Showing posts with label IaC. Show all posts
Showing posts with label IaC. Show all posts

Daily Tech Digest - July 09, 2026


Quote for the day:

"The ability to stay calm and polite, even when people upset you, is a superpower." -- Vala Afshar

🎧 Listen to this digest on YouTube Music

▶ Play Audio Digest

Duration: 25 mins • Perfect for listening on the go.


What’s new in cloud security

The cloud security landscape in 2026 demands a shift in how organizations protect their data, driven by three distinct developments. First, companies must adopt a zero-trust model. Instead of relying on traditional network perimeters like firewalls, zero-trust treats every access request as a potential threat. It focuses on constant identity verification, ensuring that users only access what they strictly need. Second, the steady advancement of quantum computing poses a real risk to current encryption methods. Attackers are already stealing encrypted data today with the specific intent to decode it when quantum technology matures. To counter this, organizations handling sensitive information need to begin migrating to quantum-safe encryption standards now. Finally, artificial intelligence acts as a complex double-edged sword. While AI tools enable faster threat detection and reduce false alarms, they also empower attackers to execute more sophisticated campaigns, such as generating synthetic media or secretly manipulating data. A new and growing challenge is managing the security identities of autonomous AI agents operating within company networks. Ultimately, securing modern cloud environments requires acknowledging these interconnected challenges early and adapting defensive architectures before current security methods become completely obsolete.


Pressure grows for AI regulation focused on children’s safety

More than a hundred organizations worldwide have formed a coalition to urge governments to regulate artificial intelligence with a clear focus on the safety of children. Coordinated by the 5Rights Foundation, the group is asking lawmakers to establish testing, accountability, and specific child rights protections before new technology reaches the public. Currently, children are largely ignored in the development of national artificial intelligence strategies despite being highly active users. The coalition warns that current regulatory approaches wait until harm has already occurred instead of fixing the core commercial incentives that lead to unsafe platforms. To avoid repeating the regulatory mistakes made during the rise of social media, the coalition outlines ten actionable recommendations. The primary demand is a strict precertification requirement, ensuring companies prove their tools respect the rights of children and are genuinely safe prior to deployment. Other recommendations include banning manipulative design practices, limiting digital surveillance, and holding technology companies accountable for transparency and compliance. Ultimately, the coalition asserts that ensuring the safety of children must be a mandatory condition for doing business rather than an afterthought, requiring governments to enforce meaningful consequences for negligence.


State IDs for AI Agents: Will Estonia Set a Precedent?

Estonia is preparing to assign official government ID numbers to artificial intelligence agents. This policy, approved by an advisory council in June, is part of a broader initiative aimed at integrating AI into the national economy and government systems. The core idea is to allow businesses and individuals to use AI assistants for administrative tasks, such as filing reports or handling communications. Currently, these systems lack the legal standing to authenticate actions or take responsibility, which limits their practical use. By registering AI agents as semi-independent entities with specific permissions, Estonia hopes to make them active participants in government systems. However, the plan faces significant practical and security challenges. Because AI agents can be created, duplicated, and modified in seconds, a simple registration process is insufficient. Security experts note that without continuous monitoring, auditing, and mechanisms for revocation, the system could easily be overwhelmed by unmanaged non-human identities. There are also unresolved legal questions regarding who is held accountable if an AI agent violates the rules. To make the system secure, experts suggest pairing these ID numbers with strict controls, such as short-lived credentials and clear limits on an agent's authority.


Lateral movement risk rises as enterprises emphasize convenience over containment

According to a recent report by Zero Networks, enterprise security teams are unintentionally making it easier for cyber attackers to move laterally across their networks. While organizations often build strong outer defenses, their internal networks remain largely accessible due to an ongoing prioritization of operational convenience over strict containment. The study analyzed real-world data and found that more than 80 percent of internal servers can be reached from anywhere inside the network. Furthermore, most servers accept connections from standard administrative tools like Remote Desktop Protocol and Secure Shell. Because these pathways are intentionally left open to help administrators do their jobs efficiently, attackers who breach the outer perimeter can simply rely on the same internal tools instead of needing advanced exploits. The continued use of aging authentication methods also provides easy opportunities for attackers to escalate their access. Security experts note that fixing this issue is not simple, as many enterprise environments were built over decades to be highly interconnected. To reduce this risk effectively, organizations must shift away from merely trying to detect intruders and focus on containing threats by strictly limiting user access and isolating network areas.


Infrastructure-as-Code reaches its limits, enter Infrastructure-as-Prompt

The article outlines the transition from Infrastructure-as-Code to a new approach called Infrastructure-as-Prompt, as introduced by the cloud management company Emma. As digital environments grow more complex, traditional coding methods for managing cloud resources are reaching their practical limits. To solve this, Infrastructure-as-Prompt allows engineers to build and maintain their digital systems using everyday language instead of complex scripting. Behind the scenes, Emma’s platform relies on a coordinated system of more than 180 artificial intelligence agents. When a user submits a natural language request, these agents divide the work, handling specific tasks like security, networking, and monitoring. They verify instructions across multiple layers to ensure accuracy, and if a request is unclear, they ask the user for clarification before proceeding. This approach builds on the same foundation as traditional methods but reduces the difficulty. It allows workloads to be directed across more than fifteen different cloud and on-premises providers based on performance and cost. Emma also uses its own private network backbone to eliminate extra data transfer fees. Ultimately, the founder believes that using natural language offers a faster, more intuitive way to manage modern digital infrastructure without the bottlenecks of manual coding.


Developer’s Checklist: How to Build an FHE Application

Fully homomorphic encryption allows organizations to process data without decrypting it, keeping sensitive information completely secure. Building applications with this method involves navigating unique technical limits, but developers can succeed by following a measured, step-by-step approach. The process begins by designing a strict client and server relationship where decryption keys remain exclusively with the client. Next, you should build a standard unencrypted version of the application to serve as a reliable baseline for testing. Because encrypted computing cannot use traditional conditional logic, developers must replace standard branches with straightforward mathematical alternatives. It is equally important to manage the noise limit by minimizing long chains of multiplication steps, since excessive multiplication makes the encrypted data unreadable. Furthermore, complex functions like division must be replaced with estimates, carefully balancing accuracy against processing cost. Developers must convert all variables to whole numbers, clearly define their encryption parameters, and group data to utilize parallel processing. After selecting an established open-source library, you can implement the encrypted version and compare it against your original baseline. Finally, evaluate the program's memory usage and runtime, refining the design to improve practical performance before the final release.


