Recommended for CTOs, architects, IT Managers
COVID-19 has emphasized the fact that business agility and hence technology agility are the most if not the only factors for business success. However, technology agility in most IT departments is not the “strongest muscle”. Technology adoption of Cloud, Devops, Integration, Low-Code and Zero Trust are affecting all IT departments and even the entire organization. New
processes and relationships between the various branches of the IT department should emerge, forsaking old habits and technologies. New technologies and roles\responsibilities are taking their place.
Review of Information Technology Function Critical Capability ModelsAlan McSweeney
IT Function critical capabilities are key areas where the IT function needs to maintain significant levels of competence, skill and experience and practise in order to operate and deliver a service. There are several different IT capability frameworks. The objective of these notes is to assess the suitability and applicability of these frameworks. These models can be used to identify what is important for your IT function based on your current and desired/necessary activity profile.
Capabilities vary across organisation – not all capabilities have the same importance for all organisations. These frameworks do not readily accommodate variability in the relative importance of capabilities.
The assessment approach taken is to identify a generalised set of capabilities needed across the span of IT function operations, from strategy to operations and delivery. This generic model is then be used to assess individual frameworks to determine their scope and coverage and to identify gaps.
The generic IT function capability model proposed here consists of five groups or domains of major capabilities that can be organised across the span of the IT function:
1. Information Technology Strategy, Management and Governance
2. Technology and Platforms Standards Development and Management
3. Technology and Solution Consulting and Delivery
4. Operational Run The Business/Business as Usual/Service Provision
5. Change The Business/Development and Introduction of New Services
In the context of trends and initiatives such as outsourcing, transition to cloud services and greater platform-based offerings, should the IT function develop and enhance its meta-capabilities – the management of the delivery of capabilities? Is capability identification and delivery management the most important capability? Outsourced service delivery in all its forms is not a fire-and-forget activity. You can outsource the provision of any service except the management of the supply of that service.
The following IT capability models have been evaluated:
• IT4IT Reference Architecture https://www.opengroup.org/it4it contains 32 functional components
• European e-Competence Framework (ECF) http://www.ecompetences.eu/ contains 40 competencies
• ITIL V4 https://www.axelos.com/best-practice-solutions/itil has 34 management practices
• COBIT 2019 https://www.isaca.org/resources/cobit has 40 management and control processes
• APQC Process Classification Framework - https://www.apqc.org/process-performance-management/process-frameworks version 7.2.1 has 44 major IT management processes
• IT Capability Maturity Framework (IT-CMF) https://ivi.ie/critical-capabilities/ contains 37 critical capabilities
The following model has not been evaluated
• Skills Framework for the Information Age (SFIA) - http://www.sfia-online.org/ lists over 100 skills
IT Strategy Assessment & Optimization - Catallysts ApproachRajanish Dass
The document discusses optimizing an organization's IT strategy through a 3-step approach:
1) Assess the business and IT context to identify opportunities for improvement.
2) Attain optimal alignment between business and IT to move towards business growth and higher IT effectiveness.
3) Evolve the IT strategy to deliver long-term growth by addressing key areas like the operating model and performance measures.
Enterprise architecture (EA) defines an organization's current and desired future state in terms of business processes, information systems, and technologies. EA aims to align IT with business goals and provide a roadmap for transitioning from the current to future state. Common EA frameworks include Zachman Framework and TOGAF, which provide categories and processes for documenting EA artifacts like business processes, applications, data, and infrastructure. Implementing EA allows organizations to better align IT with business strategy, reduce redundancies, reuse solutions, and make more informed decisions.
Introduction to Enterprise Architecture Leo Shuster
Enterprise architecture is a discipline for proactively managing organizational change and complexity by aligning business strategy, goals, and processes with information technology solutions. It provides a framework for governing technology decisions and guiding the organization from its current to future state. Benefits include improved business-IT alignment, increased agility, standardization, and cost savings. Enterprise architecture frameworks like TOGAF provide common vocabulary, models, and processes to develop the current and target architecture states and transition plans.
Which Change Data Capture Strategy is Right for You?Precisely
Change Data Capture or CDC is the practice of moving the changes made in an important transactional system to other systems, so that data is kept current and consistent across the enterprise. CDC keeps reporting and analytic systems working on the latest, most accurate data.
Many different CDC strategies exist. Each strategy has advantages and disadvantages. Some put an undue burden on the source database. They can cause queries or applications to become slow or even fail. Some bog down network bandwidth, or have big delays between change and replication.
Each business process has different requirements, as well. For some business needs, a replication delay of more than a second is too long. For others, a delay of less than 24 hours is excellent.
Which CDC strategy will match your business needs? How do you choose?
View this webcast on-demand to learn:
• Advantages and disadvantages of different CDC methods
• The replication latency your project requires
• How to keep data current in Big Data technologies like Hadoop
A Brief Introduction to Enterprise Architecture Daljit Banger
Presentation to Metropolitan University (London) on the 16th Feb 2017.
The purpose of the session was to introduce core basic concepts around Enterprise Architecture and discuss the role of the Enterprise Architect .
This document discusses the IT Capability Maturity Framework (IT-CMF) which provides a standard framework for linking corporate strategy to IT strategy. The IT-CMF examines the full spectrum of IT management dimensions across four macro processes - managing IT like a business, managing the IT capability, managing IT for business value, and managing the IT budget. It assesses maturity across five levels and provides guidance on best practices to increase maturity levels and maximize business value delivered by IT.
Introduction to Enterprise architecture and the steps to perform an Enterpris...Prashanth Panduranga
The document provides an overview of enterprise architecture presented by Prashanth B P Panduranga, Director of Technology. Some key points include:
- Line of business workers and IT staff increasingly use unauthorized SaaS apps
- IT suppliers are targeting business users directly and line of business heads demand higher project velocity
- An enterprise architecture framework provides structures for developing architectures using common standards and building blocks
- Enterprise architecture applies principles and practices to guide business, information, process, and technology changes to execute organizational strategy
The document discusses the first stage of an IT optimization methodology called Portfolio Rationalization. This stage involves inventorying the current application and technology portfolio, mapping applications to business capabilities, and analyzing the portfolio against criteria to identify opportunities for standardization, consolidation, and modernization. The goal is to rationalize the portfolio to reduce complexity, costs and risk while improving support for business strategies.
