Posted on 1 Comment

Why Technology Business Management and Technology Expense Management Are Misaligned

(Note: This presentation is also available in a presentation format on Slideshare)

One of the most frequent questions Amalgam Insights receives is how Technology Business Management and Technology Expense Management are related to each other. And what do these topics have to do with the new phrase of “FinOps,” that is starting to appear? Amalgam’s perspective is definitely different.

Why FinOps is a Misnomer
Continue reading Why Technology Business Management and Technology Expense Management Are Misaligned

Posted on 2 Comments

Developing a Practical Model for Ethical AI in the Business World: Stage 3 – Operational Deployment

In this blog post series, Amalgam Insights is providing a practical model for businesses to plan the ethical governance of their AI projects.

To read the introduction, click here.

To read about Stage 1: Executive Design, click here

To read about Stage 2: Technical Development, click here.

This blog focuses on Operational Deployment, the third of the Three Keys to Ethical AI described in the introduction.

Figure 1: The Three Keys to Ethical AI

Stage 3: Operational Deployment

Once an AI model is developed, organizations have to translate this model into actual value, whether it be by providing the direct outputs to relevant users or by embedding these outputs into relevant applications and process automation. But this part of AI also requires its own set of ethical considerations for companies to truly maintain an ethical perspective.

  • Who has access to the outputs?
  • How can users trace the lineage of the data and analysis?
  • How will the outputs be used to support decisions and actions?

Figure 2: Deployment Strategy

Who has access to the outputs?

Just as with data and analytics, the value of AI scales as it goes out to additional relevant users. The power of Amazon, Apple, Facebook, Google, and Microsoft in today’s global economy shows the power of opening up AI to billions of users. But as organizations open up AI to additional users, they have to provide appropriate context to users. Otherwise, these new users are effectively consuming AI blindly rather than as informed consumers. At this point, AI ethics expands beyond a technical problem into an operational business problem that affects every end user affected by AI.

Understanding the context and impact of AI at scale is especially important for AI initiatives that are focused on continuous improvement focused on increasing user value. Amalgam Insights recommends a focus on directly engaging user feedback for user experience and preference rather than simply depending on A/B testing. It takes a combination of quantitative and qualitative experience to optimize AI at a time when we are still far from truly understanding how the brain works and how people interact with relevant data and algorithms. Human feedback is a vital aspect for AI training and to understand the perception and impact of AI.

How can users trace the lineage of the data and analysis?

Users accessing AI in an ethical manner should have basic access to the data and assumptions used to support the AI. This means both providing quantitative logic and qualitative assumptions that can communicate the sources, assumptions, and intended results of the AI to relevant users. This context is important in supporting an ethical AI project as AI is fundamentally based not just on a basic transformation of data, but on a set of logical assumptions that may not be inherently obvious to the user.

From a practical perspective, most users will not fully understand the mathematical logic associated with AI, but users will understand the data and basic conceptual assumptions being made to provide AI-based outputs. Although Amalgam Insights believes that the rise of AI will lead to a broader grasp of statistics, modeling, and transformations over time, it is more important that both executive and technical stakeholders are able to explain how AI technologies in production are productive, relevant, and ethical based on both a business and technical basis.

How will the outputs be used to support decisions and actions?

Although this topic should already have been explored at the executive level, operational users will have deeper knowledge of how the technology will be used on a day-to-day basis and should revisit this topic based on their understanding of processes, internal operations, and customer-facing outcomes.

There are a variety of ways that AI can be used to support the decisions we make. In some cases, such as with search engines and basic prioritization exercises, AI is typically used as the primary source of output. For a more complex scenario, such as sales and marketing use cases or complex business or organizational decisions, AI may be a secondary source to provide an additional perspective or an exploratory and experimental perspective simply to provide context for how an AI perspective would differ from a human-oriented perspective.

