February 06, 2024

Can Enterprise DevOps Ever Measure Up?

At the elitist of organizations, by Forney’s math, developers are spending up to 70% of their time writing and testing code, while the rest of their time is filled with meetings and context switching. But when you examine that exceptionally high 70%, she explained, you then have to consider how much time they are just “keeping the lights on” or dealing with customer support or are on call, versus “how much time they’re spending on the creation of new value.” She said it becomes a “diminishing bucket of space.” Especially at older organizations that haven’t quite migrated to the cloud and haven’t quite moved completely from Waterfall to agile, she finds developers are often focusing on the wrong work. Or they are building workarounds on top of their technical debt as a quick win, instead of fixing with a long-term vision in mind. “We look at organizations spending a huge amount of time doing planning and thinking these are our top priorities in the organization, but in reality, what’s going on? Are devs spending actually what you would expect to be the bulk of their time [on this]?” Forney said that “more often than not, what you see is they’re spending like 5% of their time across the entire organization level of effort on these most important things.”

IT Security Hiring Must Adapt to Skills Shortages

Omri Weinberg, co-founder and CRO at DoControl, says promoting cybersecurity education, offering mentorship and internships, increasing diversity, and providing ongoing professional development opportunities are all ways to help companies close the cybersecurity skills gap. “Collaboration among stakeholders is essential to address this challenge effectively,” he says. “It all starts at the top.” When it becomes a top priority to the board of directors, CEO and other executives, they will invest more time, money, and effort to educate the next generation alongside educational institutions to create more awareness and opportunities for the future of the cyber workforce. “Cybersecurity is one of the fastest evolving industries,” Sunil Muralidhar, vice president of growth and strategic initiatives at ColorTokens, explains via email. “Regardless of the specific specialization an individual might choose to focus on, creative thinking and problem-solving skills are the best skills an employee can have.” Also critical is the ability to collaborate with teams across the company, who may have varying degree of technical or security skills.

Help for generative AI is on the way

Retrieval-augmented generation, or RAG, is a common method for adding context to an interaction with an LLM. Under the bonnet, RAG retrieves supplementary content from a database system to contextualize a response from an LLM. The contextual data can include metadata, such as timestamp, geolocation, reference, and product ID, but could in theory be the results of arbitrarily sophisticated database queries. This contextual information serves to help the overall system generate relevant and accurate responses. The essence of this approach lies in obtaining the most accurate and up-to-date information available on a given topic in a database, thereby refining the model’s responses. A useful by-product of this approach is that, unlike the opaque inner workings of GPT-4, if RAG forms the foundation for the business LLM, the business user gains more transparent insight into how the system arrived at the presented answer. If the underlying database has vector capabilities, then the response from the LLM, which includes embedded vectors, can be used to find pertinent data from the database to improve the accuracy of the response

Meta to label AI-generated images from Google, OpenAI and Adobe

“We’re building this capability now, and in the coming months we’ll start applying labels in all languages supported by each app,” Clegg added. The move to label AI-generated images from companies, such as Google, OpenAI, Adobe, Shutterstock, and Midjourney, assumes significance as 2024 will see several elections taking place in several countries including the US, the EU, India, and South Africa. This year will also see Meta learning more about how users are creating, and sharing AI-generated content and what kind of transparency netizens are finding valuable, the Clegg said. Clegg’s statement about elections rings in a reminder of the Cambridge Analytica scandal, unearthed by the New York Times and The Observer back in 2018, that saw Facebook data of at least 50 million users being compromised. Last month, ChatGPT-maker OpenAI suspended two developers who created a bot mimicking Democratic presidential hopeful Congressman Dean Phillips, marking the company’s first action against the misuse of AI. Meta, according to Clegg, already marks images created by its own AI feature, which includes attaching visible markers and invisible watermarks.?

AI is supercharging collaboration between developers and business users

AI enables team members "to create and share content more easily, automate, and optimize business processes more efficiently," he continues. "It enhances team communications by bringing clarity and utilizing transcripts to leverage exact words to remove ambiguity. All of this helps learning and development, and fosters team culture and engagement." The company also employs "AI-powered chatbots that can translate messages, summarize conversations, and provide relevant information," Naeger states. "AI can also help teams share data and insights more easily, by creating visualizations, dashboards, and reports. AI can help teams coordinate their tasks and workflows more efficiently, by automating or optimizing some of the processes." While AI-enhanced collaboration in IT sites is already happening, the emerging technology is still very much a work in progress. The move to AI-fueled collaboration means "organizations need to adapt and be prepared for shifts in how these teams work, integrating AI-driven metrics and managing AI tools," says Ammanath.?

Cybersecurity teams hesitate to use automation in TDIR workflows

When organizations were asked about the TDIR management areas where they require the most help, 36% of organizations expressed the need for third-party assistance in managing their threat detection and response, citing the challenge of handling it entirely on their own. This highlights a growing opportunity for the integration of automation and AI-driven security tools. The second most identified need, at 35%, was a desire for improved understanding of normal user and entity and peer group behaviour within their organization, demonstrating a demand for TDIR solutions equipped with user and entity behaviour analytics (UEBA) capabilities. These solutions should ideally minimise the need for extensive customisation while offering automated timelines and threat prioritisation. “As organizations continue to improve their TDIR processes, their security program metrics will likely look worse before they get better. But the tools exist to put them back on the front foot,” continued Moore. “Because AI-driven automation can aid in improving metrics and team morale, we’re already seeing increased demand to build even more AI-powered features. ...”

Read more here ...