The document discusses confidentiality and intellectual property policies for materials prepared by Gartner for its clients. It states that the materials contain valuable confidential information belonging to Gartner and may not be shared without approval. Gartner retains all intellectual property rights in the materials and requires retaining copyright marks on reproduced pages. A legal caveat notes the materials were prepared for exclusive client use and contain confidential Gartner information. A disclaimer states items may only be downloaded and customized for internal use unless otherwise specified, and Gartner makes no representations about suitability or liability.
An overview of The Open Group IT4IT Reference Architecture. It is a vendor and product-agnostic value chain-based operating model for managing the business of IT. While providing guidance on the design, procurement and implementation of the functionality needed to run IT, it also enables the systematic tracking of the state of IT services across the service life-cycle using four value streams - Strategy to Portfolio, Request to Fulfill, Requirement to Deploy, and Detect to Correct.
Download presentation from http://opengroup.co.za/presentations
Describes what Enterprise Data Architecture in a Software Development Organization should cover and does that by listing over 200 data architecture related deliverables an Enterprise Data Architect should remember to evangelize.
This document discusses platform teams and platform engineering. It introduces platform products as products that can be easily used by other teams to focus on business problems while maintaining standards. Platform engineering is defined as designing and building toolchains and workflows that enable self-service capabilities for other teams. Platform products have functionality above the surface that developers see, and infrastructure components below the surface. Integration platforms, SRE, SASE, storage and backup tools, and micro frontends are discussed as examples of platform products.
Future Proofing Your IT Operating Model for DigitalDavid Favelle
Having worked with Operating Model for over 10 years, Dave has new adopted DevOps, IT4IT and Continuous Delivery alongside traditional frameworks. The concept of the value stream is central to the thinking. The presentation was delivered as a Keynote at the Open Group in Amsterdam October 2017 -https://www.youtube.com/watch?v=Y7yH1JJKvqc&t=1969s
Note that Dave and the ValueFlow team deliver Operating Model on the ServiceNow platform.
The document discusses emerging approaches to improving IT operating models. It notes that businesses face increasing pressures from technology proliferation, cost pressures, and a faster competitive cadence. IT struggles to keep up and manage complexity across old and new systems separately. The document then summarizes several emerging approaches that can help address these challenges, including continuous delivery, automation, agile practices, digital strategies, DevOps, Lean startup principles, and integrated governance models. It proposes a new "IT operating model" that weaves these approaches together across various dimensions like strategy, processes, organization design, and governance to better deliver value from the IT portfolio.
Enterprise Architecture Implementation And The Open Group Architecture Framew...Alan McSweeney
The document discusses enterprise architecture and TOGAF. It defines enterprise architecture as a framework for addressing the increasing complexity of IT systems and poor alignment between business and IT needs. TOGAF provides a framework for developing enterprise architecture, with the goal of improving business-IT alignment and allowing organizations to better respond to changing business needs. The document outlines challenges in developing enterprise architecture and stresses the importance of balancing strategic planning with technology solutions.
Overview of the IT4IT tooling market in 2022.
Key trends in the IT4IT / DevOps tooling market are:
- Strategic portfolio management / portfolio backlog management (scaling agile on the enterprise level integrating with Enterprise architecture and Application / Product Portfolio Management)
- On-line collaboration & communication tools supporting team of team planning, problem solving, etc.
- Value stream management (an emerging tooling category) providing visibility across the end-to-end IT value streams
- Multi-cloud discovery & visibility on usage, costs and compliance
- Integrating DevOps tool chain (e.g. CICD pipeline) with the ITSM platform and CMDB
- Integrating security, risk and compliance management into the DevOps tool chain
- AIOps and observability management, consoliding metrics, logs, events mapped to a real-time service model
- Security operations, integrating security monitoring, vulnerability scanning, etc. into end-to-end detect to correct value streams
- Enterprise Service Management (ITSM vendors providing omni-channel services across IT, HR, Facilities, Finance, etc.)
- Leveraging AI/ML in various capabilities such test management, security operations, incident management, etc.
- Sustainability management integrated in IRM/GRC platforms
And last but not least:
- Service / Product portfolio management (managing the portfolio of service/applications, supporting product centric operating models, linked to business capabilities, product owners and teams)
This document discusses principles of agile architecture, including that teams should code and design systems, build the simplest architecture possible, and test what they build. It also discusses building an "architectural runway" by determining an initial component-based architecture and prototyping if needed. Extending the runway involves identifying future needs and evaluating them. The document cautions against the myth that up-front architecture is bad, stating that some initial architectural decisions are needed.
This document provides information on business composability including definitions, principles, and how organizations can transition from traditional to composable. It defines a composable business as one that is architected for real-time adaptability and resilience through a mindset of modularity. Key aspects include developing interchangeable business blocks, autonomous teams, and composable technologies and strategies to accelerate change. The document discusses expected changes in areas like strategy, customers, workforce, and operations to achieve a highly composable organization.
Pini Cohen, CTO of STKI, presented on adaptive architecture and the evolving role of CTOs and architects. The presentation covered topics like microservices, API management, integration patterns, event-driven architecture, and low-code development. It discussed how technologies are changing rapidly, requiring CTOs to focus on adaptability and composable applications to meet business needs.
Recommended for CIOs and Applications Managers
In this session we will discuss how next generation business applications enable the
creation of much needed hyper-personalized experiences for customers and employees.
