November 06, 2015

Cyber liability from perspective of board members and execs

What actually constitutes negligence by failing to take “reasonable efforts?” It appears to have been a sequel injection that led to TalkTalk being breached as well the JP Morgan Chase Corporate Challenge website. Yet “SQLi has been listed on the industry standard OWASP Top 10 for more than a decade. Should TalkTalk or the third-party contractor who built and managed JP Morgan’s site be liable for not finding such a common, well-known vulnerability?” ... Companies with “a dedicated CISO detected more security incidents and reported lower average financial losses per incident,” so should we “assume that a company that does not have a CISO is not making a reasonable effort to secure data?”


Microsoft and Red Hat Sign Unlikely Deal to Support Enterprise Hybrid Cloud

Developers will gain access to .NET technologies across Red Hat offerings,” giving developers the ability to build applications and include .NET services,” Paul Cormier, Red Hat executive vice president and president, Products and Technologies, said in a briefing. He called the partnership a “powerful win for the enterprise customer.” “I think everyone knows that there is no doubt now that Linux is a key part of enterprise computing today,” Cormier said. With “cloud at the center of Microsoft’s strategy going forward” the company sees its capabilities around hybrid cloud as a differentiation in the market, Scott Guthrie, EVP of the cloud and enterprise group at Microsoft said.


100 open source Big Data architecture papers for data professionals.

If you are a Big Data enthusiast or a technologist ramping up (or scratching your head), it is important to spend some serious time deeply understanding the architecture of key systems to appreciate its evolution. Understanding the architectural components and subtleties would also help you choose and apply the appropriate technology for your use case. In my journey over the last few years, some literature has helped me become a better educated data professional. My goal here is to not only share the literature but consequently also use the opportunity to put some sanity into the labyrinth of open source systems.  One caution, most of the reference literature included is hugely skewed towards deep architecture overview (in most cases original research papers) than simply provide you with basic overview.


Microsoft risks IT ire with Windows 10 update push

Microsoft has made it clear that it will take on a greater role in managing the Windows update process with Windows 10. The company has also made it clear that it will aggressively push users -- both consumers and businesses -- to upgrade from Windows 7 and Windows 8 to its latest OS. With that in mind, it's hard to image either predecessor hanging around anywhere near as long as Windows XP. The decision to not only push updates out, but also ensure that all Windows 10 devices receive them in a timely fashion, fits well with the concept of Windows as a service. The change may even go unnoticed by many consumers. IT departments, however, are keenly aware of this shift -- and many aren't happy about it.


Facebook CTO: Firms should wait before jumping on VR bandwagon

"Compare it to the development of previous computing platforms, like phones and computers, I think the first smartphones came out in 2003," he said. "In the first year, I think BlackBerry and Palm Treo were the initial smartphones that came out. I think they each sold in the hundreds of thousands of units. So just to kind of give a sense of the time frame that we're thinking about this and how we expect this to develop, that's how we're thinking." Schroepfer also believes that VR headsets will grow to be as popular phones are today but that it's important not to mislead people on the rate of adoption. "I'm incredibly bullish on VR but it's a brand new platform and it will take a while to develop.


50 years of Data Science

This paper reviews some ingredients of the current “Data Science moment”, including recent commentary about data science in the popular media, and about how/whether Data Science is really different from Statistics. The now-contemplated field of Data Science amounts to a superset of the fields of statistics and machine learning which adds some technology for ‘scaling up’ to ‘big data’. This chosen superset is motivated by commercial rather than intellectual developments. ... Because all of science itself will soon become data that can be mined, the imminent revolution in Data Science is not about mere ‘scaling up’, but instead the emergence of scientific studies of data analysis science-wide. In the future, we will be able to predict how a proposal to change data analysis workflows would impact the validity of data analysis across all of science, even predicting the impacts field-by-field.


EU tells US it must make next move on new Safe Harbor deal

Safe Harbor was simple for European companies to implement, as all they had to do was contract with a U.S. data processor registered under the agreement. It was the responsibility of the U.S. company to ensure compliance. The alternative mechanisms provided for in the EU's 1995 Data Protection Directive -- standard contract clauses, binding corporate rules, or obtaining the informed consent of the person whose data is transferred -- put the responsibility squarely on the company at the origin of the transfer. "Whatever they choose, they must be able to prove that the protection is in place, that they guarantee the protection of data transferred to the U.S. This is especially a challenge for SMEs," Jourová said.


