Daily Tech Digest - December 23, 2021

Top 6 trends in data and analytics for 2022

A data fabric is an architecture that provides visibility of data and the ability to move, replicate and access data across hybrid storage and cloud resources. Through near real-time analytics, it puts data owners in control of where their data lives across clouds and storage so that data can reside in the right place at the right time. IT and storage managers will choose data fabric architectures to unlock data from storage and enable data-centric vs. storage-centric management. For example, instead of storing all medical images on the same NAS, storage pros can use analytics and user feedback to segment these files, such as by copying medical images for access by machine learning in a clinical study or moving critical data to immutable cloud storage to defend against ransomware. Many organizations today have a hybrid cloud environment in which the bulk of data is stored and backed up in private datacenters across multiple vendor systems. As unstructured (file) data has grown exponentially, the cloud is being used as a secondary or tertiary storage tier. It can be difficult to see across the silos to manage costs, ensure performance and manage risk. 

2022 technology trend review, part one: Open source, cloud, blockchain

Blockchain platforms are by and large open source too, but although data-related, theirs is a different story. Let's get that out of the way: was 2021 a breakout year for blockchain? No, not really. Will 2022 be a breakout year for blockchain? Probably not. But that's not the point. Blockchain's sudden rise to stardom in 2017 was rather abrupt and premature. The concepts and the technology are still under development, while mainstream adoption is still tentative. To speak in hype cycle terms, blockchain is going through the Trough of Disillusionment. But that does not mean it's without significance. To reiterate: the transformational potential is there, but there's still a long way to go, both on the technical and on the organizational and operational side of things. In 2020, blockchain-powered DeFi rose to prominence. In 2021, DeFi hit the reality wall. DeFi stands for Decentralized Finance. In short, DeFi's promise is to be able to cut out middlemen from all kinds of transactions. In 2020, DeFi saw lots of growth, some of it warranted, we noted last year.

Best of 2021 – 7 Popular Open Source CI/CD Tools

Argo CD is a CI/CD tool for Kubernetes development. It is an open source project which is currently in the incubation status at the Cloud Native Computing Foundation (CNCF). It uses Git repositories to store the state of Kubernetes applications, monitors applications and can resync clusters to the desired state, as represented in the git configuration. This innovative approach also allows you to store multiple desired states of a Kubernetes application, using branches, tags, or by pinning manifest versions using a Git commit. This provides a flexible environment for managing Kubernetes configurations during the development process. ... CircleCI is an open source CI/CD tool. It includes features for job orchestration, resource configuration, caching, debugging, security and dashboard reports. CircleCI integrates with a variety of tools, including GitHub, Heroku, Slack and Docker. CircleCI is available in three tiers, one of which is free. You can use it in the cloud or on-premises with Linux, Mac or Windows machines. 

Managing state with Elf, a new reactive framework

Elf is a reactive and immutable state management library built on top of RxJS. Elf provides us with a wide arrange of tools to manage our state. Because of this, there is some terminology we should know, like observables, observers, and subscriptions. Observables are objects that can emit data over a period of time. They function as wrappers around data sources or stream of values. Observers are consumers of the data observables store. They execute a piece of code if the data being observed is mutated or if an error occurs, and react to state changes. They also implement up to three methods: next, error, and complete. We will not look at these in detail because they are specific to RxJS and therefore beyond the scope of this article. Subscriptions are how we connect observers to observables. Observers subscribe to observables, watch for any changes in the data, and react to those changes. ... Elf entities are unique types of Elf stores. Entities act in the same manner as tables in a database, and we can store large collections of similar data in entities.

FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

The bug is the third zero-day under active attack that researchers have discovered in the cloud platform company’s ManageEngine suite since September, spurring dire warnings from the FBI and researchers alike. Though no one has yet conclusively identified the APT responsible, it’s likely the attacks are linked and those responsible are from China, previous evidence has shown. Earlier this month, researchers at Palo Alto Networks Unit 42 revealed that state-backed adversaries were using vulnerable versions of ManageEngine ServiceDesk Plus to target a number of U.S. organizations between late October and November. The attacks were related to a bug revealed in a Nov. 22 security advisory by Zoho alerting customers of active exploitation against newly registered CVE-2021-44077 found in Manage Engine ServiceDesk Plus. The vulnerability, which allows for unauthenticated remote code execution, impacts ServiceDesk Plus versions 11305 and below. 

