November 25, 2014

'Less' is more to malware authors targeting Linux users
Less does not allow file editing, which is a job for file editors like the widely used vi, but has the benefit of displaying data on the fly without needing to load an entire file into memory. This is useful when dealing with large files. Less is frequently used to view text files, but on many Linux distributions, including Ubuntu and CentOS, it supports many more file types including archives, images and PDF. That's because, on these systems, less is extended through a script called lesspipe that relies on different third-party tools to process files with various extensions.


Web services vs. cloud services: Are they the same?
The short answer is, "no," they are not the same. However, they are increasingly dependent on each other if users want the full speed and ease of use effect that such services offer. Technically, organizations can have a Web service without a cloud service or vice versa, but one gets greater business efficiency when the services are combined. Web services are the tools that allow users to interact with software over the Internet.Cloud services are the servers that store the data, security and other infrastructure pieces needed to allow Web services to provide unique value as Web-accessible applications.


The Art Of Being Consistently Less Wrong
The key concept to focus on is not to be exact but to be LESS WRONG. The only way you can be less wrong is to learn. The only way to learn is to do. In my opinion letting go of the concept of correctness in agile and embracing the desire to be less wrong can help a team change what they normally consider to be a painful, drawn out meeting into a quick, focused and collaborative discussion. Get past the estimation and get back to delivering features. So, how do we learn to be consistently less wrong? Here are a few things to consider:


Thwarting Attackers with Threat Intelligence
Intelligence and understanding are crucial to any defensive strategy. Cybersecurity teams are trying to learn more about malicious actors, including why and how they are attacking. This is where the extended network provides unexpected value, delivering a depth of intelligence that cannot be attained anywhere else in the computing environment. Much like in counterterrorism, intelligence is key to stopping attacks before they happen. Just as terrorists sometimes inflict damage disproportionate to their resources, such can be the case in cyberspace. Relatively small adversaries with limited means can inflict significant damage on larger foes. In these situations, intelligence is one of the most important assets for addressing threats.


Global Standards and Publications
In the current environment, with constant changes and almost infinite ways of accessing information and communicating, it is essential to make communication as clear as possible and ensure the quality of information. Van Haren Publishing makes general Best Practices available to provide quality, practically validated information worldwide. The use of standards and frameworks gives everyone the same language thus minimalizing the chance of errors due to unclear communication. Best Practices regarding these standards and frameworks provide you with information summarizing years of experience by the best in the industry.


Corporate IT's Darwinian Challenge
Corporate IT organizations in general are still viewed as the people who slow down business opportunity and change and say "no" far more than "yes." Too many corporate IT organizations haven't evolved along with their ecosystem and, in my opinion, much of the necessary change starts with an evolution in thinking and purpose. For me, the following points are the required foundation to stop the gradual erosion, and ultimate extinction, of the corporate IT organization as we know it today.


Mobile Medical Apps: A Market on the Move
Smartphone technology is promising for use in remote patient monitoring for several reasons. David Pettigrew, Sagentia’s Vice President of Connected Health, sums up the advantages: “Benefits to medical-device manufacturers include cost savings through not having to develop a completely new device, leveraging existing platforms while adding more sophisticated sensing and data capabilities, and using an interface that consumers know and understand and is already part of their everyday life.” The result: Devices are far more likely to be adopted and used correctly.


The branded bug: Meet the people who name vulnerabilities
If the bug is dangerous enough, it gets a name. Heartbleed's branding changed the way we talk about security, but did giving a bug a logo make it frivolous... or is this the evolution of infosec? Criminals, such as bank robbers, are often named because there are too many to keep track of. Just as killers and gangsters end up in history marked and defined by where they murdered (the "Trailside Killer") or having a characteristic ("Baby Face" Nelson), the same goes for critical bugs and zero days. Stephen Ward, Senior Director at iSIGHT Partners (iSIGHT reported the "Sandworm" Microsoft zero-day), explained to ZDNet, "Researchers will often use unique characteristics discovered in malware or in command and control to give a team or a particular exploit a name.


Network security needs big data
Big data will change most of the product categories in the field of computer network security, including network monitoring, the authentication and authorization of users, identity management, fraud detection, and systems of governance, risk and compliance. Big data will also change the nature of the security controls, such as conventional firewalls, anti-malware and data loss prevention. In coming years, the tools of data analysis will evolve further to enable a number of advanced predictive capabilities and automated controls in real time.


7 Tools Tuned for Agile Development Success
The iterative alternative to fully mapped-out waterfall processes has become widely accepted in recent years, bringing with it software tools designed to help agile practitioners hone their processes, collaborate efficiently, and monitor progress. Companies like Atlassian, Axosoft, Microsoft, and others have been filling the niche for agile project management. Since we first rounded up agile project management tools in 2013, these tools have seen noteworthy improvements. Here's another look at the more effective agile-oriented project management tools and what's been improved in them in the past year.


Quote for the day:

 "How you measure the performance of your managers directly affects the way they act." -- Gustave Flaubert
Posted by at No comments:
Labels: , , , , , , , , , , , , , , ,

November 24, 2014

The Salesforce Platform: The Return of the Citizen Programmer
The last time this happened was in the 90’s, when Microsoft created Visual Basic. Legions of citizen programmers created large numbers of custom applications and solutions. Kids used VB, Grandparents used VB. Even managers used VB. Most of the code they wrote was awful, full of global variables, goto statements, and not a hint of object oriented programming, even after it was supported by the language. But it was fast and it was easy, and even the most elitist senior programmers were often forced to use VB because it was so incredibly productive compared to anything else.


The business rationale for cloud workspaces
Desktop virtualization technologies offer enterprise IT a new opportunity to deliver lower-cost, yet more responsive, end-user computing services across a larger range of endpoints. ... This makes them a high-risk investment. Desktop-as-a-Service (DaaS) offers a significant opportunity to realize the benefits of desktop virtualization through cloud-hosted desktops consumed as a service without the high upfront capital cost, and at a considerably lower risk, by leveraging a service provider’s domain expertise in creating and managing a high-performance virtual desktop infrastructure.


Open Cloud Alliance Formed to Answer Germany’s Data Privacy Concerns
“The European and US market is different,” said Laguna. “European companies are much more conscious and careful and more wary of big U.S. cloud providers. The big proprietary silos are very anti-competitive, very monolithic, and channel-unfriendly.” One example of how Germany and the U.S. view privacy differently is email. In Germany, it is considered extremely weird for an employer to have access to an employee’s email. In the U.S., sometimes you communicate with superiors by keeping a draft saved in your box. Data privacy concerns are born out of a history that saw the Gestapo, and later the Ministry of State security Stasi, encouraging spying on neighbors when the country was split, explains Laguna.


