While opinions vary on what zero trust is and is not, this security model generally considers the user's identity as the root of decision-making when determining whether to allow access to an information resource. This contrasts with earlier approaches that made decisions based on the network from which the person was connecting. For example, we often presumed that workers in the office were connecting directly to the organization's network and, therefore, could be trusted to access the company's data. Today, however, organizations can no longer grant special privileges based on the assumption that the request is coming from a trusted network. With the high number of remote and geographically dispersed employees, there is a good chance the connections originate from a network the company doesn't control. This trend will continue. IT and security decision-makers expect remote end users to account for 40% of their workforce after the COVID-19 outbreak is controlled, an increase of 74% relative to pre-pandemic levels, according to "The Current State of the IT Asset Visibility Gap and Post-Pandemic Preparedness," with research conducted by the Enterprise Strategy Group for Axonius.
Confidentially, many chief data officers will admit that their companies suffer from what might euphemistically be called “data dyspepsia:” they produce and ingest so much data that they cannot properly digest it. Like it or not, there is such a thing as too much data – especially in an era of all-you-can-ingest data comestibles. “Our belief is that more young companies die of indigestion than starvation,” said Adam Wilson, CEO of data engineering specialist Trifacta, during a recent episode of Inside Analysis, a weekly data- and analytics-focused program hosted by Eric Kavanagh. So what if Wilson was referring specifically to Trifacta’s decision to stay focused on its core competency, data engineering, instead of diversifying into adjacent markets. So what if he was not, in fact, alluding to a status quo in which the average business feels overwhelmed by data. Wilson’s metaphor is no less apt if applied to data dyspepsia. It also fits with Trifacta’s own pitch, which involves simplifying data engineering – and automating it, insofar as is practicable – in order to accelerate the rate at which useful data can be made available to more and different kinds of consumers.
One of the trends we're seeing is that people know how to build models, but there are two challenges. One is on the input side and one is on the output side. On the input side, you can build the greatest models in the world, but if you feed them bad data that's not going to help. So there's a renewed interest around things like data governance, data quality and data security. AI and ML are still very important, but there's more to it than just building the models. The quality of the data, and the governance and processes around the data, are also very important. That way you get your model better data, which makes your model more accurate, and from there you're going to get better outcomes. On the output side, since there are so many models being built, organizations are having trouble operationalizing them all. How do you deploy them into production, how do you monitor them, how do you know when it's time to go back and rework that model, how do you deploy them at the edge, how do you deploy them in the cloud and how do you deploy them in an application?
As digital products take precedence, the software ecosystem brings new possibilities to products. With the rise of digital products, cross-functional boundaries are blurring. New skills and unlearning old ways are critical. Gamification can support creating a ladder approach to acquiring and utilizing new skills for continuous software delivery ecosystems, testing and security. However, underpinning collective wisdom through gamification needs a systematic framework where we are able to integrate game ideation, design, validation & incentives with different persona types. To apply gamification in a systematic manner to solve serious problems, ideate, and come together to create new knowledge in a fun way, is challenging. To successfully apply gamification for upskilling and boosting productivity, it will have to be accompanied by understanding the purposefulness through the following two critical perspectives: Benefits of embracing gamification for people – Removing fear, having fun, and making the desirable shift towards new knowledge; creating an environment that is inclusive and can provide a learning ecosystem for all.
Cybersecurity in Industry 4.0 can't be tackled in the same way as that of traditional computing environments. The number of devices and associated challenges are far too many. Imagine monitoring security alerts for millions of connected devices globally. IIoT devices possess limited computing power and, therefore, lack the ability to run security solutions. This is where AI and machine learning come into play. ML can make up for the lack of security teams. AI can help discover devices and hidden patterns while processing large amounts of data. ML can help monitor incoming and outgoing traffic for any deviations in behavior in the IoT ecosystem. If a threat or anomaly is detected, alarms can be sent to security admins warning them about the suspicious traffic. AI and ML can be used to build lightweight endpoint detection technologies. This can be an indispensable solution, especially in situations where IoT devices lack the processing power and need behavior-based detection capabilities that aren't as resource intensive. AI and ML technologies are a double-edged sword.