But it is important for ethical AI outputs to be matched up with appropriate decisions and outcomes. A current example creating headlines is focused on the current launch of the Apple credit card and decisions being made about disparate credit limits for a married man and woman based on “the algorithm.” In this example, the man was initially given a much larger credit limit than the woman despite the fact that the couple filed taxes jointly and effectively shared joint income.

In this case, the challenge of giving “the algorithm” an automated and primary (and, likely, exclusive) role in determining a credit limit has created issues that are now in the public eye. Although this is a current and prominent example, it is less of a statement about Apple in particular and more of a statement regarding the increasing dependence that financial services has on non-transparent algorithms to accelerate decisions and provide an initial experience to new customers.

A more ethical and human approach would have been to figure out if there were inherent biases in the algorithm. If the algorithm had not been sufficiently tested, it should have been a secondary source for a credit limit decision that would ultimately be made by a human.

So, based on these explorations, we create a starting point for practical business AI ethics.

Figure 3: A Practical Framework

Recommendations

Maintain a set of basic ethical precepts for each AI project across design, development, and deployment. As mentioned in Part 1, these ethical statements should be focused on a few key goals that should be consistently explored from executive to technical to operational deployment. These should be short enough to fit onto every major project update memo and key documentation associated with the project. By providing a consistent starting point of what is considered ethical and must be governed, AI can be managed more consistently.

Conduct due diligence across bias, funding, champions, development, and users to improve ethical AI usage. The due diligence on AI currently focuses too heavily on the construction of models, rather than the full business context of AI. Companies continue to hurt their brands and reputation by putting out models and AI logic that would not pass a basic business or operational review.

Align AI to responsibilities that reflect the maturity, transparency, and fit of models. For instance, experimental models should not be used to run core business processes. For AI to take over significant operational responsibilities from an automation, analytical, or prescriptive perspective, the algorithms and production of AI need to be enterprise-ready just as traditional IT is. Just because AI is new does not mean that it should bypass key business and technical deployment rules.

Review and update AI on a regular basis. Once an AI project has been successfully brought to the wild and is providing results, it must be managed and reviewed on a regular basis.  Over time, the models will need to be tweaked to reflect real-life changes in business processes, customer preferences, macroeconomic changes, or strategic goals. AI that is abandoned or ignored will become technical debt just as any outdated technology is. If there is no dedicated review and update process for AI, the models and algorithms used will eventually become outdated and potentially less ethical and accurate from a business perspective.

We hope this guide and framework are helpful in supporting more ethical and practical AI projects. If you are seeking additional information on ethical AI, the ROI of AI, or guidance across data management, analytics, machine learning, and application development, please feel free to contact us at research@amalgaminsights.com and send us your questions. We would love to work with you.

Posted on 1 Comment

AI on AI – 8 Predictions for the Data Savvy Pro

When we started Amalgam Insights, we oh-so-cleverly chose the AI initials with the understanding that artificial intelligence (the other AI…), data science, machine learning, programmatic automation, augmented analytics, and neural inputs would lead to the greatest advances in technology. At the same time, we sought to provide practical guidance for companies seeking to bridge the gaps between their current data and analytics environments and the future of AI. With that in mind, here are 8 predictions we’re providing for 2020 for Analytics Centers of Excellence and Chief Data Officers to keep in mind to stay ahead while remaining practical.

1. In 2020, AI becomes a $50 billion market, creating a digital divide between the haves and have nots prepared to algorithmically assess their work in real time. Retail, Financial Services, and Manufacturing will be over half of this market.

2. The data warehouse becomes less important as a single source of truth. Today’s single source replaces data aggregation and duplication with data linkages and late-binding of data sources to bring together the single source of truth on a real-time basis. This doesn’t mean that data warehouses aren’t still useful; it just means that the single source of truth can change on a real-time basis and corporate data structures need to support that reality. And it becomes increasingly important to conduct analytics on data, wherever the data may be, rather than be dependent on the need to replicate and transfer data back to a single warehouse.

