A Successful DevOps Strategy Is More Than Just Technology

To start, DevOps is exactly what it sounds like — a combination of software development and IT operations that shortens the product lifecycle and delivers a higher quality operational performance, benefiting the company and customer alike. But it’s more than that — it’s a cultural shift and a methodology that expands upon agile and lean software development principles in a manner necessary to drive the shift from an on-premise, product-centric culture to the SaaS, service-centric alternative that is the keystone of most modern technology businesses. Top companies in industries from retail to technology use DevOps to improve efficiency and accelerate the distribution of product enhancements. It’s not a question if DevOps can help your company upgrade its product cycle; it’s a question of how well you can implement it into your organization.

My company has embraced DevOps to not only improve the IT processes inside our organization, but to also reshape the teamwork and mindset of everyone involved in product development. This, in turn, has benefited many of Experian’s partners and clients, as it has enabled them to leverage fast delivery of value and enjoy strong, resilient service in production. DevOps considers people, processes and technology. By combining IT operations and development, companies can optimize the flow of ideas to product creation — but this also requires a cultural shift in the company. You can always update technology, but unless you also change the organization and improve the way the teams work together, DevOps will be incomplete.

The key is giving your employees the ability to innovate and the tools and trust to do it quickly. DevOps ties software development with rapid IT service delivery, leveraging end-to-end agile, lean practices in the context of a whole-system-oriented approach. The mindset that is required from everyone in the flow of value creation is a focus on how to achieve that system-oriented outcome. As mentioned, the other key element to successfully implementing DevOps is technology itself, especially automation tools that make the complete flow and pipeline of development and testing repeatable and reliable.

When we test our products, we use Amazon Web Services — a company that has been outspoken about how it uses DevOps to shorten the time it takes to improve its servers and other solutions. AWS accomplished this by breaking down its large teams into far smaller but autonomous units which move faster. Previously, its development and operations teams were huge entities each working on one task, robbing them of innovation time. By making teams smaller and giving them autonomy, changes and improvements came faster, and each team assumes ownership of its contributions. Collaboration improved, and AWS also invested heavily in automation and metrics, so it was easier and faster to monitor, log and trace issues for improvement and fix mistakes.

There is much to learn from AWS when it comes to DevOps. Large teams became smaller, but by assuming ownership of their tasks, each team knew what it was responsible for. By placing operations and development together, it eliminated finger-pointing and improved collaboration. It almost makes each small team a business that has a specific task, and when code is ready for gamma testing, it is vigorously tested for potential failure, so potential problems are addressed before it is deployed. Once implemented into production, the code is tested on a single function so bugs only impact that specific feature. If that succeeds, it is slowly rolled out to more functions until it is globally available.

Compare this with the DevOps in your own organization. How long does it take to get new or improved features to market? When you hit a roadblock, does a team or department take responsibility or do different developers blame each other for the problem? Are development and operations working together, or is everyone siloed? Are your new product launches consistently delayed due to insufficient data or analytics to chart progress?

Improving the DevOps process can make a sea of change across every part of your product’s lifecycle, and what’s most fascinating is that the most important elements do not require a huge IT investment. Changing the way you configure your teams, streamlining the process and encouraging task ownership will benefit your employees, who are now more experiencing a work environment shift due to Covid-19. Getting your products out faster with greater testing and analytics will benefit your salesforce and your customers. 

Need Help With Your IT Projects? Contact TP&P Technology - Leading Software Engineering Company in Vietnam Today

Article Source: https://www.forbes.com/sites/forbestechcouncil/2022/01/31/a-successful-devops-strategy-is-more-than-just-technology/?sh=5ff821903193

Build a stronger cybersecurity team through diversity and training

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post of our Voice of the Community blog series, Microsoft Security Product Marketing Manager Natalia Godyla talks with Heath Adams, Chief Executive Officer (CEO) at TCM Security about being a mentor, hiring new security talent, certifications, upskilling, the future of cybersecurity training, and lots more.

Natalia: What do you recommend to security leaders concerned with the talent shortfall?

Heath: There needs to be more openness and getting away from gatekeeping. In this industry, there’s a lot of, “I went through this path, so you need to go through this path.” Or “I did these certifications, so you need to do these certifications.” Everybody wants this perfect candidate—somebody who has 10 years of experience—even when they don’t necessarily need it. We need to be able to take somebody that’s more junior, who we can help train. Or take someone with a clean slate.

