All posts by cloudtech

Puppet’s 2019 State of DevOps report: How security needs to fit into continuous delivery

You’ve got the processes in place for a revamped software delivery cycle in your organisation. The foundation has been built, the stack is in place and the culture is going in the right direction. What are you missing?

Security in DevOps is an ‘unrealised ideal’ and a key step in moving from DevOps good practice to best practice. That’s according to the latest Puppet State of DevOps Report, published earlier today. 

The report, the eighth in total, explored the various journeys organisations were at in security integration. Security, alas, is not a competitive differentiator – getting good product out there is – so the report sympathised with organisations facing the struggle. Though the road ahead is paved with good intentions, it doesn’t change habits – or pay the bills.

In all, almost a quarter (21%) of the 3,000 respondents polled who have the highest levels of security integration – whereby security is present across all phases of the software delivery cycle – say they have reached an advanced stage of DevOps maturity. Only 6% of those with no security integration say they have done so. 

What’s more, if you have the highest level of security integration it means you are more likely to deliver on production demand quickly, cited by 61% of firms. Of those with no security integration, less than half (49%) are able to deploy on demand. Security-conscious firms are also more than twice as likely to be able to stop a push to production for a moderate security vulnerability, meaning their customers aren’t able to release insecure code.

The most marked change was with regards to overall security posture. More than four in five (82%) of those polled with the highest levels of security integration said their security practices ‘significantly’ improved their posture, compared with only 38% of those with no integration.

In some aspects, the figures between the haves and the have-nots are not as broad as they seem. This may be of particular interest due to the harsh journey involved. Getting seamless security integration is a multi-layered problem. As the report puts it: “You see the underlying complexity that’s been masked over by years of duct tape and glue. You tackle the roadblock, but as you resolve it, new obstacles appear. You resolve one roadblock after another, and it gets frustrating, but after a while, you see that your team can overcome issues as they arise.” 

Last year, the key takeaway was with regards to getting each step right. The 2018 Puppet report argued reaching the zenith, where Dev and Ops integrate seamlessly and in perfect harmony, meant a slow evolution. Only one in 10 organisations polled were outliers either way, with 79% of companies somewhere in the middle.

With regard to security, those at the more advanced end of DevOps implementation are automating security policy configurations, and at the very sharp end exploring automated incident response. “They had cultivated a powerful blend of high-trust environments, autonomous teams, and a high degree of automation and cross-functional collaboration between application teams, operations and security teams.

“The result? Security becomes a shared responsibility across delivery teams that are empowered to make security improvements.”

Ultimately, it is a long road, but a profitable one if all stakeholders care enough, which is rather like security as a whole. “The DevOps principles that drive positive outcomes for software development – culture, automation, measurement and sharing – are the same principles that drive positive security outcomes,” said Alanna Brown, senior director of developer relations at Puppet and report author. “Organisations that are serious about improving their security practices and posture should start by adopting DevOps practices.”

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

IDC: Global spending on public cloud services and infrastructure to reach £398b in 2023

The latest IDC study suggests that global spending on public cloud services and infrastructure will be more than double by 2023, mainly driven by digital transformation deployments. According to the market researcher, spending will grow at a rate of 22.3 per cent from $229b (£182b) in 2019 to nearly $500b (£398b) in 2023.

Eileen Smith, programme director at IDC, said: “Adoption of public (shared) cloud services continues to grow rapidly. Enterprises, especially in professional services, telecommunications, and retail, continue to shift from traditional application software to software-as-a-service (SaaS) and from traditional infrastructure to infrastructure-as-a-service (IaaS) to empower customer experience and operational-led digital transformation initiatives.”

SaaS will hold more than half of all public cloud spending during the forecast period, says IDC, adding that the market segment comprising applications and system infrastructure software (SIS) will be dominated by applications purchases. The report said: “The leading SaaS applications will be customer relationship management (CRM) and enterprise resource management (ERM). SIS spending will be led by purchases of security software and system and service management software.”