3. Asking “What were our 2020 revenues?” will be an available option in every major BI solution by the end of 2020, with the biggest challenge then being how companies will need to upgrade and configure their solutions to support these searches. We have maxed out our ability to spread analytics through IT. To get beyond 25% analytics adoption in 2020, businesses will need to take advantage of natural language queries and searches are becoming a general capability for analytics, either as a native or partner-enabled capability.

4. 2020 will see an increased focus on integrating analytics with automation, process mapping, and direct collaboration. Robotic Process Automation is a sexy technology, but what makes the robots intelligent? Prioritized data, good business rules, and algorithmic feedback for constant improvement. When we talk about “augmented analytics” at Amalgam Insights, we think this means augmenting business processes with analytic and algorithmic logic, not just augmenting data management and analytic tasks.

5. By 2025, analytic model testing and Python will become standard data analyst and business analyst capabilities to handle models rather than specific data. Get started now in learning Python, statistics, an Auto Machine Learning method, and model testing. IT needs to level up from admins to architects. All aspects of IT are becoming more abstracted through cloud computing, process automation, and machine learning. Data and analytics are no exception. Specifically, Data analysts will start conducting the majority of “data science” tasks conducted in the enterprise, either as standalone or machine-guided tasks. If a business is dependent on a “unicorn” or a singular talent to conduct a business process, that process is not scalable and repeatable. As data science and machine learning projects start becoming part of the general IT portfolio, businesses will push down more data management, cleansing, and even modeling and testing tasks to the most dependable talent of the data ecosystem, the data analyst.

6. Amalgam Insights predicts that the biggest difference between high ROI and low ROI analytics in 2020 will come from data polishing, not data hoarding. – The days of data hoarding for value creation are over. True data champions will focus on cleansing, defining, prioritizing, and separating the 1% of data that truly matters from the 99% more suited to mandatory and compliance-based storage.

7. On a related note, Amalgam Insights believes the practice of data deletion will be greatly formalized by Chief Data Protection Officers in 2020. With the emergence of CCPA along with the continuance of GDPR, data ownership is now potentially risky for organizations holding the wrong data.

8. The accounting world will make progress on defining data as a tangible asset. My expectations: changes to the timeframes of depreciation and guidance on how to value specific contextually-specific data such as customer lists and business transactions. Currently, data cannot be formally capitalized, meaning asset. Now that companies are generally starting to realize that data may be their greatest assets outside of their talent, accountants will bring up more concerns for FASB Statements 141 and 142.

Posted on 2 Comments

Developing a Practical Model for Ethical AI in the Business World: Stage 2 – Technical Development

In this blog post series, Amalgam Insights is providing a practical model for businesses to plan the ethical governance of their AI projects.

To read the introduction, click here.

To read about Stage 1: Executive Design, click here

This blog focuses on Technical Development, the second of the Three Keys to Ethical AI described in the introduction.

Figure 1: The Three Keys to Ethical AI

Stage 2: Technical Development

Technical Development is the area of AI that gets the most attention as machine learning and data science start to mature. Understandably, the current focus in this Early Adopter era (which is just starting to move into Early Majority status in 2020) is simply on how to conduct machine learning, data science efforts, and potentially deep learning projects in a rapid, accurate, and potentially repeatable manner. However, as companies conduct their initial proofs of concepts and build out AI services and portfolios, the following four questions are important to take into account.

  • Where does the data come from?
  • Who is conducting the analysis?
  • What aspects of bias are being taken into account?
  • What algorithms and toolkits are being used to analyze and optimize?

Figure 2: Technical Development

Where does the data come from?

Garbage In, Garbage Out has been a truism for IT and data projects for many decades. However, the irony is that much of the data that is used for AI projects used to literally be considered “garbage” and archival exhaust up until the practical emergence of the “Big Data” era at the beginning of this decade. As companies use these massive new data sources as a starting point for AI, they must check on the quality, availability, timeliness, and context of the data. It is no longer good enough to just pour all data into a “data lake” and hope that this creates a quality training data sample.