Center Office is a new delivery model that is emerging in response to the need to deliver
end to end hyper-personalized solutions that improve on older enterprise (legacy)
applications. Center Office relies on technologies such as APIs, microservices and
Hyperautomation (next level of automation that meshes AI tools with RPA,, enabling
scaling for complex business processes).
How do we manage employees' experiences as well as preserve talent and create
collaborative workplaces for teams? which new skills are needed? what will the
workforce of the future look like? Which new tools are needed for HR (employee well-
being)?
Digital transformations have forced organizations to adopt an adaptive approach. Adaptive organizational structures, real-time data management, and applications have evolved from more static past approaches. The document discusses the need for composable organizational applications that can quickly adapt compared to older static applications. It proposes adopting an adaptive IT approach using personalized business capabilities and a center office model to deliver business outcomes and value with the customer at the heart.
This document presents market analysis and trends in the Israeli IT market from 2021-2022. It finds that the hardware, software, and services sectors are converging, with traditional hardware and software companies increasingly offering cloud and subscription-based services. Growth areas include public cloud infrastructure, data platforms, cybersecurity including zero-trust and SASE models, and low-code development tools. Traditional IT consulting services are expanding to include more cloud consulting. Infrastructure is increasingly automated through DevOps practices and software-defined approaches.
The document appears to be a presentation from STKI IT Knowledge Integrators, a company. It discusses topics related to adapting organizations for the future, including the need for adaptive organizational structures, applications, and data management in a post-COVID world. There is a focus on the importance of continuous learning and implementing new technologies and trends to remain competitive. Key aspects of the new world of work like remote and flexible work are also examined.
The document discusses content from STKI, an IT knowledge integration company, including information about their new website and content examples. It covers topics like digital disruption, the four industrial revolutions, predictions for 2023 in Israel, and how every company will need to become a software company. Across multiple pages, it provides definitions, predictions, recommendations, and perspectives on challenges and opportunities brought about by digital transformation and the fourth industrial revolution.
This document discusses transitioning from a project-led organization to a product-led organization. It notes that while many companies have tried approaches like agile, digital transformation and design thinking, software projects still often fail to deliver user satisfaction. It advocates empowering product teams to own the entire product lifecycle and giving them autonomy to solve problems, rather than managing software development as a series of projects. This approach mirrors how successful startups operate and can help deliver better customer outcomes.
The document discusses the journey towards becoming a data-driven organization. It notes that data is now a competitive differentiator and that the journey has become a race. It identifies characteristics of data-driven organizations as treating data as an asset, making it accessible and trusted, using it frequently in meetings, and more. Data-driven companies see benefits like higher growth and profits. The document outlines strategies for implementing a data strategy, including establishing a Center of Excellence and a data playbook to guide the process.
Recommended for CXOs and all IT Managers
If COVID-19 has demonstrated anything it is that organizations can no longer rely on traditional long-term strategic direction-setting, in order to succeed and grow. Today, organizations need to be able to quickly identify changes and respond with speed.
Adaptive enterprises have the technical and organizational agility to do this. In this session, we will present the organizational structure, technologies and concepts that make up an adaptive organization and discuss topics such as: Concierge hyper-personalization services; Personalized (PBC) Business Capabilities; adaptive organizational structure; Centers of Excellence; center office; hyper-automation and data centric organizations.
The document discusses various topics related to IT delivery, including end user environments, cloud architecture, data centers, hardware, and public cloud adoption. It provides visions and strategic directions for IT delivery as well as pragmatic advice for various dilemmas. Specific technologies and approaches are presented for different types of CIOs, from conservative to modern to early adopters, including browser-based applications, virtual desktop infrastructure, cloud-ready architectures, modular data centers, commodity hardware, and public cloud services.
The Journey to a data driven organizationEinat Shimoni
The document discusses the journey towards becoming a data-driven organization. It identifies different levels of relying on data from using data selectively to using data to justify opinions. Data culture maturity also varies across industries, with some industries being more data-driven "disruptors". Data-driven organizations are characterized as managing data as an asset, making data accessible and trusted, using data frequently in meetings, and prioritizing data skills when hiring. Implementing a data strategy can lead to benefits like higher growth, profits, productivity, time to market, and customer acquisition. The challenges of becoming fully data-driven are also examined.
Recommended for CDOs and all Data & Analytics Managers
The past 2 years have had a huge impact on organizations journeys to become data driven. Existing data architectures were disrupted; rigid structures and processes were questioned, and many data strategies were re-written.
On the one hand, the global pandemic emphasized the need for organizations to raise the bar, implement strategies, improve data literacy and culture, increase investments in data and analytics, and explore AI opportunities.
On the other, it also presented new challenges such as: the war for data talent and the wide literacy gap. Inadequate structures as well as outdated processes were exposed. Major changes in the data landscape (Data Fabric, Data Mesh, Transition to Data Clouds) will further disrupt existing data architectures and enhance the need for a new adaptive architecture and organization.
This document discusses product discovery and the importance of making the process data-driven. It recommends gathering customer data from various sources, analyzing the customer experience, and using product analytics tools to obtain both quantitative and qualitative insights. This will help ensure ideas are validated with real customers before significant development work begins. The goal is to learn fast through discovery while still releasing products with confidence.
The document discusses the evolution of the Office of the Chief Information Officer (OCIO) role over time. It describes how the OCIO started as an "order taker" for IT in the 1990s (OCIO v1). In the 2000s, the OCIO was established to better align IT with business needs (OCIO v2). Later, business relationship managers (BRMs) were introduced to improve customer experience but acted as bottlenecks (2017-2022). The document argues for a product-led organization where product teams are empowered and the OCIO acts as an enabler by providing resources and skills to product managers based on product success metrics.
The document discusses various topics related to IT, including data centers, networking, unified communications, and software-defined networking. It presents concepts through slides with text, diagrams, and references to external sources. The slides discuss modular data centers, the differences between traditional and software-defined networks, how unified communications can combine voice, data and video to increase productivity and flexibility, and some of the challenges organizations face when adopting new technologies.