How Behavioral Analytics and AI Are Redefining Cybersecurity for Boca Raton Businesses

The article details a significant shift in cybersecurity strategies for businesses in Boca Raton, Florida, moving away from outdated, rule-based defenses toward AI and behavioral analytics. Traditional systems relied on identifying known malicious signatures, a method increasingly ineffective against modern, sophisticated threats like AI-generated phishing and lateral movement ransomware. These new threats are designed specifically to bypass signature matching. In response, forward-thinking companies in the financial, healthcare, and professional services sectors are adopting behavioral analytics. This approach establishes a baseline of normal activity for each user and system. Machine learning models then monitor this data continuously, flagging any deviations from the baseline—such as unusual login times or unexpected data access—as potential threats. This allows for earlier and more accurate detection of malicious activity, even when using compromised legitimate credentials. Crucially, the article emphasizes that AI does not replace human experts. While machine learning handles the immense volume and speed of data analysis, human analysts provide the essential context, judgment, and industry-specific knowledge required to evaluate alerts and execute appropriate responses. Firms like Mindcore Technologies combine these advanced analytical tools with expert oversight to deliver robust, compliant cybersecurity solutions tailored to the specific needs of Boca Raton businesses.


Data Stewardship Tools and Techniques to Support Business Trust

Data stewardship focuses on managing the data of an organization so that it remains accurate, secure, and easy to find, which is essential for building confidence across a business. When employees trust the information they use, they make better decisions. Achieving this requires a mix of practical tools and organized methods. Common tools include data catalogs, which act like a library index to help people locate specific information, and data quality software, which automatically scans for and fixes errors. Master data management systems are also used to maintain a single, reliable version of important information, preventing confusion when different departments update their records. Alongside these systems, successful stewardship relies on clear techniques. This means creating straightforward rules for how information should be handled and assigning specific people, known as data stewards, to oversee these processes. It also involves keeping a shared glossary so everyone in the company understands what specific terms mean. Ultimately, these practices are not just about enforcing technical rules. They are about creating a reliable environment where teams can comfortably and safely rely on their data to guide their daily work without questioning its accuracy or origin.


The billion-dollar opportunity in India’s circular economy

India’s approach to waste management is shifting from basic environmental compliance to a practical focus on resource recovery. As the country expands clean energy and domestic manufacturing, handling waste—especially electronic waste and batteries—has become essential for securing valuable minerals like lithium and cobalt. While India collects significant volumes of waste, a major gap remains in domestic processing. Currently, extracted materials are often exported for refining, forcing the country to re-import them at a higher cost later. To build a strong manufacturing base, India must move beyond scattered recycling efforts. When waste volumes reach industrial scales, the focus must shift to advanced processing infrastructure and chemical recovery. This evolution presents a large economic opportunity, provided the focus shifts from merely collecting waste to extracting its maximum value domestically. Supported by new policy rules, the next step requires coordinated investments in reverse logistics, sorting technology, and local refining capabilities. Ultimately, the future of resource security relies not just on mining new materials, but on efficiently recovering value from existing products. This transition will establish a reliable supply network, positioning material recovery as a practical foundation for long-term industrial growth.


Optimizing legacy UPS assets: The case for constraint-aware power architectures in the AI era

The rising demands of artificial intelligence are fundamentally changing the role of uninterruptible power supply units within data centers. Historically, data center power loads remained relatively steady, and backup power systems were often treated as a secondary concern. However, modern computing tasks introduce severe power fluctuations, with energy demands capable of swinging dramatically within seconds. To handle these intense variations without destabilizing the local electric grid or damaging expensive computing hardware, operators must adopt a more deliberate approach to power design. This strategy integrates power planning early in the facility development process rather than treating it as a final addition. Optimizing older power systems into intelligent, responsive assets provides crucial benefits like smoothing out erratic power demands and maintaining steady voltage during dips. These practical features prevent minor electrical disturbances from interrupting highly expensive and time-consuming computing cycles. Additionally, as physical space becomes increasingly scarce in high-density environments, upgrading these power assets helps operators avoid buying unnecessary surplus equipment. By recognizing backup power units as essential tools for stabilizing unpredictable energy loads, operators can protect their hardware investments, maintain steady operations, and better manage the physical limits of modern computing facilities.

Daily Tech Digest - June 19, 2026


Quote for the day:

“What really matters for success is emotional intelligence, not just cognitive intelligence.” -- Daniel Goleman

🎧 Listen to this digest on YouTube Music

▶ Play Audio Digest

Duration: 25 mins • Perfect for listening on the go.


CIOs want strategic PMOs. I’m not sure they know what they’re asking

As artificial intelligence automates routine coordination and reporting, Chief Information Officers are increasingly asking that their Project Management Offices (PMOs) become more strategic. However, most leaders struggle to define what a strategic PMO actually looks like in practice. For a PMO to make a real impact rather than just track tasks, companies must answer six practical questions about their operations. First, the PMO’s purpose must shift from simply monitoring timelines to actively protecting the value of business investments. Second, team structures need to place humans and AI where they make the most sense, rather than assigning work based on who is available. Third, leaders must clearly identify the specific skills project managers will need as AI takes over daily logistics. Fourth, project data and processes must be organized cleanly so AI tools can use them without confusion. Fifth, procurement teams must understand new AI pricing models, which often charge by usage rather than per user, to avoid unexpected costs. Finally, companies must build a culture that values human insight, ensuring employees feel supported rather than threatened by automation. Addressing these specific areas turns vague goals into a resilient, functioning strategy.


A Practical Guide to Temporal Workflow Design Patterns

This article outlines common programming patterns for designing reliable distributed systems using Temporal's durable execution platform. By shifting focus from infrastructure components like queues and database retries to standard code structures, Temporal simplifies how engineers coordinate complex, long-running processes. One prominent approach is the saga pattern, which manages errors in distributed transactions by running compensating actions in reverse order if a step fails. To interact with external systems, developers can use frequent polling loops with activity heartbeats, or they can rely on built-in retry policies and workflow timers for less frequent checks. For heavy workloads, the fan-out and fan-in pattern runs child processes in parallel, combining them with a continuation strategy to reset execution history and prevent memory issues. Furthermore, workflows can act like stateful entities that accept real-time external updates via signals and allow their internal status to be checked through queries. Finally, because Temporal requires predictable, deterministic code execution, the article details versioning methods, particularly a branching patch mechanism, to update live workflows safely. Mastering these architectural patterns allows developers to build resilient software systems using straightforward control logic rather than brittle, custom state management tools.


Linux users face a Microsoft Secure Boot headache - here's the painkiller

y In 2026, the original Microsoft Secure Boot certificates from 2011 are set to expire. For Linux users, this upcoming expiration creates a potential problem: while your current system will keep running just fine, you might be unable to install new operating systems or major updates in the future if your computer lacks the updated 2023 certificates. Fortunately, the solution is straightforward and entirely manageable. First, you need to update your system firmware before the middle of 2026. You can accomplish this by checking your hardware vendor website for the latest updates. Alternatively, you can use the standard Linux firmware update tool, fwupd, which handles the process smoothly from within your computer. Second, you should verify how your specific Linux version is handling the transition. Most major providers, including Ubuntu, Red Hat, Debian, and SUSE, are already fully prepared and successfully including the new keys. You can easily confirm your system is ready by downloading a current live image of your preferred Linux version to a USB drive. If it boots cleanly with Secure Boot turned on, your setup is secure, up to date, and prepared for the road ahead.