The quality of the data is determined by the completeness, accuracy, and consistency of the data. If the data have a lot of gaps, errors, or significant formatting issues, the AI will need to account for these issues in a way that maintains trust. For instance, a long-standing historical database may be full of null values as the data source has been augmented over time and data collection practices have improved. If those null values are incorrectly accounted for, AI can end up defining or ignoring a “best practice” or recommendation.

From a practical perspective, consider as an example how Western culture has recently started to formalize non-binary gender or transgendered identity. Just because data may not show these identities prior to this decade does not mean that these identities didn’t exist. Amalgam Insights would consider a gap like this to be a systemic data gap that needs to be taken into account to avoid unexpected bias, perhaps through the use of adversarial de-biasing that actively takes the bias into account.

The Availability and Timeliness of the data refers to the accessibility, uptime, and update frequency of the data source. Data sources that may be transient or migratory may serve as a risk for making consistent assumptions from an AI perspective. If an AI project is depending on a data source that may be hand-curated, bespoke in nature, or inconsistently hosted and updated, this variability needs to be taken into account in determining the relative accuracy of the AI project and its ability to consistently meet ethical and compliance standards.

Data context refers to the relevance of the data both for solving the problem and for providing guidance to downstream users. Correlation is not causation, as the hilarious website “Spurious Correlations” run by Tyler Vigen shows us. One of my favorite examples shows how famed actor Nicolas Cage’s movies are “obviously” tied to the number of people who drown in swimming pools.

Figure 3: Drownings as a Function of Nicolas Cage Movies


(Thanks to Spurious Correlations! Buy the book!)

But beyond the humor is a serious issue: what happens if AI assumptions are built on faulty and irrelevant data? And who is checking the hyperparameter settings and the contributors to parameter definitions? Data assumptions need go through some level of line of business review. This isn’t to say that every business manager is going to suddenly have a Ph.D. level of data science understanding, but business managers will be able to either provide confirmation that data is relevant or provide relevant feedback on why a data source may or may not be relevant.

Who is conducting the analysis?

In this related question, the deification of the unicorn data scientist has been well-documented over the last few years. But just as business intelligence and analytics evolved from the realm of the database master and report builder to a combination of IT management and self-service conducted by data-savvy analysts, data science and AI must also be conducted by a team of roles that include the data analyst, data scientist, business analyst, and business manager. In small companies, an individual may end up holding multiple roles on this team.

But if AI is being developed by a single “unicorn” focused on the technical and mathematical aspects of AI development, companies need to make sure that the data scientist or AI developer is taking sufficient business context into account and fully considering the fundamental biases and assumptions that were made during the Executive Design phase.

What aspects of bias are being taken into account?

Any data scientist with basic statistical training will be familiar with Type I (false positive) and Type II (false negative) errors as a starting point for identifying bias. However, this statistical bias should not be considered the end-all and be-all of defining AI bias.

As parameters and outputs become defined, data scientists must also consider organizational bias, cultural bias, and contextual bias. Simply stating that “the data will speak for itself” does not mean that the AI lacks bias; this only means that the AI project is actively ignoring any bias that may be in place. As I said before, the most honest approach to AI is to acknowledge and document bias rather than to simply try to “eliminate” bias. Bias documentation is a sign of understanding both the problem and the methods, not a weakness.

An extreme example is Microsoft’s “Tay” chatbot released in 2016. This bot was released “without bias” to support conversational understanding. The practical aspect of this lack of bias was that the bot lacked the context to filter racist messages and to differentiate between strongly emotional terms and culturally appropriate conversation. In this case, the lack of bias led to the AI’s inability to be practically useful. In a vacuum, the most prevalent signals and inputs will take precedence over the most relevant or appropriate signals.

Unless the goal of the AI is to reflect the data that is most commonly entered, an “unbiased” AI approach is generally going to reflect the “GIGO” aspect of programming that has been understood for decades. This challenge reflects the foundational need to understand the training and distribution of data associated with building of AI.

