Daily Tech Digest - November 13, 2016

Agile Sailors - A Journey from a Monolithic Approach to Microservices

“Any organization that designs a system (defined broadly) will produce a design whose structure is a copy of the organization's communication structure” Conway argues. What did we learn from reviewing our current state by then? How did we set both structures in motion? What did we plan for and what did we actually achieve? One of the first lessons we drew from Conway´s Law was the following: changing to innovative products and short time-to-market cannot be done by relying on technological changes only. Instead, organizational changes and technology have to go hand in hand. Both dimensions need to be inspected and adapted accordingly. Although this sounds simple in concept, transforming our set-up as well as our mindset took us long and is still top on our menu.


What is OData? REST Easy With This Quick Guide

OData is a REST-based protocol for querying and updating data. It is built on technologies like HTTP, ATOM/XML, and JSON. It is more flexible than other REST-based web services and provides a uniform way to describe the data and the data model for easy interoperability between data sources, applications, services, and clients. Similar to ODBC and JDBC, OData gives you a single way of accessing various data sources. Consumers of OData master one API and use it to consume multiple data sources. As a producer, OData relieves you from spending your resources to defining and maintaining data access and discovery API. OData is an OASIS standard and is beginning the standardization process with ISO. It defines the best practice for building and consuming RESTful APIs.


Next Generation Firewall Bypass Tool: FireAway

Fireaway is a tool for auditing, bypassing, and exfiltrating data against layer 7/AppID inspection rules on next generation firewalls. These tactics are based on the principle of having to allow connections to establish through the NGFW in order to see layer 7 data to filter, as well as spoofing applications to hide communication channels inside the firewall logs as normal user traffic, such as Internet surfing. Typically the FireAway server would be started on the egress side of the firewall (such as a server on the Internet), and listen on a port believed to be closed to see if any application based rules allow traffic out on this port ... All data received by the server on this port will be saved to the file ReceivedData.txt in the directory the server was launched from.


A Software Product Vs Project

In short, a software Project is all about to execute a Statement of Work of an internal or external customer, where what customer required is right irrespective of what is ideal or what the end user would expect. Though some projects are scoped in such a way that certain aspects of non-functional requirements are left to the choice of the project teams. Product development isn’t about implementing what the customer wanted to. In product development, the product manager owns and comes up with the product requirements. A large product or product suite, typically comprise of many projects and will evolve over time. Unlike a project the product will be improved continuously without an end date based on feedback from end users and the product team prioritizes what needs to be built next based on its perceived value for its target users or customers.


Understanding the CIO’s Role in Security

The CIO should take charge for two reasons. First, he or she is in the best position to understand the complexities and specifics of the IT infrastructure and services that run the business. This level of understanding allows the CIO to consider all implications, even those stemming from or affecting operations, technology and events outside the enterprise. Secondly, CIOs are often held responsible for high-profile breaches. This extra pressure is excellent motivation for a CIO to make enterprise security a personal top priority. Specifically, the CIO’s role in security should extend to three different areas to maintain a strong security posture.


Why Cultural Change Is Necessary For Big Data Adoption

Big data is transforming businesses across industry sectors — from industrial systems to financial services, from media to health care delivery, from drug discovery to government services, from national security to professional sports. The opportunity to deploy data and analytics has accelerated the speed at which companies can enter new markets, with new solutions, and quickly challenge or displace traditional competitors and market leaders. Consider some of the firms which are at the forefront of the Digital Economy – Amazon, Google, eBay, Facebook, Uber, and Airbnb. These are firms that are rooted in big data and analytics, and have leveraged new data-driven business models to disrupt and transform traditional industries such as retailing, media, and travel.


A Warning for Fintech

At stake is the bank's continued relationship with many of its clients. Cyber attacks can prompt the most tech savvy customers to walk way: about 29 percent of U.S. millennials will close all accounts with a bank after a fraud incident, according to an October-November 2015 survey by credit scoring agency FICO. But the financial damage could spread far beyond Tesco. It's easy to imagine how the rising financial cost of cybercrime could damage the big selling point for fintech firms and challenger banks: being able to acquire customers and operate at a lower cost than established rivals. ... Protecting against cybercrime is about more than just spending of money on the right technology -- and it's also about having the right plan in place when a successful attack does get through.