Semantic Technology Is Not Only For Data Geeks

Innovative data architects and vendors realize that semantics is the key to bringing context and meaning to our information so we can extract those much-needed business insights, at scale, and more importantly, personalized. Data relevance has always mattered. In today's hyperclimate, where customer and business success is measured in seconds and minutes, data relevance is measured in microseconds. Results of data relevance, or the lack of it, can be magnified. Think about the reaction to a retailer's stock and reputation when there is a security breach of customer credit cards. Consider how an ill-thought-out tweet by an executive of a clothing company alienates customers, bringing down sales and revenue as it speeds across social media and the news.


Embedded systems face design, power, security challenges

Prestridge notes that (despite the noteworthy hacks lately) the automotive industry has been working on security for years, as has the medical and aerospace industry. ... Prestridge outlines the challenge: “Functional safety-certified tools aren’t enough; code analysis tools (both static and runtime) can help ferret out potential security issues by spotting things like the classic buffer overrun exploit before the design gets in the field. By using code analysis tools, developers can prevent these problems before they ever get checked into a build. And by selecting a pre-certified tool that has already been quality-tested by an independent third-party organization specialized on safety requirements, entire companies can save valuable time and money.”


Dropbox Enterprise Targets Large Businesses

Box understood this early on, and has made headway in the enterprise market. Dropbox focused on growth before revenue, then launched Dropbox for Business in 2013. Now, it finds itself trying to bring more paying customers to its expansive, under-monetized user base of 400 million individuals and 8 million businesses. ... Dropbox Enterprise represents a new tier in the Dropbox Business offering. It adds deployment tools to help IT administrators rapidly migrate and create accounts. It offers domain controls to give administrators insight into personal Dropbox usage on corporate domains. It allows for collaboration visibility to provide IT with oversight of Dropbox files shared with external personnel. It also provides unrestricted access to the Dropbox API for integrating the service with existing IT systems, as well as access to a customer manager for assistance.


Quote for the day:


"In conclusion,IT has come a long way in India, today we're a nation of a connected billion. How do we use this connectivity going forward?" -- @Sampitroda

Posted by at No comments:
Labels: , , , , , , , , , ,

November 05, 2015

Top 4 open source IRC clients

Like a lot of people involved in the open source movement, though I use a variety of different tools for real time communications, I just can't seem to get away from IRC. While IRC isn't perfect, and I don’t love some of its quirks, it's here to stay for at least the foreseeable future as its low barrier to entry and wide selection of open source clients make IRC, and particularly Freenode, the go-to place for open source projects to collaborate. But it's been awhile since I’ve evaluated what tools I use to connect to IRC. Given how much time I spend there, I thought it's about time to take a look at what my options are and see if there’s a client that can better meet my needs.


How IT can win over management teams and influence boards

CFOs should be focused on how to deploy capital in the best possible way and just not get burdened with recording past transactions. The goal need to be providing CFOs with all the tools necessary to shape the future financial performance of the enterprise. Most organizations are behind the curve in adopting modern collaboration tools, world class information warehouses and data lakes, as well as reporting and modern trends such as cloud and mobile computing. The CIO’s goal should be to earn the trust of the management team, roll up his or her sleeves and attack immediate problems, while at the same time putting a longterm plan in place to make IT a strategic and core competency of the enterprise.


Surveillance law will force companies to retain customers' web surfing history

The bill describes this requirement as the retention of internet connection records, or ICR. Currently there is no requirement for communications companies to store this data, and so law-enforcement agencies can often only paint a fragmented intelligence picture of a known suspect. The government said an ICR is a record of the internet services a specific device has connected to, "such as a website or instant-messaging application". It insisted: "An ICR is not a person's full internet browsing history. It is a record of the services that they have connected to, which can provide vital investigative leads. It would not reveal every web page that they visit or anything that they do on that web page."


Rethinking your defense: the real-time intelligent security command centre

The real-time economy comes with real-time threats and knowing what happens on your network 24/7 is nothing less than a must. To achieve this, a big data security platform with artificial intelligence is the cornerstone of your defense. It’s the real-time intelligent command center and dashboard enabling you to fight evil as it happens and even before it does. ... With BT Assure Analytics your security Samurai are equipped with a big data platform which can bring together the mass of data from across your security systems. It can weigh up the risks and work out which systems are under threat – immediately. So you’ll know how to firm up your best defense before an attack happens. The artificial intelligence gives your security Samurai the edge over potential attackers!


