Daily Tech Digest - December 08, 2022

NASA's next-gen robot will explore space and do your chores at home

The robot will be utilized in three sectors: commerce, space and personal home use -- in that specific order, from structured to unstructured environments. "Structured means you can control the environment," Cardenas says. "Unstructured means the environment is very dynamic – and there's no more dynamic environment than the home, right?" Before Apollo can become your newest family member, the robot has to be affordable, safe and agile enough to operate in such a dynamic environment. ... "One of NASA's goals is not just to develop technology for space exploration," said Azimi. "We also want these technologies to be available for use on Earth and that the outcome of the development projects that we undertake with our partners will be available to as many people as possible, to the maximum benefit of humanity in general." One major way Apollo will be able to help humanity is by supporting the commercial sector. Apollo will mitigate supply chain issues by doing the jobs that people don't necessarily want to do but are still vital to sustaining industry and the economy.

Five Actionable Success Tips for Security Professionals in 2023

Have a personal incident response plan - We all have CIRT/SIRT teams, major incident response plans and playbooks, but how many of us consider the real personal impact if we need to deploy these plans? Everyone has a home life, and they will differ greatly, but no one can run 24/7. Some of us have caring responsibilities, and we all get stressed. ... Turn the camera on/go into the office (if you have one) - This is about making connections and re-connecting in a post pandemic world. Lots of us may have lost our offices but it’s so important to try and keep the human connectivity within technical professions. ... Know your business - This is focused on understanding how the business you work for makes its money. Working in cybersecurity and GRC, we are keen to see risks mitigated and controls applied, but the biggest risk to a business is that it doesn’t survive, and we need to be clear that our job is to help the business grow by protecting what it cares about and being trusted advisors, not the people who say 

The Hidden Cost of Software Automation

Nothing is free. Even after we automate a process, it is not free. We shift the entire cost from manual work to the cost of creating and maintaining the automation. It is the maintenance cost of automation that a lot of time gets neglected. Assuming the automation code no needs to change and improve, there’s still a need to upgrade the tools or library from time to time. These are all future overhead that is not present when creating the automation. ... After a while, the people who created the automation were no longer on the team. Nobody feels it’s a problem, as it still works. The people who created it don’t even remember it as well, as it was created “centuries” ago. But like any software, nothing lasts. One day, something needs to change. This automated code is like a black box to the entire team. We cannot do incremental evolvement to it. The only option is to recreate everything from scratch without having a reference of what was done internally in the past. The bigger the automation, the costlier it is to rebuild one. The cost of lost context has no warning sign. It’s a time bomb that is not IF, but WHEN it will explode if we don’t attend to it.

The Future of Technology Depends on the Talent to Run it

First, we need an upskilled team, trained in the technical competencies that will allow us to create and upgrade our products or services. We also need a consistent team, AKA low turnover. Our team should benefit from the institutional knowledge that comes with longer staff tenure. This means that we need to keep our staff happy enough to stay onboard, but it also means that we need to be scaling our teams thoughtfully, not recklessly. We’ve seen how companies that grow too quickly can end up suffering from sudden layoffs. This impedes company success, both because of a shrunken staff and because workers on the job market will be less interested in working for companies that could let them go with little notice. And finally, to get to the point where we have a highly skilled team with low turnover, we need to streamline our hiring and onboarding processes.

Is Your Data Team Enabled To Deliver The Killer Punch?

Even Financially, it makes more sense to embed Data into the Product teams. Traditionally Data Teams are often treated as Cost Centres while Product teams are as Profit centers. When we nurture an aggressive ambition to leverage data as differentiators and identify possible new revenue opportunities, it’s ironic to continue Data as part of cost centers that are highly vulnerable to cost-cutting and first in line to get hit by Industry slowness. It’s akin to cutting the limb and taking up a driving job !! This dilemma about “Centralized or Federated” Data teams doesn’t have a cookie-cutter response; it’s a function of organizational maturity. A centralized model is a foundational step; this will help to identify, establish and refine the scope, process, guidelines, and, more essentially, harvesting niche data talents. When the journey commences here, it shouldn’t end but evolve. The Federated model is the next, the Product teams have an embedded data component similar to the Agile team having a functional tester. Certain non-negotiables, such as Data Privacy ( e.g., GDPR) security, Data Governance, and Cross product features, will require a representative(s) from product teams to come together to establish and implement enterprise guidelines.

