Enterprise Times

A Technology and Tech News podcast

1 Rating

Enterprise Times Episodes

Recent Episodes

Talking Cyber Resilience with Felicity March

  • 3 days ago

The risk of a business threatening cyber-attack is ever present today. Ransomware locks up data making it hard for businesses to operate. The impact is so bad that an increasing number of companies are paying to getting their data back. At the same time, Advanced Persistent Threats (APTs) can sit inside a system for months before activating and attacking. The question many struggle with is will a good Disaster Recovery (DR) or Business Continuity (BC) plan get the company back up and running? In March of this year, the National Institute of Standards and Technology (NIST) issued a draft publication on Cyber Resiliency. One person who knows a lot about the subject is Felicity March, IBM’s Cyber Resilience Specialist for Europe. Enterprise Times went to IBM’s Hursley Park offices to talk to her about what Cyber Resilience means. Felicity March, Cyber Resiliency Specialist, IBM March defines Cyber Resilience as: “Improving a company’s capability to maintain its core purpose and integrity in light or after a cyber-attack. What that means is a lot of companies believe that if they pay a lot for cyber security none of the viruses will get through the front door.” The reality is that attacks happen and recovery can be long and painful. One of the big questions is how is this different from DR or BC? March told us that cyber resiliency is much broader in scope than DR and BC. She hears customers often talk about traditional DR which is more about flooded data centres. When they are hit with a total IT failure, they often haven’t tested their DR or BC plans to see how they cope with a cyber-attack. One of the biggest problems that March comes across is organisations who do not know who is responsible for reconstruction of IT after a cyber-attack. The problem is compounded when bits of IT are outsourced with no clear guidelines or processes. The solution is to create a DR plan that encompasses the entire IT estate not just specific systems. Organisations also need an approach that ensures any DR environment can be clean from hidden attacks that will reappear. Change management is part of the solution but the problem is people are not using it as part of their security solution. In addition, as they outsource systems, it is hard to know who is using change management and almost impossible to align different systems. March makes the point that too many outsourcing contracts are designed by lawyers and accountants. This means that the system architects, who could ask these questions, are not involved. It creates a recovery gap. To hear more of what March had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

From graduates to grandmas

  • 18 days ago

Enterprise Times spoke to Carol Tyler, Global Senior Practice Director – Organizational Change Management, Infor at a Infor SunSystems customer day. The conversation was wide ranging and very interesting. We spoke about change management, organizational change and digital transformation. Carol Fitzgerald Tyler, ,Global Senior Practice Director – Organizational Change Management at Infor Tyler is a very experienced change leader and uses the phrase “from graduates to grandmas” when asked about who should be involved in change programs. It is a phrase that reflects elements of the diversity that should be involved in change projects. To Tyler, an ideal team should involve all parties from the millennial to the more experienced. The team should also include a wide selection of participants that reflects the make up of both a company and all the stakeholders involved in a project. Organisations should not be afraid of “digital transformation”. We discussed how it can be viewed both as simple and complex. There are different approaches such as horizontal using CRM and HCM or a more vertical industry approach. Whatever the approach taken it always needs senior sponsorship. This is something that is differentiating about the Infor approach and the projects Tyler has been involved in. Through its digital consultancy Hook & Loop, Infor has evolved its solutions from deliver software to actually helping to transform their customers. We also spoke about how organisational change has evolved over the last few years and the how the obstacles to change have evolved. This included what those obstacles are and how several of them are overcome through constant communication. It is an area in which Tyler offers some useful advice on town hall meetings and how she gets people to open up and become involved in the process. To hear more of what Tyler had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.  