Don’t let email attachments become your weakest link

Employees represent a business’s first line of defence against email threats, so they have a big responsibility to help protect data and keep the company secure. Most of the time, individuals are simply too busy or too ignorant of the consequences to consider for more than a second or two whether they should open a questionable email or attachment. The hackers are making it even harder for security teams because they know that at the beginning or the end of the day, when people want to get stuff done or get out the door, they are more likely to be fooled by an email attack. For this reason, there are often spikes of malicious activity early in the day or late in the afternoon.


The Impact Big Data Is Having How We Learn

One of the biggest technological advancements that has improved the quality of the learning tools we use is the aggregation and analysis of data. According to a report by the U.S. Department of Education, “Big data captured from users’ online behaviors enables algorithms to infer the user's’ knowledge, intentions, and interests and to create models for predicting future behavior and interest.” Big data is empowering education companies to understand things they could not have previously. Companies like Edx are using that information to determine what kinds of classes can be taught online and which are better suited to a classroom environment. When it comes to learning, there’s no doubt students have more options than ever before, learning at their convenience from home, the coffee shop, or the classroom.


5 Steps To Create A Culture Of Leadership

Creating a culture of leadership is a key component in your companies’ ability to grow year over year. It is not something that can be implemented; rather a culture of leadership evolves organically by taking the necessary steps and investing the time and resources that are required to create leaders not only at the top level, but throughout your organization. For a culture of leadership to exist, companies must first define it. This definition needs to be based on core leadership capacity principles and “must have” characteristics. These can be uncovered through internal reflection and an assessment of the company leaders which we discussed in our last article. However, culture should not be developed strictly through a top down approach.



Quote for the day:


"There is a difference between listening and waiting for your turn to speak." -- @SimonSinek


Daily Tech Digest - November 12, 2016

Cognitive computing systems a natural fit for IoT devices

Analyst firm Gartner forecast 6.4 billion connected devices will be used worldwide in 2016, jumping to 20.8 billion by 2020. But many of those devices will be relatively dumb, including things like fitness trackers, connected speakers and cameras. The real value from internet of things (IoT) devices could come from backing up a data connection with cognitive computing systems. This turns a connected device from something that strictly generates data into something much more interactive. Thomas Jefferson University Hospitals is using a similar approach to help improve the patient experience. The health system recently unveiled a speaker and microphone system that can be embedded in patient rooms. Patients can speak questions about hospital services or commands that control the room's heating and cooling, lighting and entertainment systems.


Active Cyber Defence - tackling cyber attacks on the UK

There’s a common complaint from industry to governments about cyber security. It’s generally that governments tell them they’re not doing enough and must do more, often without really understanding the real-world impacts or commercial implications of their demands. ... We’ll be eating our own dog food to prove the efficacy (or otherwise) of the measures we’re asking for, and to prove they scale sensibly before asking anyone else to implement anything. The ACD programme is intended to tackle, in a relatively automated way, a significant proportion of the cyber attacks that hit the UK. Automation means the measures scale much better. It's not a panacea but should help us mitigate the impact of a significant proportion of the attacks we see. It won't affect the really targeted attacks (at least initially) but we're hoping that we can reduce the noise enough to make the defenders' jobs easier when tackling those very targeted attacks.


Global industry groups voice opposition to China cyber security law

In their letter, the groups warned that Beijing’s efforts to control more of China’s Internet and technology would “effectively erect trade barriers along national boundaries” while failing to achieve its security objectives. The cyber security law would also burden industry and undermine “the foundation of China’s relations with its commercial partners,” the groups wrote in a letter addressed to the Chinese Communist Party Central Leading Group for Cyberspace Affairs. The letter’s signatories include the Information Technology Industry Council, the Internet Association, the U.S. Chamber of Commerce, the Australian Industry Group and BusinessEurope, among others. The law’s adoption comes amid a broad crackdown by President Xi Jinping on civil society, including rights lawyers and the media, which critics say is meant to quash dissent.