It said that the IaaS would be the second largest category of public cloud spending throughout the forecast period, which will be followed by platform-as-a-service (PaaS). IaaS spending, spanning servers and storage devices will also be the rapid growing category of cloud spending with a growth rate of 32 per cent. The market research firm said: “PaaS spending will grow nearly as fast – 29.9 per cent – led by purchases of data management software, application platforms, and integration and orchestration middleware.”

Three industries, namely professional services, discrete manufacturing, and banking, will be responsible for more than one-third of all public cloud services spending during the forecast period.

The report further said: “While SaaS will be the leading category of investment for all industries, IaaS will see its share of spending increase significantly for industries that are building data and compute-intensive services. For example, IaaS spending will represent more than 40 per cent of public cloud services spending by the professional services industry in 2023 compared to less than 30 per cent for most other industries. Professional services will also see the fastest growth in public cloud spending with a five-year CAGR of 25.6 per cent.”

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

AWS announces availability of Amazon Managed Blockchain service

Amazon Web Services (AWS) has announced the market availability of its Amazon Managed Blockchain (AMB) service, which is designed to help companies develop and manage scalable blockchain networks.

The platform extends its support to thousands of applications and millions of transactions via open source frameworks, such as Ethereum and Hyperledger Fabric. Those intending to permit multiple parties to perform transactions and maintain a cryptographically verifiable record of them without the need for a trusted, central authority can easily setup a blockchain network across multiple AWS accounts with the help of AWS Management Console.

Rahul Pathak, general manager, Amazon Managed Blockchain at AWS, said: “Customers want to use blockchain frameworks like Hyperledger Fabric and Ethereum to create blockchain networks so they can conduct business quickly, with an immutable record of transactions, but without the need for a centralised authority. However, they find these frameworks difficult to install, configure, and manage.

"Amazon Managed Blockchain takes care of provisioning nodes, setting up the network, managing certificates and security, and scaling the network," Pathak added. "Customers can now get a functioning blockchain network set up quickly and easily, so they can focus on application development instead of keeping a blockchain network up and running.”

Last month, VMware announced its integration with Digital Asset, which operates the open source DAML language to construct smart contracts. As part of this collaboration, VMware is integrating the DAML with its VMware Blockchain platform. In 2018, VMware introduced its first, own blockchain project called Project Concord at the VMworld event.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Exploring the links between AI, 5G and IoT – and how cloud computing underpins them all

Sponsored If the agenda and sessions at MWC 2019 don’t explicitly mention cloud computing, then there’s a good reason. The emerging technologies that will be explored at the show, which runs as ever in Barcelona from February 25-28, from artificial intelligence (AI), to 5G, to the Internet of Things, all need cloud to underpin them.

Don’t make the mistake of thinking there won’t be any presence on that front. The vendor literature is naturally full of advocating a holistic, tech-utopian landscape. Mavenir describes itself on its page as “the industry’s only 100% software, end-to-end, cloud-native network software provider.” Gemalto on its page puts as a key strength “trusted data exchange from edge devices up to the cloud”, while Huawei in its invitation notes now “new technologies like 5G, AI, IoT and cloud computing are more important than ever.” Exhibitors at this year’s event include, in the shape of Google Cloud, Alibaba Cloud, and IBM, three of the biggest cloud vendors in the space.

Regular readers of this publication will be more than aware of how cloud is the glue which holds the more emerging technologies together. Speaking last year Pat Gelsinger, the CEO of VMware, summed it up nicely. Cloud enables mobile connectivity; mobile connectivity creates more data; more data makes artificial intelligence better; AI enables more edge use cases; and more edge needs more cloud for storage and compute.

Indeed, the links between cloud and AI go deeper. Writing in November, Dr. Wanli Min, chief machine intelligence scientist at Alibaba Cloud, noted that while AI “seems to mean all things to all people”, the evidence suggests a gradual path.

“Crucially, cloud computing using AI isn’t a radical or revolutionary change. In many respects it’s an evolutionary one,” he wrote. “For many organisations, it has been a seamless integration from existing systems, with AI investment gathering pace quickly. Over the next few years we can expect to see the industry continue to boom, with AI driving cloud computing to new heights, while the cloud industry helps bring the benefits of AI to the mainstream.”

If you do look hard enough you will see more concrete references, including an interesting session on February 27 around the concept of ‘cloud XR’ (extended reality) – ‘the spectrum of technologies [combining] generated virtual elements into the real environment.’

Yet this coming together has seen MWC’s message change. Indeed, as is shown in its 2019 theme of ‘intelligent connectivity’, the industry has gone beyond the original ethos of mobile. “We are rapidly moving to a world where mobile will connect everyone and everything, but at the same time, we are expanding our reach beyond ‘just’ mobile,” a blog post explains.

“The theme of this year’s event is ‘intelligent connectivity’ – the term we use to describe the powerful combination of flexible, high-speed 5G networks, the Internet of Things, artificial intelligence and big data. Intelligent connectivity marks the beginning of a new era defined by highly contextualised and personalised experiences, delivered as and when you want them. This is the future of our industry and our world.”

Read the full article here and find out more about MWC19 by visiting here.

Editor’s note: This article is brought to you alongside MWC19.

Mirantis to help AT&T build Network Cloud for 5G

US telecom giant AT&T will be building the next generation of its Network Cloud for 5G with the help of cloud computing firm Mirantis, as part of a three-year deal reportedly to be more than £7.7mn ($10mn).

AT&T’s Network Cloud for 5G will be built via software from an open source project known as “Project Airship”, which was initially formed by the telecom company, along with SK Telecom, the OpenStack Foundation, and Intel in May of 2018.

Amy Wheelus, AT&T’s vice president of cloud and Domain 2.0 Platform integration, said:

“Simply put, Airship lets you build a cloud easier than ever before. Whether you’re a telecom, manufacturer, healthcare provider, or an individual developer, Airship makes it easy to predictably build and manage cloud infrastructure.”

Boris Renski, co-founder and CMO of Mirantis, said that Project Airship is very crucial for AT&T because it is what makes it possible to roll out many data centres and manage them on a single life cycle.

“AT&T had the foresight to start building this in open source about one and a half years ago,” he commented.

AT&T’s Integrated Cloud (AIC), which was built using cloud infrastructure software from OpenStack, is used by more than hundred data centres. When A&T first announced the Project Airship, it said that it was changing the name of AIC to Network Cloud. And since then, the company is referring it as Network Cloud for 5G.

It has been years now that Mirantis is working with the American telecom giant. Moreover, the cloud computing firm was an early OpenStack collaborator and now provides commercial OpenStack distribution. OpenStack’s original software was built to use virtual machines (VMs) in the data centre.

AT&T’s Network Cloud for 5G is being built on OpenStack using containers as opposed to VMs. These containers are managed by a container management system, called Kubernetes.

The Network Cloud for 5G will be built based on containers and Kubernetes. However, it will still have ample of workloads running on VMs within its AIC.

(Photo by Markus Spiske on Unsplash)

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Golden State Warriors use Google Cloud to up their game

American professional basketball team Golden State Warriors will use Google Cloud’s data-crunching technology to improve the performance of the players.

Apart from improving their game on court, the NBA champions will also use Google Cloud to track analytics to crunch scouting reports and better rope in athletes. According to Google Cloud, this data can easily be shared with coaches, staff and players.

It is also reported that the basketball team is planning to host a mobile app on the Google Cloud platform. This app — which will be developed by the Warriors and Accenture — will leverage Google Cloud technologies, such as App Engine and Firebase, for personalisation and Maps to support navigation. The app will also allow Warriors’ fans to find their seats.