Talking Risk:Value with NTT Security

  • 25 days ago

At an NTT Security event in Germany, Kai Grunwitz and Matthias Straub talked with Enterprise Times about the NTT Security Risk:Value 2018 report. Kai Grunwitz is the Senior Vice President, EMEA, NTT Security. Matthias Straub is Director for Consulting in Germany and Austria, NTT Security. They have both been involved in cyber security for many years. Grunwitz points out that the decision makers are not looking at cyber security. Their focus instead is on information security, the risks to the business and what it means to the business strategy. It is also important to change the language that is used. Rather than talk cyber security, it is important to talk risk. This is a topic that the board understands and can apply across the enterprise. Kai Grunwitz, Senior Vice President, EMEA, NTT Security To put cyber security into risk terms, Grunwitz says: “We have to focus on meaningful risk KPIs when we talk about exposure.” When we talk cyber it is not specific enough in terms of the threats to the business. Grunwitz goes on to point out that only 60% of organisations have Cyber Security or Information Security as a board level topic. Organisations are focused on digital transformation but they need to make sure that security is part of these programmes and not a bolt on. Straub makes the point that “security should be, and can be, a business enabler.” He cites cloud as an example of this, that is also a return of investment. Business are overoptimistic about their cyber security The Risk:Value report threw up other interesting results. One of these was the optimism among organisations that they will not get hacked. Straub puts an immediate damper on that when he says: “Our ethical hacking team is able to infiltrate any company within a few days, it’s not that hard.” He is right. The wealth of tools available to the hacker is greater than those available to the defender. Matthias Straub, Director of Consulting for Germany and Austria, NTT Security The problem with tools is nothing new. Grunwitz admits that there are serious problems with the way tools have been purchased and implemented. Organisations layer tools on tools without making sure they work. They also buy new tools based on attacks identified in the press. These are also not integrated into the organisation. Being hacked is just part of the problem. Organisations think they have effective incident response programmes. This is rarely the case. The impact of social media, being prepared for the press and dealing with queries is just part of the problem. GDPR and other legislation now requires breach notification to occur quickly and not just to the regulator. The lack of skilled staff is another major challenge. This has led to the outsourcing of a lot of roles. Even here, organisations need to think about their responsibilities. You cannot just push your data to a cloud provider and assume that they are responsible for handling a breach. To hear more of what Grunwitz and Straub had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Christian Koch talks IoT security

  • 30 days ago

Enterprise Times recently met with Christian Koch, Senior Manager GRC & IoT/OT at NTT Security (Germany) GmbH to talk about IoT security. It is a subject in the news at the moment, especially with the European Union focusing on who is responsible for securing devices. During the conversation, Koch talked about the challenges of attributing blame and responsibility. This is an area where lawmakers will struggle. They have historically given software and technology a free pass when it comes to responsibility. The challenge is how to change that in a way that protects consumers and businesses. Christian Koch, Senior Manager GRC & IoT/OT at NTT Security (Germany) GmbH We talked to Koch about this issue. Should the provider of the Internet connectivity be required to ensure it is secure and comes with protection? Should the responsibility lie with the original manufacturer of the IoT hardware? What if this is a product that is rebadged where a third-party adds their own software suite on top? It is possible to point to all of these players as having some responsibility but to have a legal basis, it has to be clear who is responsible. Koch believes that it should lie with the OEM. They created the product and should patch it. He also thinks that we will begin to see the idea of a “secure IoT device” becoming a competitive differentiation in the short term. Longer term, he hopes that the industry will change its approach. To hear more of what Koch had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Franck Braunstedter on cloud security

  • about 1 month ago

Franck Braunstedter is the Senior Manager Cyber Defense and Cloud Security at NTT Security. He recently sat down with Enterprise Times to talk about the cloud and its security challenges. Companies are accelerating their move to the cloud but for many, the stumbling block is security. This is not about “is the cloud secure?” but how do we match our existing security with what the cloud offers. The biggest issue that Braunstedter see is the Identity and Access Management challenge. This is primarily due to people buying in cloud services that are just username and password. Internally they would have multi-factor authentication and this creates a security gap. What makes this surprising is that Braunstedter is not talking about home grown apps but commercial SaaS. This includes Salesforce, Office 365 and many other applications. Franck Braunstedter, Senior Manager Cyber Defense and Cloud Security, NTT Security 2FA and BYOD One challenge of two-factor authentication (2FA) is getting acceptance from users. However, as soon as a phishing attack gets access to a system through credential theft, 2FA gets the go-ahead. 2FA does not have to be intrusive. Braunstedter says that organisations can use conditional access and risk-based analytics. These validate the user across a number of measures in real-time without requiring them to input additional tokens. With Bring Your Own Device, users are beginning to use personal apps to store data. This brings the risk of a data breach. But moving users to more secure apps is not simple. There is user resistance to being told what to do. Braunstedter also raises the questions: “Who does the evaluation? Who says that this app is more secure than this one?” This puts the security back on identity and encrypting the data. The conversation also touched on what cloud providers deliver in terms of security. From the types of encryption for SaaS apps and data to the protection of infrastructure and IaaS. Compliance is also a serious problem and that is also where infrastructure security comes in. To hear more of what Braunstedter had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Rene Bader talks cyber security