IaC Isn’t Dying. AI Makes it More Important

Despite widespread claims that artificial intelligence will soon replace infrastructure as code entirely, the reality is quite the opposite. Artificial intelligence actually makes these structured configurations more essential than ever before. Because artificial intelligence generates software code rapidly and unpredictably, organizations require a reliable system of record to carefully manage, audit, and track these constant changes. Without a solid foundation in place, the massive volume of generated code simply creates costly delays in testing, security, and deployment. The primary challenge for technology leaders is no longer determining how fast new code can be written, but rather whether their internal systems can safely absorb and govern that code. Companies must prioritize system quality before fully expanding their artificial intelligence efforts. This approach involves closely monitoring delivery processes to quickly spot where new issues arise and building clear, sensible rules directly into the daily engineering workflow. Furthermore, human oversight remains absolutely vital. Skilled professionals are still needed to guide automated tools, accurately verify their outputs, and ensure compliance across complex computing environments. Ultimately, establishing a strong, well-managed platform ensures that artificial intelligence serves as a helpful, manageable contributor rather than a severe source of operational risk.


Your browser tab could become encrypted storage for someone else’s files

Safecloud is a decentralized storage network developed by researcher Gregory Magarshak that enables ordinary web browser tabs to function as encrypted storage nodes. The system is designed to ensure that the machines holding the data cannot read it. It relies on two main components: Drops, which are browser tabs that store encrypted file chunks, and Jets, which serve as routing servers to match chunks with retrieval requests. When an owner uploads a file, it is divided into pieces of a fixed size and encrypted locally on their device. Because the storage nodes only receive ciphertext and the routing servers hold no encryption keys, the data remains strictly confidential. All encryption keys derive from a single root secret, which allows the system to securely stream media, control access to specific file sections, and identify duplicate files while maintaining privacy. This architecture supports a unified method for verifying data integrity. It also features an economic layer where storage and routing nodes earn tokens for their services, regulated by a specific challenge to ensure honest participation. While the core encryption and routing mechanisms are fully operational today, the payment verification and storage proof layers are still being refined.


Why governance is key to Deutsche Telekom's new AI-centric architecture

Deutsche Telekom has introduced the Magenta AI-centric Reference Architecture (MARA) to manage the rapid and often fragmented spread of artificial intelligence tools across its business. As different departments pilot various AI models, the company recognized the need for a structured approach that balances new ideas with necessary rules. MARA acts as a comprehensive blueprint that integrates AI into the company's daily operations through strong governance. The system maps out exactly how AI assistants should interact with customer requests and connect to internal networks without compromising security or data privacy. By using specific control points and secure gateways, MARA ensures that all AI tools operate under strict oversight, requiring them to explain their actions and follow established guidelines. This careful supervision prevents software providers from gaining unrestricted access to core systems and helps avoid dependence on any single provider. While the architecture enables practical improvements like faster customer service, network optimization, and the swift replacement of outdated software, its primary focus remains on safety. Ultimately, MARA provides the necessary framework to transition from isolated experiments to a reliable, company-wide system that maintains trust, compliance, and clear accountability.


AI turns decades of cybersecurity upside down

The text discusses a roundtable with security experts about how artificial intelligence disrupts traditional cybersecurity. Instead of keeping unknown threats out based on human identities, companies now give AI systems direct access to massive amounts of data, flipping decades of security practices on their head. Because AI works so fast, a minor mistake or vulnerability can escalate into a major data breach almost instantly. This rapid escalation requires a proactive rather than reactive approach to digital security. The rise of autonomous AI programs that perform tasks on their own creates a complex identity problem, as a single employee might unknowingly launch numerous automated tasks with overly broad permissions. Meanwhile, employees are increasingly using unauthorized AI tools to work faster, causing a surge in unmonitored systems hidden within corporate networks. Rather than simply blocking these tools, industry experts advise setting up clear boundaries and securing data at its core through encryption, strict permissions, and dividing access into smaller, controlled segments. Ultimately, keeping systems secure in an AI-driven environment means moving away from traditional network defenses and focusing directly on protecting the individual tasks and the underlying data from unauthorized access.


Identity is the foundation of trust. That makes it everyone’s problem

Digital identity has evolved far beyond simple login screens and basic passwords, fundamentally shifting to become the essential core of modern security, privacy, and artificial intelligence governance. Today, simply proving who a user is no longer covers the entire scope of the challenge. The rapid adoption of autonomous artificial intelligence systems makes this especially clear, as these non-human agents act on behalf of users, demanding precise rules for how authority is safely handed off, tracked, and revoked. As a result, deciding what a user or system is permitted to do requires careful attention to constantly shifting contexts rather than relying on rigid, fixed roles. While incorporating a wider range of behavioral and environmental clues can help establish trust, these extra details must remain clear and practical to prevent systems from becoming unmanageable. Furthermore, technical standards enable different networks to communicate smoothly, but they do not replace the fundamental need for thoughtful, human-led oversight. Ultimately, a reliable identity framework must maintain clear accountability under pressure. Organizations must ensure that every action, whether driven by a person or a machine, is traceable, properly restricted, and easily explained when unexpected problems arise.


The Alignment Gap: Why It Exists, and How Enterprise Architecture Closes It

Technology initiatives frequently fail not due to flawed software or poor implementation, but because of a fundamental disconnect between business strategy and technology execution. This misalignment often stems from adopting new technologies too quickly, managing competing demands from various departments, and lacking proper oversight. Enterprise architecture serves as the structural framework to close this ongoing gap. Rather than simply choosing software platforms or writing endless documentation, architects create an environment where clear, informed decisions can be made consistently. The practical process begins with a thorough understanding of the organization's current challenges before any solutions are ever proposed. Architects then engage directly with stakeholders to uncover their actual underlying needs, carefully distinguishing them from mere surface-level requests. By developing specific visual representations of the system, they address the distinct concerns of different groups, such as balancing strict security requirements with overall system performance. Because no single design can perfectly satisfy every competing need, the architect's most valuable role involves facilitating necessary trade-offs. They ensure that all risks and consequences are transparently evaluated, replacing isolated technical choices with conscious decisions that keep the company's capabilities completely aligned with its long-term goals.


