In 2018, a digital business transformation will be played out at scale, sparking change in technology platforms and operating models.

CIOs will be expected to lead digital efforts by CEOs; closing the digital skills gap, and linking arms with better positioned executive peers.

By the end of 2018, around 40% of the revenues of global industrial firms will be based on asset usage or other software-enabled service schemes, according to IT News Africa.

In addition, more aggressive companies will shift their traditional business models into business platforms, reaching customers directly.

According to the news website, CIOs will need to gear up their underlying technologies and supplier relationships in order to meet the new business models, replicating the agility of smaller, non-listed companies.

Artificial intelligence and the Internet of Things will also remain a focus for CIOs next year, although those expecting major upheavals from blockchain-based networks will be disappointed, according to IT News Africa.

Written by Leah Alger

The post 2018: CEOs to put pressure on CIOs to deliver platform-based business models appeared first on DevOps Online North America.

Out of the respondents, 80% felt that their company would be left behind if it didn’t achieve digital transformation and 73% of IT leaders believe that they might be fired if their digital transformation projects fail.

The report also found that US$5.7million had been spent by organisations on digital transformation in the past year, with 89% saying that digital technology is going to disrupt their future, if it hasn’t already.

Survey participants added that it is crucial business leaders define the goal of digital transformation with the amount of money being spent. 95% said the “ultimate goal” should be “giving customers and end-users a truly unique experience”.

Matt Cain, CEO of Couchbase, said in the report: “Our study puts a spotlight on the harsh reality that despite allocating millions of dollars towards digital transformation projects, most companies are only seeing marginal returns and realising this trajectory won’t enable them to compete effectively in the future.”

Couchbase surveyed 450 heads of digital transformation at companies in the US, the UK, France, and Germany.

Written by Leah Alger

The post Vast majority of tech leaders say ‘digital tech will disrupt their future’ appeared first on DevOps Online North America.

With over 16 years of experience, Ben has experienced a mixture of emotions in enterprise security and operating systems, whilst working on several products at Microsoft, including Windows 2008, Windows 2012 and Multiple “Forefront”, the old Microsoft enterprise security brand. Bernstein said: “I was in my third semester in Technion (the Israel Institute of Technology) when I was recruited into the kernel team for a security product Microsoft was developing that was called “ISA Server”. I had no kernel experience, and until today, I have no clue how I passed the tests to get there. Back in 2001, it was quite difficult to get into the Microsoft cult.”

“Since the first time I checked in code and tested it internally, it made our product crash, with the entire sites internet access going down as a result. But, I learnt quickly, and a few years later, became a decent member of the kernel team,” he added.

Understanding operating systems

According to Bernstein, programming in kernel makes you understand operating systems very well; although it helped that in his spare time he enjoyed exploring how malware interacts with the kernel, to help him learn and meet like-minded people from the cyber security eco-system. “My Co-founder Dima Stopel and I were enterprise security nerds who realised that although developers loved containers, IT security experts would not feel comfortable with them if they didn’t support some of the standard controls and checks that enterprise software requires. So we thought, let’s start digging into that, and see what happens,” revealed Bernstein.

Together, they noticed three big blind spots in the container space:

• Maintaining hygiene of delivery of software to the cloud (for example, whether container images are vulnerable)
• Supporting compliance for both delivery and execution of software in the cloud (for example, running containers for customers who work with/store credit card data in accordance to the Payment Card Industry Data Security Standard (PCI-DSS))
• Active threat protection (for example, does the admin get any indication when his containerised applications are being hacked)

“We realised that as more enterprises started using containers for mission-critical applications, this gap would become more pronounced. With the ever growing pain-point in mind, we set out to make containers more secure so that developers could focus on what they do best without worrying about security,” noted Bernstein.

Security capabilities

He now has his first end-to-solution for container security field, which was launched and released in May 2015. “While we were the only cloud native ‘pure play’ company at the time, other folks like International Business Machine Corporation (IBM), Redhat and others were working with docker on platform security too; they just weren’t ‘pure play’. Venture Capital Firms (VCs) used to ask: ‘How come you are the only company in this space?’ quite a bit back then,” he added.

Twistlock has contributed many security capabilities to docker and OpenShift in the open source community, as well as to the Centre for Internet Security’s Kubernetes Benchmark guide. Bernstein said: “Twistlock has been actively contributing to the body of knowledge around best practices for container security. The company is developing a companion guide for National Institute of Standards and Technology (NIST) Special Publication on Container Security Best Practices (SP-800-190), and has similar companion guides for Payment Card Industry (PCI) and Health Insurance Portability and Accountability Act (HIPAA), both of which support technical and compliance teams who work with containers.”

‘DevOps presents several opportunities’

From Bernstein’s perspective, DevOps presents several opportunities, as well as challenges. “The benefits of DevOps include shorter cycle times, faster testing times, more automation and ideally, better code. Done right, it can catch security flaws earlier in the delivery cycle and enable organisations to respond faster to incidents,” said Bernstein.

According to Bernstein, DevOps can leave some leaders nervous about quality and consistent security measures. While DevOps teams want to rapidly develop and deploy software, cyber security personnel strive to mitigate and manage risk by thoroughly checking for any potential breachable point in the software.

He concluded that Twistlock has leapt to the leadership of container security by delivering rapid innovation and customer growth and is spearheading new ways to secure applications, which address persistent flaws in old security solutions that have haunted customers for years.

Written by Leah Alger

The post Twistlock exposes container security developments appeared first on DevOps Online North America.

The review states that cybersecurity managers often use incorrect mental models, such as buying wrong security programmes and firewalls, without thinking about cost implications.

“No matter how fortified a firm may be, hackers, much like water, will find the cracks in the wall,” stated the Harvard Business Review.

‘Reframe metrics for success’

Research and design firm ideas42 has been interviewing experts over the year to identify human behavioural challenges at the levels of executives, IT administrators, end users and engineers and created a novel called Deep Thought: A Cybersecurity Story, with the research.

“Our findings point to steps that security executives and other cybersecurity professionals can take to work around CEOs human biases and motivate decision makers to invest more in cyber infrastructure,” wrote ideas42 in Deep Thought: A Cybersecurity Story.

“Cybersecurity professionals should take into account people’s tendency to overweight information that portrays consequences vividly and tugs at their emotions. To leverage this affect bias, security professionals should explain cyber risk by using clear narratives that connect to risk areas that high level decision makers are familiar with and care deeply about,” it added.

According to ideas42 CISOs should work with boards and financial decision makers to reframe metrics for success in terms of the number of vulnerabilities that are found and fixed.

Similarly, the essay Regarding the Pain of Others by Susan Sontang says that “people concentrate on certain aspects of information in their environment while ignoring others; what a CEO choses to invest in can be thought of in a similar light.”

“CEOs may push their teams to ramp up investment in cyber infrastructure to protect against external threats, but in doing so they may be inattentive to unwitting internal threats that may be just as costly,” she added.

Written from source by Leah Alger

Source: HBR

The post Human perception affects cybersecurity, says study appeared first on DevOps Online North America.