Vulnerabilities to fraud are increasing across the board

In a phenomenon McKinsey referred to as The Quickening, e-commerce saw more than a decade’s worth of growth in the first quarter of 2020, as more consumers than ever before turned to digital solutions. According to media regulator Ofcom, UK adults spent an average of three hours and 47 minutes online every day during the pandemic, prompting an increase in the number of personal accounts for banking, financial services, e-commerce shopping and media streaming. As logins soared, so did the opportunities for fraud. While new account opening fraud remains the most popular form of automated attack across the customer journey, with one in 11 transactions in the Digital Identity Network estimated to be an attempt, overall this attack vector fell 10% YoY. A corresponding growth of 52% in login attacks and an 18% growth in payment attacks – testing stolen card credentials – reinforces the hypothesis that fraudsters are automating attacks to test the validity of stolen credentials on an industrial scale.

3 Meaningful KPIs to Focus Agile Development, DevOps, and IT Ops to Deliver Business Outcomes

Speed without guard rails and safety can lead to disastrous crashes – but stagnation and creating bureaucracy-driven change processes that slow the delivery of innovation, new capabilities, and improvements can lead to disruption. Whether you are agile, DevOps, or IT Ops-centric, we’re all trying to deliver positive business outcomes through transformation management. And change failure rates is the first indicative KPI of how well IT performs in delivering business outcomes. When change failure rates are high, IT has to slow down and fix things, while business stakeholders lose trust in IT. And that’s just the start of impacts because change failures can lead to outages, security issues, and other major incidents. A measurement is only as good as its ability to lead to action. Using an AIOps platform to improve root cause analysis by correlating incidents to the changes that caused them is a best practice for identifying systemic causes and helping reduce change failure rates.

The Future of Banking When a ‘New Normal’ Has Yet to be Defined

Everything that we thought was going to be the future in 2030, ended up just being how we get through the next 12 months. This means that we now need to reset our expectations about what innovation really looks like, because no one’s impressed with you having a mobile app anymore or having a digital channel, or having some level of automation, or accepting digital signatures. Let’s face it, if you hadn’t figured out how to do these things in the most recent period, you’re probably no longer in business. ... The ‘Great Resignation’ is actually accelerating automation. Since no one can find people to work, they’re doubling down on automation, artificial intelligence, and machine learning. When more people reenter the workforce, we need to start to define what a human’s good at and what a machine’s good at. Part of being an effective human leader or worker in the future will be the ability to constantly reinvent yourself. Likewise, the key component of someone you want to look for in the future, is the ability to destroy their own job

Transforming government software development and digital services

There are a plethora of country-specific laws and digital government initiatives that aim to rethink public sector IT. One example of the collaborative approach mentioned earlier is Germany’s Online Access Act which aims to bring together the country’s 16 federal states and 11,000 local governments under one digital banner. This means that all services offered at federal, state and local level are to be accessible online via their own portals, with these portals linked within a network. With a digital account, citizens can reach all federal, state and local services from this network in just three clicks. To enable this, uniform IT standards and interfaces are necessary across the board. Another interesting development is the public sector taking cues from Silicon Valley to become more efficient, moving from a bureaucratic culture to a generative one. One example of this is Kessel Run, which aims to revolutionise the software acquisition process for the United States Air Force (USAF). 

Combating Synthetic ID Fraud in 2022

Technologies such as machine learning are also being used by security vendors to fight against SIF. "SIF’s use of machine learning is largely what makes it effective at bypassing legacy fraud detection systems. Needless to say, banks can use the same technology to identify these attacks. However, despite having multiple vendors out there claiming to leverage machine learning techniques, financial institutions have so far failed to combat SIF," says People’s United Bank's Boyer. Boyer says financial institutions are not using these technologies in the right manner. "Financial institutions need to start using machine learning techniques correctly. Many businesses have a 'set it once and forget it' approach. There has to be some kind of human interaction to differentiate between fraud and legitimate transactions." And vendors must change their approach too, she says. "Vendors are checking personally identifiable information that has been used previously to verify its legitimacy. 

Quote for the day:

''Don't necessarily avoid sharp edges. Occasionally they are necessary to leadership." -- Donald Rumsfeld

No comments:

Post a Comment