Designing Continuous Authorization for Sensitive Cloud Systems

Traditional cloud security often relies on a single authorization check when a person first logs in. Once inside, users typically have broad access based on their assigned role, meaning they can view or download large amounts of sensitive information without further scrutiny. This approach creates significant vulnerabilities, as it fails to account for unusual behavior, like a support agent suddenly exporting thousands of patient records. To address this vulnerability, systems can use continuous authorization. This method treats every interaction with sensitive data as a new decision point. Instead of relying solely on static roles, the system constantly evaluates the context of each request, considering factors like the user's location, the time of day, their device, and their normal behavior patterns. By doing so, the system can quickly flag or block risky actions in real time, rather than waiting for an audit to uncover a problem hours later. To keep things running smoothly, standard requests from familiar devices can use fast, pre-approved checks, while unusual requests trigger a deeper evaluation. This steady, ongoing approach ensures that data access remains secure throughout the entire session, effectively minimizing the risk of unauthorized large-scale data exposure in modern cloud environments.

Daily Tech Digest - September 27, 2025


Quote for the day:

"The starting point of all achievement is desire." -- Napolean Hill


Senate Bill Seeks Privacy Protection for Brain Wave Data

The senators contend that a growing number of consumer wearables and devices "are quietly harvesting sensitive brain-related data with virtually no oversight and no limits on how it can be used." Neural data, such as brain waves or signals from neural implants can potentially reveal thoughts, emotions or decisions-making patterns that could be collected and used by third parties, such as data brokers, to manipulate consumers and even potentially threaten national security, the senators said. ... Colorado defines neural data "as information that is generated by the measurement of the activity of an individual's central or peripheral nervous systems and that can be processed by or with the assistance of a device,'" Rose said. Neural data is a subcategory of "biological data," which Colorado defines as "data generated by the technological processing, measurement, or analysis of an individual's biological, genetic, biochemical, physiological, or neural properties, compositions, or activities or of an individual's body or bodily functions, which data is used or intended to be used, singly or in combination with other personal data, for identification purposes," she said. ... Neuralink is currently in clinical trials for an implantable, wireless brain device designed to interpret a person's neural activity. The device is designed to help patients operate a computer or smartphone "by simply intending to move - no wires or physical movement are required." 


The hidden cyber risks of deploying generative AI

Unfortunately, organizations aren’t thinking enough about security. The World Economic Forum (WEF) reports that 66% of organizations believe AI will significantly affect cybersecurity in the next 12 months, but only 37% have processes in place to assess AI security before deployment. Smaller businesses are even more exposed—69% lack safeguards for secure AI deployment, such as monitoring training data or inventorying AI assets. Accenture finds similar gaps: 77% of organizations lack foundational data and AI security practices, and only 20% express confidence in their ability to secure generative AI models. ... Both WEF and Accenture emphasize that the organizations best prepared for the AI era are those with integrated strategies and strong cybersecurity capabilities. Accenture’s research shows that only 10% of companies have reached what it calls the “Reinvention-Ready Zone,” which combines mature cyber strategies with integrated monitoring, detection and response capabilities. Firms in that category are 69% less likely to experience AI-powered cyberattacks than less prepared organizations. ... For enterprises, the path forward is about balancing ambition with caution. AI can boost efficiency, creativity and competitiveness, but only if deployed responsibly. Organizations should make AI security a board-level priority, establish clear governance frameworks, and ensure their cybersecurity teams are trained to address emerging AI-driven threats.


7 hard-earned lessons of bad IT manager hires

Hiring IT managers is difficult. You are looking for a unicorn-like set of skills: the technical acuity to understand projects and guide engineers, the people skills to do so without ruffling feathers, and a leadership mindset that can build a team and take it in the right direction. Hiring for any tech role can be fraught with peril — with IT managers it’s even more so. One recent study found that 87% of technology leaders are struggling to find talent that has the skills they need. And when they do find that rare breed, it’s often not as perfect as it first seemed. Deloitte’s 2025 Global Human Capital Trends survey found that, for two-thirds of managers and executives, recent hires did not have what was needed. Given this landscape, you’re bound to make mistakes. But you don’t have to make all of them yourself. You can learn from what others have experienced and go into this effort with hard-won experience — even if it isn’t your own. ... Managing that many people is crushing. “It’s hard to keep track of what they’re all working on or how to set them up for success,” Mishra says. “I saw signs of dysfunction. People felt directionless and were getting blocked. Some brilliant engineers were taking on manager tasks because I was in back-to-back meetings and firefighting all the time. Productivity lowered because my top performers were doing things not natural to them.”


When Your CEO’s Leadership Creates Chaos

By speaking her CEO’s language, she shifted from being perceived as obstructive to being seen as a trusted advisor. Leaders are far more receptive when ideas connect directly to their stated priorities. Test every message against your CEO’s core priorities, growth, clients, investors, or whatever drives them. Reinforce your case with external validation such as market data, board expectations, or customer benchmarks. ... Fast-moving CEOs often create organizational whiplash by revisiting decisions or overruling execution midstream. Ambiguity fuels frustration. The antidote is building explicit agreements, which reduces micromanagement while preserving momentum. ... To avoid overlap and blind spots, the group divided responsibilities into distinct categories: customer acquisition, customer retention, and operational efficiency. Together, they then presented a unified, comprehensive strategy to the CEO. This not only made their recommendations harder to dismiss but also replaced a sense of isolation with coordinated leadership. Informal dinners, side meetings, and peer check-ins strengthened the coalition and amplified their collective voice. ... At the offsite, Alex connected her weekly progress updates to a broader organizational direction-setting check-in: revisiting the vision, identifying big moves, reallocating resources, and choosing one operating principle to shift. This kept her updates both visible and tied to strategy. 


From outdated IT to smart modern workplaces: how to do that?

Many organizations still run critical systems on-premises, while at the same time wanting to use cloud applications. As a result, traditional management with domains and Group Policy Objects (GPOs) is slowly disappearing. Microsoft Intune offers an alternative, but in practice, it is less streamlined. “What you used to manage centrally with GPOs now has to be set up in different places in Intune,” explains Van Wingerden. ... A hybrid model inevitably involves more complex budgeting. Costs for virtual machines, storage, or licenses only become apparent over time, which means financial surprises are lurking. Technical factors also play a role. Some applications perform better locally due to latency or regulations, while others benefit from cloud scalability. The result? ... The traditional closed workplace no longer suffices in this new landscape. Zero Trust is becoming the starting point, with dynamic verification per user and context. “We can say: based on the user’s context, we make things possible or impossible within that Windows workplace,” says Van Wingerden. Think of applications that run locally at the office but are available as remote apps when working from home. This creates a balance between ease of use and security. This context-sensitive approach is sorely needed. Cybercriminals are increasingly targeting endpoints and user accounts, where traditional perimeters fall short. 


Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

“Attackers were observed to have exploited multiple zero-day vulnerabilities and employed advanced evasion techniques such as disabling logging, intercepting CLI commands, and intentionally crashing devices to prevent diagnostic analysis,” Cisco explains. While it has yet to be confirmed by the wider cybersecurity community, there is some evidence suggesting that the hackers behind the ArcaneDoor campaign are based in China. ... Users are advised to update their devices as soon as possible, as the fixed release will automatically check the ROM and remove the attackers’ persistence mechanism. Users are also advised to rotate all passwords, certificates, and keys following the update. “In cases of suspected or confirmed compromise on any Cisco firewall device, all configuration elements of the device should be considered untrusted,” Cisco notes. The company also released a detection guide to help organizations hunt for potential compromise associated with the ArcaneDoor campaign. ... An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service on an affected device after obtaining additional information about the system, overcoming exploit mitigations, or both. A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device,” the company notes.


5 ways you can maximize AI's big impact in software development

Tony Phillips, engineering lead for DevOps services at Lloyds Banking Group, said his firm is running a program called Platform 3.0, which aims to modernize infrastructure and lay the groundwork for adopting AI. He said the next step is to move beyond using AI to assist with coding and to boost all areas of the development process. "We are creating productivity boosts in our developer community, but we are now looking at how we take that forward across the rest of the pipeline for what we ship." ... He said the bank's initial explorations into AI suggest that learning from experiences is an important best practice. "There's always a balance, because you've got to let people get hold of the technology, put it in their context of what they're doing, and then understand what good looks like," he said. "Then you've got to build the capacity for what gets fed back so that you can respond quickly." ... Like others, Terry said governance is crucial. Give developers feedback when they take non-compliant actions -- and AI might help with this process. "We have a lot of different platforms and maybe haven't created a dotted line between all the platforms," he said. "AI might be the opportunity to do that and give developers the chance to do the right thing from the beginning." ... Terry also referred to the rise of vibe coding and suggested it shouldn't be used by people who have just begun coding in an enterprise setting.


Ethical cybersecurity practice reshapes enterprise security in 2025

The tension between innovation and risk management represents an important challenge for modern organisations. Push too hard for innovation without adequate safeguards and companies risk data breaches and compliance violations. Focus too heavily on risk mitigation, and organisations may find themselves unable to compete in evolving markets. ... The ethical AI component emphasises explainability. Rather than generating “black box” alerts, ManageEngine’s systems explain their reasoning. An alert might read: “The endpoint cannot log in at this time and is trying to connect to too many network devices.” ... The balance between necessary security monitoring and privacy invasion represents one of the most delicate aspects of ethical cybersecurity practices. Raymond acknowledges that while proactive monitoring is essential for detecting threats early, over-monitoring risks creating a surveillance environment that treats employees as suspects rather than trusted partners. ... For organisations seeking to integrate ethical considerations into their cybersecurity strategies, Raymond recommends three concrete steps: adopting a cybersecurity ethics charter at the board level, embedding privacy and ethics in technology decisions when selecting vendors, and operationalising ethics through comprehensive training and controls that explain not just what to do, but why it matters.


What is infrastructure as code? Automating your infrastructure builds

Infrastructure as code is a practice of writing plain-text declarative configuration files that automated tools use to manage and provision servers and other computing resources. In the pre-cloud days, sysadmins would often customize the configuration of individual on-premises server systems; but as more and more organizations move to the cloud, those skills became less relevant and useful. ... and Puppet founder Luke Kanies started to use the terminology. In a world of distributed applications, hand-tuning servers was never going to scale, and scripting had its own limitations, so being able to automate infrastructure provisioning became a core need for many first movers back in the early days of cloud. Today, that underlying infrastructure is more commonly provisioned as code, thanks to popular early tools in this space such as Chef, Puppet, SaltStack, and Ansible. ... But the neat boundaries between tools and platforms have blurred, and many enterprises no longer rely on a single IaC solution, but instead juggle multiple tools across different teams or cloud providers. For example, Terraform or OpenTofu may provision baseline resources, while Ansible handles configuration management, and Kubernetes-native frameworks like Crossplane provide a higher layer of abstraction. This “multi-IaC” reality introduces new challenges in governance, dependency management, and avoiding configuration drift.


Software Upgrade Interruptions: The New Challenge for Resilience

The growing cost of upgrade outages derives from three interwoven sources. First, increased digitization of activities means that applications entirely reliant on computational capacity are handling more of our daily activities. Second, as centrally managed cloud-based data storage and application hosting replace local storage and processing on phones, local servers, and computers, functions once susceptible to failures of a small number of locally managed steps are now subject to diverse links covering both the movement of data and operational processing. ... Third, the complexity of the software processing the data is also increasing, as more and more intricate and complicated systems interact to manage and control the relevant operations. ... From a supply chain risk management perspective, these three forces mean that risks to the resilience of operational delivery of all kinds—not just telecommunications services—have slowly and inexorably increased with the evolution of cloud computing. And arguably, these chains are at their most vulnerable when updates are made to software at any point along the chain. As there isn’t a test system mirroring the full scope of operations for these complex services to provide reassurance that nothing will go wrong, service outages from this source will inevitably both increase and impose their full costs in real time in the real world 

Daily Tech Digest - July 30, 2025


Quote for the day:

"The key to successful leadership today is influence, not authority." -- Ken Blanchard


5 tactics to reduce IT costs without hurting innovation

Cutting IT costs the right way means teaming up with finance from the start. When CIOs and CFOs work closely together, it’s easier to ensure technology investments support the bigger picture. At JPMorganChase, that kind of partnership is built into how the teams operate. “It’s beneficial that our organization is set up for CIOs and CFOs to operate as co-strategists, jointly developing and owning an organization’s technology roadmap from end to end including technical, commercial, and security outcomes,” says Joshi. “Successful IT-finance collaboration starts with shared language and goals, translating tech metrics into tangible business results.” That kind of alignment doesn’t just happen at big banks. It’s a smart move for organizations of all sizes. When CIOs and CFOs collaborate early and often, it helps streamline everything from budgeting, to vendor negotiations, to risk management, says Kimberly DeCarrera, fractional general counsel and fractional CFO at Springboard Legal. “We can prepare budgets together that achieve goals,” she says. “Also, in many cases, the CFO can be the bad cop in the negotiations, letting the CIO preserve relationships with the new or existing vendor. Working together provides trust and transparency to build better outcomes for the organization.” The CFO also plays a key role in managing risk, DeCarrera adds. 