3 Essential Tips for Adopting DevSecOps

Build generation is the best time to include a scan that checks to see if new vulnerabilities have been added. This scan should check the entire application, not just the new code. Adding this check to the pipeline will force developers to update and patch vulnerabilities in order for the pipeline to run. ... A good observability setup is not just for monitoring application health. It can also be helpful for identifying security issues. For example, a spike in an endpoint can be an attack. Therefore, you want to create intelligent alerts that combine information about access sources, failed access attempts, operating systems and databases. Along with these alerts, you can add some predefined actions to prevent an attack from taking down your application. For example, try to figure out your app’s average usage and block or redirect access if you get an unexpected spike. But make sure that you’re on the same page with marketing and other departments so that you can properly prepare and change your limits when a spike is detected or predicted.

Complexity is the enemy of cloud security

Most IT shops don’t consider complexity a significant metric to track when researching cybersecurity or cloud security. It’s often neglected because most security is a siloed set of processes. The architecture teams look at security as a black box where stuff is tossed over a wall and somehow magically becomes secure. We’ve needed to integrate security with development, architecture, and operations for a long time. Some organizations practice devsecops (development, security, and operations) and integrate these concepts, bringing everyone’s expertise to bear on all problems. In an ideal world, security is never somebody else’s problem because the lines of demarcation between development, architecture, security, and operations do not exist. Everyone works together across all development, design, and deployment aspects. Security is systemic to everything, which is the correct way to view it. When security is everywhere, it also becomes a factor when defining core cloud and non-cloud architectures, including the amount of complexity introduced and how to effectively manage it.

How Can Emerging Technology Actually Drive Value for Companies?

There is a connection between advancing data management analytics practices and the ability to derive value from emerging technologies. The most successful companies understand how to turn emerging technology into action. The framework for making emerging technology actionable begins with the question: Is the technology ready for your company? “Can it do what your business needs it to do?” Hopkins asked. Next, leaders need to consider if their companies are ready for the technology. “We really think about three maturity windows in which the emerging technologies will deliver return on investment,” Hopkins said. Already, some of these technologies are being widely used in companies today. “There's cloud data computing and natural language processing. Those things are delivering benefits for mainstream average firms today,” Hopkins pointed out. Others on the list, like explainable AI, edge intelligence and intelligent agents, are two to four years out for most firms, according to Hopkins. TuringBots, Web3, and extended reality could be five or more years out.

IT leaders adjust budget priorities as economic outlook shifts

These days, IT leaders are keeping a closer eye than usual on pricing, and in some cases are buying out their long-term cloud contracts to give themselves more flexibility. “Executive leadership doesn’t want to hear we’re locked in and can’t move,” US Silica’s Piddington says. Vendors “want to true you up but never want to true you down,” he adds, and shorter-term contracts can help incent them to do so. ... Although the supply-chain shortage and other factors have caused prices to increase for two or three years now, IDC’s Minton says IT buyers have had enough. “There’s pushback now,” he says, and when there was once more tolerance for the reasons behind vendor price increases, IT leaders are now saying they just can’t keep pace and must keep budgets within a narrow range. Piddington agrees, saying that the situation is forcing IT executives to “be smarter” and understand where the opportunities are within each vendor relationship to “pull the right levers.” Having strong relationships with vendors, and not just engaging in transactional deals, can “give you more potential” to create the flexibility to work with them on pricing.

Australia to develop new cyber security strategy

It would be unreasonable to expect to see detailed policy proposals, given that the minister was announcing work to develop a strategy, not the strategy itself. But her stated goal is to make Australia “the world’s most cyber-secure country by 2030”. O’Neil listed four ways that the government plans to make that happen: bringing the nation into the fight to protect citizens and the economy; strengthening international engagements so that Australia can be a global cyber leader; strengthening critical infrastructure and government networks; and building sovereign cyber security capabilities. During questions after the address, O’Neil said: “We’re not spending enough on cyber defence at the moment. One of my challenges is how we are going to address that problem.” She noted that securing government infrastructure will be expensive. The minister appeared to be calling for bipartisan support for the development and implementation of the strategy when she said: “Many in the opposition are good, thoughtful people who know that the approach we are taking – strong, serious, depoliticised – is how we make our country safer.”

Quote for the day:

"Leadership is a way of thinking, a way of acting and, most importantly, a way of communicating." -- Simon Sinek

No comments:

Post a Comment