  • about 1 month ago

At a recent NTT Security event in Frankfurt, Enterprise Times sat down with Rene Bader to talk about enterprise challenges when moving to the cloud. One of the first challenges that Bader and his team face is refocusing the client. The key is to stop them thinking infrastructure and to focus on the application. Once that happens then they can start to separate the application from the underlying hardware, making it portable across multiple clouds. The new world of software means applications talk to each other through a variety of interfaces. Bader says this means internal silos have to change and communicate better. Until this happens, dealing with cyber security is not easy. Rene Bader, Manager for Critical Business Applications & Big Data APIs are part of the way applications interact especially when it comes to digital transformation. Bader says maybe 5-10% of his customers have strong security focus on APIs. Worryingly, many see security as a blocker when it comes to APIs. Given the risks from a supply chain attack, this is should worry. Bader goes on to talk about encryption and the challenge of compliance. What should we encrypt and how? There are many ‘reasons offered’ inside organisations to avoid undertaking data encryption. Most they are no more than excuses. Despite the rise of compliance, many organisations focus on applications and performance than they do on compliance. Blockchain inevitably became part of the conversation. Bader encounters many companies which struggle to understand how to use it and what it offers. He discusses the challenge of deciding where and when to use blockchain or existing technology. To hear more of what Bader had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Aaron Ganek talks AI and Cloudtenna

  • about 1 month ago

Enterprise Times dropped in to see Cloudtenna who recently launched their AI solution for the enterprise file search market. We managed to get some time with Cloudtenna co-founder, Aaron Ganek to talk about the wider AI market and what his company is up to. Cloudtenna is targeting the problem of file sprawl across on premise, cloud and, at a later date, end user devices. This is not just about file management. GDPR, the Singapore Data Act and other privacy statutes means not knowing where your files are is more than just about employees wasting time locating their data. This is a security and compliance problem. Aaron Ganek, Co-Founder, Cloudtenna In addition to talking about Cloudtenna, Ganek also talked about the wider challenge of AI. What does it mean? What can it deliver? Are we really seeing solutions that are capable of thinking like humans or are we just seeing faster data processing? How do we get to the contextual point where an AI creates its own inferences about the data. To hear more of what Ganek had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Terry Erisman talks in-memory computing

  • about 2 months ago

GridGain is holding its In-Memory Computing Summit Europe 2018 in London this week. A few weeks ago, Enterprise Times went to see Terry Erisman, VP of Marketing at GridGain Systems. ET was interested in what is happening in the in-memory space. For most people, the technology is associated with speeding up databases. ET wanted to know what other use cases Erisman was seeing. In addition, with cloud computing, privacy and geolocking of data, we wanted to know how much latency was having an impact on performance. Terry Erisman, VP of Marketing, GridGain Systems Erisman talked about what he was seeing and how the in-memory computing space was changing. One area in particular is the changing nature of storage and how SSD is becoming part of that in-memory solution as secondary RAM. That technology is leading to in-memory storage capabilities not just in gigabytes or terabytes but now into the petabyte space. To hear what else Erisman had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there

