Tuesday, July 16, 2019

The IT Toolbox #005 - Thoughts on Cybersecurity



Define a set of cybersecurity rules.

Define an architecture (be it physical, platform and/or application).

Make sure the aforementioned rules can be applied.  (It doesn't matter if they are perfect, NONE are.)

Fix the rules or what the rules break.

For the love of all that is holy, PATCH in a reasonable amount of time.  (If you use a service provider, make it a contractual obligation and/or a Key Performance Indicator (KPI).)

Make sure there is a mechanism to verify the patches are in place.

Make sure there is a mechanism to verify FW rules are CORRECT.

Segment ALL applications.  Microsegment all unique elements of all applications.  Use SSL.

PATCH everything in a reasonable amount of time (yes, it's a repeat, but many don't hear it the first time).

Be prepared to burn down ANY exposure.  Have a plan in place in the event this must happen.

Have a reporting and notification plan in place.

When an exposure is identified (and it will be) make sure you use the reporting and notification plan.

If you EVER have to break ANY of the self imposed Cyberscurity rules, segregate and enclave to limit exposure.



Tuesday, July 9, 2019

The IT Toolbox #004 - Definitions #2



AI is not AI

AI is a marketing buzz word (ok it's an acronym (or even an Initialism), but bear with me)

Definitions of AI I've personally witnessed

     AI is stealing jobs (well, boring, repetitive, mind-numbing jobs)
     AI is Machine Learning (it can/could be, but mostly isn't...yet)
     AI is data processing (so is paper shuffling)
     AI is a Virtual Agent (actually partially true, at least the native language parts)
     AI is The Terminator (nope, that's a Movie, starring Arnold Schwarzenegger and on my must                                                  watch list)
     AI is Analytics (sorry, Analytics is Analytics, representations and uses of data)
     AI is a self driving car (hopeful a self driving car is more than AI, wishing for seats, engine, etc)
     AI is Deep Learning (might be true, how supervised is the learning?)
     AI is self service (well, ok.  Gives supermarket self checkout a new meaning.)
     AI is Robotic Process Automation (not so much as a set of response triggers, but bits could be)

If you’d like to read a thoughtful description of Artificial Intelligence, have a look at this Wikipedia article: https://en.wikipedia.org/wiki/Artificial_intelligence  (15 pages and 375 references, AND 18 disambiguation references)

So, if you're talking about Artificial Intelligence (AI), consider refining your definition and talking points to if there is (or is not) a neural network being trained in support of the mymicing of "cognitive" functions.

If not, call it what it really is rather what someone is marketing.

Wednesday, July 3, 2019

The IT Toolbox #003 - It is only a little off

IT is complicated ...

Here are some sensors:

Primary Adoption Strategy of Digital Transformation 1 
    (surveyed IT departments)

     34% - heterogeneous IT integration (basically picking parts that work for a particular purpose)
     27% - entirely public cloud
     24% - entirely private cloud
     16% - hybrid cloud

     Less than half of enterprises (surveyed) have a mature cloud adoption strategy

     12% - self report as mature
     37% - self report as somewhat mature

84% 2  of public cloud customers will repatriate some workloads to private infrastructure in 2019

Between 40% and 80% of enterprises will fail to deliver traditional workload on public cloud 3,1 

Enterprise Data Centers are closing - incorrect 4 

     Enterprise Data Center spending continues 5,6

x.86 Market growing at 19% 7 

Major x.86 vendors are growing market share and revenue 8 

There's a massive misunderstanding about the definition of the Digital Transformation end state. 9 

--  Publically available references --