Daily Tech Digest - March 11, 2023

4 Reasons to Outsource Large IT Projects During Economic Headwinds

Great professional services teams accumulate best practices over time and will bring complementary skill sets into the business they’re partnering with. Shared knowledge helps grow the skillset of your internal team, and enables them to contribute more meaningfully to the success of your business. Your employee satisfaction can even increase from personal and professional progress felt when learning new technology, frameworks, or languages throughout major IT projects developed in partnership with external experts. This aspect cannot be overlooked, given that 91% of employees report being frustrated with inadequate workplace technology and 71% consider looking for a new employer as a consequence. Expert teams have the depth of knowledge on a breadth of tools that help save tremendous time and many headaches by creating ​efficient, automated workflows. Ensure that your team gets the opportunity to work directly with your outsourced development team to facilitate knowledge sharing.

Migrating to the Cloud: Is It as Intimidating as It Appears?

Being Cloud Native is often considered crucial for business success in the current business landscape. However, the perception of becoming “Cloud Native” as a drastic change for a business might not necessarily be accurate. In this article, we will delve into the concept of Cloud Migration and its effects on the IT support infrastructure of your business. ... “Cloud Native Services” are those services and infrastructure specifically designed to run on cloud platforms, hosted and maintained by Cloud Providers. These services can include a variety of offerings, such as virtual machines (VMs), application servers, VPNs, load balancers, routers, databases, and disk storage. They can be divided into three main categories: compute services, network services, and storage services. ... Throughout the entire project, it is essential to continuously monitor and manage the cloud environment to ensure that it remains secure, cost-effective, and aligned with the business objectives. 

DevOps as a Graph for Real-Time Troubleshooting

A lot of data for observability is interrelated, but our current tools don’t allow us to view metrics, logs and distributed traces as connected sources of information. These data types are often collected in siloes, and correlation of the data is done manually. For example, to know if a spike in a metric on one service might have something to do with a spike on another service, we often search through the metric charts to find the correlation. You need a solution that connects operational data from the start. ... Digital Enterprise Journal’s recent State of IT Performance Report found that change is the largest source of production issues. 75% of all performance problems can eventually be traced back to changes in the environment. When simple configuration errors can cause a domino effect, there’s a broader lesson to be learned. If you’re not capturing code or configuration changes as part of your observability strategy, it’s time to close that gap.

New variant of the IceFire ransomware targets Linux enterprise systems

Known up to now to target only Windows systems, the IceFire malware detected by SentinelLabs uses an iFire extension, consistent with a February report from MalwareHunterTeam — a group of independent cybersecurity researchers analyzing and tracking threats — that IceFire is shifting focus to Linux enterprise systems. Contrary to past behavior targeting technology companies, the Linux variant of IceFire was observed attacking media and entertainment companies. The attackers’ tactics are consistent with those of the "big-game hunting" (BGH) ransomware families, which involve double extortion, attacks against large enterprises, the use of numerous persistence mechanisms, and evasion tactics such as deleting log files, according to the SentinelLabs report. Double extortion occurs when attackers steal data as well encrypting it, and usually ask for ransom that's double the usual payment.

We chat with ChatGPT itself about the future of AI

AI has already been quite transformative, particularly in the digital marketing industry. How do you think this is going to evolve? One area where AI is likely to have a significant impact is in personalized marketing. By analysing vast amounts of data on individual consumers, AI algorithms can help marketers tailor their messages and campaigns to specific demographics, interests, and behaviours. This can lead to more effective marketing strategies and higher engagement rates. Another area where AI is likely to make a big impact in digital marketing is in automation. By automating routine tasks such as social media posting and email marketing, AI can free up marketers to focus on more strategic activities, such as campaign planning and content creation. Additionally, AI can help improve the accuracy of targeting and reduce wasted ad spend by predicting which users are most likely to convert. Finally, AI-powered chatbots are likely to become increasingly prevalent in the digital marketing space.

What Does the National Cybersecurity Strategy Mean for Public and Private Stakeholders?