The document discusses unified communications and identity and access management. It covers topics such as the different "worlds" of IT, goals of engagement systems, challenges of delivering systems, and obstacles in implementing identity and access management. Specific technologies are also mentioned, such as unified communications, APIs, and solutions for managing identities. Copyright and attribution information is provided on each slide.
This document discusses transforming from data projects to data products. It outlines how companies can adopt a product mindset and focus on creating data products that solve specific customer problems. Key aspects include defining data product teams led by data product managers, adopting a product mindset of focusing on outcomes rather than outputs, and using storytelling to communicate insights from data products. The presentation argues that treating data as a product can create competitive advantages and that every company may need to become a data science company in the future.
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdfDr. Jimmy Schwarzkopf
The document appears to be a presentation from STKI IT Knowledge Integrators on the state of Israel's economy and IT market following the outbreak of war in October 2023. It includes data and forecasts from various sources on how the war has negatively impacted Israel's GDP, business activity, and key industries. The original forecast predicted growth in Israel's IT market from 2018-2024, but the forecast has been corrected downward due to the unforeseen economic damage from the war, with the IT market now expected to decline in 2023 and 2024 compared to 2022 levels.
The document describes STKI, an IT market research and strategic analyst firm based in Israel. Over its 31 years in business, STKI has established relationships with major IT organizations and vendors through thousands of annual interviews. STKI uses an equilibrium model to analyze both what users purchase from vendors and what vendors sell, in order to determine the overall Israeli IT market size. The company provides research reports, briefings, and workshops to clients on topics like technology trends, industry surveys, and vendor positioning.
This document is a presentation by STKI IT Knowledge Integrators on their 2023 Israel IT Market Study. It provides information on STKI's methodology, which uses an equilibrium model to calculate the IT market size based on interviews with both technology users and vendors. It outlines the types of research and services STKI provides on topics like IT trends, budgets, forecasts, and vendor positioning. The presentation also includes sections on the Israeli economy, changing business environment, and factors impacting the CIO role. Slides are included on Israeli company statistics and examples of STKI's vendor positioning analysis.
This document discusses communication and collaboration in product-led organizations. It covers topics like internal collaboration, collaboration challenges, collaboration tools, and collaboration overload. It also discusses the human factors of product-led organizations like empowering teams, keeping people interested and informed, and addressing issues like the great resignation and quiet quitting. The overall document provides insights into improving collaboration and communication in product-led companies.
The document is a slide deck from STKI, an Israeli market research and strategic analyst firm, discussing the impact of global events on IT budgets in Israel in 2022-2024. It notes that while IT budget increases were forecasted to be large in 2022, events like the war in Ukraine, inflation, interest rate hikes, and political instability have changed the outlook. IT budgets in Israel are still expected to rise 12-13% in 2022 but forecasts beyond that are difficult given uncertainties. Digital transformation alone is no longer sufficient - companies must undergo smart business transformations to deliver personalized, data-driven experiences to customers.
This document appears to be from an annual IT market study presentation by STKI IT Knowledge Integrators. It includes an agenda for the presentation covering the 2022 IT market study results, enterprise budgets, economic forecasting signals, top vendors, and a post-COVID world. The presentation contains many slides with graphs, charts, and text analyzing the Israeli IT market and global economic conditions. It discusses challenges in forecasting 2023-2024 given various political and economic uncertainties globally and in Israel.
The document provides information about STKI IT Knowledge Integrators, a market research and strategic analyst firm in Israel. It includes pages describing STKI's services, methodology, research focus areas, and client base. STKI conducts original research through face-to-face interviews and surveys of both technology users and vendors to establish an equilibrium model of the Israeli IT market. The document contains sample slides of the type of data and positioning analyses STKI provides to clients.
This document provides an overview of the 2022 STKI IT Knowledge Integrators summit. It discusses how global events have impacted the previously optimistic outlook for IT budgets in 2022, noting issues like rising inflation, economic recession, war in Ukraine, and layoffs in the tech sector. However, it predicts that Israeli IT budgets will still rise 12-13% in 2022. It also covers STKI's services, research methodology, vendor positioning approach, and includes data about Israel's population, mobile/internet usage, and 5G penetration.
STKI Israeli it market study 2021 revised V2 2 2 slides per page Dr. Jimmy Schwarzkopf
The document discusses the findings of an Israeli IT market study conducted by STKI in 2021. It notes that COVID-19 accelerated changes in how IT services are delivered to satisfy new delivery scenarios. The study analyzed trends like the remote-first, data, and passion economies that emerged from the pandemic. The key finding is that the most enduring impact of COVID-19 will be as an "implementation accelerant", forcing faster implementations of technologies to deliver value immediately. The document provides background on STKI and outlines the methodology used in the 2021 market study.
The document provides an overview of an Israeli IT market study conducted in 2021 by STKI analysts. It discusses the impacts of COVID-19 on accelerating digital transformation and the implementation of new technologies. It then introduces the concepts of a "remote-first economy", "data economy", "distributive economy", and "passion economy" as frameworks for understanding trends in a post-COVID world. The document emphasizes that the most enduring impact of COVID-19 will be as an "implementation accelerant", driving organizations to rapidly implement technologies to deliver value.
The document provides an overview of an Israeli IT market study conducted in 2021 by STKI analysts. It discusses the impacts of COVID-19 on accelerating digital transformation and the implementation of new technologies. It then introduces the concepts of a "remote-first economy", "data economy", "distributive economy", and "passion economy" as frameworks for understanding trends in a post-COVID world. The document emphasizes that the most enduring impact of COVID-19 will be as an "implementation accelerant", driving organizations to rapidly implement technologies to deliver value.
