The ‘Great Resignation’ is coming for software development
Companies of all sizes should be strategic about the use of developer time. Why
waste human resources and attention on tasks that can be done quickly and less
expensive through automation instead? The cost of a developer minute is roughly
$1.65, and the cost of a compute minute for automating a formerly manual process
is approximately $0.006. Bear in mind the human cost of developers working on
routine, low-impact, uninteresting activities, and it’s neither a good use of
engineering skills, time, or attention for someone highly trained to stay
motivated. Instead, automate core building blocks as much as possible. Implement
solutions that integrate easily with other tooling or processes. Remove friction
for onboarding new developers allows for a simple life. A simple life means
developers are innovating, not toiling. A good place to start if you haven’t
already is with CI/CD. A reliable build tool allows teams to automate their
processes and practice good hygiene. That way, when systems become more complex,
your business will have a foundation in place to handle them (you can thank me
later).The Value Creation System
The Value Equation provides the foundational point of reference for an
enterprise, both as a driver and as a constraint for its modus operandi. Bound
within the confines of the Value Equation, the enterprise emerges as a conduit
for value creation – essentially, as a Value Creation System made up of myriad
fixed and moving parts which collude and collide to generate the products or
services offered to the market. In fact, the enterprise closely resembles a
living, breathing organism, in that it can self-organize, learn, adapt,
diversify, specialize, and evolve “emergent properties” such as innovative
thinking and conscious risk-taking behaviors. As a result, an enterprise is
considered to be a complex adaptive system. What distinguishes an enterprise
from other complex adaptive systems such as the stock market or the cells in an
organism is the fact that it is deliberately organized around the creation of
value. The enterprise is essentially a Value Creation System designed to ingest
‘raw resources’ such as data, materials, capital and labor power, and produce
outputs – services, products, information – useful to and desired by their
customers.14 things you need to know about data storage management
“Setting the right data retention policies is a necessity for both internal data
governance and legal compliance,” says Chris Grossman, senior vice president,
Enterprise Applications, Rand Worldwide and Rand Secure Archive, a data
archiving and management solution provider. “Some of your data must be retained
for many years, while other data may only be needed for days.” “When setting up
processes, identify the organization’s most important data and prioritize
storage management resources appropriately,” says Scott-Cowley. “For example,
email may be a company’s top priority, but storing and archiving email data for
one particular group, say the executives, may be more critical than other
groups,” he says. “Make sure these priorities are set so data management
resources can be focused on the most important tasks.” ... Similarly, “look for
a solution that provides the flexibility to choose where data is stored: on
premise and/or in the cloud,” says Jesse Lipson, founder of ShareFile and VP
& GM of Data Sharing at Citrix. “The solution should allow you to leverage
existing investments in data platforms such as network shares and
SharePoint.”Big Tech & Their Favourite Deep Learning Techniques
A subsidiary of Alphabet, DeepMind remains synonymous with reinforcement learning. From AlphaGo to MuZero and the recent AlphaFold, the company has been championing breakthroughs in reinforcement learning. AlphaGo is a computer program to defeat a professional human Go player. It combines an advanced search tree with deep neural networks. These neural networks take a description of the Go board as input and process it through a number of different network layers containing millions of neuron-like connections. The way it works is — one neural network ‘policy network’ selects the next move to play, while the other neural network, called the ‘value network,’ predicts the winner of the game. ... Facebook is ubiquitous to self-supervised learning techniques across domains via fundamental, open scientific research. It looks to improve image, text, audio and video understanding systems in its products. Like its pretrained language model XLM, self-supervised learning is accelerating important applications at Facebook today — like proactive detection of hate speech.New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures
As many as 11 security vulnerabilities have been disclosed in Nagios network
management systems, some of which could be chained to achieve pre-authenticated
remote code execution with the highest privileges, as well as lead to credential
theft and phishing attacks. Industrial cybersecurity firm Claroty, which
discovered the flaws, said flaws in tools such as Nagios make them an attractive
target owing to their "oversight of core servers, devices, and other critical
components in the enterprise network." The issues have since been fixed in
updates released in August with Nagios XI 5.8.5 or above, Nagios XI Switch
Wizard 2.5.7 or above, Nagios XI Docker Wizard 1.13 or above, and Nagios XI
WatchGuard 1.4.8 or above. "SolarWinds and Kaseya were likely targeted not only
because of their large and influential customer bases, but also because of their
respective technologies' access to enterprise networks, whether it was managing
IT, operational technology (OT), or internet of things (IoT) devices," Claroty's
Noam Moshe said in a write-up published Tuesday, noting how the intrusions
targeting the IT and network management supply chains emerged as a conduit to
compromise thousands of downstream victims.Practical API Design Using gRPC at Netflix
Alex Borysov and Ricky Gardiner, senior software engineers at Netflix, note that API clients often do not use all the fields present in the responses to their requests. This transmission and computation of irrelevant information for one specific request can waste bandwidth and computational resources, increase the error rate, and increase the overall latency. The authors argue that such waste can be avoided when API clients specify which fields are relevant to them with every request. They point out that this feature is present out of the box with API standards such as GraphQL and JSON:API and question whether Netflix's wide usage of gRPC in the backend could benefit from an identical mechanism. They found that a particular message called FieldMask is defined in Protobuf, the underlying message encoding of gRPC. When included in API requests, it allows clients to list which fields are relevant and can be applied to both read and modify operations.Ransomware is Harming Cybersecurity Strategy: What Can Organizations Do?