Making that shift a reality is going to mean creating incentives. “We must shift incentives so that when entities across the public and private sectors are faced with the trade-offs between easy but temporary fixes and durable, long-term solutions, they have the resources, capabilities, and incentives to consistently choose the latter,” an Office of the National Cyber Director (ONCD) spokesperson said in a statement to InformationWeek. Regulation will be a necessary element in incentivizing this fundamental shift in responsibility. “Our strategy reflects the reality that voluntary measures will not be enough to deliver the cybersecurity posture we need to enable our digital society,” according to the ONCD spokesperson. While new regulation certainly has a role to play, so do other forms of incentive. “Simply adding mandates and regulation could have detrimental economic impacts, promote a ‘bare minimum’ approach to compliance and pass costs downstream. 

Legal Industry Faces Double Jeopardy as a Favorite Cybercrime Target

It isn't just the sensitivity of the data that legal firms handle but also the scope and detail of data that can be dug up by attackers who successfully breach a single firm — especially if it's a large one. One attack can be a one-stop shop for monetizing the data and access stolen from not just one organization, but a whole portfolio of them. "Law firms connect with and support many clients at any given time. Compromising one law firm gives bad actors access to numerous client networks without having to directly reach each one of them," says Michael Tal, technical director for Votiro, a cloud file security firm that works extensively with the legal industry. "Files are the primary form of communication and weaponizing them gives bad actors a sure way to get the clients to open and infect the clients." ... The other attractive element for hackers is that law firms and legal services companies tend to be very soft targets.

IT leadership: How to lead with strategic clarity

Business leaders who have a complete understanding of where their people and activities are situated in their overall strategy have “strategic clarity.” These leaders are invaluable – they can fill their team’s day with meaningful work, burst through information silos, synergize teams across departments, and articulate every activity’s role in achieving their goals. By connecting every department, goal, person, and task to a shared vision, businesses can unlock their full potential. While establishing strategic clarity might sound complicated, with the right framework, it’s quite intuitive. Here’s how you can accomplish this using the strategic clarity map. The strategic clarity map is a simple but powerful diagram that helps IT leaders define their current and desired situations and determine how to move from current to future states. ... The present-to-future bar is split in the middle. What makes the difference between your present state and actualizing your goals is how you put this next part into action.

Responsible AI at Amazon Web Services: Q&A with Diya Wynn

AWS has a broad strategy. We have a commitment to transforming theory into actions. This means how we’re changing and influencing the way that we build our services and the work that I do with customers — engaging and helping them bring that practice to life, operationalize it inside their organizations. We invest in education and training to create a more diverse future workforce. There’s an AI/ML scholarship program that’s bringing in those that typically might have been underrepresented to help them study artificial intelligence and machine learning. We also focus on training and educating those who are part of the product and machine learning lifecycle because they need to understand and be aware of potential areas of risk and how we mitigate them. The last area from a company perspective is about how we invest in advancing the science around responsible AI. We’ve made huge investments and continue to work with institutions, we have scholarships or research grants that are being provided in the way of NSF that are helping to encourage research in the area of responsible AI.

What Are Cloud-Bound Applications?

Broadly, we can group the way an application binds with its surroundings into two categories. Compute bindings are all the necessary bindings, configurations, APIs, and conventions used to run an application on a compute platform such as Kubernetes, a container service, or even serverless functions (such as AWS Lambda). Mostly, these bindings are transparent to the internal architecture, and configured and used by operations teams rather than developers. The container abstraction is the most widespread “API” for application compute binding today. ... Integration bindings is a catch-all term for all other bindings to external dependencies that an application is relying upon. The cloud services also use these bindings to interact with the application, usually over well-defined HTTP “APIs,” or specialized messaging and storage access protocols, such as AWS S3, Apache Kafka, Redis APIs, etc. The integration bindings are not as transparent as the runtime bindings.

Quote for the day:

"Taking charge of your own learning is a part of taking charge of your life, which is the sine qua non in becoming an integrated person." -- Warren G. Bennis

No comments:

Post a Comment