STKI annual Israeli IT market study 2021 (revised ) 2 pages versionDr. Jimmy Schwarzkopf
The document summarizes the findings of an Israeli IT market study conducted in 2021 by STKI analysts. It discusses how Covid-19 accelerated changes in how IT services are delivered to satisfy new delivery scenarios. The post-Covid economy is characterized as remote-first, data-driven, distributed, and focused on passion and implementation. The study measures the Israeli IT market after Covid-19 using interviews with both technology users and vendors to estimate revenues. It describes STKI's methodology, categories of products and services analyzed, vendors surveyed, and how vendor revenues are attributed. Tables and charts are included to illustrate Israeli positioning of products based on their presence and support in Israel.
The 28th edition of the annual research covering all aspects of the IT Market in Israel.
Volume 1: introduction, what is POSTCOVID19 Transformation and economic issues and market analysis
This document appears to be part of a market study on the Israeli IT market conducted by STKI IT Knowledge Integrators. It includes copyright notices, methodology descriptions, comparisons of software market forecasts, analyses of different categories of software including system infrastructure tools and middleware tools, and Israeli positioning of various vendors in categories like enterprise backup software and container platforms. The document contains confidential information for STKI.
STKI researches and publishes once a year a complete Market Study about the Israeli Information Technology Scene. This is a version 2 that includes changes that were found after companies presented (again) their 2018 results and STKI analysts accepted the changes.
This document discusses reimagining the future through innovation and transformation. It covers topics like exponential growth, science fiction becoming science fact with examples of the internet and search engines. It discusses how organizational "terroir" affects change and the need to adapt proactively through initiatives like building a data model, implementing analytic tools, and automating jobs. The document outlines the stages of digital transformation companies have gone through and need to continue, moving from automated to autonomous and data-centric systems. It discusses how paying off technical and process debts is needed for companies to adapt to new technologies like artificial intelligence and autonomous vehicles that are revolutionizing various industries.
Initiatives are organizational challenges aimed at transforming business models to adapt to disruptive changes in the economy. They involve multiple "treks" or projects that follow best practices to achieve important goals, with each trek representing a journey with several important steps that may also be individual projects. Initiatives are maps to help companies navigate the connected modern economy through continuous improvement efforts.
Discovery Series - Zero to Hero - Task Mining Session 1DianaGray10
This session is focused on providing you with an introduction to task mining. We will go over different types of task mining and provide you with a real-world demo on each type of task mining in detail.
Finetuning GenAI For Hacking and DefendingPriyanka Aash
Generative AI, particularly through the lens of large language models (LLMs), represents a transformative leap in artificial intelligence. With advancements that have fundamentally altered our approach to AI, understanding and leveraging these technologies is crucial for innovators and practitioners alike. This comprehensive exploration delves into the intricacies of GenAI, from its foundational principles and historical evolution to its practical applications in security and beyond.
Welcome to Cyberbiosecurity. Because regular cybersecurity wasn't complicated...Snarky Security
How wonderful it is that in our modern age, every bit of our biological data can be digitized, stored, and potentially pilfered by cyber thieves! Isn't it just splendid to think that while scientists are busy pushing the boundaries of biotechnology, hackers could be plotting the next big bio-data heist? This delightful scenario is brought to you by the ever-expanding digital landscape of biology and biotechnology, where the integration of computer science, engineering, and data science transforms our understanding and manipulation of biological systems.
While the fusion of technology and biology offers immense benefits, it also necessitates a careful consideration of the ethical, security, and associated social implications. But let's be honest, in the grand scheme of things, what's a little risk compared to potential scientific achievements? After all, progress in biotechnology waits for no one, and we're just along for the ride in this thrilling, slightly terrifying, adventure.
So, as we continue to navigate this complex landscape, let's not forget the importance of robust data protection measures and collaborative international efforts to safeguard sensitive biological information. After all, what could possibly go wrong?
-------------------------
This document provides a comprehensive analysis of the security implications biological data use. The analysis explores various aspects of biological data security, including the vulnerabilities associated with data access, the potential for misuse by state and non-state actors, and the implications for national and transnational security. Key aspects considered include the impact of technological advancements on data security, the role of international policies in data governance, and the strategies for mitigating risks associated with unauthorized data access.
This view offers valuable insights for security professionals, policymakers, and industry leaders across various sectors, highlighting the importance of robust data protection measures and collaborative international efforts to safeguard sensitive biological information. The analysis serves as a crucial resource for understanding the complex dynamics at the intersection of biotechnology and security, providing actionable recommendations to enhance biosecurity in an digital and interconnected world.
The evolving landscape of biology and biotechnology, significantly influenced by advancements in computer science, engineering, and data science, is reshaping our understanding and manipulation of biological systems. The integration of these disciplines has led to the development of fields such as computational biology and synthetic biology, which utilize computational power and engineering principles to solve complex biological problems and innovate new biotechnological applications. This interdisciplinary approach has not only accelerated research and development but also introduced new capabilities such as gene editing and biomanufact
Demystifying Neural Networks And Building Cybersecurity ApplicationsPriyanka Aash
In today's rapidly evolving technological landscape, Artificial Neural Networks (ANNs) have emerged as a cornerstone of artificial intelligence, revolutionizing various fields including cybersecurity. Inspired by the intricacies of the human brain, ANNs have a rich history and a complex structure that enables them to learn and make decisions. This blog aims to unravel the mysteries of neural networks, explore their mathematical foundations, and demonstrate their practical applications, particularly in building robust malware detection systems using Convolutional Neural Networks (CNNs).
This PDF delves into the aspects of information security from a forensic perspective, focusing on privacy leaks. It provides insights into the methods and tools used in forensic investigations to uncover and mitigate privacy breaches in mobile and cloud environments.
"Hands-on development experience using wasm Blazor", Furdak Vladyslav.pptxFwdays
I will share my personal experience of full-time development on wasm Blazor
What difficulties our team faced: life hacks with Blazor app routing, whether it is necessary to write JavaScript, which technology stack and architectural patterns we chose
What conclusions we made and what mistakes we committed
Increase Quality with User Access Policies - July 2024Peter Caitens
⭐️ Increase Quality with User Access Policies ⭐️, presented by Peter Caitens and Adam Best of Salesforce. View the slides from this session to hear all about “User Access Policies” and how they can help you onboard users faster with greater quality.