On HR, GDPR, CRM at SuccessConnect

  • about 2 months ago

Enterprise Times spoke to Mark Brandau Vice President Solution Management, SAP SuccessFactors at SuccessConnect this week. In a wide-ranging discussion, we covered a gamut of subjects with the exception of blockchain. Mark Brandau Vice President Solution Management, SAP SuccessFactors The recently launched Candidate Relationship Management functionality was the first topic covered. ET asked why SAP SuccessFactors is launching it now. We also discussed its extension into both Alumni and Freelancers. SAP already use Enterprise Jungle (now EnterpriseAlumni) as their Alumni management. We naturally posed the question of whether they were an acquisition target. SAP SuccessFactors recently announced an agreement with Microsoft on hosting the solution in their public data centres. This allows SAP to have a broader footprint. Brandau acknowledged that this will be helpful in an environment of increasing regulation, notably GDPR. He also sees GDPR as more of an opportunity with companies needing to move more vulnerable HR systems on-premise to the cloud. We discussed the recent announcement on Arvato leveraging SAP Model Company for HR. In particular we talked about what the product does and what the future holds for it. There is a potential inference that SAP SuccessFactors will look to adopt some vertical functionality through these templates, something it has not overtly done before, though it is quite capable of. At SuccessConnect SAP SuccessFactors also announced an upcoming Android mobile app. Brandau spoke about the strategy for mobile and why they are launching apps as well as a responsive design. To hear more of what Brandau had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Epicor CTO speaks out

  • about 2 months ago

Himanshu Palsule, CTO Epicor on stage at Epicor Insights Enterprise Times had the opportunity to talk to Himanshu Palsule, Chief Product and Technology Officer, Epicor at the recent Epicor Insights event in Nashville. We asked him about the decision to move to Microsoft Azure for the Epicor Manufacturing and Distribution products. It boiled down to three things, although Palsule was careful in the language he used as Epicor still uses Amazon for its Retail products. It is also set to launch its new retail cloud solution on Amazon later this year. What will be interesting is where the relationship goes over the next year. Epicor announced two major partnerships at the event Microsoft and Jitterbit and he also talked about how the Epicor ecosystem will grow over the next year. However the Epicor strategy for that growth is not, to provide an open marketplace for customers. Instead Epicor will create an ecosystem of partners that adds value to its products, complimenting rather than duplicating. Palsule talked about future developments, artificial intelligence and what the company is doing on blockchain. With little evidence of blockchain in Nashville and the huge amount of hype around the technology it is interesting to what what the CTO of a major ERP company is considering in the space. To hear more of what Palsule had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Salesforce delivers for small businesses and non profits

  • about 2 months ago

Enterprise Times spoke to Sanj Bhayro, SVP – EMEA Commercial Sales at Salesforce at the recent Salesforce World Tour event in London.  Sanj Bhayro spoke about how small businesses are finding that their challenges are being met. CRM has moved on from ten years ago according to Bhayro when it was more about managing customer contacts. Today is it about customer experience and customer journeys. Salesforce Essentials is now able to meet that challenge after its update last year. The discussion turned to Salesforce philanthropic initiatives. It is a subject that Bhayro was passionate about and one of the key reasons he has stayed at Salesforce so long. While he recognises that it is often easier for start ups to bake in the culture of giving back from day one, he also believes that older companies can also adopt the ethos. He cited Sage as an example of an older more traditional company embracing the giving back pledge. As an indication of the difference such a strategy can make Bhayro closed with the following powerful statement: “I am pretty proud of what we have achieved around our philanthropic model. It is great to see so much of it come to life.” Companies aspire to have their workers proud to be employees, Salesforce has achieved that goal. It is reflected in the awards it has won for best places to work. Most recently it won the #1 spot in the Forbes best places to work. To hear more of what Bhayro had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.  