Symantec launches cyberthreat intelligence service for the enterprise

This week, Symantec announced the launch of Directed Threat Research, a threat intelligence program which provides the enterprise with industry threat data. Symantec's Al Cooley and Roger Park said in a blog post that the foundation of the program, built with DeepSight Intelligence, combines telemetry from Symantec's Global Intelligence Network with threat analysis to provide enterprise players with the "full picture" of today's threats -- from the adversary to their tactics and intended victims. "DeepSight Intelligence gives broad visibility to global and industry specific threats; however, sometimes urgency and the amorphic nature of threats leave security operations without any results from intelligence sources," Symantec said.


Context Is King: What’s Your Software’s Operating Range?

The operating-range metaphor might help you understand my point. For example, the operating temperature is the temperature at which an electrical or mechanical device operates. The device will operate effectively within that range; outside that range, the device might fail. The user manual for your laptop, printer, and refrigerator likely included a short chapter detailing the device’s operating environment. If you’re like me, you probably paid little attention to that section or skipped it. In most cases this is fine because you’re using these devices in the environment for which they were designed. But if you were to use them in an extreme environment, that information would suddenly become quite relevant.


Simple Authentication using Jwt in Asp.Net Web Api 2.2

In an enterprise settings the best way to implement token based authentication is to use a separate Security Token Service (STS). When users log in to the client application, the client application then sends those credentials together with its own identity information to the STS for verification. The STS examines these credentials and checks if the user has permissions on the requested resource. If everything is OK, the STS then issues a token with information about what claims or permissions the user has on requested resources, back to the client application. After receiving the token, the client application then presents the token to the resource holding server which in turn if the user has the right permissions, let them access the secure resource.


Strategies for a next-generation security architecture

Uncovering certain vulnerabilities and crafting the mechanics of a hack is very, very dangerous but not necessarily illegal, and, in fact, it's very dangerous to make it illegal. There's not just this specialization, but also this distribution of risk, and that, in turn, is setting up the possibility that people can go in and literally buy cyber terrorists armies to do what they want to do, and as we're starting to see countries move against each other, we're starting to get into science fiction land.  It's going to get worse before it gets better because the stakes are now really high. There's a lot of money to be made. Obviously, it's worth it to the criminals to take on more risk because you take on risk when there's more money at the other end of it, and it's also worth taking the time and effort to develop some of the skills.


CIO interview: Mark Hutchinson, South Manchester NHS

The trust is planning to begin recruitment imminently, and is looking to fill around 15 new posts. “We’re looking for people who have experience with configuring clinical IT systems, people with experience in business process redesign, people who understand clinical environments, tech roles like developers, people who can write interfaces and infrastructure engineers,” says Hutchinson says, to mention a few. “In general, we are looking for people with the right skills and values, who want a challenge and who want to help improve patient care at UHSM.” The trust is also heavily involving clinicians in creating pathways and workflows that work well for them as part of the IT projects. These include consultants, pharmacists, allied health professionals, pathology and nurses.


Programmers: Stop Calling Yourselves Engineers

It’s no accident that the most truly engineered of software-engineering projects extend well beyond the computer. Autonomous-vehicle design offers the most obvious contemporary example. When Google designs self-driving cars, it musters its own computational systems, like mapping and navigation. But it also integrates those into a world much larger than browsers and smartphones and data centers. Autonomous vehicles share the roads with human-driven cars, pedestrians, and bicyclists. Those roads are managed, maintained, and regulated. Self-driving cars also interface with federal motor-vehicle standards and regulations, along with all the other material demands and foibles of a machine made of metal and plastic and rubber rather than bits. Engineering addresses complex, large-scale systems.


Quote for the day:


“Great leaders create memorable journeys” -- John Stein

Posted by at No comments:
Labels: , , , , , , , , , , ,

November 03, 2015

How The Internet Of Things Is Changing Work

Hooking up workplaces and environments to the world of IoT is often as easy as wiring a building up with IT cabling, says Justin Lee, CEO of real estate firm TheSquareFoot. So long as a workplace can be hooked up to the Internet, it can usually be effectively outfitted with an IoT system—i.e., sensors that generate data talking to each other and sending that data somewhere. Cost to outfit a workplace ramps up as the workforce increases in size, and while IoT solutions are becoming more common for smaller businesses, IoT solutions for large corporations over 1,000 people are not nearly as commercialized or streamlined yet, says Lee. But we're not yet at a place where real estate understands how to prepare an IoT-ready workplace.


10 tips to meet your project planning goals

If you’re a project manager, chances are your daily calendar is already filled from the moment you sit down at your desk to whatever time of day – or evening, most likely – you clock out. Many people at all levels of the enterprise rely heavily on you to have a solid grasp on all aspects of project management, including timing, status and direction of projects, at all times. ... Strategy should drive business activities, including projects, and not the other way around…otherwise the project is simply a pointless exercise. By ensuring strategic alignment, project managers can help organizations avoid ambiguous PMO direction, underutilized PMO resources, low company performance at a high cost, and declining project success rates. Alignment helps to establish a shared vision.


Instead of replacing individual desktops every year, companies only have to replace thin clients every 5 years. And when it comes time to do updates, the IT staff updates the one computer instead of spending time updating every individual workstation. VDI is a great solution for most companies. But if every employee in the company has to process large amounts of data, that one computer may not be powerful enough. If there are a large number of employees and each employee’s workstation requires multiple GPUs to process data quickly, switching to a Virtual Desktop Infrastructure may not be cost effective since there are still only a small number of open slots for GPUs in most computers.


To land a data center job in this evolving space, work relevant, change-focused terminology into your interviews for engineer, operations or manager positions. Simply rattling off DevOps and automation terms won't impress an interviewer, nor will a prevaricating job candidate who lacks the fundamentals to grow in a data center position. We've created fun visual cues in this slideshow of hot data center terminology to help you understand and describe modern data center operations. Establish your knowledge of IT infrastructure scalability and resiliency, culture and business trends as well as other defining developments while leaving a strong impression on your future employer.


What you need to do is get your head in the cloud in order to understand a new wave of threats and identify ways to strengthen defenses. I’m not just talking about the benefits of using the cloud for security – unlimited storage capabilities for global threat intelligence and historical data, powerful processing capabilities for security analytics, and the ability to deploy security technologies to even the most remote outposts. You also need think about how attackers are now banking on the increasing usage of Software as a Service (SaaS) apps and the advent of Shadow IT and resulting Shadow Data (as I discussed previously) to steal valuable digital assets. These attacks often incorporate basic tactics but with a modern twist.


Scaling Docker with Kubernetes V1

Kubernetes is an open source project to manage a cluster of Linux containers as a single system, managing and running Docker containers across multiple hosts, offering co-location of containers, service discovery and replication control. It was started by Google and now it is supported by Microsoft, RedHat, IBM and Docker amongst others. Google has been using container technology for over ten years, starting over 2 billion containers per week. With Kubernetes it shares its container expertise creating an open platform to run containers at scale. The project serves two purposes. Once you are using Docker containers the next question is how to scale and start containers across multiple Docker hosts, balancing the containers across them. It also adds a higher level API to define how containers are logically grouped, allowing to define pools of containers, load balancing and affinity.


Help Wanted: Security Analytics Unicorn

Today’s cyber attacks are increasing in sophistication and stealth. Malicious parties can infiltrate an organization’s network and rest undetected for weeks, months, even years, without raising a red flag. If targeted attackers have any virtues at all - patience tops the list. Because cyber criminals are willing to wait and collect sensitive information over time, rather than execute a flash attack, security analysts need to be able to identify and visualize user and activity patterns spanning longer periods of time. Understanding what “normal patterns” look like in a simple way enables security analysts to connect the dots at a higher level in order to detect important anomalies. Without the skills and tools to transform security analysts into entry-level data scientists, this is easier said than done.


Government as a platform, or a platform for government? Which are we getting?

The distinction here – and government’s choice – between a blueprint for GaaP that supports participation versus one that supports mere access, is critical. The former is about democratic re-invigoration, and the latter is about – well, just technology. Participation is much more disruptive to existing modes of organising within government. ... At one point, Chi Onwurah MP, who ably led the review, mentioned that she was comfortable with a notion that she coined as “platform for government” – let’s call this PfG – but less happy with “government as a platform”. Her distinction between GaaP and PfG is useful in helping to think through the dimensions, and thus the significant implications, of what is at stake. The table below summarises some of the most important issues.


How can you tell if your Web application has been hacked? “When your Web application is compromised, it will start to do things out of the ordinary,” says Steve Durbin, managing director of Information Security Forum. The key is to gain a thorough understanding of what constitutes normal behavior for your application, then keep your eyes peeled for aberrations. ... Don’t be so focused on what’s moving outside the network that you ignore lateral movement. If the Web server is communicating with other internal network resources, such as user file shares and individual user computers, that can be a sign attackers have gained entry and are moving around the network. If the application lets users upload files, then make sure it uses a dedicated file server and not a general one employed within the enterprise, for example.


Confusing the ends and the means

What everyone gets wrong is that innovation isn't the "ends" that executives seek. They seek growth, differentiation, inordinate profits. If those factors come from following the existing processes more efficiently, they will be ecstatic. But we all know that doing things more efficiently rarely creates new products or services, so they are frequently disappointed. When executives are clear with their expectations, when they communicate exactly what they want from innovation teams, when they provide appropriate scope and time frames, when they apply appropriate resources, they establish that innovation is a set of tools to help achieve profits, growth and differentiation through the creation of new products and services.


Quote for the day:


"This idea that robots, AI, can eventually encroach on creativity is pretty daunting" -- Hod Lipson

Posted by at No comments:
Labels: , , , , , , , , , ,

November 02, 2015

Software Development Estimation: A Controversial Best Practice

It’s like discussing politics or religion at a social gathering. Too controversial. Too inflamed. It’s one of those third rails of software development. Be careful if you touch it—you may get shocked. What makes this topic such a hot button one? For one thing, it seems like developers are really bad at it. Ask for an estimate on a feature, get the answer that it will be done by the end of the week, and discover that two weeks later it’s still work in progress. Or ask a developer for an estimate and the answer is, “I don’t know. Two to two hundred hours.” What are you supposed to do with that? For another thing, developers seem to resent being asked for estimates. Whether they are or aren’t good at estimating, they seem to find the whole activity to be a time waster.


How Skyport Systems wants to redefine security in the enterprise

To build security into the fabric of your organization, it can't be an afterthought. Gourlay said that money spent on tools like perimeter security is money wasted, as there is no guarantee that it can always be done the right way. "If you don't do it perfectly once, you've left the door open for somebody to get in that shouldn't be there," Gourlay said. So, their approach is to re-platform for security, with an architecture designed from the get-go to be hardened and secure by default. The Skyport system is composed of a two major components: An on-premise server and a management system. "The reality is that any mid-size company and larger is going to have a blend of on-premises compute and cloud-based compute," 


Social exclusion, IoT and data privacy the biggest issues facing digital economy

Onwurah said the default government position was to do nothing, and called for a more progressive “interventionist industrial strategy”. Asked what she might include in a hypothetical communications white paper, were she sitting on the government benches, Onwurah picked on three themes – digital exclusion, the IoT and data privacy and security. She said that, in her constituency of Newcastle-upon-Tyne Central, she saw people come to her surgeries who were unable to get online to conduct their mandatory job searches to continue to claim benefits, so were sanctioned and had to resort to food banks. Onwurah challenged the secretary of state for work and pensions, Iain Duncan Smith, to consider the impact of digital exclusion in his controversial welfare reforms.


Come the AI legal armageddon, what’s in it for me?

Lawyers must wake up to the possibility and likelihood that the machine will evolve from dealing solely with commoditised and research related legal work and move into the realm of reasoning and judging too; it already can, but we're only using this brilliant technology currently as a carthorse rather than its true calling as a thoroughbred. It’s also inevitable that more of the Top 100 firms that have been sniffing around the AI technology suppliers will tip, eventually. They will have no choice. They too will deploy IBM Watson or RAVN or another alternative AI software tech start-up provider perhaps for commoditised and/or high end complex due diligence work or a bespoke niche offering. The AI Armageddon is only a puff away.


Why tech isn’t poised for another huge bust

The most important change brought by cloud computing, however, might be in spending. The dot-com bubble was fueled by a hardware and software buying explosion as companies built and grew computer networks, but that spending was cyclical, and after people and companies bought what they needed, it crashed: U.S. technology spending by companies grew at a compound annual growth rate of 13% from 1995 to 2000, before falling to -3.5% over the next three years. Since the end of 2003, however, technology spending growth has smoothed — the 2009 economic crash notwithstanding — and generally come in line with economic growth. Over the past 11 years, the mean growth rate has been about 4.3%, topping 7% only once and falling below 3% only in 2009.