What algorithms and toolkits are being used to analyze and optimize?

The good news about AI is that it is easier to access than ever before. Python resources and a plethora of machine learning libraries including PyTorch, Scikit, Keras, and, of course, Tensorflow, make machine learning relatively easy to access for developers and quantitatively trained analysts.

The bad news is that it becomes easy for someone to implement an algorithm without fully understanding the consequences. For instance, a current darling in the data science world is XGBoost (Extreme Gradient Boosting) which has been a winning algorithmic approach for recent data science contests because it reduces data to an efficient minima more quickly than standard gradient boosting. But it also requires expertise in starting with appropriate features, stopping the model training before the algorithm overtunes, and appropriately fine tuning the model for production.

So, it is not enough to simply use the right tools or the most “efficient” algorithms, but to effectively fit, stop, and tune models based on the tools being used to create models that are most appropriate for the real world and to avoid AI bias from propagating and gaining overweight influence.

In our next blog, we will explore Operational Deployment with a focus on the line of business concerns that business analysts and managers consider as they actually use the AI application or service and the challenges that occur as the AI logic becomes obsolete or flawed over time.

Posted on 3 Comments

Developing a Practical Model for Ethical AI in the Business World: Stage I – Executive Design

In this blog post series, Amalgam Insights is providing a practical model for businesses to plan the ethical governance of their AI projects. To read the introduction, click here.

This blog focuses on Executive Design, the first of the Three Keys to Ethical AI introduced in the last blog.

Stage I: Executive Design

As a starting point, any AI project needs to be analyzed in context of five major questions that are important both from a project management and scoping perspective. Amalgam Insights cannot control the ethical governance of every company, but we can provide a starting point to let AI-focused companies know what potential problems they face. As a starting point, businesses seeking to pursue ethical AI must consider the following questions:

  • What is the goal of the project?
  • What are the key ethical assumptions and biases?
  • Who are the stakeholders?
  • How will AI oversight be performed in an organization?
  • Where is the money coming from?

What is the project goal?

In thinking about the goal of the project, the project champion needs to make sure that the goal, itself, is not unethical. For instance, the high-level idea of understanding your customers is laudable at its surface. But if the goal of the project is effectively to stalk customers or to open up customer data without their direct consent, this project quickly becomes unethical. Likewise, if an AI project to improve productivity and efficiency is practically designed to circumvent legal governance of a process, there are likely ethical issues as well.

Although this analysis seems obvious, the potential opacity, complexity, and velocity of AI deployments mean that these topics have to be considered prior to project deployment. These tradeoffs need to be analyzed based on the risk profile and ethical policies of the company and need to be determined at a high level prior to pursuing an AI project.

What are the key ethical assumptions and biases?

Every AI project has ethical assumptions, compromises, and biases.

Let me repeat that.

Every AI project has ethical assumptions, compromises, and biases.

This is just a basic premise that every project faces. But because of the complexities of AI projects, the assumptions made during scoping can be ignored or minimized during the analysis or deployment if companies do not make a concerted effort to hold onto basic project tenants.

For instance, it’s easy to say that a company should not stalk its customers. And in the scoping process, this may mean masking personal information such as names and addresses from any aggregate data. But what happens if the analysis ends up tracking latitude and longitude to within 1 meter, tracking interactions every 10 minutes, and taking ethnic, gender, sexuality, or other potentially identifying or biasing data along with a phone IMEI identification into account as part of an analysis of the propensity to buy? And these characteristics are not taken into account because they weren’t included as part of the initial scoping process and there was no overarching reminder to not stalk or overly track customers? In this case, even without traditional personally identifiable information, the net result is potentially even more invasive. And with the broad scope of analysis conducted by machine learning algorithms, it can be hard to fully control the potential parameters involved, especially in the early and experimental stages of model building and recursive or neurally designed optimization.