The Zaitechno Handheld Raman Spectrometer is a powerful and portable tool for rapid, non-destructive chemical analysis. It utilizes Raman spectroscopy, a technique that analyzes the vibrational fingerprint of molecules to identify their chemical composition. This handheld instrument allows for on-site analysis of materials, making it ideal for a variety of applications, including:
Material identification: Identify unknown materials, minerals, and contaminants.
Quality control: Ensure the quality and consistency of raw materials and finished products.
Pharmaceutical analysis: Verify the identity and purity of pharmaceutical compounds.
Food safety testing: Detect contaminants and adulterants in food products.
Field analysis: Analyze materials in the field, such as during environmental monitoring or forensic investigations.
The Zaitechno Handheld Raman Spectrometer is easy to use and features a user-friendly interface. It is compact and lightweight, making it ideal for field applications. With its rapid analysis capabilities, the Zaitechno Handheld Raman Spectrometer can help you improve efficiency and productivity in your research or quality control workflows.
Top 12 AI Technology Trends For 2024.pdfMarrie Morris
Technology has become an irreplaceable component of our daily lives. The role of AI in technology revolutionizes our lives for the betterment of the future. In this article, we will learn about the top 12 AI technology trends for 2024.
It's your unstructured data: How to get your GenAI app to production (and spe...Zilliz
So you've successfully built a GenAI app POC for your company -- now comes the hard part: bringing it to production. Aparavi addresses the challenges of AI projects while addressing data privacy and PII. Our Service for RAG helps AI developers and data scientists to scale their app to 1000s to millions of users using corporate unstructured data. Aparavi’s AI Data Loader cleans, prepares and then loads only the relevant unstructured data for each AI project/app, enabling you to operationalize the creation of GenAI apps easily and accurately while giving you the time to focus on what you really want to do - building a great AI application with useful and relevant context. All within your environment and never having to share private corporate data with anyone - not even Aparavi.
Scaling Vector Search: How Milvus Handles Billions+
CTO presentation
1. 1
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
CTO’s presentation:
Age of Implementation
Pini Cohen, CTO STKI
2. 2
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Agenda
Intro: CTO’s and Architects
Adaptive Architecture
Cloud CoE
DevOps CoE
Zero Trust
2
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
3. 3
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
What is happening with CTO’s and
Architects?
More technologies to deal with
Technology last short time
Customization of technology is less
viable
Dependencies in technologies is
increasing
3
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
4. 4
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Microservices
implications:
•You can do whatever you
want, use database,
programming language
etc., as long as you get the
job done and other
services can depend on
you.
4
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
5. 5
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
This is how core legacy architecture looks
likes
6. 6
Copyright@STKI_2020 Do not remove source or attribution from any slide, graph or portion of graph
Solution: The
new architect
6
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
7. 7
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
What is happening with
CTO’s & Architects ?
we are
having more
fun!!
7
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
8. 8
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Not everything is so shiny
Not everything is so shiny
8
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
9. 9
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The IT talent war*
*In the holly land
10. 10
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Massive move of personal from Enterprise IT to High-tech
10
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
11. 11
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IT has little experience in Knowledge Transfer
11
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
12. 12
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
This will result
IT
Organization
•Downtime
•IT is a barrier for
the business
•Implement KM
platforms in IT
•Demand for Cloud
& SLA based
services
IT
Suppliers
•Sell products with
their operations
services
•High demand for
staffing services
(“gulglot”) but
hard (impossible?)
to fulfill
•Cloud & SLA
based services
13. 13
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Adaptive
Architecture
13
14. 14
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Adaptive Architecture
ADAPTIVE emerges as the top objective for the organization. Modern
architecture Integration is the core of being Adaptive
API’s are the most important indication of “what is happening” in modern
application
API’s and Event Driven will enable the use of Legacy system in modern
business processes
15. 15
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Adaptive Composable Organizational
Applications
16. 16
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
The evolution of integration patterns
16
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
17. 17
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
API gateway
The evolution of integration patterns
17
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
18. 18
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
API Gateway
• Protocol transformation
• Scheme validation (content filters like XSD, filed limits, field format, etc.)
• Authentication & security
• Basic logics
19. 19
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
API gateway
Cloud integration:
IPaaS
The evolution of integration patterns
19
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
20. 20
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IPaaS –
Integration
Platform as a
Service
• For cloud connectivity
• Enable integration capabilities for ‘ad hoc’ or ‘citizen’ integrators”
• “I have more adaptors cloud SaaS”
• Selected products: Zapier, iConduct, Workato, Celigo, Snaplogic
20
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
21. 21
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
External (specific API)
API gateway
Cloud integration
IPaaSadvanced ESB
API management
The evolution of integration patterns
21
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
22. 22
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Business manager to CIO:
I want to sell
product X by
our systems
I want to sell
product Y by
our systems
I want to sell
product Z by
our systems
I want to sell
product A by
our systems
CIO CIO
CIO
CIO
23. 23
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Business manager to CIO:
I want to sell
product X by
our systems
CIO
• Place new products in my catalog –
dynamically
• Check stock variability in suppliers ERP
• Process payment (3rd party SW)
• Transfer money immediately to supplier
• Update delivery status and location (3rd
party)
• Update buyer when product was delivered
• Update “consumer club” in both our
systems and suppliers systems
24. 24
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
API Management
24
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
25. 25
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
BOI Open Banking Regulation
25
26. 26
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
API Management – the hottest project in market!
I’m Hot!
26
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
27. 27
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Will API management replace ESB?
It shouldn't – no oorchestration, no transformation, no adapters ( tech
and content), no messaging, no guarantee delivery, etc,
Still – green field organizations (enterprises and start-ups) are not
using ESB at all
28. 28
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
* Gradually when possible
API management tools are
replacing ESB*
28
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
29. 29
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
External (specific API)
API gateway
Cloud integration
IPaaSadvanced ESB
External partners
API management
developer portal
Industry API Standards
The evolution of integration patterns
29
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
30. 30
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Why API interoperability standards are critical for business agility?
