DevOps: 5 things teams need from CIOs
To keep up with the pace of software and app releases, your developers and
product teams need the ability to automate different test scenarios quickly,
continuously, and in real-time. Your teams do not have months and weeks to
test, analyze, and update code before a new release. Investing in the tools
they need to migrate to more modern platforms gives teams the flexibility they
need to meet demand. As convenient and trusted as legacy systems are, if you
are serious about DevOps, updating your legacy systems and architecture should
be a primary focus. This is especially important as technologies like
artificial intelligence, augmented reality, and virtual reality gain momentum
and popularity. When planning budgets into the next year, consider designating
resources to replace these legacy systems. ... Ensure that each team works
well on its own before you have teams work together. For different teams to
work together successfully, the individuals on each team must be able to work
with each other. Make sure that development personnel attends all relevant
meetings and discussions with operations/IT teams, and vice versa. Listen.
Concentrate on what your team members are communicating. Be mindful; do not
take a passive approach or focus only on your response.
The 4 essential pillars of cloud security
One of the key constructs of zero-trust computing is continuous improvement.
An effective cloud security solution should enable ongoing insight into the
entire cloud environment, thereby creating the opportunity for ongoing
improvement. ... The second pillar involves providing security for end
systems, managed services or different workloads running inside the cloud –
commonly called platform as a service. This compute-level security has two key
components. First is automated vulnerability management, which identifies and
prevents vulnerabilities across the entire application lifecycle while
prioritizing risk for cloud-native environments. ... Protecting the network is
traditionally integral to on-premises environments but is equally important
for the cloud. There are two major components of network protections. One is
microsegmentation, a method of creating zones to isolate workloads from one
another and secure them individually. This is at the heart of zero trust. By
putting up roadblocks between applications and workloads, microsegmentation
makes it much more difficult for would-be attackers to move laterally from one
infected host to another. The method employs containerization (of the app and
its operating environment) and segmenting the application itself in order to
minimize any damage.
Microsoft told employees to work from home. One consequence was brutal
Perhaps, you might say, no one's really working any harder then. Yet when
you're in an office, don't you also take time out to go for a walk (and scream
at your boss), have a peaceful lunch (and scream at your boss), call your
cable provider (and scream at customer service) or merely stare into space
(and scream at the absurdity of existence)? The problem -- and for some
bosses, great delight -- of modern technology is that it makes you believe
employees are available any time, any place, anywhere. And really, how many
humans are at their best earlier than they're used to or later than they'd
prefer to Please, I'll get to the happier elements of this research shortly.
But when working from home Microsoft's employees apparently spent 10 percent
more time in meetings. So, let's see, your work hours have expanded and you're
spending more time in meetings. Where's the hope? Well, the researchers muse
that there needed to be more meetings because there wasn't the opportunity for
chance encounters. You know, in corridors and restrooms. And they believe hope
lies in the fact that individual meeting times were shorter.
How to Build a Security Culture
Content is one of the biggest mistakes made in security awareness training. If
your content is weak, boring, unrelatable, or filled with legal language, no
one will pay attention. Although your intentions are great, you have to
understand that dry paragraphs of plain text about hackers will not influence
a behavior change. As we learned before, to create a culture you have to drive
influence. And to drive influence, you need support. Just sending out an email
once a month or once a quarter, or hanging a poster up that says ‘don’t get
phished’ will do nothing to make an impact. In order to create a security
culture shift, you need to understand what drives change. Change is not easy,
and when it comes to employees changing their behavior, you have many barriers
ahead. Change requires taking an established habit, associating that habit
with negative behavior, and then influencing a new habit with a desired,
positive outcome. Essentially know why something they are doing is wrong and
learning how to change the negative habit they’ve been demonstrating. So now
that we learned all of the challenges in creating a culture of security, how
do we actually create one ourselves?
Use cases for blockchain in healthcare
One major issue that is present within healthcare is the production of
counterfeit prescription drugs. The World Health Organisation (WHO) has
estimated that one in 10 medical products in low and middle income countries
are forged or substandard. Companies such as Quant aim to solve this issue
using smart contracts and interoperability between blockchains to cut out
middlemen and increase efficiency. “Data from embedded identification markers
used to track individual products and components, can be recorded onto
distributed ledger technology (DLT) to provide a single source of truth with
full transparency, accuracy, and accountability at every stage in the supply
chain,” explained Gilbert Verdian, founder and CEO of Quant. “This is achieved
through the shared nature of the ledger and the immutability that it offers,
and with the data available to all participants, this solution has the
potential to eliminate the need for intermediaries – and hence, opportunistic
criminals – abusing the system. “The impact of such an approach would be
dramatic. In fact, according to a new report by the market intelligence
company BIS Research, blockchain-based supply chains would reduce revenue loss
to pharmaceutical companies by up to $43 billion annually, as well as benefit
others who inadvertently purchase counterfeit drugs.”