How Facebook Is Transforming Disaster Response

This new incarnation of Safety Check begins with an algorithm that monitors an emergency newswire—a third-party program that aggregates information directly from police departments, weather services, and the like. Then another Safety Check algorithm begins looking for people in the area who are discussing the event on Facebook. If enough people are talking about the event, the system automatically sends those people messages inviting them to check in as safe—and asks them if they want to check the safety of other people as well. In other words, the system is driven by Facebook algorithms first, and then it’s driven by the choices and behavior—and white-knuckle worries—of people on the ground.


Bringing the Power of Platforms to Health Care

Despite healthcare’s remarkable track record holding out against the tides of change, there are finally holes in the dam. The healthcare internet is emerging node-by-node, provider-by-provider, and patient-by-patient. So, there’s really no longer a question of whether healthcare will join the rest of the economy and concede to the inevitable. The real question is what it will look and feel like for patients and providers once care is connected and the “network effect” begin to take hold. It turns out we have a pretty good sense of what’s to come because we know what AirBnB has done to hotels (and homes), Waze to GPS systems and fold-up maps, and Uber to taxis. To us, these disrupters illustrate well the three dimensions of the network effect that is poised to transform healthcare: administrative automation, networked knowledge, and resource orchestration.


Travis CI Tutorial: Java Projects

This post describes how to achieve all the desired features using a whole new stack that might not be familiar to enterprise Java developers. GitHub was a perfect match. Then I went on to search for a Jenkins cloud provider to run my builds… to no avail. This wasn’t such a surprise, as I already searched for that last year for a course on Continuous Integration without any success. I definitely could have installed my own instance on any IaaS platform, but it always pays to be idiomatic. There are plenty of Java projects hosted on GitHub. They mostly use Travis CI, so I went down this road.


How to automate the enterprise: Your guide to getting started

In order for businesses to identify which roles are automatable, they will likely need to first document their processes in detail. "If you analyse all of the activities that everyone is doing in the organisation you can get a sense for which of those might be more automatable than others," said Chui. Neil Kinson, chief of staff at enterprise process automation specialist Redwood Software, recommends creating what he calls a 'robotization centre of excellence' that collates the processes taking place across the business. "It really is teaching people how to both document their process and turn that documentation into what effectively becomes a robot design," he said, using the term 'robot' to refer to the software carrying out the automation.


Why CIOs must step up to lead digital transformation efforts

"CIOs are probably the most equipped to look at the whole iceberg—they need to be front-and-center for the digital transformation," Kark said. "If they're not, it becomes an issue for business leaders, because they are only looking at the front-end stuff, not the whole picture." Though many CEOs recognize this, CIOs are often relegated to just managing technology as the extent of their role, Kark said. "Some of it is that CIOs are not raising their hands to say, 'We are ready to do this,'" Kark said. "Maybe they don't have the credibility or influence, or haven't proactively said they can help." "If CIOs don't step up, other business leaders will, who are only looking at the tip of the iceberg and aren't setting up for success," Kark said. "CIOs better understand the enormity of [digital transformation] efforts, and can articulate that to their business peers."


6 Ways To Add Cybersecurity Protections To Outsourcing Deals

The increasingly complex and geographically dispersed IT environment also complicates matters. When company data lived within one or more central data centers, it was much easier for companies or their suppliers to secure the perimeter with, for example, firewalls, physical security and controlled logical access. Today, data is scattered among data centers, clouds, and mobile devices, for a start. “The points of access and potential points of security failure multiply with this ever expanding ecosystem,” says Eisner. “In addition, many of these systems are provided or managed by third party suppliers.” For those reasons, CIOs must take a risk management approach to selecting, contracting with, and monitoring their company’s IT service providers.


Are regulations the answer to better Internet of Things security?