Dr Rob Walker talks about AI

  • 2 months ago

At PegaWorld 2018 in Las Vegas, Enterprise Times sat down with Dr Rob Walker, Vice President Decisioning and Analytics at Pegasystems. We talked about what was happening with AI at Pega especially given its announcement of one-to-one marketing. Walker said: “We are nowhere near an artificial general intelligence or anything like that. But on the other hand we have made great strides in the last five years. Some of it is because of new algorithms but mostly because of the amount of data people, willing or unwillingly, give to the AI engines.” Dr Rob Walker, Vice President Decisioning and Analytics at Pegasystems We wanted to know what was the state of AI. Were we just dealing with faster calculators? How long before many of the claimed benefits such as the ability to infer answers could be arrived at. Walker says that we are a long way beyond a more intelligent calculator and are beginning to see them make: “Inferences that are almost alien. They make patterns that humans would never do.” One of the challenges with AI is transparency around how it arrives at a decision. AI’s are beginning to address more and more personal data and make inferences about individuals. This means that they can become intrusive and could reveal things people wanted kept secret. Walker talked about the T-Switch that Pega has introduced. It allows the AI to be put in transparent mode rather than the existing opaque mode that most AI exist in. To hear more of what Walker had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Kerim Akgonul talks about Pega Infinity

  • 2 months ago

At PegaWorld 2018, Kerim Akgonul, Senior Vice President Products, Pegasystems, announced Pega Infinity. Enterprise Times was interested in why Pega had moved away from its history of products to a single suite. Akgonul says that it is about helping customers be more effective in how they engage with their customers, the end consumers, across the whole company. Everything is focused on the end customers journey and making sure they get the best result. This is about customer experience (CX). It is an area where companies think they are doing a good job but where, in reality, they are failing. This is not just about omni-channel experience, it goes much deeper than that. Part of the solution is the phrase “next best action.” This is where the AI will look at the customer, their interaction with the business and make the right decision. This is not about the next best offer. Where there is a problem, the system will take that into account and look for the appropriate response. In effect, this is about doing right by the customer. Automation and AI will play a significant part in the systems that Pega customers create. To hear what else Akgonul had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.  

Don Schuerman talks about Pegasystems Blockchain kit

  • 2 months ago

At PegaWorld 2018, Pegasystems introduced the Pega Blockchain Innovation Kit. Unlike many other companies, it isn’t expecting its customers to work out blockchain on their own. In the Blockchain Innovation Kit it has provided templates and a sample smart contract. These are aimed at its banking and finance customers doing KYC and CLM. The goal is to get them up and running with blockchain to solve problems that they have today. Don Schuerman, CTO, Pegasystems To understand more about this announcement we talked with Don Schuerman, CTO, Pegasystems. During the conversation Schuerman explained what Pegasystems was thinking about and why it has taken this approach. He also gave us his view on where this would be by next years PegaWorld. Would it be integrated in Pega Infinity as a product? To find out, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

What does the future hold

  • 2 months ago

Enterprise Times spoke to Bas de Vos, Director of IFS Labs. He has been in charge of IFS Labs at arguably one of the most exciting times for technology research and development. The conversation was animated and full of information about what the Labs has achieved, what it is working on now and where de Vos sees technology potentially go in the future. We discussed Artificial Intelligence and de Vos views AI as a set of technologies that enable people to make products better. As with most things, he reflects the pragmatic view that IFS has around both R&D and new technology. He explains what IFS is currently investigating in the AI space: Automation, predictive maintenance and human to machine interaction. de Vos also speculates about the future of Aurena, the recently launched UX from IFS. He goes on to explain three types of automation that he believes are part of AI: Anomaly detection, finding patterns in data Automating individual transactions Automation of multiple transactions, what de Vos calls optimisation He shares his frank view on blockchain and where he sees it going. de Vos is not convinced that solutions are imminent in the industries that IFS works in. He also comments: “We all talk about blockchain but what we mean is Distributed ledger technology.” Finally we ask him what tips he would give someone looking to start up their own R&D lab in a company. To hear what else de Vos had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.  