“complete name” “full name” “full description” “Shem Male”
"The Hongkong and Shanghai Banking Corporation Limited“ is stored in field
Bank A Bank B Bank C Bank D
These banks can only manually co-ordinate.
This is not suitable for modern business!!
31. 31
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The solution: standard Open API –
"banks": [
{
"id": "hsbc",
"short_name": "HSBC",
"full_name": "The Hongkong and Shanghai Banking
Corporation Limited",
"logo": "url of internet standard image",
"website": "www.postbank.de"
}
]
}
32. 32
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
External (specific API)
API gateway
Cloud integration
IPaaSadvanced ESB
External partners
API management
developer portal
Industry API Standards
The evolution of integration patterns
Microservices
ServiceMesh
32
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
33. 33
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Source: http://martinfowler.com/
34. 34
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI’s work Copyright@2016. Do not remove source or attribution from any slide, graph or portion of graph
34
API gateway /ESB
will not scale in
microservices
production
environment API
Gateway
34
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
35. 35
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
https://medium.com/microservices-in-practice/service-mesh-for-microservices-2953109a3c9a
service mesh pattern
36. 36
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Direct (unsupervised) API calls
36
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
37. 37
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Advanced Integration capabilities are the key to adaptive business
API centric development & operations are a key for availability, efficiency
(reuse) & security
Advanced Integration capabilities are the key to adaptive business
API centric development & operations are a key for availability, efficiency
(reuse) & security
37
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
38. 38
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Event Driven Architecture (EDA)
38
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Traditional programming: direct connection
By topic
39. 39
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Event driven - “If you love someone set him free”
• Traditional programming:
Make_Order {
…
…
Call Order_Fulfilment (id of
order).
Wait for response (ack)
• }
• EDA programming:
Make_Order {
…
…
Publish event:
Order_created(id of order)
//do not wait
• }
40. 40
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Event driven benefits & drawbacks
•Enables adaptive business processes
•Enables work of separate teams
•Fits microservices, self contained systems, DevOps,
serverless
•Basically for a-synchronous purpose
•Distributed transactions are difficult!!
•Needs to reskill architects & programmers
40
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
41. 41
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Low Code
“A low-code development
platform (LCDP) is a software that
provides a development environment
used to create application
software through graphical user
interfaces and configuration instead
of traditional hand-coded computer
programming.” Wikipedia
תפוקה הרבה
,
קוד פחות
42. 42
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The advantages
TTM
Fit for junior/legacy
developers
Low technical debt
Good for business
(application) experiments
(MVP)
42
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
43. 43
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The barriers
Prior experience- 4GL
Politics
Cost of entry
Lockdown
43
44. 44
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Lesson learned
from (Israeli) 4GL:
•Citizen developers should work
under IT guidance/supervision:
•Security, Central Identity,
Regulations, Monitoring
•Updates of infrastructure
•CAB – change advisory board
•Documentation and Architecture
guidance
44
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
44
45. 45
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI’s work Copyright@2016. Do not remove source or attribution from any slide, graph or portion of graph
Will 2022 be the "LowCode Year" in
Israel?
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
45
46. 46
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
API Economy principals
Standards
API standards, Identity
standards, Cyber
security standards
Architecture
Event Driven, API
management vs.
ServiceMesh , Rest vs.
GraphQL
Tools
API management tools
IPaaS tools
Governance
Regulations , apply
standards
Use Cases Identification
and Prioritization
Priorities in DevOps efforts and tooling
Skills
Architect upskill for
Event Driven
Processes
API first culture , API testing
automation
Architecture
Integration
CoE
Governance – be integral part of development process
48. 48
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Reasons for
moving to cloud
• There is (almost) no option since new business applications are only cloud based. Applying modern business processes without using cloud software will be very difficult and unconventional.
New business applications
are only cloud based
Applying modern business
processes without using
cloud software will be very
difficult and unconventional
48
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
49. 49
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
More reasons for
moving to cloud:
• Cloud improve IT speed & agility and
hence business agility
• Cloud computing enables “fail fast”
(leanMVP) business culture
• Cloud drives technology innovation which
drives business innovation
• Cloud computing helps with compliance
• Cloud computing companies invest much
more on cyber security than traditional IT
• Cloud computing helps with IT-Business
alignment
49
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
50. 50
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Repatriation?
Cloud
50
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
51. 51
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Repatriation debate
51
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
52. 52
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Repatriation from cloud in Enterprise IT?
Cloud
Not Yet
52
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
53. 53
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud unexpected
complexity:
•Cloud budget planning
•Bill Shock
•Lack of flexibility in cloud
contracts
•Forgotten areas in cloud SaaS
deals
•In general - mistakes in the
cloud are more harmful
53
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
54. 54
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Reduce the
dominance of
Windows Server
and VMWARE
ESX
54
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
55. 55
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud technical
team is integral
part of the
general teams
55
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
56. 56
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Fact: most
resources are still
spent the on-
premise/traditional
infrastructure
Treat on premise
as cloud!!
56
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
57. 57
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Infrastructure as Code
•Central scriptcode repository (GIT) for
all infrasecurity
•Central workflow for all infrasecurity
57
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
58. 58
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Place infrastructure
as code KPI for all
infrasecurity
departments
58
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
59. 59
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Server is running unnecessarily in
traditional DC – not a big deal
Server is running unnecessarily in
Cloud – very big deal $$
“Pay by the minute” is new for IT* – FINOPS is the
answer
*what are “Spot Instances”?
59
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
60. 60
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Define and implement
mandatory tags for all
cloud resources in the
resource group level – DO
IT NOW
60
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
61. 61
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud cost optimization tools
Build in tools:
62. 62
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
Explaining cloud business and
technology implications
Standards
Example: tagging
(FINOPS) standards,
security standards.