Regulations, whether or not anyone likes it, can be a very effective hammer for greater good. From improved health monitoring to safer highways to smart homes, IoT has already begun to touch the lives of millions of Americans and will become truly transformational in the years to come. Gartner forecasts that 6.4 billion connected things will be in use worldwide this year, up 30 percent from 2015, and will reach 20.8 billion by 2020. Unfortunately, all those new connected devices also represent the next frontier for hackers. Gartner predicts that more than 25 percent of identified attacks in enterprises will involve IoT devices by the end of the decade. Yet too little attention has been paid thus far in protecting them. 



Quote for the day:


"Leadership is a potent combination of strategy and character. But if you must be without one, be without the strategy." -- Norman Schwarzkopf


Daily Tech Digest - November 11, 2016

Hedge Funds Beware: Most Machine Learning Talk Is Really ‘Hokum’

Giants like Bridgewater Associates and smaller firms such as Highbridge Capital Management and Simplex Asset Management in Japan are developing machine learning or investing in it. The next-generation algorithms, which build on the statistical tools quants have used for years, plow through financial, Internet and satellite data to find unusual patterns. A certain default premium combined with a particular yield-curve slope, for example, might produce a high probability that a stock price will rise or fall. Finding such “signals” to wager on is the holy grail. Many say AI will shake up the industry. Fifty-eight percent of managers in a recent KPMG survey said the technology will have a medium-to-high impact on the way hedge funds operate in the future.


Can we prepare for the jobs that don’t exist yet?

Ultimately technical know-how always need to be backed with something else – just as accountants still tend to do better at work if they’re easier to get on with. “Soft skills set humans apart in an age of automation and robotics,” suggests Steve Hill, External Engagement Director at The Open University. “Adaptability is itself a key soft skill that will become increasingly important as individuals have to adapt to jobs that haven’t even been created yet. Businesses need to facilitate a process of knowledge sharing – between different departments, diverse employees, and even between businesses – to boost this adaptability.” Watkins of Tyche Leadership adds that for businesses “future proofing themselves will be more about hiring people with resilience.”


Managing multiple clouds requires careful choice, architecture planning

One of the ways that companies can manage multiple clouds is before the cloud is selected, by choosing additional services wisely. Bartoletti recommends following the apps to the cloud, not the other way around. "Let your app needs drive your choice of clouds, not today's compute or storage prices - they will keep dropping," he said. Higher value services like database, analytics, mobile platforms, and integration tools should guide the choice, he added. Additionally, some companies try not to use proprietary cloud services like AWS Lambda or Google BigQuery because they're concerned about being locked into that choice, according to Mike Kavis, vice president and principal architect at Cloud Technology Partners.


Are Consumers Accepting Data Breaches As The New Normal

Across the board, consumers demand more privacy and protection but are unwilling to use privacy enhancing systems such as Virtual Private Networks or in some cases even basic security software. Of course, even if they take measures to protect their information, if the business’s own security is compromised, no measures the consumer takes on their end will keep their information safe. For this reason, many consumers have simply accepted that a data breach will happen at some point. Unfortunately, this acceptance makes it easier for hackers. If consumers stop reporting, companies will not know of any security issues and some may even stop caring about cybersecurity. This will eventually embolden more hackers to attempt data breaches as they are less likely to suffer repercussions for their actions. This is a downward spiral that can get dangerous quickly.


The ‘real situation’ on the Internet of Things 2017-2027

“IoT centres around things collaborating for the benefit of humans without human intervention at the time. It does not include the Internet of People which is a renaming of the world of connected personal electronics operated by humans: it has completely different characteristics and it is cynical to conflate it with IoT.” Nevertheless, says Harrop, “we show how IoT nodes can be on people and quantify the appropriate part of wearables market because is relevant. The report explains further with a host of examples and options, even giving forecasts for agricultural robots following several respondents seeing agriculture as an important potential IoT market.” Harrop proudly boasts: “Because we run our own IoT events, we get the inside track first.”


Robots present a cyber risk

The difference between actual and potential risks with robot security incidents “is a function of the complexity of the algorithms used by robots, and the physical and social context of their operation, and their numbers,” says Tom Atwood, executive director of the National Robotics Education Foundation, which provides educational information about robotics to students, educators and professionals. ... “These contexts are growing in number as physical and virtual robots proliferate in all spheres of human endeavor,” Atwood says. Many organizations that operate autonomous machines such as industrial robots mistakenly think they will not be targets because the machines don’t process personal information or financial information. The same goes for companies that produce the machines.


