June 15, 2021

How the public sector can accelerate digital discovery

Firstly, public bodies should focus on outcomes rather than output. By identifying where an immediate impact can be made to address the challenges of legacy technology – rather than trying to fix everything at once – you can empower digital partners and discovery teams to identify issues and make key decisions without blockers from other teams, existing structures or business areas. Removing this red tape will mean decisions and actions will be taken at a pace, delivering greater value and results in the process, rather than creating complicated services that users struggle to navigate. The next focus to enhance digital discovery should be diversity, building and working with project teams that cover a wide range of disciplines and skill sets, as well as ages, races and genders. Increased diversity means that a discovery team benefits from different experiences and frames of reference, helping to avoid conformity and a groupthink mentality, which can result in issues being missed or solutions not being considered as everyone is thinking on the same page. For example, including people from non-digital backgrounds in a discovery team, such as service users, will help to identify problems that otherwise may be missed. 

Delivering the Highest Quality of Experience in a Multi-Cloud World

The global pandemic has accelerated enterprise IT teams’ desire to simplify the management of complex multi-cloud and edge environments and operate them holistically as a single WAN. It is also driving IT requirements for delivering the highest levels of application performance for all their cloud-hosted business applications, from any network in the emerging post-pandemic environment. This shift is intensifying the urgency to transform conventional data center and MPLS-centric and VPN-based networks to a more modern hybrid SD-WAN environment that combines MPLS and internet with secure managed internet-based cloud services. In a hybrid WAN environment, application performance across a WAN can vary considerably from site to site or region to region because of underlying factors such as latency, packet loss and jitter that must be taken into consideration, especially using a mix of MPLS and broadband connectivity services. The Aruba EdgeConnect SD-WAN edge platform, acquired with Silver Peak, supports advanced visibility, routing, control and intent-based policy management for any application – thereby improving the performance and availability of business applications by dynamically routing traffic to virtually any site, automatically adapting to real-time network conditions.

Intelligence gathering: Bringing AI technology into strategic planning

While theories governing corporate strategy have been debated (and sometimes overthrown) over the years, real time strategy focuses on modernizing an aspect that has practically been left untouched: methodology. AI techniques, which include machine learning, can import data from an abundance of sources, identify patterns and trends, and supply insights for decision-makers. In the process, AI-enabled planning upends traditional processes that depend on (and are affected by) human bias. Too often, the authors point out, current strategic decisions are based on information that is flawed across multiple dimensions (e.g., completeness, accuracy) and end up being unduly influenced by intuition and experience. During the exhaustive process of devising a plan, many assumptions and hypotheses are undeservedly promoted to “facts,” especially if they help dim uncertainty. The result: strategic plans that gain consensus, but emerge with a blandness akin to vision statements—and no mechanism for consistent follow-up. Without alignment among business units as to how each defines success, even companies that have embraced AI can end up stalled on the AI maturity curve, unable to progress beyond early victories in cost reductions and productivity gains.

Unique TTPs link Hades ransomware to new threat group

Researchers claim to have discovered the identity of the operators of Hades ransomware, exposing the distinctive tactics, techniques, and procedures (TTPs) they employ in their attacks. Hades ransomware first appeared in December 2020 following attacks on a number of organizations, but to date there has been limited information regarding the perpetrators. ... The findings are a result of incident response engagements carried out by Secureworks in the first quarter of 2021. “Some third-party reporting attributes Hades to the Hafnium threat group, but CTU research does not support that attribution,” the researchers wrote. “Other reporting attributes Hades to the financially motivated Gold Drake threat group based on similarities to that group’s WastedLocker ransomware. Despite use of similar application programming interface (API) calls, the CryptOne crypter, and some of the same commands, CTU researchers attribute Hades and WastedLocker to two distinct groups as of this publication.” ... “Typically, when we see a variety of playbooks used around a particular ransomware, it points to the ransomware being delivered as ransomware-as-a-service (RaaS) with different pockets of threat actors using their own methods,"Marcelle Lee, senior security researcher, CTU-CIC at Secureworks, tells CSO.

AI: It’s Not Just For the Big FAANG Dogs Anymore

“Previously, building models, building features, was extremely difficult” and typically required a data scientist. “But today, particularly for SMEs, this type of automation tool can help those aspects a lot…Our type of automation is definitely helping them to ramp up the speed of their AI journey.” Fujimaki noted how one of dotData’s smaller customers was able to build AI solutions without a huge investment. The company, Sticky.io, develops a subscription management service that is provided to other businesses as a SaaS offering. It wanted to add a predictive capability to identify payments that were likely to fail. “For them, the biggest barrier was…skill,” Fujimaki tells Datanami. “They are a cloud-native company, so the data is stored in AWS. On the AI side, they didn’t have data scientists, so they needed AutoML functionality.” Sticky.io’s product manager was able to use dotData to comb through their data and identify the right features that would go into the predictive model. Even though he didn’t posses preexisting talents in data science, the pilot was a success, and Sticky.io’s leadership recognized the value that it brought. “The most important skill that [customers] have to have is the input side and output side,” Fujimaki says. 

Application modernization patterns with Apache Kafka, Debezium, and Kubernetes

The very first question is where to start the migration. Here, we can use domain-driven design to help us identify aggregates and the bounded contexts where each represents a potential unit of decomposition and a potential boundary for microservices. Or, we can use the event storming technique created by Antonio Brandolini to gain a shared understanding of the domain model. Other important considerations here would be how these models interact with the database and what work is required for database decomposition. Once we have a list of these factors, the next step is to identify the relationships and dependencies between the bounded contexts to get an idea of the relative difficulty of the extraction. Armed with this information, we can proceed with the next question: Do we want to start with the service that has the least amount of dependencies, for an easy win, or should we start with the most difficult part of the system? A good compromise is to pick a service that is representative of many others and can help us build a good technology foundation. That foundation can then serve as a base for estimating and migrating other modules. 

Read more here ...