Daily Tech Digest - May 11, 2024

Democratizing software testing in the age of GenAI

To encourage the “shift-left” movement—which advocates for testing early and often—many test tool vendors are exploring Copilot-like methods for script-based test automation. They anticipate that developers will use these tools to generate early test scripts with GenAI assistance. This trend highlights how AI-assisted technologies can optimize workflows by automating routine tasks and suggesting improvements, perfectly aligning with the proactive shift-left approach. However, should we narrowly define GenAI-driven test automation as merely an extension of tools like Copilot for creating Selenium-like scripts? Such a view greatly underestimates the transformative impact of AI in quality assurance (QA) testing. To truly leverage GenAI’s capabilities, we must expand our perspective beyond developer-centric models. While integrating testing earlier in the development process is beneficial, GenAI’s real strength lies in democratizing testing, fulfilling its core promise by enabling a broader range of participants, including manual testers, to effectively use no-code test automation tools.

Composability to Jamstack: Drilling Down on Frontend Terms

Composable is a term used by Netlify frequently, and some developers see it as a marketing term that basically means “an enterprise version of Jamstack,” said Rinaldi. That’s not true, he said. “It’s really much more focused on the backend,” he said. “In fact, … it’s not even concerned with what kind of application you’re building on the frontend. You could have a composable architecture that talks to a mobile application, you could have it talk to a web application.” Whereas Jamstack was very focused on how developers build a website, composability takes a broader view — though it is more of a practice for large organizations, he added. “I have all these different APIs, now I need to create this whole kind of backend for frontend pattern where I might have a layer on the frontend that’s just trying to weave together all my backend APIs,” he said. “Now we need to get the customer data from the customer API to get the customer ID to then pass it to the orders API to get the orders. You’re weaving together this complex stuff, often coming from different systems and different APIs. And it was hard to pull all that together.”

Companies Without a Chief AI Officer are Bound to F-AI-L

“While the CTO is responsible for overseeing an organisation’s overall technology strategy and infrastructure, the CAIO’s primary responsibility is to identify opportunities for AI deployment, develop an AI strategy aligned with business goals, and oversee the execution of AI initiatives,” said Sachin S Panicker, Chief AI Officer, Fulcrum Digital Inc. Simply put, the CAIO oversees the development and implementation of AI projects across the company. This could involve collaborating with data scientists, engineers, and other technical teams. They might also manage partnerships with external AI vendors. ... It also becomes important to have a chief informational security officer, once the AI strategy is in place, who can guarantee the safety of generative AI tools within the organisation. The challenges posed by generative AI have become a significant headache for SaaS security teams.According to a recent Salesforce study, more than half of GenAI adopters use unapproved tools at work. The research found that despite GenAI’s benefits, a lack of clearly defined policies around its use may put businesses at risk. Most likely, CISO roles are also changing with generative AI.

Singapore updates cybersecurity law to expand regulatory oversight

The updates are meant to keep pace with developments in technology and business practices and extend the CSA's regulatory oversight to other entities and systems beyond physical assets. The amendments will enable the regulator to better respond to evolving cybersecurity challenges and operate on a risk-based approach in regulating entities, Puthucheary said. For instance, when the Cybersecurity Act was first established in 2018, it sought to regulate physical CIIs (critical information infrastructures). The minister noted that new technology and business models have since emerged, particularly with the advent of cloud computing. ... The updated legislation allows the government to make it clear the CII owner is responsible for the cybersecurity of its virtualized infrastructure, not third parties involved in the supply of the underlying physical infrastructure, he said. The Cybersecurity Act lists 11 CII sectors, which include water, health care, maritime, infocommunications, banking and finance, and aviation. The Act outlines a regulatory framework that formalizes the duties of CII providers in securing systems under their responsibility, including before and after a cybersecurity incident has occurred.

How data and tech are transforming L&D in NBFCs

Data is reshaping the digital economy and its relevance in L&D cannot be overstated. By leveraging data analytics, NBFCs can gain valuable insights into existing employee skill gaps, learning preferences and performance metrics. ... From immersive virtual classrooms to mobile learning apps, technology has evolved and made the impossible to possible. By embracing innovative learning technologies, NBFCs can deliver personalised and on-demand training experiences that will empower employees to learn and grow as professionals. Furthermore, advent of artificial intelligence and machine learning have boosted the efficiency of L&D programmes by providing personalised recommendations, adaptive assessments, and real-time feedback. ... The success of Learning & Development (L&D) programmes now hinges critically on integrating cutting-edge technology to foster a culture of continuous learning and development. Leveraging data-driven insights and embracing advanced technologies, HR professionals can cultivate a growth mindset among employees, encouraging them to embrace new challenges and opportunities.