Mastercard using selfies to prove cardholder identity

"Passwords are obviously a challenge to deal with, prone to compromise and difficult to remember," said Dennis Gamiello, Mastercard's vice president of identity solutions, who said the company also considered using fingerprints. "Everything we do needs to be about choice and great consumer experience and can scale. ... Not every phone has a fingerprint reader. It may not work for everyone. Most smartphones have front-facing cameras. This biometric double-check is used for what are called "card not present transactions," such as online purchases. An alert would be sent to the user's registered smartphone, asking for authentication, which comes in the form of a selfie. The cardholder has a certain amount of time in which to respond to the query.


Can Low-Power Devices Be Secure?

The attack surface increases with connected cars. “It’s really important that cars, overall, the system-wide approach is taken for their security, and that people think about security from the overall vehicle electronics system, and not just their individual chip or ECU,” said Turner. “So, that’s presenting a whole new challenge to the automotive industry, which is used to getting bits from all sorts of people in the supply chain and just putting them together without having to think necessarily about system-wide security.” He noted that both internal and external connections need to be secured. Microcontroller suppliers were on a panel at ARM TechCon, addressing the topic of IoT and security, moderated by Nandan Nayampally, vice president of marketing for ARM’s CPU Group.


Next Career Step for Best and Brightest CDOs? How About CEO?

“Organizations that have made the strategic decision to introduce the CDO role are looking to get as much new value as possible from this position,” the study continues. “Thirty percent of the surveyed CDOs said they report directly to the CEO. CDOs are adding to the competitiveness of their companies by contributing to strategic planning and decision making, and by leading digital business initiatives.” As a result, Gartner predicts that, by 2020, 15 percent of successful CDOs will move into CEO, COO, CMO or other C-level positions. Why all this optimism? Because of the growing number of organizations that are really taking seriously the value of their data, and that want somebody to take charge of it. According to Gartner, the office of the CDO is being established as an operational department with the appropriate staffing, budget and responsibilities.


Singapore has committed to eGovernment but what about the rest of Asia?

The Government Technology Agency, or GovTech, was recently created to head up the launch of these services and provide engineers for the government’s various Smart Nation projects. It is unlike the Info-communications Media Development Authority (IMDA), which is usually at the forefront of Singapore’s tech talk and builds connections with the private sector. GovTech on the other hand is tasked with reinventing the public sector. GovTech’s remit will cover cybersecurity, digital infrastructure for government, data science, data analytics, and app development. One of its most ambitious tasks is creating a one-stop vault where citizens can access and manage all of their personal data. This will tie into collaborations with the Ministry for Finance, where data can be automatically pulled from the vault to fill in forms for things like tax returns, loans, or public housing applications.



Quote for the day:


"A big part of leadership is just being comfortable with the fact that some decisions really are only yours." -- Helene D. Gayle


Daily Tech Digest - November 10, 2016

AI, Cognitive Computing To Disrupt Enterprises: IDC

"Recent announcements by several large technology vendors and the booming venture capital market for AI startups illustrate the need for organizations to be planning and undertaking strategies that incorporate these wide-ranging technologies," he added. But it's not just about startups. Enterprises will play a big part, too, or risk being subsumed by digital disruptors, according to IDC. "Identifying, understanding, and acting on the use cases, technologies and growth opportunities for cognitive/AI systems will be a differentiating factor for most enterprises and the digital disruption caused by these technologies will be significant." IDC says that enterprises across a broad range of industries will be able to enable cognitive systems and AI by applying algorithms and rules-based logic to data flows.


Pixel XL with Google Daydream provide premium mobile VR

The flexible Daydream View headset simplifies alignment of the phone compared to Google Cardboard and the Gear VR. Just drop the phone into the headset, and the NFC chip inside the headset turns on Daydream VR and the Hall-effect sensor automatically aligns the screen with the lenses. The phone can be inserted quite far out of physical alignment, and the screen aligns perfectly from inside the headset. ... The Daydream controller has a very comfortable and lightweight minimalist design. It has a touchpad-like button, an application button and a home button that returns the user to the top-level menu. The overall performance and three degrees of freedom (3DOF) works well, though there is a bit of drift that can easily be corrected by pressing the home button.