Android 5.0 Lollipop embraces the enterprise
Google took longer. Prior to the new version 5.0 (Lollipop), Android included precious little specifically to assist enterprises in their needs. Lollipop is a clear change in direction, addressing many of the most important enterprise needs. Finally, Google has included EMM/MDM APIs to allow a standard approach to the management and security of Android mobile devices. No longer will EMM vendors like MobileIron have to make different versions for the devices of different OEMs. Google has also moved to harden the base operating system, strengthen data security by default, improve the security update process and authentication and much more. There are thousands of new APIs, many of which help enterprises.


The five principles every corporate director should embody
NACD and ISA published a report titled the “Cyber-Risk Oversight” where they propose five key principles for boards in approaching cyber-risk ... The IIA and ISACA have built upon these five principles to provide well thought out implementation guidance in a publication titled “Cybersecurity: What the Board of Directors Needs to Ask” Here is how they recommend boards move out in turning the five principles above into action plans ... IIA and ISACA also suggest six questions any board should consider to prepare for discussions with management and audit


Symantec identifies sophisticated, stealthy 'Regin' malware
Regin is a back-door-type Trojan, "customizable with an extensive range of capabilities depending on the target," Symantec said, adding that "it provides its controllers with a powerful framework for mass surveillance." Its development probably took months "if not years" and "its authors have gone to great lengths to cover its tracks." Its first incarnation was used to spy on a number of organizations from 2008 to 2011 when it was "abruptly withdrawn," with a new version showing up last year, Symantec said. Nearly half of the Regin infections that have been identified involve private individuals and small businesses, with attacks on the telecommunication sector apparently aimed at gaining access to calls routed through that infrastructure.


IBM Courts DevOps With Dedicated Bluemix
DevOps has been a favorite mode of operation for startups and web companies that seek to change their production software frequently. Facebook and Amazon.com are noted for their ability to push dozens or hundreds of software updates a day. Robinson said competitive enterprises are beginning to adopt the same process. Among other things, Dedicated Bluemix will make available a Cloudant high-performance database-as-a-service; a data-caching service to make Bluemix applications speedier and more responsive; and the runtime environments in different languages so developers may launch applications in the language of their choice, Robinson said.


Tuning Java Servers
One mistake engineers often make is profiling the CPU without first determining whether it is truly a CPU bound use case. Although CPU utilization shown by top command is low, machine may be busy doing IO (e.g. reading disk, writing to network). Load average is a much better metric for determining whether the machine is loaded. Load average represents the number of processes waiting in the OS scheduler queue. Unlike CPU, load average will increase when any resource is limited (e.g. CPU, network, disk, memory etc.). Please refer to the blog “Understanding Linux Load Average” for more details.


DeitY Releases its Latest Draft IoT Policy
Focus is on developing IoT products precisely to our needs in the sphere of agriculture, health, water quality, transportation, security, automobile, automated metering and monitoring of utilities, waste management and many others. Structure of the IoT Policy has been planned to be implemented through a multi-pillar approach. It will have five vertical pillars (Demonstration Centres, Capacity Building & Incubation, R&D (Research and Development) and Incentives and Engagements, Human Resource Development) and 2 horizontal supports (Standardisation & Organisational structure).


Clearing up muddied waters in the 'Data Lakes'
Several companies have even designed products and services around the concept. Less pleasing is that since 2010 it's been gradually redefined, then subsequently refuted based on these new definitions. But hey, this kind of thing happens in any modern, digital debate and at least it indicates there's a healthy interest in the subject matter. However, as one who spends most waking hours conceiving new information architectures to solve modern data problems, I thought it was time to revive the original Data Lake definition and explain its original role and relevance.


Quote for the day:

 "Management is nothing more than motivating other people." -- Lee Iacocca
Posted by at No comments:
Labels: , , , , , , , , , ,

November 23, 2014

Performance Impact of an IO-Intensive Application
The bottleneck of an IO-intensive app is usually when the system flushes the dirty pages to disk, not during the journaling step. The throughput of flushing is limited by the device bandwidth. A typical 15K RPM could reach a bandwidth of 120MB/sec in the best case of sequential access, in case of random IO the actual bandwidth is even less. To better illustrate, assuming the system uses the default Redhat Linux flush policy of 30 seconds, and the application writes at a rate of 20 MB/sec. After 30 seconds, the system would have accumulated 600 MB of dirty data to flush to disk. In Linux, the flushing is done by the pdflush daemon.


Tuning Large Scale Java Platforms
The session covers various GC tuning techniques, in particular focusing on tuning large scale JVM deployments and showing how to optimally size a platform for enhanced memory consumption. It also presents Pivotal Application Fabric reference architecture where a comprehensive performance study was done. ... Emad Benjamin is Principal Technocrat and CTO Ambassador at VMware. Jamie O'Meara is a Platform Architect and software engineer for Pivotal.



Aligning ITSM with Business Objectives
This discussion will focus on the need for the Business to understand what IT can do for them, things like: enter new markets, create new services, provide new solutions or industry shifts. Then we will look at why IT and in particular the importance of the CIO to be embedded within the business and understand it’s business goals and objectives to ensure both “lights on” and “strategic direction incorporating innovation”. The ITIL Service Strategy book will be used as part of our guide. So come and hear how to start aligning IT service management with the Business objectives.


How to align talent management with business strategies
Through informed alignment of talent management strategy with business strategy, organisations can identify the capabilities that are really needed (thus providing a realistic business case for the development investment). Strengthening this business case raises another challenge: developing effective criteria for selecting the right candidates for development and thereby using available resources as effectively as possible to support the maximisation of potential. This effective long-term thinking can override short-term pressure from shareholders, who are often reluctant to invest in talent management.


Why Isn’t My Strategy Working? It’s Broken That’s Why
Declare “WHY” you are in business and then build a culture to support your “WHY.” Share it in a way that defines the experience your customers, staff and partners will have every time. ... After you have declared your “WHY” and everyone is busting with passion about the vision, the brand and being part of the culture, it is time to monetize that dream. Level II determines if customers, partners and investors will join you by saying yes. ... With Level II in place, everyone is clear about the strategy to monetize the “WHY,” and now the next step is to deploy the revenue strategy complete with a “True North,” a Revenue RoadMap and aligned metrics. Deployment must be both aligned to the “WHY” and the revenue strategy.