Best Practices for Surviving a Cyber Breach

When hit with a cyber breach, the first thing you do is look at the incident response plan. "If you're discussing when you're in the middle of a breach, 'Should we call the FBI or not? Should we do that?' That's a problem," Powers said. "That's something you should already have planned for and had discussions. … When you're thinking instant response, you're thinking the plan first." Pasteris added that it is vital to know what your assets are, as things fall through the cracks. Not only should you know what applications you use, but how you are protecting those applications. "A lot of organizations don't keep track of their assets," he said. "How are they protected, how they do defense in depth around those apps." ... A big question, according to Jay Martin, security practice lead at Blue Mantis, is if and when you should call the FBI after a cyber breach, as a lot of companies worry about getting on the FBI's radar. "Do we call the FBI, not call the FBI?" he asked. "And what are they going to do for us when we call them?" There are advantages to calling the FBI, said Joe Bonavolonta, managing partner at global risk and intelligence advisory firm Sentinel, who served more than 27 years with the FBI, including a stint as head of the FBI counterintelligence program. 

A Career in Cyber Security: Navigating the Path to a Digital Safekeeping Profession

Cyber security represents not just a robust field teeming with opportunities but also an increasingly pivotal aspect of global digital infrastructure. With the prevalence of digital threats, your expertise in this domain can lead to a rewarding and socially significant cyber security career. Employers across various sectors seek professionals who can protect their data and systems, offering a broad market for your skills. Your career in cyber security could take many forms, from positions like analysts and engineers to managerial and senior leadership roles. Understanding the array of roles you could undertake is crucial, and specialising in a particular area can not only sharpen your skills but also elevate your value in this dynamic industry. Whether you're just embarking on your professional journey or looking to upskill, a career in cyber security presents a sustainable pathway with myriad professional opportunities. Staying informed about the latest trends, requirements, and certifications, such as the Cybersecurity Maturity Model Certification (CMMC) 2.0, can enhance your employability and trust within the defence sector, for example. 

Cisco reimagines cybersecurity at RSAC 2024 with AI and kernel-level visibility

“There’s overconfidence in the ability to handle cyber-attacks, with 80% of companies feeling confident in their readiness, but only 3% are truly prepared. The downside effects of not being resilient are tragic. We must shift to creating a first generation of something completely new,” Jeetu Patel, executive vice president and general manager of Security and Collaboration for Cisco, told VentureBeat citing findings from the 2024 Cisco Cybersecurity Readiness Index. ... “There are three key technological shifts that are occurring, which are going to fundamentally change how we solve these problems. The first is AI, the second is kernel-level visibility, and the third is hardware acceleration,” Patel said. Patel says these three technological shifts form the foundation of Cisco’s new generation of cybersecurity hyper-distributed frameworks, starting with HyperShield. Patel and Gillis explained the technological shifts and their implications on why and how cybersecurity needs to be reimagined.

Managing Technical Debt: Strategies for Balancing Speed and Quality in Development Projects

When speed takes precedence over quality, the accumulation of technical debt becomes a significant challenge. Technical debt refers to the consequences of taking shortcuts or compromising code quality to meet deadlines or achieve quick results. It includes inefficient code, outdated libraries, inadequate documentation, and other technical shortcomings that accumulate over time. Just like financial debt, technical debt must be paid off eventually in the form of ongoing maintenance, bug fixing, and refactoring. Striking the right balance between speed and quality ensures the delivery of software that meets both immediate and long-term goals. It enables developers to build code that is efficient, scalable, and maintainable, while also allowing for timely delivery and competitive advantage. Finding this optimal balance requires a combination of effective project management, proper resource allocation, and adherence to coding best practices. By prioritizing quality without sacrificing speed, development teams can create a solid foundation that allows for ongoing enhancements and future flexibility.

Architecting Resilience: Multi-Cloud Strategies for Enhanced Business Continuity

A multi-cloud architecture involves using two or more cloud computing services from different providers, including any combination of Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS). The goal is to eliminate reliance on a single vendor, optimize services and capabilities, and improve contingency planning. ... Despite its strategic benefits, the transition to a multi-cloud strategy is not without challenges: Technical Complexity: Managing multiple platforms can be complex and requires new skill sets. Solution: Invest in skilled cloud architects who understand the intricacies of different cloud environments. Utilize comprehensive management tools that provide a unified view of all cloud resources, simplifying resource allocation and monitoring. Cultural Resistance: Changes in IT infrastructure can meet with internal resistance due to unfamiliarity with new systems. Solution: Engage all stakeholders early in the planning process, including IT teams and business units. Provide training and continuous support to ease the transition, demonstrating how multi-cloud strategies align with broader business objectives.

Quote for the day:

''One advantage of talking to yourself is that you know at least somebody's listening.'' -- Franklin P. Jones

No comments:

Post a Comment