Democratizing software testing in the age of GenAI
To encourage the “shift-left” movement—which advocates for testing early and
often—many test tool vendors are exploring Copilot-like methods for script-based
test automation. They anticipate that developers will use these tools to
generate early test scripts with GenAI assistance. This trend highlights how
AI-assisted technologies can optimize workflows by automating routine tasks and
suggesting improvements, perfectly aligning with the proactive shift-left
approach. However, should we narrowly define GenAI-driven test automation as
merely an extension of tools like Copilot for creating Selenium-like scripts?
Such a view greatly underestimates the transformative impact of AI in quality
assurance (QA) testing. To truly leverage GenAI’s capabilities, we must expand
our perspective beyond developer-centric models. While integrating testing
earlier in the development process is beneficial, GenAI’s real strength lies in
democratizing testing, fulfilling its core promise by enabling a broader range
of participants, including manual testers, to effectively use no-code test
automation tools.
Composability to Jamstack: Drilling Down on Frontend Terms
Composable is a term used by Netlify frequently, and some developers see it as a
marketing term that basically means “an enterprise version of Jamstack,” said
Rinaldi. That’s not true, he said. “It’s really much more focused on the
backend,” he said. “In fact, … it’s not even concerned with what kind of
application you’re building on the frontend. You could have a composable
architecture that talks to a mobile application, you could have it talk to a web
application.” Whereas Jamstack was very focused on how developers build a
website, composability takes a broader view — though it is more of a practice
for large organizations, he added. “I have all these different APIs, now I need
to create this whole kind of backend for frontend pattern where I might have a
layer on the frontend that’s just trying to weave together all my backend APIs,”
he said. “Now we need to get the customer data from the customer API to get the
customer ID to then pass it to the orders API to get the orders. You’re weaving
together this complex stuff, often coming from different systems and different
APIs. And it was hard to pull all that together.”
Companies Without a Chief AI Officer are Bound to F-AI-L
“While the CTO is responsible for overseeing an organisation’s overall
technology strategy and infrastructure, the CAIO’s primary responsibility is to
identify opportunities for AI deployment, develop an AI strategy aligned with
business goals, and oversee the execution of AI initiatives,” said Sachin S
Panicker, Chief AI Officer, Fulcrum Digital Inc. Simply put, the CAIO oversees
the development and implementation of AI projects across the company. This could
involve collaborating with data scientists, engineers, and other technical
teams. They might also manage partnerships with external AI vendors. ... It also
becomes important to have a chief informational security officer, once the AI
strategy is in place, who can guarantee the safety of generative AI tools within
the organisation. The challenges posed by generative AI have become a
significant headache for SaaS security teams.According to a recent Salesforce
study, more than half of GenAI adopters use unapproved tools at work. The
research found that despite GenAI’s benefits, a lack of clearly defined policies
around its use may put businesses at risk. Most likely, CISO roles are also
changing with generative AI.
Singapore updates cybersecurity law to expand regulatory oversight
The updates are meant to keep pace with developments in technology and business
practices and extend the CSA's regulatory oversight to other entities and
systems beyond physical assets. The amendments will enable the regulator to
better respond to evolving cybersecurity challenges and operate on a risk-based
approach in regulating entities, Puthucheary said. For instance, when the
Cybersecurity Act was first established in 2018, it sought to regulate physical
CIIs (critical information infrastructures). The minister noted that new
technology and business models have since emerged, particularly with the advent
of cloud computing. ... The updated legislation allows the government to make it
clear the CII owner is responsible for the cybersecurity of its virtualized
infrastructure, not third parties involved in the supply of the underlying
physical infrastructure, he said. The Cybersecurity Act lists 11 CII sectors,
which include water, health care, maritime, infocommunications, banking and
finance, and aviation. The Act outlines a regulatory framework that formalizes
the duties of CII providers in securing systems under their responsibility,
including before and after a cybersecurity incident has occurred.
How data and tech are transforming L&D in NBFCs
Data is reshaping the digital economy and its relevance in L&D cannot be
overstated. By leveraging data analytics, NBFCs can gain valuable insights
into existing employee skill gaps, learning preferences and performance
metrics. ... From immersive virtual classrooms to mobile learning apps,
technology has evolved and made the impossible to possible. By embracing
innovative learning technologies, NBFCs can deliver personalised and on-demand
training experiences that will empower employees to learn and grow as
professionals. Furthermore, advent of artificial intelligence and machine
learning have boosted the efficiency of L&D programmes by providing
personalised recommendations, adaptive assessments, and real-time feedback.
... The success of Learning & Development (L&D) programmes now hinges
critically on integrating cutting-edge technology to foster a culture of
continuous learning and development. Leveraging data-driven insights and
embracing advanced technologies, HR professionals can cultivate a growth
mindset among employees, encouraging them to embrace new challenges and
opportunities.