So, from a practical perspective, companies need to create an initial set of business tenets that need to be followed throughout the design, development, and deployment of AI. Although each set of stakeholders across the AI development process will have different means of interpreting and managing these tenets, these business guidelines provide an important set of goalposts and boundaries for defining the scope of the AI project. For instance, a company might set as a set of characteristics for a project:

  • This project will not discriminate based on gender
  • This project will not discriminate based on race
  • This project will not discriminate based on income
  • This project will not take personally identifiable information without first describing this to the user in plain English (or language of development)

These tenets and parameters should each be listed separately, meaning there shouldn’t be a legalese laundry list saying “this project respects race, class, gender, sexuality, income, geography, culture, religion, legal status, physical disability, dietary restrictions, etc.” This allows each key tenet to be clearly defined based on its own merit.

These tenets should be a part of every meeting and formal documentation so that stakeholders across executive, technical, and operational responsibilities all see this list and consider this list in their own activities. This is important because each set of stakeholders will execute differently on these tenets based on their practical responsibilities. Executives will place corporate governance and resources in place while technical stakeholders will focus on the potential bias and issues within the data and algorithmic logic and operational stakeholders will focus on delivery, access, lineage, and other line-of-business concerns associated with front-line usage.

And this list of tenets needs to be short enough to be actionable. This is not the place to write a 3,000 word legal document on every potential risk and problem, but a place to describe specific high-level concerns around bias.

Who are the stakeholders?

The makeup of the executive business stakeholders is an important starting point for determining the biases of the AI project. It is important for any AI project with significant potential organizational impact to have true executive sponsorship from someone who has responsibility for the health of the company. Otherwise, it is too easy for an algorithm to “go rogue” or become an implicit and accepted business enabler without sufficient due diligence.

How will AI oversight be performed in an organization?

AI projects need to be treated with the same types of oversight as hiring employees or any significant change management process. Ideally, AI will be either providing a new and previously unknown insight or supporting productivity that will replace or augment millions of dollars in labor. Companies putting AI into place need to hold AI logic to the same standards as they would hold human labor.

Where is the money coming from?

No matter what the end goal of the AI project is, it will always be judged in context of the money used to fund the AI. If an organization is fully funding an AI project, it will be held accountable for the outcomes of the AI. If an AI project is funded by a consortium of funders, the ethical background of each funder or purchaser will eventually be considered in determining the ethical nature of the AI. Because of this, it is not enough for an organization to be pursuing an AI initiative that is potentially helpful. Organizations must also partner with or work with partners that align with the organization’s policy and culture. When an AI project becomes public, compliance officers and critics will always follow the money and use this as a starting point to determine how ethical the AI effort is.

In our next blog, we will explore Technical Development with a focus on the key questions that technical users such as data analysts and data scientists must consider as they build out the architecture and models that will make up the actual AI application or service.

Posted on 4 Comments

Developing a Practical Model for Ethical AI in the Business World: Introduction

As we head into 2020, the concept of “AI (Artificial Intelligence) for Good” is becoming an increasingly common phrase. Individuals and organizations with AI skillsets (including data management, data integration, statistical analysis, machine learning, algorithmic model development, and application deployment skills) have effort into pursuing ethical AI efforts.

Amalgam Insights believes that these efforts have largely been piecemeal and inadequate to meet common-sense definitions for companies to effectively state that they are pursuing, documenting, and practicing true ethical AI because of the breadth and potential repercussions of AI on business outcomes. This is not due to a lack of interest, but based on a couple of key considerations. First, AI is a relatively new capability in the enterprise IT portfolio that often lacks formal practices and guidelines and has been managed as a “skunkworks” or experimental project. Second, businesses have not seen AI as a business practice, but as a purely technical practice and made a number of assumptions in skipping to the technical development that would typically not have been made for more mature technical capabilities and projects.

In the past, Amalgam Insights has provided frameworks to help organizations take the next step to AI through our BI to AI progression.