As a manager, be open to more than just what’s on the Human Resources job description. And be open to new people with different backgrounds. People are coming from all walks of life and age groups. So, if you put those biases aside and just consider the person that’s in front of you, that will help with the job shortage and help close the talent gap.

Natalia: And how has the pandemic and the shift to hybrid work changed cybersecurity skilling?

Heath: I think it’s been a positive. In our field, the ability to work remotely was always there. But the pandemic shifted things, so more companies are starting to realize that fact. I’ve worked jobs as a penetration tester where I had to relocate, even though I was working out of my home 95 percent of the time. Now, more companies are opening their eyes to talent that isn’t local. You no longer have to look in big markets; you can look at somebody on the other side of the country who’s studying cybersecurity, and they can be an asset to your team.

I was doing a lot of Twitch streaming during the shutdown, and I noticed our streams were way bigger than before. We had more people watching, more people interested. There’s a lot of people who took advantage of the shutdown to say, “Hey, this is my time to get focused. I want a new career.” There are high-paying jobs and there’s remote work. And as I mentioned, you don’t need a specific background or degree to get into this field. People can come from all walks of life. I think the pandemic helped shine a light on that.

Natalia: You’re well known as The Cyber Mentor™. How has mentoring impacted your career?

Heath: It keeps me on top of my game. I have to be able to give people direction and I don’t want to give out bad information, so, I’m making sure that I stay on top of what the industry changes are, where the jobs are heading, and how to interview properly—all of which seem to change from year to year. It helps me stay in touch with the next generation that’s coming into the security field as well.

Natalia: Do you have your own mentors that help you progress in your career?

Heath: I came up with what I call “community mentorship.” I have a Discord community, and we use that to encourage other people to give back. You want to be able to help people when they need it or get help when you need it while learning from each other. When it’s time for networking or needing a job, that goes a long way. For me, it’s more about being where there are groups of like-minded people. I’ve got a lot of friends that own penetration test companies, and we’ll get together, have lunch, talk strategies. What are you doing? What am I doing? That’s the kind of mentorship that we have with each other; just making sure we’re keeping each other in check, thinking about new things.

Natalia: What are the biggest struggles for early career mentees who are trying to grow their skills? And how can leaders address those challenges?

Heath: For a person looking to get a role, there are a few things to remember. One is to make sure you’re crawling before you walk, walking before you run. I’ll use hacking as an example. A lot of people get excited about hacking and think it sounds awesome. “You can get paid money to hack something? I want to do that!” And they try to jump right into it without building foundational skill sets, learning the parts of a computer, or learning how to do computer networking or basic troubleshooting. What I tell people is to break and fix computers. Understand basic hardware, basic computer networking, what IP addresses are, what a subnet is. Understand some coding, like Python. You don’t need a computer science background but having those foundational skills will go a long way.

If you don’t put a foundation under a house, it’s going to collapse. So, you need to think about your career in the same way. You must make sure you’re building a foundation. People don’t realize the amount of effort that goes into getting into the field. Do your due diligence beforehand.

There’s also a lot of imposter syndrome in cybersecurity. I tell people not to concern themselves with others, especially on social media. They say comparison is the thief of joy, and I truly believe that. You have to make sure you’re running your own race. Even if you run the same mile as somebody else, and they finish it in 5 minutes, and you finish it in 10; you still finish the same mile. What matters is that you got there. As long as you’re trying to be better than you were yesterday, you’re going to make it a lot farther than you think.

Finally, cybersecurity is a field that’s constantly changing. For somebody who is complacent—who wants to get a degree, get a job, and then is set—cybersecurity is not the right fit. Cybersecurity is for somebody who’s interested in constantly learning because there are always new vulnerabilities. There was just the Log4J vulnerability that caused everyone concern. I had a meeting today with a client, and if I’m not prepared, I’m letting them down. I’m letting their security down as well. I spent the weekend studying because I had to. That’s the business we’re in.

You must stay on top of this from an employer side as well—being able to train people and keep them up to date. TCM Security has a base foundation where we want our employees to be, and then we encourage them to gain knowledge where they’re most interested. I’ve been sent to a training that I had no interest in whatsoever and wanted to pull my hair out. As a manager, I ask, “What do you want to learn?” When I send an employee to a cybersecurity training that they’re interested in, they’re going to retain that information a lot better. They can then bring that information back to us, and we can use that in real-world scenarios.