Best Practices for Surviving a Cyber Breach
When hit with a cyber breach, the first thing you do is look at the incident
response plan. "If you're discussing when you're in the middle of a breach,
'Should we call the FBI or not? Should we do that?' That's a problem," Powers
said. "That's something you should already have planned for and had
discussions. … When you're thinking instant response, you're thinking the plan
first." Pasteris added that it is vital to know what your assets are, as
things fall through the cracks. Not only should you know what applications you
use, but how you are protecting those applications. "A lot of organizations
don't keep track of their assets," he said. "How are they protected, how they
do defense in depth around those apps." ... A big question, according to Jay
Martin, security practice lead at Blue Mantis, is if and when you should call
the FBI after a cyber breach, as a lot of companies worry about getting on the
FBI's radar. "Do we call the FBI, not call the FBI?" he asked. "And what are
they going to do for us when we call them?" There are advantages to calling
the FBI, said Joe Bonavolonta, managing partner at global risk and
intelligence advisory firm Sentinel, who served more than 27 years with the
FBI, including a stint as head of the FBI counterintelligence
program.
A Career in Cyber Security: Navigating the Path to a Digital Safekeeping Profession
Cyber security represents not just a robust field teeming with opportunities
but also an increasingly pivotal aspect of global digital infrastructure. With
the prevalence of digital threats, your expertise in this domain can lead to a
rewarding and socially significant cyber security career. Employers across
various sectors seek professionals who can protect their data and systems,
offering a broad market for your skills. Your career in cyber security could
take many forms, from positions like analysts and engineers to managerial and
senior leadership roles. Understanding the array of roles you could undertake
is crucial, and specialising in a particular area can not only sharpen your
skills but also elevate your value in this dynamic industry. Whether you're
just embarking on your professional journey or looking to upskill, a career in
cyber security presents a sustainable pathway with myriad professional
opportunities. Staying informed about the latest trends, requirements, and
certifications, such as the Cybersecurity Maturity Model Certification (CMMC)
2.0, can enhance your employability and trust within the defence sector, for
example.
Cisco reimagines cybersecurity at RSAC 2024 with AI and kernel-level visibility
“There’s overconfidence in the ability to handle cyber-attacks, with 80% of
companies feeling confident in their readiness, but only 3% are truly
prepared. The downside effects of not being resilient are tragic. We must
shift to creating a first generation of something completely new,” Jeetu
Patel, executive vice president and general manager of Security and
Collaboration for Cisco, told VentureBeat citing findings from the 2024 Cisco
Cybersecurity Readiness Index. ... “There are three key technological shifts
that are occurring, which are going to fundamentally change how we solve these
problems. The first is AI, the second is kernel-level visibility, and the
third is hardware acceleration,” Patel said. Patel says these three
technological shifts form the foundation of Cisco’s new generation of
cybersecurity hyper-distributed frameworks, starting with HyperShield. Patel
and Gillis explained the technological shifts and their implications on why
and how cybersecurity needs to be reimagined.
Managing Technical Debt: Strategies for Balancing Speed and Quality in Development Projects
When speed takes precedence over quality, the accumulation of technical debt
becomes a significant challenge. Technical debt refers to the consequences of
taking shortcuts or compromising code quality to meet deadlines or achieve
quick results. It includes inefficient code, outdated libraries, inadequate
documentation, and other technical shortcomings that accumulate over time.
Just like financial debt, technical debt must be paid off eventually in the
form of ongoing maintenance, bug fixing, and refactoring. Striking the right
balance between speed and quality ensures the delivery of software that meets
both immediate and long-term goals. It enables developers to build code that
is efficient, scalable, and maintainable, while also allowing for timely
delivery and competitive advantage. Finding this optimal balance requires a
combination of effective project management, proper resource allocation, and
adherence to coding best practices. By prioritizing quality without
sacrificing speed, development teams can create a solid foundation that allows
for ongoing enhancements and future flexibility.
Architecting Resilience: Multi-Cloud Strategies for Enhanced Business Continuity
A multi-cloud architecture involves using two or more cloud computing services
from different providers, including any combination of Infrastructure as a
Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS).
The goal is to eliminate reliance on a single vendor, optimize services and
capabilities, and improve contingency planning. ... Despite its strategic
benefits, the transition to a multi-cloud strategy is not without challenges:
Technical Complexity: Managing multiple platforms can be complex and requires
new skill sets. Solution: Invest in skilled cloud architects who understand
the intricacies of different cloud environments. Utilize comprehensive
management tools that provide a unified view of all cloud resources,
simplifying resource allocation and monitoring. Cultural Resistance: Changes
in IT infrastructure can meet with internal resistance due to unfamiliarity
with new systems. Solution: Engage all stakeholders early in the planning
process, including IT teams and business units. Provide training and
continuous support to ease the transition, demonstrating how multi-cloud
strategies align with broader business objectives.
Quote for the day:
''One advantage of talking to yourself
is that you know at least somebody's listening.'' --
Franklin P. Jones
No comments:
Post a Comment