Public Policy Considerations for Recent Re-Identification Demonstration Attacks

The more complicated reality is that, while this recent re-identification demonstration provided some important warning signals for future potential health privacy concerns, it was not likely to have been implemented by anyone other than an academic re-identification scientist; nor would it have been nearly so successful if it had not carefully selected targets who were particularly susceptible for re-identification. As I’ve written elsewhere, from a public policy standpoint, it is essential that the re-identification scientists and the media accurately communicate re-identification risk research; because public opinion should, and does, play an important role in setting priorities for policy-makers. There is no “free lunch”.


Despite Best Intentions, Most Organizations Misinterpret, Misuse Data

Organizations for the most part agree on the great value of corporate date. Unfortunately, for the most part data professionals believe their organizations do a poor job of interpreting and using that data. A new study from Dimensional Research reveals this disconnect, and concludes that “data professionals have little confidence in the way business stakeholders within their organizations use corporate data when making important business decisions.” The study finds a number of areas in which those that capture and manage data, and those that act on it, are out of sync. ... Data models are also valued, but not used effectively, at many organizations. Again, the vast majority of data professionals see the value of data models, but only 20 percent of IT leaders fully understand that value. And, conversely, a majority of business users complain about data professionals on the same point.


Google makes Symantec an offer it can’t refuse

"It’s obviously concerning that a CA would have such a long-running issue and that they would be unable to assess its scope after being alerted to it and conducting an audit," Ryan Sleevi, a software engineer on the Google Chrome team, wrote in the blog post. He went on to require that, beginning in June, Symantec publicly log all certificates it issues or risk having Chrome flag them as potentially unsafe. Currently, under the Chrome certificate transparency policy, Symantec and all other Chrome-trusted CAs must log all extended validation certificates—that is, TLS credentials that certify a site is owned by a specific organization, such as PayPal, Microsoft, or Bank of America. Beginning June 1, Symantec will be required to log all certificates, not just those with the extended validation flag.


What is the status of OPNFV?

While the Arno release is a nice start, OPNFV has a way to go before establishing itself as the de facto open source NFV platform. Looking at the project list for OPNFV's next release, Brahmaputra, we can start to get a sense of which problems OPNFV will soon target. A couple of exciting examples include service function chaining, as well as group-based policy, so we will hopefully have the ability to orchestrate the insertion of virtualized network functions into service chains on an open-source platform. In the meantime, there is plenty more to learn and glean from the existing Arno release.


The Mathematics of Adaptive Security

Given the fundamental disconnect between how a security policy is described and how the security policy is implemented, the question has to be asked: “Is the perfect security policy even achievable? And if it is possible, what is the probability of introducing an error once the security policy is inevitably changed?” For that matter, what is the perfect security policy? The “ideal” security policy marries the current state (running context) of all workloads in a data center, the applications that those workloads take part in, the environment the applications run in (for instance, development, PCI, production), and the minimum of ports that need to be open to make the application work. This would effectively reduce the exposure of each workload and every application to the bare minimum.


Quote for the day:


"Machines will gain common sense when we master unsupervised learning" -- Yann LeCun

Posted by at No comments:
Labels: , , , , , , , , , , , ,

November 01, 2015

A Framework to Research the Social Determinants of ICTs for E-Health

We define the term access beyond broadband connectivity (material access), to also include motivation, skills and different type of usages, which in e-health ranges from accessing online healthcare information, services and clinical treatment, to self-support. Around the globe, e-health has continued to expand with the expectations that it will both reduce healthcare expenditure and improve quality and access to healthcare for all citizens. However, emerging evidence suggests that, if not managed carefully, e-health will further exacerbate health inequities because those with poorer health are often those with lower or no information and communication (ICT) use


How do I become an Enterprise Architect?

The role of EA is a challenging one, requiring a broad set of knowledge and skills. EAs have been described as generalists, and “a mile wide and an inch deep”. This has a degree of truth, but is also deceptive. The reality is that an EA requires very strong understanding of both business and technology, and has several areas of deep expertise. However, EAs are often assigned broad domains defined by business segments or technology categories, and must therefore initiate, review, align, integrate and communicate the work of a broad range of specialists. This requires very strong soft skills, which enable EAs to interact effectively with people. Soft skills cannot simply be studied. They require an accumulation of experience with a variety of people and circumstances.


