The right knowledge

It is simple, combinations of ones and zeros make up symbols for letters, numbers and other symbols like punctuation. Then we run low currents of two different intensities through electronic components and by assembling those components in just the right order, we can emulate basic logical operators: and, or, not.

With enough operations, we can process more complex logical problems and produce predictable and repetitive results. Add miniaturisation and the capacity for handling more of those logical operations goes through the roof. We have gone so far with miniaturisation that the technological limit is now the size of the atoms. The next step: Quantum computing, but do not ask me how scientists figure out a practical way to use quantum uncertainty, it is a bit beyond my technical skills.

The binary code used today was invented by Gottfried Leibniz in 1689, and in 1937 Turing built his machine paving the way for the computational logic we use today. Everything else is pretty much an evolution of our technical capabilities and cleaver ways to better implement those “original” ideas.

The broader notion of computers, what they are and how they can be used was changed by Microsoft with the launch of Windows 95. The machine with all its technical components was not managed by the user anymore, but by the computer itself. From there on, at least from the perspective of the average user, the computer was an abstract thing he/she could interact broadly rather than for a specific function, without the need to understand it.

I believe eventually there will be studies exploring the many ramifications of this change on the world. Still, the one I want to focus on here is how the “identity” of computers itself was reshaped in the following years as a consequence. For companies like Intel, ASUS, EVGA, etc. there was little change, the focus is on the technical components behind the veil, but for most of us the veil itself suddenly is “the computer”.

Behind anything in our society, there is the economic and financial reality. If the vast majority of the population that will buy hardware and software only perceive the interface as the thing they are buying, then what is (most) marketable is the interface. That paved the way for the hyper-connected world that came after, and some companies tapped on that very effectively.

A quick disclaimer here: I am not underplaying the importance of the Internet, the value of data and data analytics, nor the importance of how effectively computers allow us to perform powerful computational tasks that were nearly impossible before. This is a never-ending source of discussion, so I’m focusing on the aspect that makes even the people least prone to exact sciences to widely adopt something that is in the pinnacle of the exact sciences into their daily life in the space of only a decade.

This boom on the adoption of computers that now moved to our phones, watches, glasses, etc. also created a boom in the job market, the services industry and technology companies. As I established earlier though, the real evolution of computer sciences is much less dynamic, and there are just so many things that a legion of people and companies can do to innovate and stand up from the others.

While behind the veil, the highly specialised technology companies look for optimisation, the ones in the end-user side of it have very little to work with. As a result, branding and user experience became the major differential, but those also have its limits for an industry that aims to launch something new at least once per year.

The corporate world is also not immune to it. Huge demand means more and more people not specialised in IT find space in the IT market, which leads to the importing of the same limited understanding of the differences between the world of the logical circuits and the world of interfaces into companies. Causing the actual value of technical solutions widely marketed to become relative to the perception of the group.

A computer is a machine, where almost all moving parts that execute the tasks are data travelling on electrical currents. This means that about everything in any computer is measurable. So back in the early 2000s, I was already working with solutions that capture measurements to understand what is happening, while doing most tasks with scripted commands that automated a group of individually simple tasks into routines. In a nutshell, that’s what monitoring is built upon. Only a few years later, I worked in a company that heavily invested in building automated responses for monitoring events. A couple of years after that HP Oven View became a widely marketed solution, which is about the time the term SIEM (Security Information and Event Management) was first coined.

Around 2017 the term SIEM became widely used as a fascinating “new idea” and almost all companies contracting started to ask about experience with SIEM. There is no big breakthrough here, just a new interaction of the same technical solutions and concepts. This is the power of branding applied to limited technical knowledge.

That is not to say that non-IT people moving into IT did not bring significant value to the industry. Many positions in IT are better suited for skills that are not commonly native to IT. Risk Management, Change Management, Customer Services… there is a lot IT can and need to learn from other areas that are much older and more experienced with the concepts, but to lead IT one needs palpable IT knowledge. Companies cannot do without it on the helm of IT, either directly managing the department or at least closely supporting the person doing so.

SIEM is not the only old concept rebranded and adopting as a trend, the list is long, but I would rather not offend too many people in a single article.

Real value does not come from products, it comes from intelligent risk decisions about investments projected over the years. Minimise exposure of weaknesses, maximise readiness to tackle opportunities that leverage on strengths. That is the differential that can elevate one company over its competitors, and it is as valid for IT and IT Security, as it is for the strategical planning of the company as a whole.

#itmanagement #itstrategy #leadership