Natalia: How can security leaders recruit security professionals to their teams better? What should they look out for? For example, how important are certifications?

Heath: For an entry-level role, certifications are important. Their importance diminishes once you get into the field. But I’m an advocate for them; they help prove some knowledge—so does having a blog, attending a conference, building a home lab, speaking at a conference, speaking at a local community group—anything that says, “I’m passionate about security.”

I have seen some entry-level roles where the interviewers have you code something, or have you fix broken code, just to make sure you logically understand what’s going on. You don’t have to be a developer or be able to code, but you must be able to understand what’s in front of you. Having some coding challenges during the hiring process can be beneficial—but it should be open book. For a security professional, using search is 90 percent of our job, honestly. If you’re limiting somebody from searching online, you’re setting false expectations.

I go back and re-watch videos and re-read blogs all the time, because there are so many different commands, and there’s no way of memorizing all of them. But you need to understand the concepts. If you understand the tool they might need to run or the concept of it, then you can search that, find the tool, and run it. That’s more important.

Natalia: We’ve all read the statistics about burnout in the security industry. What do you recommend for leaders who want to better retain their talent?

Heath: You must be pro-mental health. Make sure there’s ample paid time off (PTO) and encourage employees to use it. Also, make sure that your employees can take time off beyond PTO. If they’re sick, they shouldn’t feel like they’re letting people down. That’s why we have flexible schedules; we run on a 32-hour workweek. We try to give people as much time back and have a work-life balance. We also pay for training, so people can go and focus on topics they’re interested in. We make sure that we’re investing in our employees. It’s so much more expensive to rehire and retrain. I’d rather invest in an employee and keep their mental health at a high level, and make sure I’m giving them all the tools and training they need to perform successfully.

Natalia: What trends have you seen in cybersecurity skilling? What do you think is coming next in terms of how security professionals are trained up, recruited, and retained?

Heath: There are more people interested in the field, and that’s great. We’re starting to see a lot more training providers and training options. Back when I started, a lot of it was just reading blog posts, and there were maybe one or two training providers. Now, there are 10 or 15.

Misinformation can be out there, or outdated information. If you search online for certification companies—or even look at an online post from a year ago—that information could be outdated. So again, this comes back to due diligence and making sure that you’re doing your research, not just relying on one source. If I was going to look for certifications to get into this field, I’d look at 20 or 30 different resources, get a consensus of what polls the highest, then do my own research on those organizations. It’s great job skills practice to research and make sure you understand where you need to go.

Need Help With Your Software Development Projects? Contact TP&P Technology - Leading Software Development Company in Vietnam Today

Article Source: https://www.microsoft.com/security/blog/2022/01/20/build-a-stronger-cybersecurity-team-through-diversity-and-training/

10 Predictions For Blockchain, Crypto Assets, DeFi, And NFTs For 2022

Frankfurt, January 12, 2022 - Last year, the market capitalization of cryptocurrencies reached $3 trillion USD for the first time. At the beginning of the 2021, it was less than $800 billion USD. DeFi now has a total value locked (TVL) of $100 billion USD on Ethereum alone. But NFTs have been the most surprising, flanked by complementary areas like metaverse and GameFi. Who can claim to have foreseen these developments? Looking into the future is notoriously difficult. Nevertheless, we dare to make predictions for the year 2022. It will be exciting to see whether they come true.

1. Bitcoin price reaches $100,000 USD and the crypto asset market grows in breadth and depth

Rising inflation rates make scarce assets like Bitcoins (BTCs) increasingly attractive. Bitcoin is not only the oldest, most decentralized, and best-known cryptocurrency - a distinctive feature compared to other cryptocurrencies is its limited supply of 21 million BTCs. Against the backdrop of Bitcoin's institutional adoption and the greater demand that comes with it, it is very much within the realm of possibility that the BTC price will rise to more than $100,000 USD this year.

10 Key Steps To Building A Supercharged Business Website Or App

As the CEO of a large-scale website production company, I constantly get the same questions:

• How much does building a website cost? 

• How long will it take to build my web presence?  

• What are the advantages of working with an agency? Why not hire a freelancer? 

 I always answer: The best solution is the one that aligns with your business strategy. 

For some clients, it’s best to launch a site quickly at a low cost and scale later. For others, it makes sense to invest more at the start, building a bulletproof platform that’s both scalable and flexible. In other words, the best solution depends on your short- and long-term goals and your budget.