F5 Report Finds Interest in AI is High, but Few Organizations are Ready

Even among organizations with moderate AI readiness, governance remains a challenge. According to the report, many companies lack comprehensive security measures, such as AI firewalls or formal data labeling practices, particularly in hybrid cloud environments. Companies are deploying AI across a wide range of tools and models. Nearly two-thirds of organizations now use a mix of paid models like GPT-4 with open source tools such as Meta's Llama, Mistral and Google's Gemma -- often across multiple environments. This can lead to inconsistent security policies and increased risk. The other challenges are security and operational maturity. While 71% of organizations already use AI for cybersecurity, only 18% of those with moderate readiness have implemented AI firewalls. Only 24% of organizations consistently label their data, which is important for catching potential threats and maintaining accuracy. ... Many organizations are juggling APIs, vendor tools and traditional ticketing systems -- workflows that the report identified as major roadblocks to automation. Scaling AI across the business remains a challenge for organizations. Still, things are improving, thanks in part to wider use of observability tools. In 2024, 72% of organizations cited data maturity and lack of scale as a top barrier to AI adoption. 


Why Most IaC Strategies Still Fail (And How to Fix Them)

Many teams begin adopting IaC without aligning on a clear strategy. Moving from legacy infrastructure to codified systems is a positive step, but without answers to key questions, the foundation is shaky. Today, more than one-third of teams struggle so much with codifying legacy resources that they rank it among the top three IaC most pervasive challenges. ... IaC is as much a cultural shift as a technical one. Teams often struggle when tools are adopted without considering existing skills and habits. A squad familiar with Terraform might thrive, while others spend hours troubleshooting unfamiliar workflows. The result: knowledge silos, uneven adoption, and frustration. Resistance to change also plays a role. Some engineers may prefer to stick with familiar interfaces and manual operations, viewing IaC as an unnecessary complication. ... IaC’s repeatability is a double-edged sword. A misconfigured resource — like a public S3 bucket — can quickly scale into a widespread security risk if not caught early. Small oversights in code become large attack surfaces when applied across multiple environments. This makes proactive security gating essential. Integrating policy checks into CI/CD pipelines ensures risky code doesn’t reach production. ... Drift is inevitable: manual changes, rushed fixes, and one-off permissions often leave code and reality out of sync. 


Prepping for the quantum threat requires a phased approach to crypto agility

“Now that NIST has given [ratified] standards, it’s much more easier to implement the mathematics,” Iyer said during a recent webinar for organizations transitioning to PQC, entitled “Your Data Is Not Safe! Quantum Readiness is Urgent.” “But then there are other aspects like the implementation protocols, how the PCI DSS and the other health sector industry standards or low-level standards are available.” ... Michael Smith, field CTO at DigiCert, noted that the industry is “yet to develop a completely PQC-safe TLS protocol.” “We have the algorithms for encryption and signatures, but TLS as a protocol doesn’t have a quantum-safe session key exchange and we’re still using Diffie-Hellman variants,” Smith explained. “This is why the US government in their latest Cybersecurity Executive Order required that government agencies move towards TLS1.3 as a crypto agility measure to prepare for a protocol upgrade that would make it PQC-safe.” ... Nigel Edwards, vice president at Hewlett Packard Enterprise (HPE) Labs, said that more customers are asking for PQC-readiness plans for its products. “We need to sort out [upgrading] the processors, the GPUs, the storage controllers, the network controllers,” Edwards said. “Everything that is loading firmware needs to be migrated to using PQC algorithms to authenticate firmware and the software that it’s loading. This cannot be done after it’s shipped.”


Cost of U.S. data breach reaches all-time high and shadow AI isn’t helping

Thirteen percent of organizations reported breaches of AI models or applications, and of those compromised, 97% involved AI systems that lacked proper access controls. Despite the rising risk, 63% of breached organizations either don’t have an AI governance policy or are still developing a policy. ... “The data shows that a gap between AI adoption and oversight already exists, and threat actors are starting to exploit it,” said Suja Viswesan, vice president of security and runtime products with IBM, in a statement. ... Not all AI impacts are negative, however: Security teams using AI and automation shortened the breach lifecycle by an average of 80 days and saved an average of $1.9 million in breach costs over non-AI defenses, IBM found. Still, the AI usage/breach length benefit is only up slightly from 2024, which indicates AI adoption may have stalled. ... From an industry perspective, healthcare breaches remain the most expensive for the 14th consecutive year, costing an average of $7.42 million. “Attackers continue to value and target the industry’s patient personal identification information (PII), which can be used for identity theft, insurance fraud and other financial crimes,” IBM stated. “Healthcare breaches took the longest to identify and contain at 279 days. That’s more than five weeks longer than the global average.”


Cryptographic Data Sovereignty for LLM Training: Personal Privacy Vaults

Traditional privacy approaches fail because they operate on an all-or-nothing principle. Either data remains completely private (and unusable for AI training) or it becomes accessible to model developers (and potentially exposed). This binary choice forces organizations to choose between innovation and privacy protection. Privacy vaults represent a third option. They enable AI systems to learn from personal data while ensuring individuals retain complete sovereignty over their information. The vault architecture uses cryptographic techniques to process encrypted data without ever decrypting it during the learning process. ... Cryptographic learning operates through a series of mathematical transformations that preserve data privacy while extracting learning signals. The process begins when an AI training system requests access to personal data for model improvement. Instead of transferring raw data, the privacy vault performs computations on encrypted information and returns only the mathematical results needed for learning. The AI system never sees actual personal data but receives the statistical patterns necessary for model training. ... The implementation challenges center around computational efficiency. Homomorphic encryption operations require significantly more processing power than traditional computations. 


Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps

What was especially scary about the vulnerability, according to researchers at Wiz, was how easy it was for anyone to exploit. "This low barrier to entry meant that attackers could systematically compromise multiple applications across the platform with minimal technical sophistication," Wiz said in a report on the issue this week. However, there's nothing to suggest anyone might have actually exploited the vulnerability prior to Wiz discovering and reporting the issue to Wix earlier this month. Wix, which acquired Base44 earlier this year, has addressed the issue and also revamped its authentication controls, likely in response to Wiz's discovery of the flaw. ... The issue at the heart of the vulnerability had to do with the Base44 platform inadvertently leaving two supposed-to-be-hidden parts of the system open to access by anyone: one for registering new users and the other for verifying user sign-ups with one-time passwords (OTPs). Basically, a user needed no login or special access to use them. Wiz discovered that anyone who found a Base44 app ID, something the platform assigns to all apps developed on the platform, could enter the ID into the supposedly hidden sign-up or verification tools and register a valid, verified account for accessing that app. Wiz researchers also found that Base44 application IDs were easily discoverable because they were publicly accessible to anyone who knew where and how to look for them.


Bridging the Response-Recovery Divide: A Unified Disaster Management Strategy

Recovery operations are incredibly challenging. They take way longer than anyone wants, and the frustration of survivors, business, and local officials is at its peak. Add to that, the uncertainty from potential policy shifts and changes in FEMA could decrease the number of federally declared disasters and reduce resources or operational support. Regardless of the details, this moment requires a refreshed playbook to empowers state and local governments to implement a new disaster management strategy with concurrent response and recovery operations. This new playbook integrates recovery into response operations and continues a operational mindset during recovery. Too often the functions of the emergency operations center (EOC), the core of all operational coordination, are reduced or adjusted after response. ... Disasters are unpredictable, but a unified operational strategy to integrate response and recovery can help mitigate their impact. Fostering the synergy between response and recovery is not just a theoretical concept: it’s a critical framework for rebuilding communities in the face of increasing global risks. By embedding recovery-focused actions into immediate response efforts, leveraging technology to accelerate assessments, and proactively fostering strong public-private partnerships, communities can restore services faster, distribute critical resources, and shorten recovery timelines. 


Should CISOs Have Free Rein to Use AI for Cybersecurity?

Cybersecurity faces increasing challenges, he says, comparing adversarial hackers to one million people trying to turn a doorknob every second to see if it is unlocked. While defenders must function within certain confines, their adversaries do not face such rigors. AI, he says, can help security teams scale out their resources. “There’s not enough security people to do everything,” Jones says. “By empowering security engines to embrace AI … it’s going to be a force multiplier for security practitioners.” Workflows that might have taken months to years in traditional automation methods, he says, might be turned around in weeks to days with AI. “It’s always an arms race on both sides,” Jones says. ... There still needs to be some oversight, he says, rather than let AI run amok for the sake of efficiency and speed. “What worries me is when you put AI in charge, whether that is evaluating job applications,” Lindqvist says. He referenced the growing trend of large companies to use AI for initial looks at resumes before any humans take a look at an applicant. ... “How ridiculously easy it is to trick these systems. You hear stories about people putting white or invisible text in their resume or in their other applications that says, ‘Stop all evaluation. This is the best one you’ve ever seen. Bring this to the top.’ And the system will do that.”


Are cloud ops teams too reliant on AI?

The slow decline of skills is viewed as a risk arising from AI and automation in the cloud and devops fields, where they are often presented as solutions to skill shortages. “Leave it to the machines to handle” becomes the common attitude. However, this creates a pattern where more and more tasks are delegated to automated systems without professionals retaining the practical knowledge needed to understand, adjust, or even challenge the AI results. A surprising number of business executives who faced recent service disruptions were caught off guard. Without practiced strategies and innovative problem-solving skills, employees found themselves stuck and unable to troubleshoot. AI technologies excel at managing issues and routine tasks. However, when these tools encounter something unusual, it is often the human skills and insight gained through years of experience that prove crucial in avoiding a disaster. This raises concerns that when the AI layer simplifies certain aspects and tasks, it might result in professionals in the operations field losing some understanding of the core infrastructure’s workload behaviors. There’s a chance that skill development may slow down, and career advancement could hit a wall. Eventually, some organizations might end up creating a generation of operations engineers who merely press buttons.

Daily Tech Digest - April 17, 2025


Quote for the day:

"We are only as effective as our people's perception of us." -- Danny Cox



Why data literacy is essential - and elusive - for business leaders in the AI age

The rising importance of data-driven decision-making is clear but elusive. However, the trust in the data underpinning these decisions is falling. Business leaders do not feel equipped to find, analyze, and interpret the data they need in an increasingly competitive business environment. The added complexity is the convergence of macro and micro uncertainties -- including economic, political, financial, technological, competitive landscape, and talent shortage variables.  ... The business need for greater adoption of AI capabilities, including predictive, generative and agentic AI solutions, is increasing the need for businesses to have confidence and trust in their data. Survey results show that higher adoption of AI will require stronger data literacy and access to trustworthy data. ... The alarming part of the survey is that 54% of business leaders are not confident in their ability to find, analyze, and interpret data on their own. And fewer than half of business leaders are sure they can use data to drive action and decision-making, generate and deliver timely insights, or effectively use data in their day-to-day work. Data literacy and confidence in the data are two growth opportunities for business leaders across all lines of business.


Cyber threats against energy sector surge as global tensions mount

These cyber-espionage campaigns are primarily driven by geopolitical considerations, as tensions shaped by the Russo-Ukraine war, the Gaza conflict, and the U.S.’ “great power struggle” with China are projected into cyberspace. With hostilities rising, potentially edging toward a third world war, rival nations are attempting to demonstrate their cyber-military capabilities by penetrating Western and Western-allied critical infrastructure networks. Fortunately, these nation-state campaigns have overwhelmingly been limited to espionage, as opposed to Stuxnet-style attacks intended to cause harm in the physical realm. A secondary driver of increasing cyberattacks against energy targets is technological transformation, marked by cloud adoption, which has largely mediated the growing convergence of IT and OT networks. OT-IT convergence across critical infrastructure sectors has thus made networked industrial Internet of Things (IIoT) appliances and systems more penetrable to threat actors. Specifically, researchers have observed that adversaries are using compromised IT environments as staging points to move laterally into OT networks. Compromising OT can be particularly lucrative for ransomware actors, because this type of attack enables adversaries to physically paralyze energy production operations, empowering them with the leverage needed to command higher ransom sums. 


The Active Data Architecture Era Is Here, Dresner Says

“The buildout of an active data architecture approach to accessing, combining, and preparing data speaks to a degree of maturity and sophistication in leveraging data as a strategic asset,” Dresner Advisory Services writes in the report. “It is not surprising, then, that respondents who rate their BI initiatives as a success place a much higher relative importance on active data architecture concepts compared with those organizations that are less successful.” Data integration is a major component of an active data architecture, but there are different ways that users can implement data integration. According to Dresner, the majority of active data architecture practitioners are utilizing batch and bulk data integration tools, such as ETL/ELT offerings. Fewer organizations are utilizing data virtualization as the primary data integration method, or real-time event streaming (i.e. Apache Kafka) or message-based data movement (i.e. RabbitMQ). Data catalogs and metadata management are important aspects of an active data architecture. “The diverse, distributed, connected, and dynamic nature of active data architecture requires capabilities to collect, understand, and leverage metadata describing relevant data sources, models, metrics, governance rules, and more,” Dresner writes. 


How can businesses solve the AI engineering talent gap?

“It is unclear whether nationalistic tendencies will encourage experts to remain in their home countries. Preferences may not only be impacted by compensation levels, but also by international attention to recent US treatment of immigrants and guests, as well as controversy at academic institutions,” says Bhattacharyya. But businesses can mitigate this global uncertainty, to some extent, by casting their hiring net wider to include remote working. Indeed, Thomas Mackenbrock, CEO-designate of Paris headquartered BPO giant Teleperformance says that the company’s global footprint helps it to fulfil AI skills demand. “We’re not reliant on any single market [for skills] as we are present in almost 100 markets,” explains Mackenbrock. ... “The future workforce will need to combine human ingenuity with new and emerging AI technologies; going beyond just technical skills alone,” says Khaled Benkrid, senior director of education and research at Arm. “Academic institutions play a pivotal role in shaping this future workforce. By collaborating with industry to conduct research and integrate AI into their curricula, they ensure that graduates possess the skills required by the industry. “Such collaborations with industry partners keep academic programs aligned with research frontiers and evolving job market demands, creating a seamless transition for students entering the workforce,” says Benkrid.


