Daily Tech Digest - January 28, 2023

6 tips for making the most of a tight IT budget

Having a clear vison of where you are and where you are going helps to put everything into perspective. As Madhumita Mazumder, GM-ICT at Australian tourism company Journey Beyond says, “If we have a proper strategic plan for the IT department that is aligned with the organization’s vision, we can achieve things within the budget and deal with half the problems that could arise six months or a year down the line.” Giving an example of this approach, Mazumdar says, “We have got absolute clarity on pursuing a cloud-first strategy. The vision of having 100% cloud infrastructure enabled us to significantly reduce our third-party data center costs as we migrated it into our cloud environment.” Similarly, Mazumdar is clear on the outsourcing versus insourcing debate. “I am a big fan of insourcing and support developing a team to take things in-house. For instance, having an in-house team ensures 100% patching of all my network devices on time. Patching happens at odd hours when the business isn’t operating. 


The developer role is changing radically, and these figures show how

"Today, developers are no longer just people building software for technology companies. They're an increasingly diverse and global group of people working across industries, tinkering with code, design, and docs in their free time, contributing to open source projects, conducting scientific research, and more," writes Dohmke. Also, the world's developers are no longer so highly concentrated in the US. GitHub has about 17 million users in the US, which is still its largest user base, but the service predicts India -- whose GitHub developer population stands at 10 million today -- will surpass the US by 2025. "They're people working around the world to build software for hospitals, filmmaking, NASA, and the PyTorch project, which powers AI and machine learning applications. They're also people who want to help a loved one communicate and family members overcome illnesses," Dohmke notes. On top of this, Microsoft's multi-billion dollar investment in OpenAI is helping to attract new developers via services such as its paired programming coding assistant GitHub Copilot, which uses OpenAI's Codex to suggest coding solutions. 


Attackers move away from Office macros to LNK files for malware delivery

LNK abuse has been growing since last year, according to researchers from Cisco Talos, who have seen several attacker groups pivoting to it. One of those groups is behind the long-running Qakbot (also known as Qbot or Pinkslipbot) malware family. "​​Qakbot is known to evolve and adapt their operation according to the current popular delivery methods and defense techniques," the researchers said in a new report. "As recently as May 2022, their preferred method of distribution was to hijack email threads gathered from compromised machines, and insert attachments containing Office XLSB documents embedded with malicious macros. However, after Microsoft announced changes to how macros were executed by default on internet downloaded content, Talos found Qakbot increasingly moving away from the XLSB files in favor of ISO files containing a LNK file, which would download and execute the payload." However, LNK files have a lot of sections and contain a lot of metadata about the machines that generated them, leaving unique traces that can be associated with certain attack campaigns or attacker groups.


What developers should do during a downturn

Particularly if you have worked only at one company for a long while, it may be time to “upskill” yourself. There are more ways than ever to do this. While there are a lot of expensive so-called boot camps, these are lean times, and frankly, some of them are predatory. Consider self-study using MOOCs like Coursera, Udemy, Saylor, and EdX. These have university-style courses that are free or low-cost. If you are early in your career, you can now get a certification or even a bachelor’s degree in computer science entirely online. Both the University of London and BITS Pilani offer bachelor’s programs on Coursera. (A number of other schools offer master’s programs.) However, MOOCs are not the only game in town. Your local university is also getting in on the game and may offer completely online courses. Having done this recently, my advice is not to bother with a formal degree if you are already a seasoned professional, unless you are switching fields. Universities have a lot of “money” courses they make you take in which you fulfill “requirements” but in which you learn nothing of any value whatsoever. 


How Smarter Data Management Can Relieve Tech Supply Chain Woes

As data volumes have exploded in the last few years – primarily from growing unstructured data volumes such as user files, video, sensor data and images – it is no longer viable to have a one-size-fits-all data management strategy. Data needs will always change unpredictably over time. Organizations need a way to continually monitor data usage and move data sets to where they need to be at the right time. This is not just a metrics discussion but requires regular communication and collaboration with departments. What are the new requirements for compliance, security and auditing? What about analytics needs in the coming quarter and year? This information helps all IT departments optimize decisions for ongoing data management while still keeping costs and capacity in mind. For instance, by knowing that the R&D team always wants their data available for retesting for up to three months after a project, IT can keep it on the NAS for 90 days and then move it to a cloud data lake for long-term storage and potential cloud machine learning or artificial intelligence analysis. 