How ‘Security Scorecards’ Advance Security, Reduce Risk

Understanding what makes a system secure is easy because it’s a technical problem. Deciding whether or not that’s worth doing from a business standpoint is more complicated. A lot of security people assume that security initiatives are always worth pursuing. If it takes zero resources – no time, no money, no anything – of course you’d do it. Every security improvement comes with a cost, and those costs are not always apparent or worth bearing. ... Security people would do well to accept risk, have a process for accepting risk, and make their business colleagues comfortable with accepting risk or paying for mitigation. If we have this business that is under-performing, it’s easy to look at the balance sheet of that business and know whether spending $100,000 on a pentest is worth doing.


A personal yet technology-driven approach to getting those 5-star reviews

With information on guests being so key to the success of hoteliers, it’s no surprise that they’ve been investing in innovating loyalty programmes: this has been their primary method of getting information about their guest’s behaviours and preferences and encouraging them to return. But as guest expectations continue to rise, understanding and meeting them is becoming tougher and tougher. It seems that one solution for hoteliers would be to create an app that drives the desired guest experience. This app could smartly and contextually recognise the guest from almost before the moment they log in, prioritises them based on their profile, and maintains the engagement from booking through arrival, during their stay and after check-out.


APIs Blurring Distinction Between Banking and Fintech

APIs have been used at banks and credit unions for decades, allowing internal developers the ability to interact with banking functionality without having to interact directly with the organization’s back-end systems. The beauty of an API is that it can modernize legacy infrastructure. The difference today is that financial institutions are allowing external access, expanding the possible use cases exponentially. Peter Wannemacher, a senior analyst with Forrester Research, said that “APIs will be, in the near future, a necessary and valuable means by which banks will do their jobs.” He added, “There’s a component of inevitability.” Tech writer Brian Koles says, “A company without APIs is like a computer without internet.” APIs are being used primarily to allow for the building of fintech solutions with a reduced time to market.


Oracle Widens Cloud Investments to Battle Bigger Amazon Threat

Oracle is also moving forward with home-grown tools, and in September unveiled a new plan for its own services for infrastructure, the core computing feature that lets developers easily build applications or work with databases. This business has been the laggard at Oracle, at less than a quarter of the size of the other cloud offerings and with slower growth. Hurd said the latest push -- backed by the company’s own big data centers with more efficient servers -- is something new for the business that can help spur the next chapter of growth. He’s betting customers would rather have more products from fewer providers than a patchwork of tools from a smattering of companies.


Peek at the smart tech inside Box's new headquarters

If it sounds similar to the smart campus that VMware recently opened in Palo Alto, Calif., that's because Chapman was on the team that helped design that build, before he joined Box in July 2015. Chapman was previously the CIO of HP Software and prior to HP, he was a vice president at VMware. The way the mobile app at Box works, "if I want to book a conference room, I bring it up on my app, I see the conference rooms that are available, I choose the room I want, I get turn-by-turn directions to that room and as I step into that room it automatically checks me into the room. Within 10 minutes if a room isn't claimed it's freed up. That works from an efficiency standpoint as well. A percentage of our rooms are reclaimed every day as people don't show up," he said.