Moreover, Google Cloud will also become a founding partner of the Chase Centre in San Francisco, California. This will become the new home venue for the team as it will be opening in September 2019.

According to Google Cloud, the Chase Centre will use the same analytics to promote sporting and entertainment events at the venue.

Kirk Lacob, assistant general manager and vice president of GSW Sports Ventures at the Warriors, said: “Today, 70% of the Golden State Warriors analytics team's time is spent collecting and shaping data and only 30% of time is spent analysing it. Partnering with Google Cloud to automate the collection of valuable data will allow us to free up resources and spend more time turning these insights into action.”

(Photo by TJ Dragotta on Unsplash)

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Databricks secures $250m funding as a16z claims its victory in big data platforms

It’s another big day for big data; analytics platform provider Databricks has raised $250 million (£193.3m) in a series E funding round and now sits atop a $2.75 billion valuation.

The funding was led by Andreessen Horowitz (a16z), and featured participation from Coatue Management, Microsoft, and New Enterprise Associates (NEA). In a statement, Ben Horowitz said that a16z was “thrilled” to invest in this funding round and that Databricks was the “clear winner in the big data platform race.”

The company helped create big data processing framework Apache Spark and has offerings based around Azure and Amazon Web Services (AWS). The technology continues to have a wide-ranging influence; only last week Google launched a Kubernetes operator for Apache Spark in beta.

Like many big data companies with technological foundations on open source software, Databricks’ bread and butter is through putting a platform, Unified Analytics, on top of it. The platform aims to unify data management and its myriad of languages and tools, with Databricks claiming it is up to 100 times faster than open source Spark.

The presence of Microsoft as one of the funders may raise the odd eyebrow, but its positioning is more than sound. The company offers a product called Azure Databricks, a Spark-based analytics service.

“Databricks has shown tremendous leadership in big data, data science and is uniquely positioned with Microsoft to meet customer needs across big data, data warehousing and machine learning,” said Rohan Kumar, corporate vice president of Azure data at Microsoft.

As is customary, the key to big data analysis is through the incorporation of artificial intelligence (AI) and machine learning. Speaking to this publication last month following the $5.2 billion merger with Hortonworks, Cloudera chief marketing officer Mick Hollison – who can certainly be considered a competitor of Databricks – noted how a major curve was about to take place.

“Most of the ML and AI that has been done in enterprises to date has been pretty bespoke,” Hollison explained. “It hasn’t necessarily been done against well secured and governed data sets supported by IT. It’s often been scraped onto a laptop by a data scientist, putting that data at risk.”

If Databricks has in the opinion of a16z won the race for big data platforms, the next challenge is ensuring artificial intelligence capability to help organisations get the most valuable insights.

(Photo by Pepi Stojanovski on Unsplash)

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Cloud adoption in the UK is outpacing the EU average

Research published by Eurostat reveals the UK is the sixth largest cloud users among other countries in the EU.

According to statistics published by the European Statistical Office, British enterprises claim to have a relatively high rate of cloud adoption, with 41.9% of companies adopting some form of cloud service. This is compared with the average of 26.2% in EU nations.

The UK is marginally behind some predominant Scandinavian countries like Finland, Sweden, and Denmark, which have 65.3%, 57.2%, and 55.6% of cloud users, respectively.

Figures show organisations in the UK are overtaking the rest of Europe in cloud adoption with a 17.9% increase over 2014, compared to a relatively modest EU-wide average increase of 7.2%.

Eurostat experts Magdalena Kaminska and Maria Smihily said:

“Cloud computing is one of the strategic digital technologies considered important enablers for productivity and better services. Enterprises use cloud computing to optimise resource utilisation and build business models and market strategies that will enable them to grow, innovate and become more competitive.

Growth remains a condition for businesses' survival and innovation remains necessary for competitiveness. In fact, the European Commission in the wider context of modernisation of the EU industry develops policies that help speed up the broad commercialisation of innovation.”