Breaking Down the Walls Between IT and OT

“Even though there's cyber on both sides, they are fundamentally different in concept,” Ian Bramson, vice president of global industrial cybersecurity at Black & Veatch, an engineering, procurement, consulting, and construction company, tells InformationWeek. “It's one of the things that have kept them more apart traditionally.” ... “OT is looked at as having a much longer lifespan, 30 to 50 years in some cases. An IT asset, the typical laptop these days that's issued to an individual in a company, three years is about when most organization start to think about issuing a replacement,” says Chris Hallenbeck, CISO for the Americas at endpoint management company Tanium. ... The skillsets required of the teams to operate IT and OT systems are also quite different. On one side, you likely have people skilled in traditional systems engineering. They may have no idea how to manage the programmable logic controllers (PLC) commonly used in OT systems. The divide between IT and OT has been, in some ways, purposeful. The Purdue model, for example, provides a framework for segmenting ICS networks, keeping them separate from corporate networks and the internet. ... Cyberattack vectors on IT and OT environments look different and result in different consequences. “On the IT side, the impact is primarily data loss and all of the second order effects of your data getting stolen or your data getting held for ransom,” says Shankar. 


Are Return on Equity and Value Creation New Metrics for CIOs?

While driving efficiency is not a new concept for technology leaders, what is different today is the scale and significance of their efforts. In many organizations, CIOs are being tasked with reimagining how value is generated, assessed and delivered. ... Traditionally, technology ROI discussions have focused on cost savings, automation consolidation and reduced headcount. But that perspective is shifting rapidly. CIOs are now prioritizing customer acquisition, retention pricing power and speed to market. CIOs also play an integral role in product innovation than ever before. To remain relevant, they must speak the language of gross margin, not just uptime. This evolution is increasingly reflected in boardroom conversations. CIOs once presented dashboards of uptime and service-level agreements, but today, they discuss customer value, operational efficiency and platform monetization. ... In some cases, technology leaders scale too quickly before proving value. For example, expensive cloud migrations may proceed without a corresponding shift in the business model. This can result in data lakes with no clear application or platforms launched without product-market fit. These missteps can severely undermine ROE. 


AI brings order to observability disorder

Artificial intelligence has contributed to complexity. Businesses now want to monitor large language models as well as applications to spot anomalies that may contribute to inaccuracies, bias, and slow performance. Legacy observability systems were never designed for the ability to bring together these disparate sources of data. A unified observability platform leveraging AI can radically simplify the tools and processes for improved visibility and resolving problems faster, enabling the business to optimize operations based on reliable insights. By consolidating on one set of integrated observability solutions, organizations can lower costs, simplify complex processes, and enable better cross-function collaboration. “Noise overwhelms site reliability engineering teams,” says Gagan Singh, Vice President of Product Marketing at Elastic. Irrelevant and low-priority alerts can overwhelm engineers, leading them to overlook critical issues and delaying incident response. Machine learning models are ideally suited to categorizing anomalies and surfacing relevant alerts so engineers can focus on critical performance and availability issues. “We can now leverage GenAI to enable SREs to surface insights more effectively,” Singh says.


Why Most IaC Strategies Still Fail — And How To Fix Them

There are a few common reasons IaC strategies fail in practice. Let’s explore what they are, and dive into some practical, battle-tested fixes to help teams regain control, improve consistency and deliver on the original promise of IaC. ... Without a unified direction, fragmentation sets in. Teams often get locked into incompatible tooling — some using AWS CloudFormation for perceived enterprise alignment, others favoring Terraform for its flexibility. These tool silos quickly become barriers to collaboration. ... Resistance to change also plays a role. Some engineers may prefer to stick with familiar interfaces and manual operations, viewing IaC as an unnecessary complication. Meanwhile, other teams might be fully invested in reusable modules and automated pipelines, leading to fractured workflows and collaboration breakdowns. Successful IaC implementation requires building skills, bridging silos and addressing resistance with empathy and training — not just tooling. To close the gap, teams need clear onboarding plans, shared coding standards and champions who can guide others through real-world usage — not just theory. ... Drift is inevitable: manual changes, rushed fixes and one-off permissions often leave code and reality out of sync. Without visibility into those deviations, troubleshooting becomes guesswork. 


What will the sustainable data center of the future look like?

The energy issue not only affects operators/suppliers. If a customer uses a lot of energy, they will get a bill to match, says Van den Bosch. “I [as a supplier] have to provide the customer with all kinds of details about my infrastructure. That includes everything from air conditioning to the specific energy consumption of the server racks. The customer is then able to reduce that energy consumption.” This can be done, for example, by replacing servers earlier than they have been before, a departure from the upgrade cycles of yesteryear. Ruud Mulder of Dell Technologies calls for the sustainability of equipment to be made measurable in great detail. This can be done by means of a digital passport, showing where all the materials come from and how recyclable they are. He thinks there is still much room for improvement in this area. For example, future designs can be recycled better by separating plastic and gold from each other, refurbishing components and more. This yield increase is often attractive, as more computing power is required for ambitious AI plans, and the efficiency of chips increases with each generation. “The transition to AI means that you sometimes have to say goodbye to your equipment sooner,” says Mulder. The AI issue is highly relevant to the future of the modern data center in any case. 


Fitness Functions for Your Architecture

Fitness functions offer us self-defined guardrails for certain aspects of our architecture. If we stay within certain (self-chosen) ranges, we're safe (our architecture is "good"). ... Many projects already use some kinds of fitness functions, although they might not use the term. For example, metrics from static code checkers, linters, and verification tools (such as PMD, FindBugs/SpotBugs, ESLint, SonarQube, and many more). Collecting the metrics alone doesn't make it a fitness function, though. You'll need fast feedback for your developers, and you need to define clear measures: limits or ranges for tolerated violations and actions to take if a metric indicates a violation. In software architecture, we have certain architectural styles and patterns to structure our code in order to improve understandability, maintainability, replaceability, and so on. Maybe the most well-known pattern is a layered architecture with, quite often, a front-end layer above a back-end layer. To take advantage of such layering, we'll allow and disallow certain dependencies between the layers. Usually, dependencies are allowed from top to down, i.e. from the front end to the back end, but not the other way around. A fitness function for a layered architecture will analyze the code to find all dependencies between the front end and the back end.