The answer is to layer up best-in-class protection across endpoints, servers,
cloud platforms, web and email gateways, and networks. But the secret sauce in
all this must be intelligence. It should help organizations understand where
their highest risk vulnerabilities are internally. It can also drive visibility
into broader threat activity outside the corporate perimeter—whether it’s
chatter on dark web forums or new registrations of phishing sites. With open
APIs and automation, organizations can integrate this intelligence seamlessly
into their best-of-breed security environment, freeing up analysts to focus on
high-value tasks and accelerating detection and response times. For example, a
new phishing site IP address could be blocked in minutes before the group behind
it has even been able to send your employees scam emails. Likewise, intelligence
on new ransomware IOCs could be fed into intrusion prevention tools to enhance
resilience before you’re even attacked. The right threat intel can also help red
teams probe for weaknesses and proactively build stronger defenses.To build trust with employees, be consistent
A lot of leaders seem to think they also walk the talk on culture. PwC’s survey
shows that 73% of senior management think they do. But only 46% of the rest of
the workforce agree. We’ve seen firsthand that this mismatch damages trust. And
without trust, it can be difficult to motivate people, bring about change, and
encourage the desired behaviors. One of our team members at the Katzenbach
Center, a former US soldier, tells a story that accentuates the importance of
leadership authenticity. In the armed forces, which rely on the ranks obeying
their leaders’ instructions without question, Army leaders routinely make sure
they eat only after their troops have been fed, to give a clear signal that the
troops’ welfare is their top priority. But on one occasion when our colleague
was a first lieutenant in the 25th Infantry Division, his entire unit was locked
down because a piece of equipment was missing. “The lockdown went on all day and
into the evening, and instead of hot food, we were given MRE [meal ready-to-eat]
rations. But then some of the soldiers saw the commander’s wife sneaking him
Burger King. After that, he was completely ineffective as a leader because no
one in the unit respected him.”What is a Blockchain and how does it work on Bitcoin?
The origins of Blockchain go back to 1991 when Stuart Haber and W. Scott
Stornetta described the first work on a chain of cryptographically secured
blocks. In this study, Haber and Stornetta sought to create mechanisms to create
digital seals and order registered files in a unique and secure way. This
represented a practical computational solution for the order and handling of
digital documents so that they could not be modified or manipulated. However,
its boom increased in 2008 with the arrival of the cryptocurrency Bitcoin ,
although it is already being used for other commercial applications, so much so
that an annual growth of 51% is estimated for 2022. ... Even with these security
locks, it would be possible that someone using a computer that has the ability
to calculate hundreds of fingerprints per second can modify the fingerprints of
the front and rear block, and thinking about this possible problem the
Blockchain has a mechanism called " proof of work ", which consists of purposely
delaying the process of creating the new block of information, in other words,
before creating a new block the system would audit the entire chain originally
created. ...Russian-Linked Group Using Secondary Backdoor Against Targets
The newly discovered backdoor, which the researchers call "TinyTurla," has been
deployed against targets in the U.S. and Germany over the last two years. More
recently, however, Turla has used the malware against government organizations
and agencies in Afghanistan before the country was overtaken by the Taliban in
August, according to the report. "This malware specifically caught our eye when
it targeted Afghanistan prior to the Taliban's recent takeover of the government
there and the pullout of Western-backed military forces," according to the
analysis. "Based on forensic evidence, Cisco Talos assesses with moderate
confidence that this was used to target the previous Afghan government." Turla
has been active since the mid-1990s and is one of the oldest operating advanced
persistent threat groups that have links to Russia's FSB - formerly KGB -
according to a study published in February by security researchers at VMware.
The group, which typically targets government or military agencies, is also
called Belugasturgeon, Ouroboros, Snake, Venomous Bear and Waterbug and is known
for constantly changing techniques and methods to avoid detection.Quote for the day:
"Risks are the seeds from which successes grow." -- Gordon Tredgold
No comments:
Post a Comment