The rate of cloud adoption in France and Germany was far below average with just 19% and 22%, respectively.

Furthermore, the data shows that only 23% of European businesses use cloud computing power for enterprise software and just 29% of firms use cloud-based customer relationship management (CRM) tools and apps.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Amazon will improve its cloud efficiency using ARM-based processor

Amazon is deploying an ARM-based Graviton processor to improve its cloud-based computing services. As per the Seattle-based company, this will lead to cost savings of up to 45% for "scale-out" services.

Amazon became the world’s biggest player in cloud computing via Amazon Web Services (AWS) which is the company’s $27 billion cloud business. AWS provides on-demand cloud computing platforms to individuals, companies, and governments on a paid subscription basis.

The e-commerce giant is changing the technology behind its cloud services to deliver faster performance and to save costs. The new system is expected to provide the company with a performance-per-dollar advantage.

The ARM Graviton processor contains 64-bit Neoverse cores and is based on the Cosmos 16nm processor platform, highlighted ARM Senior Vice President Drew Henry.

In addition, the Israeli-designed Graviton operates on the Cortex-A72 64bit core which functions at clock frequencies up to 2.3GHz. The servers run on Intel and AMD processors.

The system will assist Amazon with scale-out workloads. Users of the service can share the load across a group of smaller instances such as containerized microservices, web servers, development environments, and caching fleets.  

There are other advantages to Amazon from the new technology, centred around being more independent in relation to technology providers.

Amazon will now have the ability to license Arm blueprints, via Annapurna. In addition, the company will now be allowed to customize and tweak those designs and will have the ability to go to contract manufacturers like TSMC and Global Foundries and get competitive chips made.

Additionally, AWS is also building a custom ASIC for AI Inference called Inferentia. This could be capable of scaling from hundreds to thousands of trillions of operations per second and further reduce the cost of cloud-based services.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series.pngInterested in hearing industry leaders discuss subjects like this and sharing their Cyber Security & Cloud use-cases? Attend the Cyber Security & Cloud Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.

Packet and Wasabi join hands to offer better cloud services than AWS

Cloud and edge computing infrastructure provider Packet, and hot cloud storage firm Wasabi, have joined hands to integrate their respective platforms to offer their customers cloud computing and storage services for less compared to Amazon Web Services (AWS).

David Friend, CEO of Wasabi, said: “Amazon has 100-some-odd cloud services. They do everything, but they don’t do anything particularly well. They’ve got one big integrated environment. But if you want the best content delivery network, Amazon doesn’t have it. If you want the best storage, Amazon doesn’t have it.”

At the moment, Packet and Wasabi’s offering is very limited in scope if compared to AWS’ multiple services. Unlike AWS’ be-everything-to-everybody approach, the companies are focusing only on cloud storage and cloud computing.

According to Friend, Wasabi’s cloud storage is 80% cheaper and six-times faster than Amazon S3 storage.

Zac Smith, CEO of Packet, said: “How can we create an experience for enterprise buyers that gives the best of both worlds: the best, low-cost storage option and the best compute, but at the same time not with a lower experience for the developer? We’re not trying to solve this from a technology standpoint. We’re trying to solve this from an operations and business standpoint.”

Packet claims that its bare-metal cloud supports more than 60,000 installations every month and is available in more than 18 countries. Its cloud automation platform enables bare metal installations in less than 60 seconds.

Also, both companies will be offering joint services via their individual infrastructure-as-a-service (IaaS) management consoles and APIs, which is likely to be available in Q1 2019. This integrated console will let Packet compute customers to use Wasabi storage and Wasabi customers to use Packet compute resources.

These joint cloud services will be connected over a high-capacity, low-latency fibre network with no transfer fees between compute and storage elements.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series.pngInterested in hearing industry leaders discuss subjects like this and sharing their Cyber Security & Cloud use-cases? Attend the Cyber Security & Cloud Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.