Digital transformation in pest control

  • 2 months ago

Enterprise Times spoke to Jussi Ylinen, managing Director at Anticimex, Finland.  Anticimex has rolled out a major IoT project for controlling rats in Finland. We spoke about the challenges the project faced and the problem it solves. Before they implemented IFS, the rat traps communicated with a contact centre via email. Each trap sends an email for every alert. It was very quickly obvious that the process, although a vast improvement on what went on before, was not scaleable. They turned to IFS and the Microsoft Azure IoT platform to help them solve the problem. The project ran smoothly and Ylinen is hoping that Anticimex will expand to other countries and also other species of pest. Anticimex has integrated IoT into their field service operation in a way that is making them more efficient. It is also making the job of selling their services much easier. The biggest challenge they have?  Batteries. Ylinen believes that the next generation that they are due to start rolling out will help. To hear what else Ylinen had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Jorge Ferrer on open source, community vs enterprise and UX

  • 3 months ago

Vice President of Engineering at Liferay, Jorge Ferrer, talks to Enterprise Times about managing open source relationships and UX. Many companies are looking at the benefits of open source but struggle to know how best to approach it. At many conferences, the message seems to be that open source is free. But that’s not the case. Access to the code might be free but there are challenges in taking that software into the enterprise. For example, does the enterprise allow developers to grab any code they want from repositories and incorporate it into enterprise software? If so, how secure is it? Should they choose a curated open source solution and take that on board? There are also skills questions to be dealt with. Do we know the language? Do we have enough skills to integrate this into our existing code base? Will we have to recruit or retrain our existing developers and at what cost? Ferrer talks openly about how Liferay operates with both the open source community and enterprise customers. For example, when you make a mistake, be open, be honest about it. It ensures that there are no big secrets between vendor and the developer community. You also need to look at each mistake, understand how it happened and show how you have fixed it. Security is also a challenge. Open source often talks about the benefits of having more eyes on code. It’s a good case. The more people who review code the better it should be. However, there are no guarantees of code security even within the open source community. For vendors who are looking to curate open source and create a commercial offering, working with the community can be difficult. Contributors want to know that they are recognised and even rewarded. Some projects actively recruit from their developer community. This is a quick way to ensure that everyone is engaged in projects. To hear what else Ferrer had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Oded Vanunu on making software more secure

  • 3 months ago

Oded Vanunu is the Head of Product Vulnerability Research at Check Point Software Technologies. He sat down with Enterprise Times recently to talk about what he does and what organisations could do to improve security. The rise of cybercrime and nation state hacking groups has brought with it very sophisticated attacks. This is why Check Point created internal product groups to attack software and find vulnerabilities in order to protect customers. Oded Vanunu, Head of Product Vulnerability Research, Check Point Software Technologies Oded’s job includes running a team of white hat hackers who look for software vulnerabilities. Importantly, he also has carte blanche to attack his employers own software, something that few organisations, including security vendors, talk about. This is not just about Check Point hacking its own code to ensure it is secure. Oded says that security audits and checks ensure that software is designed securely, tested constantly and, by the time it is release, can be trusted by customers. All of this is something that organisations need to think about themselves. We have had more than a decade of companies talking “secure by design”. In that time we have seen more and more software breaches and vulnerability disclosures. Something is clearly not working. It is not just about poor patch management but also how the IT Security, Development and Operations teams interact. Too often, time to market overrides the requirements of making software secure. The challenge is how to redress that demand and improve software quality. To hear what else Vanunu had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Liz Rice and Sugu Sougoumarane talk security and databases

  • 3 months ago

Enterprise Times caught up with Liz Rice, Technology Evangelist, Aqua Security and Sugu Sougoumarane, CTO, PlanetScale Data at the Cloud Native Computing Conference and KubeCon in Copenhagen. We talked about Vitess, the open source database clustering system which is now a CNCF project. At the same time we talked about the challenge of container security, a subject that was popular among many conference attendees. Vitess started out as a project to improve the performance of YouTube. Early on, Google required Vitess to be moved into Google Cloud which meant porting the entire project. Although it was ported it was also kept as an open source project. Sugu Sougoumarane, CTO, PlanetScale Data Porting applications across platforms has never been easy. As companies struggle with multi-cloud and free movement of apps, how difficult was the move? Sugu said it was: “quite a challenge because the Google ecosystem is very different. It has a lot of custom APIs that are only internal to Google.” It forced the Vitess team to build a large number of adapters. Data is the biggest challenge for companies moving to cloud. People have been scared to move data into the cloud due to the ephemeral nature of the cloud and because cloud APIs are not good at managing the movement of data. There are other concerns with APIs. Many organisations are struggling to know how to review, curate, clean-up and publish APIs that are safe and secure. Rice agrees that there have been problems. Despite this there is work being done to make it easier to secure APIs. Liz Rice, Technology Evangelist, Aqua Security Rice is particularly excited by runtime protection within the container world. Microservices, in particular, should be accessing limited services and APIs. If, Rice says, you can learn what those behaviours are like you can spot unusual behaviours. This is about hardening the security of container networks and is something that security teams need to get involved in. The conversation looked at several other issue with databases in containers and the work being done to secure containers. Rice also talked about other projects taking place inside the CNCF. Many of these are security related and for those who are worried about containers and security, Rice talks a lot about the solutions that are coming along. To hear what else Liz and Sugu had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Aparna Sinha talks Kubernetes 