Best practices for migrating unstructured data

The quality of your data will have a direct impact on how successful your migration is. To assess data quality, you should first examine the data’s structure. You’ll need to ensure that all data is properly organized, labeled and formatted. You should also examine any external factors that affect data quality, such as errors in source files or duplicate entries. Once you have evaluated the data’s structure, you should look for any possible inconsistencies. Check for incorrect spelling, typos and any other errors that could affect the accuracy of your migration. You should also ensure that all data is up-to-date and accurate. It is critical to ensure that your unstructured data complies with applicable laws, regulations and industry standards such as HIPAA, GDPR, GxP, PCI-DSS and SOX. To maintain compliance at all stages, you’ll need to ensure that the data migration process meets all relevant requirements for the laws that apply to your business. To begin, make sure you have the right security measures to protect data in transit and storage. This might include encryption at rest and in transit as well as other technical safeguards.


5 technical skills aspiring IT architects need to learn

Much like code, IT architecture design is also prone to technical debt. Technical debt includes the cost of additional work required later as a consequence of choosing easy solutions instead of better approaches. The primary objective of creating technical debt is to prioritize delivery over proper design principles. In general, technical debt is bad and should be avoided. However, an experienced architect knows when to use technical debt to speed up delivery, reduce the time to market, and achieve better results. A part of an architect's role is to draw a roadmap for technical debts and then document, track, and address them promptly. Overly architected systems may exhibit unintended consequences like performance impacts and suboptimal user experience due to network latency and other factors. Synonymous with how database developers compromise on normalization rules and introduce data redundancy to improve query performance, architects sometimes need to compromise on architecture and design principles to specific objectives related to things like: Time to market; System performance; Customer experience.


ChatGPT is 'not particularly innovative,' and 'nothing revolutionary'

"OpenAI is not particularly an advance compared to the other labs, at all," said LeCun. "It's not only just Google and Meta, but there are half a dozen startups that basically have very similar technology to it," added LeCun. "I don't want to say it's not rocket science, but it's really shared, there's no secret behind it, if you will." LeCun noted the many ways in which ChatGPT, and the program upon which it builds, OpenAI's GPT-3, is composed of multiple pieces of technology developed over many years by many parties. "You have to realize, ChatGPT uses Transformer architectures that are pre-trained in this self-supervised manner," observed LeCun. "Self-supervised-learning is something I've been advocating for a long time, even before OpenAI existed," he said. "Transformers is a Google invention," noted LeCun, referring to the language neural net unveiled by Google in 2017, which has become the basis for a vast array of language programs, including GPT-3. The work on such language programs goes back decades, said LeCun.


Delegation: The biggest test for transformational CIOs

CIOs can take steps to minimize the risks of delegated decisions resulting in bad decisions by ensuring that the people to whom the IT organization delegates have the right skills and expertise, as well as an understanding of overall business goals and the architectural frameworks into which their decisions must fit. Perhaps the biggest concern is around cyber security, says Atkinson. “When you distribute decision making for the launch of technology environments, you risk having under-managed environments for cyber security purposes,” he says. CIOs can address this by establishing standards and encouraging more collaborative decision making. Royal Caribbean’s Poulter sees teamwork as an essential component of risk reduction. The security team is just one participant in a decision-making team that should include application, architecture, infrastructure, and other experts, she says. Giving teams the autonomy to come together to make cross-domain decisions is hugely important.


3 Data Management Rules to Live By

As companies continue to build out dedicated data teams and full-fledged data-centric organizations, look for a higher level of specialization to make its way to the management of the data stack. Here are just a few of the roles I expect to play a major part in managing the data stack in the future. The data product manager is responsible for managing the life cycle of a given data product and is often responsible for managing cross-functional stakeholders, product road maps, and other strategic tasks. The analytics engineer, a term made popular by dbt Labs, sits between a data engineer and analysts and is responsible for transforming and modeling the data such that stakeholders are empowered to trust and use that data. Analytics engineers are simultaneously specialists and generalists, often owning several tools in the stack and juggling many technical and less technical tasks. The data reliability engineer is dedicated to building more resilient data stacks, primarily via data observability, testing, and other common approaches. Data reliability engineers often possess DevOps skills and experience that can be directly applied to their new roles.



Quote for the day:

"Leadership, on the other hand, is about creating change you believe in." -- Seth Godin

No comments:

Post a Comment