Microsoft Strategy Vice President Teper: 'Minecraft is a development tool'
"Minecraft is a development tool" Teper told attendees of the UBS Global Technology Conference in Sausalito, Calif., last week. "People build worlds out of it. If we can get eight-year-old girls and boys building worlds and getting inspired by creating content digitally, as they grow up they'll want to create in PowerPoint, or Visual Studio. And in addition to being one of the few gaming franchises that doesn't have to be freemium, Minecraft can actually charge money. It turns out it's a great business with lots of upside." The full transcript of Teper's remarks from November 19 is worth a read.


Six Steps for Developing a Governance Model for Strategic Portfolio Management (Part 1)
In today’s business environment, we have to make decisions quickly to take advantage of such things as market-moving news and events, client requirements, new technology and other factors. In order to do all of this, you need a streamlined, customized approach that works with, and not fights against, your culture and best interests. At the heart of all of this, controlling and driving this process forward is the Governance Model. That’s why I call it the engine room. Without it, portfolio management can’t happen in any structured, purposeful way. So, whether you’re just getting started in portfolio management, or you need to re-think your approach, the Governance Model is where you start.


360 Degree Embedded Analytics: Inside Apps, Inside Processes
These technologies will sit close to Business Intelligence (BI), data integration tools and online analytical processing (OLAP) services – plus we will also focus here on data mining and ‘extract, transform, load’ (ETL) functionalities. In terms of facilitating technologies, let us also remember that Hadoop serves as a central processing hub here where ‘analytics-ready’ data sets can be blended, refined, automatically-modeled and then automatically published directly to analytical databases (like HP Vertica for example) for deeper usage. If this is analytics embedded into the application, then what of analytics embedded into the business processes.


How to Improve Teamwork in Your Agile Team
Presenting this pyramid to the team could be the second exercise. Based on my experience, most of the team members will identify at least one problem from the pyramid. Visualizing this will make them think a bit about the status quo situation while realizing that much is required to be done in order to have a great team. I think one hour should be enough to familiarise the team with the pyramid and to answer all their questions. Since the base of the pyramid forms from an Absence of Trust, I will focus on an exercise for improving this specific aspect. My team tried this exercise some weeks ago. Clearly, we had problems in the team and lack of trust was one of them.


Conversation Patterns for Software Professionals.
Years of experience in the industry have shown us that the best way to get concrete and detailed knowledge from the business is to structure it. Structuring can be defined as organizing the acquired knowledge according to predetermined criteria, for example: functional requirements, non-functional requirements, domain-specific rules, architecture and implementation limitations. Such an ordered collection of information is a checklist for those who collect it and it helps them answer the following questions - What do I already know? What else do I need to know? What do I have to specify?


Quote for the day:

 "Nothing great was ever achieved without enthusiasm." -- Ralph Waldo Emerson
Posted by at No comments:
Labels: , , , , , , , , , ,

November 22, 2014

How to Improve IT Governance Maturity
Understand the operating style of organization. Who holds the decision making power, Is it with the CEO, Board, CFO, PE Investors or someone else. Know what view each of the CXO roles has on organization priorities and the role they consider IT has in the organization. The IT dollars are enterprise resource and are finite, and they must be leveraged to the benefit of the enterprise. IT governance's purpose is to facilitate all business units in competing for the dollars based on benefit to the enterprise. There is no reason the executive team shouldn't be completely aware of where and how IT assets are being deployed. The CIO is probably the last person to be setting IT priorities and when you take this approach,


4 Solutions To Build Apps For The Connected Car
Opportunities and choices abound for any consumer, company or entrepreneur attempting to connect the car. An in-vehicle dashboard can contain applications pre-installed in the unit or your smartphone app can connect via Bluetooth and offer content in the car. The applications world is moving to the car with consumers pleading at the chance to connect to the Internet in their vehicles. If you are interested in the connected car, there are four main types of development for in-car connectivity


Cisco crashes the enterprise mobile party with new collaboration app
Project Squared also complements Cisco's collaboration and UC (unified communications) product stack by extending it to mobile devices. Cisco already offers voice communications, video conferencing, IP telephony, IM and Web meetings via a variety of hardware devices and cloud and on-premise software for desktops, small and medium-size meeting rooms, and large conference rooms. "Cisco is filling in a gap in their portfolio, the use case for small, agile teams that want robust mobile apps but don't need more complex services and tools like WebEx or dedicated hardware endpoints for every bit of work, even if they have them," Gartner's Preset said.


Wozniak still aims to simplify: Now, all of enterprise storage
The company’s software separates the control of data from the gear where it’s stored. All storage capacity, from cloud to server-based flash, becomes part of a single global data space that can be allocated as needed for high performance or high capacity, Smith said. That virtual space can span block, object and file storage systems, keeping specific transport protocols such as Fibre Channel in place but treating all data as files. Instead of using a new protocol, Primary Data’s software is based on the widely used NFS (Network File System). The software consists of a Data Director, which holds metadata about the contents of storage and policies for each application, and a hypervisor in the application server that carries out changes.


The Programmer's Price
Rock-star developers are, not surprisingly, very different from actual rock stars. Solomon told me, “Generally speaking, the egos are the opposite.” Programmers tend to undersell themselves. (One potential client described himself as “pretty fast”; it later emerged that he’d won a speed-coding competition in India.) Solomon surmised that this has to do with the nature of feedback in the two professions. If you put a product in Apple’s app store, your interaction with customers consists mostly of anonymous griping. Meanwhile, he said, “even a low-level musician is onstage playing to fifty people, and after that show they have ten people who come up and tell them, ‘Dude, your song saved my life!’ ”


Bank CEOs Fear Data-Driven Decisions
One challenge is that getting an analytics practice up and running requires coordination and buy-in from multiple groups, points out Deva Annamalai, a banking technologist in Salt Lake City. "In today's scenario, most banks have an existing enterprise data warehouse, a finance and analytics reporting group, and IT wanting to do this. The ownership and roles around who is responsible for customer analytics becomes a little muddled. Organizations are starting to realize this overlap and some are even dedicating chief data officers (a relatively new C-suite title) to solve this problem."


Microsoft warns that Kerberos bug allows hackers to compromise entire networks
“This security update is rated Critical for all supported editions of Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. The update is also being provided on a defense-in-depth basis for all supported editions of Windows Vista, Windows 7, Windows 8, and Windows 8.1.” If you’re a system administrator and you haven’t already applied the patch, you should do so immediately.If your domain has already been compromised – and Microsoft has said that it was ‘aware of limited, targeted attacks that attempt to exploit this vulnerability’ – then the only remedial action is a complete rebuild of the domain.


Web API Thoughts 1 of 3 - Data Streaming
The target is to reach services to various platforms using HTTP technology, which is supported by many end user applications, browsers, mobile devices, other services. ASP.NET Web API is a request-response message exchange pattern, in which a client can request certain information from a server and a server responses the request to the client. The response can be expected synchronously or asynchronously. When you think about a web service usually several things pop up in your mind. Personally I'll point out these three basic key points regardless of the service implementation.


Interview: 'Government is the best digital startup in London'
“I think government is the best digital startup in London,” he says from behind his glowing Apple MacBook. “We really do have multi-functional teams, and when we talk about agile we really mean it. And we’re really serious about user research and understanding what the user needs are.” Shetler has dabbled in startup companies himself, creating two startups in London, the place he now calls home. His career also spans financial services, including working for the Republic National Bank of New York and companies such as Oracle, Microsoft and Swift – the financial transaction messaging company.


Gartner's four steps on how to better manage public APIs
APIs, a set of regulations that enables one program to interact with another, are in high demand among business and IT users alike for a whole host of reasons, Olliffe said. APIs offer accessibility, ease of use, platform independence and an attractive cost structure. Moreover, APIs are an operational expenditure, which means developers, architects and even the business can bring new capabilities into the enterprise without "a big approval from the CIO," he said. But along with this new API abundance come new complications. ... Startups go bust, companies decide to change directions, and a public Web API could easily disappear.


Quote for the day:

 "A business of high principle attracts high-caliber people more easily, thereby gaining a basic competitive and profit edge."-- Marvin Bower
Posted by at No comments:
Labels: , , , , , , , , , , ,

November 21, 2014

7 great MOOCs for techies -- all free, starting soon!
Big data, open source software, security -- these are some of the IT skills most in demand today and for the near future. Fortunately, free classes, in the form of Massive Open Online Courses (MOOCs), are available to help you keep pace with these and many other IT-oriented subjects. Offered by top universities as well as online education platforms (often in partnership), IT MOOCs can help you keep your skills sharp and resume updated. ... If you don't find what you want here, browse the lists of other courses offered by these institutions, or check our last MOOC roundup for ideas. Then log on and start learning.


Retired CIOs: 5 Rewarding Second Acts
Is there life after information technology leadership? You bet. While some "retired" CIOs immediately dive back into the industry as consultants to those currently serving as CIOs, others decide it's time to do something completely different. InformationWeek specifically went looking for people who had an interesting "Second Act" story to tell. Of our five examples, one is embarking on a career of voiceover work and acting after years of using funny voices to amuse his colleagues. Another is working almost as hard as a volunteer civic leader as he did in his former profession (but without the stress of worrying about the next system outage). Several are actively trying to relax but are still active as volunteers.


Smartphone Encryption – What Does it Mean to You?
As forensic experts we truly understand the probative value of the data and metadata contained on smartphones. These devices are routinely imaged, preserved and analyzed as part of the discovery process in cases where communications are directly or indirectly related to the underlying issues. The data and metadata automatically stored on smartphones can include entire email chains, geographical locations, contacts, logs of who was texted or called, and a host of other information depending on what apps were installed and used (see “Alternative Keyboard apps: Too risky for your smartphone?”).


Digital Transformation and IT: The CIO´s balancing act
We live in times of accelerated change. Smart and innovative challengers leapfrog industry borders and disrupt business models, selling digital services into former physical product markets and leaving established market leaders perplexed and behind. The digital Darwinism predicts that not the strongest (market leaders), but those companies that are able to adopt change the fastest, will survive. And as an example - the arrival of the smartphone taught us that torch producers and camera producers, for example, ended up between a rock and a hard place. Their business model was disrupted from outside the niche. Smartphones disrupted several other businesses and will keep doing so – financial credit card organizations are next in line.


Are Telepathy Experiments Stunts, or Science?
In a paper published last week in the journal PLOS One, neuroscientists and computer engineers at the University of Washington in Seattle described a brain-to-brain interface they built that lets two people coöperatively play a simple video game. Earlier this year, a company in Barcelona called Starlab described transmitting short words like “ciao,” encoded as binary digits, between the brains of individuals on different continents. Both studies used a similar setup: the sender of the message wore an EEG (electroencephalography) cap that captured electrical signals generated by his cortex while he thought about moving his hands or feet.


Smart guns: Can tech bring transparency to law enforcement?
Technology like Yardarm's could be beneficial in creating change without changing federal or state regulations. The company was founded just five months after the Sandy Hook shooting. ... "We're not a bunch of gun guys figuring out how to put tech in guns," Schaff said. "We're a bunch of tech guys trying to figure out how to put tech in guns." The team received a lot of messages from interested organizations like private security firms, police forces, and foreign governments, who wanted more information -- more data -- to use as evidence, and more ways to monitor the safety of officers out in the field.


Lost Devices Cause 68 Percent of Health Care Data Breaches
A recent study by Bitglass shows just how much damage the insider threat can cause. In its 2014 Healthcare Breach Report, Bitglass discovered that 68 percent of the data breaches in the health care industry since 2010 were caused by lost or stolen devices. The survey results nearly mirror a study conducted by theCalifornia Attorney General’s Office, which found that 70 percent of compromised health records were the result of a lost or stolen device. This is not to say that cybercriminals aren’t doing any damage. Almost a quarter of breaches in the health care industry are caused by hackers infiltrating the network.


Is your Java application hostile to JIT Compilation?
The key point about JIT compilation is that Hotspot automatically monitors which methods are being executed by the interpreter. Once a method has been called often enough it is marked for compilation into machine code. These "hot methods" are compiled by a JVM thread in the background. Until this compilation finishes, the JVM keeps running - using the original interpreted version of the method. Only once the method is fully compiled does Hotspot patch the method dispatch table to point to the new form. Hotspot has a large number of different optimization techniques for JIT compilation - but one of the most important for our purposes is inlining.


Healthcare Interoperability: Who's The Tortoise?
"It's very easy to point fingers at folks. People underestimate how challenging this work is," Sawyer told InformationWeek. "I think the vendors are being cautious before spending lots of research and development money before a standard is more clearly defined." Some EHR systems, like Epic, were designed long before cloud and APIs, executives said. Others leveraged newer technologies like cloud and APIs from the start. But clinicians and patients want them all to exchange files with one another -- just like financial firms, which enable consumers to withdraw funds from any ATM, regardless of bank. Or like Amazon, which lets consumers browse and order items from stores -- both Amazon and other sellers -- via one platform.


CIOs make progress, but still get no respect
Fair or not, the body of research described here is compelling. For this reason, every CIO should consider the possibility that some of their peers and management share views presented by the data. The solution is spending more time with business departments and leaders, learning nuances of their needs and goals. As CIO, delegate the technology to staff while you focus on solving business problems around the company.


Quote for the day:

 "Experience is not the best teacher; evaluated experience is the best teacher." -- John Maxwell
Posted by at No comments:
Labels: , , , , , , , , , , , ,

November 20, 2014

Data Is Not the New Oil, It's the New Soil
Not long ago companies began waking up to the fact that people everywhere were generating huge volumes of data. Data that could be collected and used to understand people in ever finer detail. The phrase “data is the new oil” started to spread like wildfire across the web. The buzz around “big-data” emerged . Oil is valuable. If you find, collect and store oil it will remain valuable. Data is a very different thing. Data is generated when people do something. It is a record of an event. That means it starts losing value almost as soon as it is generated because it ages.


DOT chief data officer prepares for forthcoming ‘wave’ of digital transportation data
“One of the things that makes it really important we get our acts together around data is the digital transportation world that is about to unfold,” McKinney said in October at ACT-IAC’s Executive Leadership Conference in Williamsburg, Virginia. Pointing to information generated from vehicles connected thanks to the Internet of Things and bridges and roads with sensors talking to cars, he said, “All of that data is sort of like standing on the beach and seeing that wave that’s building. It’s way out there, but you can see it. So you can either get ready for that, or you can get swamped.”


The Fantastic Four: Chief Analytics Officer, FICO World Panel
“Analytics as a function grew at Ford Motor Credit because we had a president who joined from American Express who had a vision,” explained Cateriano. “For me the Chief Analytics Officer appointment is about developing a skilled team for credit. Originally we had to push our services but now our key executives turn to our data analytics to solve the problem. I would say 80% of the time they are pulling us to the table”. ... Sigala explained there has been a deep shift towards analytics at Caesars. “It’s deeply integrated. When we deliver financial results it’s the Chief Analytics Officer that delivers the results and that has been a conscious decision.


Nine Steps to Unlock Big Data's Hidden Value
It is being billed as the next big thing and every business appears to be surfing the big wave. But if the hype makes you feel you’ve been left behind, fear not. Gartner poll results released in September 2014 revealed that while 73 percent of firms surveyed in 2014 are interested in adopting big data, only 13 percent have actually deployed these technologies. Without a clear place to start, many organizations are either misusing big data or not using it to its full potential. However, a focused approach can help make the transition less daunting, minimize the hurdles along the way, and enable organizations to take advantage of this valuable and growing corporate asset.


Only Engaged Innovation Teams Succeed
Managing innovation is making choices and dealing with constant trade-offs about different issues, particularly the ones related to people. The ultimate goal should be to make innovation a collective responsibility of the entire organization. However organizations cannot afford to have a single policy for keeping continuous motivation and engagement among all people. They should draft a plan to encourage that at least key people actively contribute for the innovation program and become long-term supporters. Key people are the stakeholders that have the interest and the power to influence the success of the innovation program.


Dynamic Duo of Analytic Power: Business Intelligence Analyst PLUS Data Scientist
The data science process is highly collaborative; the more subject matter experts involved in the process, the better the resulting model. And maybe even more importantly, involvement of the business users throughout the process ensures that the data scientists focuses on uncovering analytic insights that pass the S.A.M. test –Strategic (to the business), Actionable (insights that the organization can actually act on), and Material (where the value of acting on the insights is greater than the cost of acting on the insights).


Facebook’s Open Source Virtual Machine HHVM Stabilized
HHVM itself isn’t widely deployed or even widely known. It is extremely fast, but has not been considered production-ready because it sometimes causes system reboots. For the first time PHP and HHVM can run side by side on the same server, which increases speed, performance, and stability in production environments. WP Engine’s latest release, called Mercury, leverages the new capability. “HHVM is extremely fast running WordPress,” said Tomas Puig, head of labs at WP Engine. “Getting it ready and stable is truly an accomplishment.”


2015 prediction: Expect massive spikes in global information security threats
PWC rightly points out that cyber security has become a persistent business risk and that threats (both to the economy and intellectual property) are on the rise. The report goes on to identify some very troubling incidents, including ... With the idea of a security paradigm shift on the table, today's cyber-defenders should be thinking in different terms than just traditional security initiatives, shifting their focus towards an ideology of "cyber risk management", which is being fueled by an initiative founded by the NIST. The NIST has set forth a security framework (NIST Cybersecurity Framework) that stresses management over technology and highlights several best practices that should help organizations defend against the imminent threats posed by increasing cyber-attacks.


Cloud Comfort for Financial Services
"You're giving your data to some third party," Alexander Southwell, a partner at Gibson, Dunn & Crutcher and former cybercrimes prosecutor, told attendees during a panel presentation. "Do you know where in fact the data is? Do you know who is housing that data? How well [are] they funded? Are they gonna be around?" Indeed, many financial services organizations are specifically required to assess factors such as these when contracting with third parties, as a matter of due diligence. These questions and others concerning how client data is stored are especially important because most cloud providers are not yet SEC- or FINRA-compliant.


The Open Group IT4IT™ Reference Architecture, Version 1.3
The IT Value Chain and IT4IT Reference Architecture represent the IT service lifecycle in a new and powerful way, providing the missing link between industry standard best practice guides and the technology you need to select and execute those processes. The IT Value Chain and IT4IT Reference Architecture are a new foundation on which to base your IT4IT operating model and provide a welcome blueprint for the CIO to accelerate IT’s transition to becoming a service broker to the business. This Snapshot is intended to make public the direction and thinking about the path we are taking in the development of the IT4IT Reference Architecture.


Quote for the day:

 "Leadership is the wise use of power. Power is the capacity to translate intention into reality and sustain it." -- Warren G. Bennis
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

November 19, 2014

The Resurrection of Product Risk Analysis
The risk management described here aims at identifying risks connected with the development and implementation of an information system. The risk is the probability that development and implementation will cause measurable economic damage to the company, and perhaps also will cause other, less measurable damage. Damage could be that the results of a project are less favourable than expected or that the organisation will suffer direct or indirect loss. Risks extend beyond IT and concern the business, too.


The Web Isn't Dying, But Control Is
Apple's control of content in iOS apps is too much. If Apple wishes to continue to censor apps based on content, it should license third-party iOS stores or at least adopt Google Play's less fussy content policy. There's no reason native apps should be treated any differently from books or films when it comes to lawful content. There's no reason Apple should be able to reject an app with lawful content. With web apps, this isn't an issue; no permission is required to publish a web app. The issue isn't so much that the web is dying; it's that too many people prefer autocratic convenience over the web's messy democracy.


When will this madness stop?
Designing, building and launching digital products and services usually involves multiple areas of the organisation working together to create something new and innovative. Being a digital business means being a joined-up business. Digital does not stop at functional boundaries; it flows through the organisation to create integrated offerings and a seamless customer experience. A business with silos, whether organisational, data, systems or any other type, will struggle to survive in the digital age. Just because marketing is spending an increasing amount on technology does not mean there is a need for a marketing technology strategy.


IT needs to stop pretending it's not responsible for cloud security
So whole IT departments will use public cloud for their own work, but refuse to update perimeter security or network monitoring enough to let them see web apps, let alone encrypt that traffic and possible secure them? Who is supposed to do that, if not IT? Seventy-nine percent of IT people polled by Forrester in May of 2014 said end users should be primarily responsible for securing data in the cloud. That doesn't mean IT thinks users are responsible; no one in IT thinks users are responsible.


Cybercrime and spam are far bigger security threats than you think
"There are very few types of cybercrime that exist in a vacuum. Most forms of cybercrime are in some way connected to others. For example, nobody runs a botnet or robs bank accounts without taking steps to hide their true internet address. Usually to do that they are using hacked computers to route their traffic through, they are probably using hacked servers to store the stolen data, and then they are using money laundering networks to cash out transactions."


Keys To Collaborating Over A Business Network
The real potential for transformation comes from the ability of a business network to enable trading partner collaboration not just for invoice processing, but also for management of related documents such as catalogs, contracts, purchase orders, order confirmations, change orders, service entry sheets, freight line items, advance ship notices, payment status, and payment remittance. This means that, from one platform, in the cloud, you can streamline essential collaborative business processes from procurement through payment. At the same time, you can improve compliance by driving more orders off catalogs and simplifying the matching of invoices to purchase orders, contracts, and service entry sheets.


7 Important Tech Regulatory Issues In 2015
The Internet is now a central engine of society and must allow for continued innovation and development, Robert Atkinson, president of the Information Technology and Innovation Foundation (ITIF), told InformationWeek. "To this end, net neutrality rules should be tailored to allow for a case-by-case approach to prioritization, and network management that allows for some subtlety and nuance in regulation. This is to be preferred to an over-broad, proscriptive rule grounded in Title II regulation for the telephone era that would likely limit the Internet's potential to become the multi-purpose platform it promises to be," he said.


Overcoming Hurdles to Integrating Analytics with Operational Processes
Acceptable speed-of-response rates differ between operational and analytical use cases. Often operational processes require some real-time processing. Think of going to the grocery store or ordering a product or service, you expect this particular process to take place in real time. When you use an online or mobile application, your tolerance for slow response actually goes down. With the ability to change providers/applications quickly, it is important to match the expected speed of response with the performance of the application. This means that if you integrate analytics directly into operational processes, the speed of analytical response needs to match the real-time nature of most operational processes.


A Preview of C# 6
Mads Torgersen, C# program manager at Microsoft, published a short video presentationdescribing what is coming in the next major C# version, C# 6. Among C# 6 new features, Mads highlighted getter-only properties, the lambda-arrow operator, string interpolation, and more. First off, says Mads, C# 6 will not change C# design philosophy and will mostly provide many small features that will help clean up code.


Time for Data-Driven Intuition
The book The House Advantage: Playing the Odds to Win Big In Business (Jeffrey Ma) should be required reading for anyone working in the data management and business intelligence fields where we often oversimplify the business decision-making process by saying it’s either data-driven or intuition-driven—and strongly emphasizing that using data is always better than using intuition. Although Ma is definitely an advocate for data-driven decision making, toward the end of his book he also acknowledges that there are times when somewhat of a middle ground between data and intuition is called for.


Quote for the day:

 "Consider spending more time setting the conditions for things to go right than dealing with things that go wrong." -- @ShawnUpChurch
Posted by at No comments:
Labels: , , , , , , , , , , , ,

November 18, 2014

CIO interview: Anna Barsby, CIO, Halfords
“There’s complexity running a programme and upgrading SAP, which is pretty much at the heart of our system estate,” she says. “And it was our first move into the cloud at the same time,” she adds. “Going into the cloud with anything has its unknowns, but with SAP as our first foray it just felt risky.” “Culture was a really big one for us,” she says. “Once agreed on HP, we decided we also wanted to move from a physical server to the cloud.” Barsby says while the move to the cloud increased risk, the retailer only needed one period of downtime to complete the upgrade.


Testing Strategies in a Microservice Architecture
There has been a shift in service based architectures over the last few years towards smaller, more focussed "micro" services. There are many benefits with this approach such as the ability to independently deploy, scale and maintain each component and parallelize development across multiple teams. However, once these additional network partitions have been introduced, the testing strategies that applied for monolithic in process applications need to be reconsidered. Here, we plan to discuss a number of approaches for managing the additional testing complexity of multiple independently deployable components as well as how to have tests and the application remain correct despite having multiple teams each acting as guardians for different services.


Mega Data Breaches: Are They Here to Stay?
Current security solutions either do not have the capabilities to aggregate, analyze and correlate information from multiple sources, or cannot scale and handle the volume of data generated by the activities over a period of time. The greatest area of unmet need with conventional security solutions is effective, targeted attack prevention and breach detection. Organizations are failing at early breach detection, with more than 92% of breaches detected and notified by a third party—this is what ultimately impacts the size and cost of the data breach.


Cloud computing's not-so-secret mission
As the cloud matures, we are seeing another layer of cloud computing that promises to shake the foundation of our IT infrastructure to its core – the advent of IT-as-a-Service, which will be perhaps the cloud’s highest calling. Initially, many thought of the cloud as the successor to the web host. The next-gen data center. As someone who first became involved in web hosting in 1995 or so, I will admit that I thought that as well. The cloud is a great place to keep your web infrastructure, and it is even great to keep your apps and app infrastructure. However, the cloud is also a great place to which you can move your entire IT infrastructure as well. It took a little longer than moving websites or even apps to the cloud, but IT in the cloud has arrived.


9 Healthcare Innovations Driven By Open Data
Vinod Khosla, a leading tech venture capitalist and the former CEO of Sun Microsystems, sees the change as inevitable. He described his vision in a keynote at this past June's Health Datapalooza, an annual celebration of new developments in data-driven healthcare. Khosla predicted that "data science will do more for medicine than all the biological sciences combined" over the next two decades. One driver, he believes, will be the need to reduce medical errors by using computers for more accurate case monitoring than humans can accomplish. These new advances are made possible by two related categories of data: big data and open data.


Five winning strategies of successful CIOs
Whether CIOs are being asked to deliver or transform, Marks says they will always have to consider a digital element. Data centres, he says, are being transformed, while mobility has become crucial and software is being delivered as a service by default. "The new digital value lies in the CIO's ability to match the best combination of technologies and to negotiate the right deal for all parties,” says Marks. “Whether the CIOs of today have the experience, skills, and motivation to achieve this combination is a different matter. This is perhaps the more daunting challenge for the CIO than the march, and possibly passing trend, of the chief digital officer.”


Determining data value to reduce cloud storage risks
The value of data deals with the utility of data. Data utility requires evaluation for the value of the content in the present, along with the potential value of that same data content in the future. A useful analogy might be to consider an old photograph taken of a subject in his younger days and showing him wearing the styles of that era. At the time the picture was taken, the image provided no offense to the subject. However, the same picture many years later might cause the subject to cringe at the fashion it displays. Now consider that instead of an old, funny picture, business or personal data is on display.


CIO success is all about winning friends and influencing people
The general consensus is that these pillars of technology are last year’s news, because CIOs today should be thinking about the concepts and technologies that sound a bit left field – such as how 3D printing and the internet of things (IoT) could influence the organisations they work in. One of the keynote sessions at this year's Gartner Symposium in Barcelona was a "fire-side" chat with Oliver Bussman, CIO of UBS. During the interview, Bussman was asked about the challenges facing the banking sector. "Digital disruption has arrived in banking," he said.


More users will hire criminals to fight cyber crime
The idea of using the skills of people that were once on the wrong side of the law is one that is taking hold in a rising number of companies, according to findings from KPMG. The firm found that over half of UK firms would consider hiring a hacker or someone with a criminal record in order to improve their own defences and stay ahead of the criminals. The reason why many would recruit former criminals is because the overwhelming number (74%) recognise there is a growing cyber threat and they are struggling, in the cases of 57%, to get hold of specialised staff and then keep them.


Cisco hands over security analytics framework to open source development
Announced in a blog post on Monday, the San Jose, CA-based company said Opensoc, a framework that uses big data analytics to detect threats, is now available for businesses to integrate within their own systems. ... The OpenSOC framework integrates elements of the Hadoop ecosystem, including Storm, Kafka, and Elasticsearch. According to the firm, this means OpenSOC is capable of full-packet capture indexing, storage, data enrichment, stream processing, batch processing, real-time search, and telemetry aggregation, and also provides a platform that can "effectively enable security analysts to rapidly detect and respond to advanced security threats."


Quote for the day:

 "Too many people overvalue what they are not and undervalue what they are." -- Malcolm Forbes
Posted by at No comments:
Labels: , , , , , , , , , , , , , ,

November 17, 2014

13 Things to Do When a Hacker Steals Company Data
If the worst happens--e.g., a hacker steals your customer records or breaks into a server--it's easy to go into a tailspin and try solve every problem all at once. Apart from the headaches this can cause, it's also not the best approach to a data breach. Orlando Scott-Cowley, the director of technology marketing at Mimecast, a company that makes a secure cloud-based e-mail service, told me about an action plan he advises.


HP Analytics blazes new trails in examining business trends from myriad data
There are 20 million SMBs in US, and we are able to build a model to predict which of these prospects are similar to the clusters we had. That’s where we were able to find customers that looked like our most profitable customers, which we ended up callingVanguards. That resulted into a tremendous amount of a dollar increment for HP. It's a good example of what you talked when you find unexpected things. We just wanted to analyze data. It led us to a journey and ended up finding a customer group we weren't even aware of. Then, we could build marketing strategy to actually go target those and get some value out of it.


James Lewis on Microservices
Johannes Thönes talks to James Lewis, principal consultant at ThoughtWorks, about microservices. They discuss microservices’ recent popularity, architectural styles, deployment, size, technical decisions, and consumer-driven contracts. They also compare microservices to service-oriented architecture and wrap up the episode by talking about key figures in the microservice community and standing on the shoulders of giants.


ArchiMate 2.1® Poster Pack - Print Version
The ArchiMate meta-model and notation is fast becoming the de facto standard for depicting Enterprise Architecture. The ArchiMate® 2.1 Poster pack provides a quick-glance reference to both ArchiMate Concepts and ArchiMate Viewpoints.


A Primer on Measuring Employee Engagement
There are many factors that contribute to employee engagement — ranging from corporate culture to management style to competing priorities outside of work — and the pertinent factors are different for each employee. This complexity is what makes it so challenging to measure and understand engagement in an actionable way. While still in its infancy, people analytics is beginning to give organizations the data and tools to understand what drives engagement, perhaps even better than employees understand themselves.


Fitbit Data Now Being Used In The Courtroom
The lawyers aren’t using Fitbit’s data directly, but pumping it through analytics platform Vivametrica, which uses public research to compare a person’s activity data with that of the general population. Muller says the case is “unique,” and does appear to be the first known case where data from a wearable is used in court. (If other earlier cases come to light I will update this post.) “Till now we’ve always had to rely on clinical interpretation,” Muller says from his office in Calgary. “Now we’re looking at longer periods of time though the course of a day, and we have hard data.” His plaintiff will share her Fitbit data with Vivametrica for several months as part of an assessment period.


Are Asean CFOs starting to embrace the Cloud? Oracle asks
Despite the apparent advantages of Cloud computing, not all organisations are convinced that this is the best way forward as many CFOs still have their reservations about the quality of software vendors, and the possible creation of processing silos. Especially, the migration of ERP applications onto the Cloud is facilitating one of the biggest shifts in financial systems. The challenge of integrating systems and technologies remains a key barrier to adoption at many organisations; as well as the question of whether there are sufficient internal skills to make the shift.


Laser-Radio Links Upgrade the Internet
Technology that uses parallel radio and laser links to move data through the air at high speeds, in wireless hops of up to 10 kilometers at a time, is in trials with three of the largest U.S. Internet carriers. It is also being rolled out by one telecommunications provider in Mexico, and is helping build out the Internet infrastructure of Nigeria, a country that was connected to a new high-capacity submarine cable from Europe last year. AOptix, the company behind the technology, pitches it as a cheaper and more practical alternative to laying new fiber optic cables. Efforts to dig trenches to install fiber in urban areas face significant bureaucratic and physical challenges.


Data science: 'Machines do analytics. Humans do analysis'
Humans have to find the patterns, ask the right questions and make the connections in the data. "Machines do analytics," explained Sullivan. "Humans do analysis." Computers are good at detail and examining the past, but real data science requires imagination and cognitive ability. "I can take 10 tools, U.S. Census data and agriculture data and determine that people who were strangled by their bed sheets tracks cheese consumption," Sullivan said. "A human knows that makes no sense. You can't commoditize reasoning by a human." Another way to put it is that machines are used as "data janitors" to clean data and crunch numbers, but it's a small part of the overall process.


As open source goes mainstream, institutions collaborate differently
"There's a clear progression that nearly every government agency goes through, fromconsuming open source, to publishing open source (as a one-way broadcast), to collaboratingon open source," said Balter. "A similar progression is also seen from open source, to open data, and open government policy. Policymakers see the geek's tooling, realize the value of collaboration, and want to bring it into their own workflow. If your doctor takes a multivitamin every day, wouldn't you? To me, the idea of working more openly, regardless of format or form, within an organization, or with the public is the idea that we're seeing catch on. It's starting with open source, but that's just the start."


Quote for the day:

 "Sometimes when you innovate,you make mistakes. It is best to admit them quickly,and get on with improving your other innovations." -- Steve Jobs
Posted by at No comments:
Labels: , , , , , , , , , , , , , , ,

November 16, 2014

How to Become a Data Scientist in 8 Easy Steps
Our friends over at DataCamp just came out with a cool new infographic entitled “Become a Data Scientist in 8 easy steps.” This hits home to a lot of people who are trying to enter this new industry hoping to satisfy a lot of unfilled job openings. The question is how best to make this transition. The useful infographic below will help answer this question by outlining the process of becoming a data scientist ... These are all excellent tips, so examine the infographic carefully for more detail. You too can become part of the “sexiest job of the 21st Century!”


Search for Growth in Social, Mobile Fuels Tech M&A Boom
“Now it’s disruptive technology that’s in the crosshairs,” Liu said. “Consolidation involves coporations needing to catch up in a way that they are not able to do fast enough orignaically.” The aggregate global value of all publicly disclosed-value deals set a new post-dotcom era quarterly high of US$73.7 billion [b], up 41 percent sequentially and 4 percent year over year. At 923 deals in total, overall volume also set a record for any quarter since 2000, rising 6 percent sequentially and 31 percent year over year. Corporations, as opposed to private equity deals, continue to drive the growth, increasing aggregate value 40 percent sequentially and 9 percent year over year to $65.3 billion.


IoT Won’t Work Without Artificial Intelligence
The big problem will be finding ways to analyze the deluge of performance data and information that all these devices create. If you’ve ever tried to find insight in terabytes of machine data, you know how hard this can be. It’s simply impossible for humans to review and understand all of this data – and doing so with traditional methods, even if you cut down the sample size, simply takes too much time. We need to improve the speed and accuracy of big data analysis in order for IoT to live up to its promise.


What Every Business Owner Needs to Know About Data Sovereignty
Unfortunately, the laws and regulations protecting digital information can be extremely complex. They are dependent on different governments and jurisdictions, and data stored in certain countries may or may not be subject to subpoena by another country’s government. As an IT professional, you’re likely responsible for ensuring that your company’s data is fully protected. However, you need to provide your business’s owner with the basics to enable him or her to make the best decisions for the company — and the valuable data it possesses. For those who don’t work with technology all day, however, the variables can be overwhelming.


Collective intelligence, big data and IEML
There are two big problems with this landscape: The first is related to the methodology; today we use mainly statistical methods and logical methods. It is very difficult to have a semantic analysis of the data, because we do not have a semantic code, and let’s remember that every thing we analyze is coded before we analyze it. ... So you need a semantic code to have a semantic analysis. We do not have it yet, but I think that IEML will be that code. The second problem is the fact that this analysis of data is currently in the hands of very powerful or rich players –big governments, big companies. It is expensive and it is not easy to do –you need to learn how to code, you need to learn how to read statistics, is not easy.


MSSP: Integrate, NOT Outsource!
This means that for the MSSP to work well for you, process integration must be carefully planned. Here we talked about the alert response integration (and here about the SLAs), but the same applies to device management (integrate with your change management and reporting),incident response (integrate with your IR) and many other processes. This also means that this focus on integration allows you to vary the degree of security ‘outsourcing’ or externalization. If your plan – monitor – triage – respond – refine chain is well planned, you can almost painlessly engage external resources (MSSP, consultants, etc) at whatever stage: need more help with cleaning the mess? Call that IR consultant. Want to shift some perimeter monitoring duties outside? Go get that MSSP.


Requirements Discovery and Constraints Analysis
The process of requirements discovery broadly involves elicitation of functional and non-functional requirements from business needs. A business or enterprise architect’s role in requirements discovery is wider and broader in terms of scope, responsibility and, nature and stage of engagement. ... The nature of business concerns will not be limited to problems addressable by technology solution but also include considerations such as investments, ROI (Return on Investments), business case, timelines, priorities, risks and solution strategies potentially involving an eco-system of internal and external stakeholders (e.g. technology providers).


Simulation-Based Embedded Agile Development
While simulations containing embedded software need not be developed in an agile manner, Scrum’s agile framework helps realize greater benefits from a SiS approach. One Scrum event is the sprint review, in which the development team demonstrates what was accomplished during the sprint. It can be challenging to have something visual to demonstrate with embedded software development as there is often little to “see.” We might get only a blinking light or a wiggling fin. ... When such feedback is used in the sprint review as well as daily collaboration, these collective learning opportunities allow more nimble responses to necessary changes in requirements and design.


BlazeMeter, New Relic Team Up To Deliver Richer App Performance Testing Analytics
“Data analysis is most valuable when you can understand and act upon it instantly. Testing makes it easy to trigger a symptom, but you need monitoring to identify the root problem in the first place,” Girmonsky told IDN. “Together, BlazeMeter and New Relic provide their customers a full 360-degree view of their systems. Customers can dynamically define the KPIs they want to analyze, query the application and instantly understand the specific quirks of their system,” he added. The growing BlazeMeter/New Relic partnership is also a sign of how IT is increasing its use of machine data and big data to improve their software lifecycle -- design, development, testing and operations.


Optimizing Enterprise Risk for Value Creation
With IT risk being a subset of Enterprise risk, and given the pervasiveness of technology within the business, optimizing IT risk has a direct and positive effect on the overall risk of the organization. So important is risk optimization of the Enterprise’s IT to the organization that within COBIT 5 there is not one, but two, dedicated processes - ‘Ensure Risk Optimization’and ‘Manage Risk’.  The Ensure Risk Optimization process is within the Governance area of the COBIT 5 framework and is supported by 3 governance practices and 16 activities. The process ensures that the enterprise’s risk appetite and tolerance are understood and not exceeded by Enterprise IT, the impact of IT risk to enterprise value is identified and managed, and the potential for compliance failures is minimized.


Quote for the day:

 "Take the first step in faith. You don't have to see the whole staircase, just take the first step." -- Martin Luther King Jr.
Posted by at No comments:
Labels: , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)