network as well.”


A Quick Guide to Implementing ATDD


Collaboration is one of the core values of the Agile methodology. Once, as I was working on a large project, I noticed a lack of collaboration between developers, testers, and business-minded individuals; a lack of clarity in requirements; frequent requirements scope-creep; a lack of visibility in regards to the testing completed; and defects being identified late in the project lifecycle. Most importantly to me, though, was that no one had any idea about our automation framework, so all of the automation tests were written after the features were developed and ready for testing. ... As a result, I found Acceptance Test Driven Development (ATDD) as one of the approaches used to mitigate many of these issues. It is often used synonymously with Behavior Driven Development (BDD), Story Test Driven Development (SDD) and Specification By Example (SBE). The main distinction of ATDD, as opposed to other agile approaches, is its focus on making developers, testers, business people, product owners and other stakeholders collaborate as one unit and create a clear understanding of what needs to be implemented.


At Interop: Everyone Into the AI Pool

"Now is the time to proactively look for problems where you can apply this. Yes, I think it's that important," he said, adding that you could toss a dart at a company org chart and find an area that could benefit from AI. Helping to identify the problems to be solved, and the type of improvement -- be it a new product or service, or a process improvement -- that should result is where business leaders need to work with technologists and data scientists to match the goals with technology capabilities. Putting AI and machine learning into action is where David Karandish, founder and CEO of Ai Software, took over. There's been plenty of discussion about how to use intelligent assistants or agents in the corporate world, taking a step beyond the bots that have popped up on websites in recent years. Karandish introduced the audience to his company's "Jane", a chat-based assistant that answers questions for employees and customers when integrated with a client company's internal systems. It's in use at several client companies besides his own.



Quote for the day:


"Knowledge is like underwear. It is useful to have it, but not necessary to show it off." -- Bill Murray