Figure 1: Amalgam’s Framework from BI to AI

 

 

 

To pursue a more ethical model of AI, Amalgam Insights believes that AI efforts need to be analyzed through three key lenses:

  • Executive Design
  • Technical Development
  • Operational Deployment

Figure 2: Amalgam’s Three Key Areas for Ethical AI

In each of these areas, businesses must ask the right questions and adequately prepare for the deployment of ethical AI. In this framework, AI is not just a set of machine learning algorithms to be utilized, but an enabler to effectively augment problem-solving for appropriate challenges.

Over the next week, Amalgam Insights will explore 12 areas of bias across these three categories with the goal of developing a straightforward framework that companies can use to guide their AI initiatives and take a structured approach to enforcing a consistent set of ethical guidelines to support governance across the executive, technical, and operational aspects of initiating, developing, and deploying AI.

In our next blog, we will explore Executive Design with a focus on the five key questions that an executive must consider as they start considering the use of AI within their enterprise.

Posted on 1 Comment

From #KubeCon, Three Things Happening with the Kubernetes Market

This year’s KubeCon+CloudNativeCon was, to say the least, an experience. Normally sunny San Diego treated conference-goers to torrential downpours. The unusual weather turned the block party event into a bit of a sog. My shoes are still drying out. The record crowds – this year’s attendance was 12,000 up from last year’s 8000 in Seattle – made navigating the show floor a challenge for many attendees.

Despite the weather and the crowds, this was an exciting KubeCon+CloudNativeCon. On display was the maturation of the Kubernetes and container market. Both the technology and the best practices discussions were less about “what is Kubernetes” and, instead more about “how does this fit into my architecture?” and “how enterprise-ready is this stuff?” This shift from the “what” to the “how” is a sign that Kubernetes is heading quickly to the mainstream. There are other indicators at Kubecon+CloudNativeCon that, to me, show Kubernetes maturing into a real enterprise technology.

First, the makeup of the Kubernetes community is clearly changing. Two years ago, almost every company at KubeCon+CloudNativeCon was some form of digital forward company like Lyft or cloud technology vendor such as Google or Red Hat. Now, there are many more traditional companies on both the IT and vendor side. Vendors such as HPE, Oracle, Intel, and Microsoft, mainstays of technology for the past 30 years, are here in force. Industries like telecommunications (drawn by the promise of edge computing), finance, manufacturing, and retail are much more visible than they were just a short time ago. While microservices and Kubernetes are not yet as widely deployed as more traditional n-Tier architectures and classic middleware, the mainstream is clearly interested.

Another indicator of the changes in the Kubernetes space is the prominence of security in the community. Not only are there more vendors than ever, but we are seeing more keynote time given to security practices. Security is, of course, a major component of making Kubernetes enterprise-ready. Without solid security practices and technology, Kubernetes will never be acceptable to a broad swatch of large to mid-sized businesses. That said, there is still so much more that needs to be done with Kubernetes security. The good news is that the community is working on it.

Finally, there is clearly more attention being paid to operating Kubernetes in a production environment. That’s most evident in the proliferation of tracing and logging technology, from both new and older companies, that were on display on the show floor and mainstage. Policy management was also an important area of discussion at the conference. These are all examples of the type of infrastructure that Operations teams will need to manage Kubernetes at scale and a sign that the community is thinking seriously about what happens after deployment.

It certainly helps that a lot of basic issues with Kubernetes have been solved but there is still more work to do. There are difficult challenges that need attention. How to migrate existing stateful apps originally written in Java and based on n-Tier architectures is still mostly an open question. Storage is another area that needs more innovation, though there’s serious work underway in that space. Despite the need for continued work, the progress seen at KubeCon+CloudNativeCon NA 2019 point to future where Kubernetes is a major platform for enterprise applications.  2020 will be another pivotal year for Kubernetes, containers, and microservices architectures. It may even be the year of mainstream adoption. We’ll be watching.

Posted on Leave a comment

TEM Market Leaders Calero and MDSL Merge as Global IT Spend Management Consolidation Continues

Key Stakeholders: Chief Information Officer, Chief Financial Officer, Chief Accounting Officer, Controllers, IT Directors and Managers, Enterprise Mobility Directors and Managers, Networking Directors and Managers, Software Asset Directors and Managers, Cloud Service Directors and Managers, and other technology budget holders responsible for telecom, network, mobility, SaaS, IaaS, and IT asset and service expenses.

Why It Matters: The race for IT spend management consolidation continues. The financial management of IT is increasingly seen as a strategic advantage for managing the digital supply chain across network, telecom, wireless, cloud, software, and service portfolios.

Top Takeaway: The new combined business with over 800 employees, 3,500 customers, and an estimated 2 million devices and $20 billion under management both serves as legitimate competition for market leader Tangoe and an attractive potential acquisition for larger IT management vendors.

[Disclaimer: Amalgam Insights has worked with Calero and MDSL. Amalgam Insights has provided end-user inquiries to both Calero and MDSL customers. Amalgam Insights has provided consulting services to investors and advisors involved in this acquisition.]
Continue reading TEM Market Leaders Calero and MDSL Merge as Global IT Spend Management Consolidation Continues

Posted on Leave a comment

The Need for Simulation and Situational Awareness in Cybersecurity Training – A Neuroscience Perspective

Organizations are more vulnerable than ever to cybersecurity threats. Global annual cybersecurity costs are predicted to grow from $3 trillion in 2015 to $6 trillion annually by 2021. To stay safe organizations must train their employees to identify cybersecurity threats and to avoid them. To address this, global spending on cybersecurity products and services is projected to exceed $1 trillion from 2017 to 2021.

Unfortunately, cybersecurity training is particularly challenging because cybersecurity is more about training behavioral “intuition” and situational awareness than it is about training a cognitive, analytic understanding. It is one thing to know “what” to do, but it is another (and mediated by completely different systems in the brain) to know “how” to do it, and to know how to do it under a broad range of situations.

Regrettably, knowing what to do and what not to do, does not translate into actually doing or not doing. To train cybersecurity behaviors, the learner must be challenged through behavioral simulation. They must be presented with a situation, generate an appropriate or inappropriate response, and must receive real-time, immediate feedback regarding the correctness of their behavior. Real-time, interactive feedback is the only way to effectively engage the behavioral learning system in the brain. This system learns through gradual, incremental dopamine-mediated changes in the strength of muscle memory that reside in the striatum of the brain. Critically, the behavioral learning system in the brain is distinct from the cognitive learning system in the brain, meaning that knowing “what” to do has no effect on learning “how” to do it.

Cybersecurity behavioral training must be broad-based with the goal of training situational awareness. Cybersecurity hackers are creative with each attack often having a different look and feel. Simulations must mimic this variability so that they elicit different experiences and emotions. This is how you engage experiential centers in the brain that represent the sensory aspects of an interaction (e.g., sight and sound) and emotional centers in the brain that build situational awareness. By utilizing a broad range of cybersecurity simulations that engage experiential and emotional centers in different ways, the learner trains cybersecurity behaviors that generalize and transfer to multiple settings. Ideally, it is also useful to align the difficulty of the simulation to the user’s performance. This personalized approach will be more effective and will speed learning relative to a one-size-fits-all approach.

If your organization is worried about cybersecurity threats and is looking for a cybersecurity training tool, a few considerations are in order. First, and foremost, do not settle for a training solution that focuses only on providing learners with knowledge and information around cybersecurity. This “what” focused approach will be ineffective at teaching the appropriate behavioral responses to cybersecurity threats, and will leave your organization vulnerable. Instead focus on solutions that are grounded in simulation training, preferably with content and delivery that is broad-based to train situational awareness. Solutions that personalize the difficulty of each simulation are a bonus as they will speed learning and long-term retention of cybersecurity behaviors.