The technology behind bitcoin could transform how the economy works

Bitcoin itself may never be more than a curiosity. However blockchains have a host of other uses because they meet the need for a trustworthy record, something vital for transactions of every sort. Dozens of startups now hope to capitalise on the blockchain technology, either by doing clever things with the bitcoin blockchain or by creating new blockchains of their own. One idea, for example, is to make cheap, tamper-proof public databases—land registries, say, (Honduras and Greece are interested); or registers of the ownership of luxury goods or works of art. Documents can be notarised by embedding information about them into a public blockchain—and you will no longer need a notary to vouch for them.


Tech giants take a break to reload in spending war

The companies don't typically disclose the components of their capital expenditures, but each of the Big Three has ramped up spending to support their own Web and mobile services and to build out operations to rent computing horsepower to other companies. While Amazon's spending also includes the mega warehouses for its e-commerce business, the company has singled out its growing Amazon Web Services cloud-computing operation as a chief reason for the spending jump in recent years. Capital expenditures have become a big component in the tech companies' jockeying for digital superiority.


Enterprise Architecture: Ripe for Digital Disruption

The key to Agile Architecture is emergence. In fact, business agility is the emergent property we seek from the Complex Adaptive System (CAS) we call the enterprise. Agile Architecture is a set of intentional acts we as individuals should take in order to get our enterprises to exhibit this most important of emergent properties. The question of the day, therefore, is what are these intentional acts? How do we actually go about architecting an enterprise to be agile? At this point many of the enterprise architects reading this will want to argue over whether the Agile Architecture I’m discussing is actually Enterprise Architecture (EA). Frankly, I don’t give a damn what you call it.


Balancing Complexity and Continuous Improvements – A Case Study

Within the IT department, TOGAF provided an ontology for discussing IT issues, and it also provided a foundation for the Enterprise Architecture repository. However, it was seen within the organization primarily as an IT architecture concern, not a framework for transformational change. The EA team decided that in order to really benefit from TOGAF and address the complexity challenges throughout the enterprise, they would need to prove that TOGAF could be used to add value throughout the entire organization and influence how changes were delivered to the IT landscape, as well as prove the value of a structured approach to addressing internal issues.


Your Data is Speaking. But are you Listening?

During the planning, leaders should use data to better understand the current organizational situation. Where are we succeeding? Where are we not succeeding? Where is our current corporate business definition working or requiring change? Where is digital transformation changing the basis of competition and possibly requiring new business capabilities? Additionally, leaders may request qualitative and quantitative data for existing and planned new products. How big is the market? What features do different segments want? And the list goes on and on. The important thing is they let the data speak to them and hear what it means to them and their business.


Digital transformations will spur software quality measurement

The move to digital products and services will mean that the failure of a system can become public knowledge very quickly indeed. System outages in industries like banking damage credibility and deter customers. “Software is becoming life-critical to businesses,” Delaroche declared. “In the past CIOs could deal with problems behind closed doors. But because many systems will be market-facing after digital transformations, problems will be public,” he said. One result of this will be to heap pressure on CIOs. “Today we hear about a major software outage every week, but in a few years there will be one every day,” Delaroche said.


Performance Testing without Requirements

In the absence of feedback and constructive input from those charged with this responsibility, you have work to do. The first challenge is to identify those responsible and elicit their system/application performance goals, expectations, and non-functional requirements. If requirements are still not forthcoming and you elect to stay the course, state in your test plan or formal communications your predicament in order to protect yourself. Concede that you are in exploratory mode and, for now, have committed yourself to waive formal requirements. You’ll have to create makeshift requirements and goals. (I’ve got some examples later in this blog as a start.) At a minimum, document what you are going to do during your performance testing effort.


14 Creepy Ways To Use Big Data

"So much information that consumers deem personal is, in fact, quite readily accessible," said Yoram Golandsky, CEO of cyber-risk consultancy and solution provider CybeRisk Security Solutions, in an interview. "There isn't one repository that can't be broken into. Eventually we find a way in." "It's a massive problem. Personal information is being disseminated far and wide. I don't think people appreciate how far and wide," said Rogers, in an interview. "It's getting to the point where you have to assume your data is not safe with anybody." While the warnings may sound alarmist or even paranoid, consider the sources: A world-class hacker and security expert, another sought-after security expert, and a Dark Web expert.


Quote for the day:


"Technology means the systematic application of scientific or other organized knowledge to practical tasks." - J. K. Galbraith

Posted by at No comments:
Labels: , , , , , , , , , , ,
Subscribe to: Posts (Atom)