New Tools Aim to Close the Cybersecurity Skills Gap

CyberSeek gives policymakers, employers, security professionals and others greater visibility into the demand for cybersecurity professionals around the country, allowing them to see the skills and types of workers that employers are seeking, as well as the true supply of professionals to fill those positions. Resembling a weather map, CyberSeek uses varying shades of color to reveal relative concentrations of cybersecurity job postings and worker supply. Users can search by state or more than 300 metropolitan areas, seeing total job openings, worker supply supply/demand ratio, a quotient for geographic concentration of workers and an area's top cybersecurity jobs by title. Here's an example NICE provides for the Kansas City metropolitan area: CyberSeek reveals that in the past year there were 2,134 job openings and 6,829 employed workers,


2017 Will Be A Bad Year For Pessimists

Everyone talks about the skills shortage, but is that really the problem? What if what is seen as a skills shortage is actually a result of employers’ addiction to Industrial Age work credentials such as college degrees and work experience? Autodidacts have discovered the power of “YouTube University,” but employers have been slow to recognize the potential. Workers wanting to learn a new skill or to pivot or accelerate their career can spend hours searching YouTube and engaging in various social media communities to develop competencies. ... Optimism extends beyond the executives I talked to. The Dalai Lama is also upbeat about the future. The Tibetan spiritual leader is heartened by the emergence of global consensus on climate goals enshrined in the Paris accord on climate change, as well as by the emerging ability to measure the willingness of nations and politicians to get along with one another.


How Java developers can use the Wiremock framework to simulate HTTP-based APIs

If you really wanted to, you could easily implement your own simple logging framework in no more than a day or two. But conventional wisdom has conditioned us never to write logging frameworks from scratch. Rather, we use Logback, Slf4J or similar off-the-shelf logging frameworks. And that’s for logging, a relatively simple function; if you ramp up the complexity of the problem, to consider for example data storage, it is almost a given that you will be using one of the ready-made frameworks available on the market, such as Oracle, MongoDB or Neo4J, depending on your requirements. Or take for example testing frameworks. You would not write a testing framework for every project you start; you’d just use JUnit or any of the other ones available, and optionally build on on top of that.



Quote for the day:


"We cannot change what we are not aware of, and once we are aware, we cannot help but change" -- Sheryl Sandberg


Daily Tech Digest - November 09, 2016

Companies will 'get serious' about AI technology in 2017

CIOs will have to determine where to place their biggest bets -- either on AI technology or skills. Open source libraries from the likes of Google and Facebook make AI cheap and accessible, but the talent needed to leverage these libraries doesn't come cheap, Davenport said. At the other end of the spectrum is IBM Watson. Davenport called it "the big, high-price and, in some ways, high-risk option because they really want to sell it for transformative applications." In a recent Harvard Business Review article, Davenport explained that IBM helps assess where the cognitive technology will make the biggest impacts and provides consultants and researchers to help companies get there.


Docker, machine learning are top tech trends for 2017

For Docker, PaaS, and microservices, developers see containers as a self-contained process and the PaaS as the common deployment target, using microservices as the common style, according to ThoughtWorks. "What we're seeing today is the level of abstraction is being raised up," Mason said. In the previous paradigm, a process ran only on a machine. "Now, we think about a Docker image as that basic unit of work and computation," and APIs and microservices serve as a communications fabric. Intelligent empowerment, meanwhile, has companies frequently open-sourcing sophisticated libraries and tools that would have been "stratospherically expensive" and restricted a decade ago, ThoughtWorks said. New tooling has been made possible by commodity computing and targeting of specific hardware like GPUs and clouds.


Gaps starting to close in cyberinsurance policies

Some insurance companies are trying to fill the middle ground. One example is Willis Towers Watson, an insurance brokerage that recently announced its CyFi plan—that's short for cyberinsurance and fidelity, vice president Peter Foster explained. Fidelity bond is insurance-speak for a crime policy involving the theft of money. A client of Foster's in the financial field nearly lost a large sum when one of their corporate officers was asked to surreptitiously transfer money online, which inspired Willis to expedite its product offering, he said. That wouldn't have been covered in a standard cyberinsurance policy. "They managed to stop it in time, but it's what got them concerned," Foster said.


Changing IoT Passwords Won't Stop Attacks. Here's What Will.

The solution is to ensure security throughout the IoT environment — from the manufacturer, through the supply chain, into the home setup process, and on through the connection and integration a device has with other devices and apps such as Wi-Fi routers and cloud services. The initial process by which a device is brought into the home, how it's added to the home network, how it's configured, and how security credentials are established will determine the security and privacy of that device over its life cycle. The current reality is that these processes don't implement many security best practices or standards. The industry should take this opportunity to determine a set of best practices and security technologies for this key piece of device life cycle. This will take an industry effort, not just a public service announcement to consumers. And it won’t happen overnight.