Companies don’t become cyber smart by accident. In fact, cybersecurity is rarely top-of-mind for the average employee as they go about their day and pursue their professional responsibilities. Therefore, businesses are responsible for educating their workforce, training their teams to identify and defend against the latest threat patterns. For instance, phishing scams have increased significantly since the pandemic’s onset, and each malicious message threatens to undermine data integrity. Meanwhile, many employees can’t identify these threats, and they wouldn’t know how to respond if they did. Of course, education isn’t limited to phishing scams. One survey found that 61 percent of employees failed a basic quiz on cybersecurity fundamentals. With the average company spending only 5 percent of its IT budget on employee training, it’s clear that education is an untapped opportunity for many organizations to #BeCyberSmart. When coupled with intentional accountability measures that ensure training is implemented, companies can transform their unaware employees into incredible defensive assets.
“What we are doing is pivoting our portfolio or positioning our portfolio to become the multi-cloud platform for our customers in three ways,” Raghuram said. “One is enabling them to execute their application transformation on the cloud of their choice using our Tanzu portfolio. And Tanzu is getting increased momentum, especially in the public cloud to help them master the complexities of doing application modernization in the cloud. And of course, by putting our cloud infrastructure across all clouds, and we are the only one with the cloud infrastructure across all clouds and forming the strategic partnerships with all of the cloud vendors, we are helping them take their enterprise applications to the right cloud,” Raghuram said. Building useful modern enterprise applications is a core customer concern, experts say. “Most new apps are built-on containers for speed and scalability. The clear winner of the container wars was Kubernetes,” said Scott Miller, senior director of strategic partnerships for World Wide Technology (WWT), a technology and supply-chain service provider and a VMware partner.
Cost and feasibility are among the top challenges of creating consumer labels for software. Adding to these challenges is the fact that software is continually updated. Moreover, software comes in both open-source and proprietary formats and is created by a global ecosystem of firms that range from mom-and-pop shops all the way up to Silicon Valley software giants. "It's way too easy to create requirements that cannot be met in the real world," David Wheeler, director of open source supply chain security at the Linux Foundation and leader of the Core Infrastructure Initiative Best Practices Badge program, said at the workshop. "A lot of open-source projects allow people to use them at no cost. There's often no revenue stream. You have to spend a million dollars at an independent lab for an audit. [That] ignores the reality that for many projects, that's an impractical burden." ... Another critical aspect of creating software labels is to ensure that they don't reflect static points in time but are instead dynamic, taking into account the fluid nature of software.
Part of many managers’ discomfort with remote work is that they are unsure how to gauge their off-site employees’ performance and productivity. Some business leaders equate face time with productivity. I’ll never forget a visit I had to a Silicon Valley startup in which the manager showing me around described a colleague this way: “He’s such a great worker. He’s here every night until 10, and back in early every morning!” In my work helping businesses update their policies and cultures to accommodate caregivers, I often have to rid managers of this old notion. There’s nothing impressive, or even good, about being in the office so much. To help change the paradigm, I work with managers to find new ways of measuring an individual’s performance and productivity. Instead of focusing on hours worked per day, we look at an employee’s achievements across a broader time metric, such as a month or quarter. We ask, what did the employee do for the company during that time? It’s often then that businesses realize how little overlap there is between those who are seen working the most and those who have the greatest impact on the company.
In systems, feedback is a fundamental force behind their workings. When we fly a plane, we get feedback from our instruments and our co-pilot. When we develop software, we get feedback from our compiler, our tests, our peers, our monitoring, and our users. Dissent works because it’s a form of feedback, and clear, rapid feedback is essential for a well functioning system. As examined in “Accelerate”, a four-year study of thousands of technology organizations found that fostering a culture that openly shares information is a sure way to improve software delivery performance. It even predicts ability to meet non-technical goals. These cultures, known as “generative” in Ron Westrum’s model of organizational culture, are performance–and learning–oriented. They understand that information, especially if it’s difficult to receive, only helps to achieve their mission, and so, without fear of retaliation, associates speak up more frequently than in rule-oriented (“bureaucratic”) or power-oriented (“pathological”) cultures. Messengers are praised, not shot.
Quote for the day:
"A pat on the back is only a few vertebrae removed from a kick in the pants, but is miles ahead in results." -- W. Wilcox