Data scientists are used to making up the rules. Now they're getting some of their own to follow.
Many, if not most, technology-oriented organizations already have ethical
standards of some sort, which were developed to ensure that innovation is
designed responsibly within their own ranks. The BCS, for example, asks
practitioners to sign up to a code of conduct, which determines among other
principles that IT workers should act in the public interest, with integrity,
competence and diligence; and that they should never take on a task that they
don't have the skills to complete. Similarly, the RSS's code of conduct
defends acting in the public interest, fulfilling obligations to employers and
clients, and showing competence and integrity. And the RAEng is governed by
principles of openness, fairness, respect for the law, accuracy and rigor.
Even big tech has jumped on the bandwagon, with Google committing to
responsible technology, or Microsoft drafting guidelines for 'ethical and
trustworthy AI', to name but two. But while organizations have been
pulling together ethics committees and writing up white papers on the rules
that should govern the use of data, not much was done at the individual level.
Yet the source of all technology is the brain of those who come up with new
ideas.
Cybersecurity for a Remote Workforce
Start with stopgap measures that can be implemented immediately, such as
revising existing cyber risk guidelines, requirements, and controls on how
employees access data and communicate with a company’s network. Rules of
behavior analytics need to be adjusted to consider changes to the “normal”
behavior of employees, many of whom now work outside standard business hours
so that security teams can effectively focus investigations. Then examine new
security tools and requirements for sharing and maintaining private
information with vendors. For example, organizations may need to adopt more
robust data loss controls, traffic analysis tools, and access restrictions.
Ensure that vendors that aren’t currently prepared for heightened cyberattack
risk commit to developing cyber preparedness plans to safely handle
information or interact with your corporate network. Review changes to boost
your technology and security infrastructure today, even if such changes may
take years to implement. Some organizations may want to speed up their cloud
strategies so that their IT resources can rapidly meet demand spikes from
large-scale remote work.
Digital transformation: 8 ways to spot your organization's rising leaders
The best digital transformation leaders know what the biggest pain points
are inside the organization, says Lyke-Ho-Gland – and they create a digital
roadmap addressing those points that the larger organization will get
behind. ... “Outcome-focused leaders understand the need to drive that
focus, assess any midcourse requests against the program commitments, and
communicate relentlessly to reinforce expectations of sponsors.” They
understand, measure, and report on both qualitative and quantitative
benefits and make sure all project actions are structured to deliver those
outcomes. ... “The most successful DT leaders can compellingly market those
solutions to business stakeholders so that they adopt the new tools and ways
of working,” says Lauren Trees, who heads up APQC’s Knowledge Management
research group. ISG’s Hall describes one successful CIO he worked with as
the best salesperson in the organization: “He had implemented all of the
company’s products within IT (eat your own cooking) and talked to prospects
daily on the challenges he was able to overcome with the product suite,”
Hall recalls.
Block/Allow: The Changing Face of Hacker Linguistics
The most recent wave of changes demonstrates that more, and more powerful,
tech organizations take watching their language as a serious concern, even
though the history of the terms predates their use in computing, says
Christina Dunbar-Hester, an associate professor of communication at the
University of Southern California and the author of "Hacking Diversity: The
Politics of Inclusion in Open Technology Cultures." "Language is symbolic
and powerful but can also feel superficial. Certainly in the moment we're
in, some people are asking to abolish the police, not to change unfortunate
computer terms," she says. "But Black Lives Matter and the current moment
gives people the ammunition to say that language does matter." However,
there's a difference between changing word choices in documentation and
getting people to change the words they use on a daily basis. Convincing
developers, hackers, and other professionals to switch to more inclusive
language has been a long struggle that predates the current norms. Tech has
long faced a serious imbalance in how it pays and promotes white men more
than women and black, indigenous, and people of color.
Data governance and context for evidence-based medicine: Transparency and bias in COVID-19 times
A number of people, including Cochrane excommunicate Peter Gøtzsche, argue
that there can be a lot of bias in RCTs. This has largely to do with the fact
that the vast majority of RCT data come from pharmaceutical companies,
creating a conflict of interest. If aggregators like Cochrane do not validate
the raw data they offer access to, they may be whitewashing them. Case in
point: Surgisphere. What was initially referred to as the most influential
COVID-19 related research up to date was called into question as to the result
of lack of transparency regarding the origin and trustworthiness of its data.
The research used data sourced from Surgisphere, a startup claiming to operate
as a Data Broker, providing access to data from hospitals worldwide. However,
whether that data is veracious, or was acquired transparently is not clear. As
a result, research findings were put into question, and related decisions made
by the WHO were reverted. Scales' opinion is that researchers have a
responsibility to verify the source of the data they use. ... Over-reliance on
RCTs may be part of the problem. RCTs can be enormous multi-year undertakings,
summarized in what's often an eight-page journal article. Many important
details and potential biases are left out.
Quote for the day:
No comments:
Post a Comment