Robots Present A Cyber Risk

First, these machines are generally integral to assembly line operations and other similar activities, Overly says. “An attack could literally bring a manufacturing or assembly plant to its knees,” he says. “We have seen this very outcome in a ransomware attack targeted at robotic assemblers in a plant in Mexico.” In that case, the ransomware locked up the specifications files from which the robots drew their operating parameters, he says. Second, robots are generally large and capable of causing significant bodily and property damage if operated other than in accordance with their specifications. “If the subject of an attack, the machines could cause dramatic harm, both to individuals and to property,” Overly says.


The Serious Fun of Shared Experiences at Work

Once a team is formed, ongoing shared experiences continuously elevate its performance. Shawn Achor, a happiness researcher and former Harvard professor, studied NFL teams and elite military units, investigating why high-pressure situations cause some teams to perform at a high level and others to fail. Achor’s findings suggests that the critical difference was the way in which the teams viewed stress. When stress is combined with meaning — for example, trying to win a Super Bowl — teams performed better. This link to purpose is underscored by the classic teaming theories of my colleague Jon Katzenbach, who proposes, in The Wisdom of Teams (with Douglas K. Smith), that shared purpose is one of the elemental basics that must be in place for a team to perform.


5 flavors of hybrid cloud transforming the enterprise

Public IaaS providers let you have it your way, so you can come very close to duplicating your on-premises environment in the public cloud and make one an extension of the other using a secure virtual private cloud, where cloud resources reside in a virtual network hosted by the provider. Customers choose workloads or environments that would most benefit from cloud extensibility—dev and test, analytics, or even core line-of-business applications that need to scale. ... The idea of “burst” capacity, where a private cloud acquires additional VMs from a public cloud in response to spikes in demand, got a boost with the recent deal between VMware and AWS, in which the entire VMware software-defined datacenter stack will be available as a service on AWS next year.


Security risks from the internet of things

As awareness increases, some “smarter” IoT devices can be brought up to current security standards with periodic firmware updates. While it’s a start, the majority of internet-ready devices cannot be integrated into the conventional IT hardware or software protections with which companies protect themselves against internet-based attacks. The variety of new internet-ready devices brings a mass of new data traffic to the network that must be managed and secured by IT departments. But it’s complicated by the variety of network protocols used by all of these various device types. The consumerization of IT is another factor due to the increasingly permeable borders between devices for personal use and those for business.


Future enterprise companies will be run by robots

Volkswagen has already utilized ML to predict future sales performance, depending on release date, vehicle type, area, and accessories. The CIO says the use of such technology has so far been a "stunning, surprising success," with machine-based sales predictions reaching accuracy levels of up to 90 percent -- whereas human predictors can only manage an average of 60 percent. It may also be that one day, these bots will be smart enough to automatically approve financial decisions based on cost control. Finally, Hoffman says that bots will also be used in decision making and execution. These "Mr. Know-it-all" bots will be used in team management, scheduling, time planning and the automatic management of corporate documents. Do these future applications mean that robots will be taking over all of our jobs?


HTTP Benchmark and Pipelining

Now, the problem is that this is really expensive. As in, wowexpensive. So pretty much as soon as the web started to hit it off (mid-90s or so), people realized that this isn’t going to work, and the notion of Keep-Alive was born. With Keep-Alive, you are going to reuse the same TCP connection to send multiple requests to the server. The idea is that once the connection is open, there is a strong likelihood that you’ll use it again soon, so why pay the 7 packets cost for opening and closing the TCP connection? And the more requests we make to the server, the better we are. Now, there is another trick that we can apply here. Remember that TCP is stream oriented, not packet oriented. That means that as far as the calling code is concerned, we aren’t actually seeing packets, just bytes arriving one after another.



Quote for the day:

"Talent is a dreadfully cheap commodity, cheaper than table salt. What separates the talented individual from the successful one is a lot of hard work and study." -- Stephen King,