Identity standards
Architecture
Microservices, Event
Driven, Serverless
Tools
Which cloud, Cloud cost
optimization tools ,
Cloud identity tools,
cloud integration tools
Governance
Cloud related
regulations
Use Cases Identification
and Prioritization
Priorities in cloud migration
Skills
Cloud development,
Infrastructure as code
education
Processes
FINOPS, cloud licensing
management, Cloud asset
management
Cloud
CoE
CoE is an enabler, not doer itself. “One DBA team!”
64. 64
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Traditional deployment
• From dev to test to prod – takes ages..
64
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
65. 65
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
DevOps aims at:
• DevOps enables the benefits of Adaptive development to be felt at
the organizational level. DevOps does this by allowing for fast and
responsive, yet stable, operations that can be kept in sync with the
pace of innovation coming out of the development process.
Source:
http://dev2ops.org/blog/2010/2/22/what-is-DevOps.html
http://en.wikipedia.org/wiki/File:DevOps.png
65
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
66. 66
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Some perspective: DevOps at Amazon
Source: http://www.bogotobogo.com/DevOps/DevOps_Jenkins_Chef_Puppet_Graphite_Logstash.php
66
11.6 seconds : Mean time between
deployments (weekday)
Mean
1,079 : Max # of deployments in a single
hour
Max
10,000 : Mean # of hosts simultaneously
receiving a deployment
Mean
30,000 : Max # of hosts simultaneously
receiving a deployment
Max
66
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
67. 67
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
“Let there be DevOps”
68. 68
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
DevOps Tools
Monitoring/Observability/AIOPS
Collaboration
Configuration Automation
Testing
Issue Trekking/ITSM
Release Management
Security
Continues Integration
Artifacts/ Package Management
69. 69
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Legacy systems
must be part of
Value Stream
mapping &
DevOps
69
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
70. 70
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Measure until code
is in production and
not until value is
created
70
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
71. 71
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Value Stream
Mapping?
•Value stream enables you to
create a detailed visualization of
your workflows.
•This visualization represents
how your products and services
flow from supplier to customer
via your company.
•Value Stream tools should get
their input from ALM tools and
from manual inputs
71
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
72. 72
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IMPROVING DATABASE PROVISIONING PROCESS TO
MEET BUSINESS DEMANDS
73. 73
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IMPROVING DATABASE PROVISIONING PROCESS TO
MEET BUSINESS DEMANDS
74. 74
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Value stream mapping:
Source: https://www.scielo.br/j/jistm/a/wRTL87bgXHG6zZd8GGNNvxt/?format=pdf&lang=en
75. 75
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI: start
DevOps with
Value stream
mapping
75
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
76. 76
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Operations team (NOC) vs. ESM (monitoring) team
76
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
77. 77
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
SRE is what happens
when you ask a software
engineer to design an
operations team
•SRE – Site Reliability
Engineering
•Automation (code, tooling) in
operations, self healing
architecture
•MTTR instead of MTBF
•Error Budget
•Developers responsibility for
operations
77
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
78. 78
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Developers
are not
responsible
of operations
78
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
79. 79
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Observability:
the new
Monitoring
79
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
80. 80
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Expected correlation in
golden signals. What is
anomaly?
80
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Normal behavior: Traffic--> Saturation --> Latency --> Error
81. 81
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
Explain DevOps to business
Standards
Naming conventions for
infrastructure, testing
standards, Monitoring
(Observability)
standards
Architecture
Microservices, Monitoring
(Observability) health
API’s
Tools
DevOps orchestrator,
Integration to Source
Control, Ticketing tools,
DEVSECOPS tools
Governance
Which type of DevOps
and controls (testing)
for each application
type
Use Cases Identification
and Prioritization
Priorities in DevOps efforts and tooling
Skills
Cloud development,
Infrastructure as code
education
Processes
Let Developers part of the
operations responsibility,
Unify the development and
operations processes and
KPI’s
DevOps
CoE
Cooperation between Development and
InfraOps departments is crucial in the
success of DevOps CoE
82. 82
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI Webinar:
Coping with
Complex IT
Environment
27.10.21
CTO’s Architects,
Development, Infra &
Operations
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
83. 83
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Zero Trust CoE
83
84. 84
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Before:
Inside = safe
We are inside
Outside = not safe
84
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
85. 85
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Everything is outside !!
After:
86. 86
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Zero Trust :the organization has no perimeters
“Never trust – Always verify”*
Forrester-The Zero Trust eXtended (ZTX) Ecosystem
86
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
87. 87
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
What should we verify?
• The user’s identity (now)
• The device (now)
• The network (now)
• What is transferred (data, docs,
web) - now
• Role-based access control (process,
port, protocol) – preferably via
proxy – no network access
87
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
88. 88
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Who is the user in many clouds?
89. 89
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud Identity Services principals
90. 90
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Possible
solution for
Zero Trust –
SASE – Secure
Access Service
Edge
90
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
91. 91
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
SASE capabilities
92. 92
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Close
“employees
WIFI” stay with
“guest WIFI”
92
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
93. 93
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Close the
internal
network
longer term
93
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
94. 94
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
Explaining cloud business and
technology implications
Standards
Example: tagging
(FINOPS) standards,
security standards.
Identity standsrds
Architecture
Microservices, Event
Driven, Serverless
Tools
Which cloud, Cloud cost
optimization tools ,
Cloud identity tools,
cloud integration tools
Governance
Cloud related
regulations
Use Cases Identification
and Prioritization
Priorities in cloud migration
Skills
Cloud development,
Infrastructure as code
education
Processes
FINOPS, cloud licensing
management, Cloud asset
management
Cyber
CoE
CoE is an enabler, not a controller or a doer itself
Zero Trust is such a
big change for Cyber
Security – everybody
should take a big
breath
95. 95
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The End:
Implement
while
doing fun!!
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph