The pressure is on for technologists as they face their defining moment
For IT and business leaders, the message is clear. Technologists remain fully
committed to the cause – they are desperate to have a positive impact, guide
their organizations through the current crisis and leave a legacy of innovation.
But it’s simply not sustainable (or fair) to ask technologists to continue as
they are, when 91% say that they need to find a better work-life balance in
2021. As an industry and as business leaders, we need to be doing more to manage
workload and stress, and protect wellbeing and mental health. Technologists have
to be given more support to deal with the heightened level of complexity in
which they are now operating. That means having access to the right tools, data,
and resources, and organisations protecting their wellbeing, both inside and
outside working hours. In 2018, we revealed that 9% of technologists were
operating as Agents of Transformation – elite technologists with the skills,
vision and ambition to deliver innovation within their organisations – but that
organisations needed five times as many technologists to be performing at that
level in order to compete over the next ten years.
5 Characteristics of Modern Enterprise Architect
Agile thinking is essential for not just the enterprise architect but many other
IT jobs as well. However, enterprise architecture is one field in which it is
essential. Agile thinking doesn’t just mean thinking fast, it means thinking
fast and right. Agile thinking means that you have to adapt to situations as you
improve your models and solutions. Being an agile thinker is key to having a
successful career as a modern enterprise architect. As the market conditions
change rapidly, you must adapt to all the changes and make the solutions robust.
Data-Driven Decision Makers use facts and logic from the available information
to make an informed decision. As many professionals say, everything you need is
in the data available to you. Therefore, data-driven decision-making is an
essential quality for any enterprise architect. This process will help identify
management systems, operating routes, and much more that will align with your
enterprise-level goals. One of the primary sources of data for decision-making
are the users themselves. Companies usually collect data from the users in the
sessions and use that data to analyze user behavior.
Best Practices To Understand And Disrupt Today’s Cybersecurity Attack Chain
Unified security must be deployed broadly and consistently across every edge.
Far too many organizations now own some edge environment that is unsecured or
undersecured, and cybercriminals are taking full advantage of this. The most
commonly unprotected/underprotected environments include home offices, mobile
workers, and IoT devices. OT environments are also often less secure than they
should be, as are large hyperscale/hyper-performance data centers where security
tools cannot keep up with the speed and volume of traffic requiring inspection.
Security solutions also need to be integrated so they can see and talk to each
other. Isolated point security products can actually decrease visibility and
control, especially as threat actors begin to deliver sophisticated,
multi-vector attacks that take advantage of an outdated security system’s
inability to correlate threat intelligence across devices or edges in real time,
or provide a consistent, coordinated response to threats. Addressing this
challenge requires an integrated approach, built around a unified security
platform that can be extended to every new edge environment.
rMTD: A Deception Method That Throws Attackers Off Their Game
rMTD is the process of making an existing vulnerability difficult to exploit.
This can be achieved through a variety of different techniques that are either
static – built in during the compilation of the application, referred as
Compile Time Application Self Protection (CASP) – or dynamically enforced
during runtime, referred to as Runtime Application Self Protection (RASP).
CASP and RASP are not mutually exclusive and can be combined. CASP modifies
the application's generated assembly code during compilation in such a way
that no two compilations generate the same assembly instruction set. Hackers
rely on a known assembly layout from a generated static compilation in order
to craft their attack. Once they've built their attack, they can target
systems with the same binaries. They leverage the static nature of the
compiled application or operating system to hijack systems. This is analogous
to a thief getting a copy of the same safe you have and having the time to
figure out how to crack it. The only difference is that in the case of a
hacker, it's a lot easier to get their hands on a copy of the software than a
safe, and the vulnerability is known and published.
SREs Say AIOps Doesn’t Live Up to the Hype
Why is AIOps so slow to catch on? Ultimately, the barriers facing these tools
are the same as those facing human engineers: massive and growing complexity
in IT environments. As digital products become more dependent on third-party
cloud services, as the number of things businesses want to track grows (from
infrastructure to application to experience), the sheer volume, velocity and
variety of monitoring data has exploded. ... Compounding the problem,
enterprises increasingly rely on multiple “same-service” providers for IT
services. That is, they use multiple cloud providers, multiple DNS providers,
multiple API providers, etc. There are sound business reasons for doing so,
such as adding resiliency and drawing on different vendors’ strengths in
different areas. But even when two providers are doing basically the same
thing, they use different interfaces and instrumentation, and their data
sources often employ different metrics, data structures, and taxonomies.
Whether you’re asking a human being or an AI-driven tool to solve this
problem, this heterogeneity makes it extremely difficult to visualize the
complete picture across the infrastructure. It also creates gray areas around
how best to take advantage of each vendor’s different rules and
toolsets.
How to convince your boss that cybersecurity includes Active Directory
Here’s the punchline: Everything relies on Active Directory. To get your boss
to care, start with a discussion about operations and which parts are business
critical. Have a business-level discussion, with you keeping score at a
technical level. For example, when your boss says “Development needs to be
running 100 percent of the time,” you work backward through all the systems,
applications, and endpoints that need AD to function. Repeat this until you
have a sufficient list of critical workloads and business operations that
require AD be secure and functional. Next, talk about which of those
environments need to be protected, which contain sensitive data, and which
need to be resilient against a cyberattack. Let your boss talk while you just
sit back, smile, and check off the boxes of everything that relies heavily on
AD. Once you are armed with enough business ammo, have the technical
discussion about how each of the business functions listed by your boss rely
on AD to provide users access to data, applications, systems, and
environments.
Next.js 11: The ‘Kubernetes’ of Frontend Development
The main innovation behind this is that Vercel has placed the entire dev
server technology, that before lived in a node process on your local
machine, entirely in the web browser, Rauch said. “So, all the technology
for transforming the front-end UI components is now entirely ‘dogfooded’
inside the web browser, and that’s giving us the next milestone in terms of
developer performance,” he said. “It makes front-end development multiplayer
instead of single player.” Moreover, by tapping into ServiceWorker,
WebAssembly and ES Modules technology, Vercel makes everything that’s
possible when you run Next.js on a local machine possible in the context of
a remote collaboration. Next.js Live also works when offline and eliminates
the need to run or operate remote virtual machines. Meanwhile, the Aurora
team in the Google Chrome unit has been working on technology to advance
Next.js and has delivered Conformance for Next.js and the Next.js Script
Component. Rauch described Conformance as a co-pilot that helps the
developer stay within certain guardrails for performance.
From Garry Kasparov to Google: Hamsa Buvaraghan’s Journey In The World of Algorithms
My fascination with AI began when I was in India, back in 1997, when I heard
about IBM’s supercomputer Deep Blue defeating Garry Kasparov. This made top
headlines then. After that, I wanted to explore more about this. However,
access to research papers was really hard then, as I didn’t even own a
computer or have access to the internet. I got introduced to computers by my
father when I got access to a computer in his office at the age of 10. First
thing I explored was Lotus Notes back then. With encouragement from my
parents, I later pursued Computer Science Engineering. Later, when I started
working, I read several IEEE research papers. I read papers like Smart
games; beyond the Deep Blue horizon, Deep Blue’s hardware-software synergy.
I was fascinated not only with AI then but also the application of AI to
solve real problems. I was also passionate about Biomedical Engineering,
which led me to books on Neural networks & AI for Biomedical Engineering
and papers on Training Neural Networks for Computer-Aided Diagnosis. When it
comes to machine learning, I am largely self-taught.
The CIO's Role in Maintaining a Strong Supply Chain
Access to up-to-the-minute information is essential for a CIO who hopes to
maintain a strong supply chain. "Real-time data ensures that your supply team
has the proper information required to make good, reliable decisions," Roberge
said. "My advice is to automate as many data points as possible -- the fewer
spreadsheets the better." ... Today's supply chain cannot be managed
effectively or efficiently without adequate foundational tools, Furlong
cautioned. "Appropriate technologies, implemented in a timely manner, can help
an organization transform the supply chain and leapfrog the competition," he
explained. "This includes everything from advanced predictive analytics to ...
cutting-edge technologies such as blockchain, which is being used to track
shipments at a micro level." CIOs also need to regularly assess and replace
aging supply chain software, hardware, and network tools with modern systems
leveraging both internal resources and third-party alliances. "Business
requirements are changing rapidly, and supply chain technology ... must be
flexible enough to handle complex business processes but also simplify supply
chain processes," Furlong said.
What is stopping data teams from realising the full potential of their data?
Data warehouses have been a popular option since the 1980s, and revolutionised
the data world we live in, enabling business intelligence tools to be plugged in
to ask questions about the past, but looking at future insights is more
difficult, and there are restrictions to the volume and formats of the data that
can be analysed. Another option is data lakes, which on the other hand enable
artificial intelligence (AI) to be utilised to ask questions about future
scenarios. However, data lakes also have a weakness in that all data can be
stored, cleaned and analysed, but can be quickly disorganised and become ‘data
swamps’. Taking the best of both options, a new data architecture is emerging.
Lakehouses are a technological breakthrough that finally allows businesses to
both look to future scenarios and back to the past in the same space, at the
same time, revolutionising the future of data capabilities. It’s the solution
enterprises have been calling out for throughout the last decade at least; by
combining the best elements of the data warehouse and data lake, the lakehouse
enables enterprises to implement a superior data strategy, achieve better data
management, and squeeze the full potential out of their data.
Quote for the day:
"A company is like a ship. Everyone
ought to be prepared to take the helm." -- Morris Wilks