  • 3 months ago

At the Cloud Native Computing Conference and KubeCon 18 in Copenhagen, Enterprise Times was fortunate to catch Aparna Sinha, Product Management Lead for Kubernetes at Google. It’s a very busy time for Kubernetes. It has just graduated from the CNCF and is now a fully fledged project in its own right. It has also seen substantial enterprise take-up with claims that over 50% of enterprises are using Kubernetes in one form or another. There were a number of announcements at the show that Sinha was keen to elaborate on. The first is stack driver monitoring for Kubernetes which allows the user to monitor more Kubernetes components. There is also an API connector for the open source Prometheus project. This will allow administrators to pull metrics from Prometheus and consume them in Google Kubernetes Environment (GKE). As well a providing a single pane of glass for all Kubernetes metrics, this also enables users to auto-scale their environment based on what is happening in the application. Aparna Sinha, Product Management Lead for Kubernetes at Google The other announcements will appeal to IT security teams. Google has focused on two areas to improve security. The first is runtime security so that you can see what is going on in your cluster. Google Cloud Security Command Centre (GCSCC) now has first class support for containers. Google is also bringing five partners into its GCSCC. The integration means that any alerts from the partners will show up in GCSCC making it easier for Kubernetes customers to deal with the problem. The third major announcement that Sinha talked about was gVisor. This is a container security solution that Google uses internally and which it has now open sourced . One of the presentations at the show, ‘Running With Scissors’ by Liz Rice, Aqua Security, showed up some of the security challenges with containers. This is something that gVisor is designed to address. To hear what else Sinha had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Orli Gan talks AI, threat detection and cyber security

  • 3 months ago

Earlier this year, Enterprise Times talked with Orli Gan, Head of Products for Threat Detection at Checkpoint. Gan had just given a keynote where she told the audience that AI was not a silver bullet for cyber security. It’s an interesting view that is aimed at resetting expectations of what the technology is able to deliver today. Orli believes that the challenge is the immaturity of the technology. The current generations of algorithms have deficiencies and flaws that mean today, they are not as accurate as we need them to be. One of the problems of using AI effectively is the size and accuracy of the underlying data. AI needs training and that requires access to a very large amount of data. Orli Gan, Head of Threat Prevention Products, Check Point Software Importantly, that data must be relevant to the space that the AI is trying to solve. Gan says that customers will provide access to the malicious data that they have. What they won’t provide is access to normal or benign data. Without that it is difficult to know exactly what to look for and to detect the right patterns in the data. This is not just about a single company. An effective system needs to have malicious and normal data from a lot of companies to establish where the lines are. Sharing data also relies in regulators and lawmakers allowing it. This is urgent. Gan says that the threat today is huge and will only get bigger in future years. Another challenge will be that as AI gets to be more effective, it will be the target of the next wave of cyber attacks. To hear what else Gan had to say, listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Raj Verma talks products, customers and partnerships

  • 3 months ago

At Apttus Accelerate in San Francisco, Raj Verma, COO, Apttus sat with Enterprise Times to talk about where the business is going. Apttus is growing fast, both in terms of customer numbers and the new technology it is introducing. The challenge for Apttus is making sure it can match the two growth vectors without impacting product quality or customer satisfaction. Verma is happy with it. He calls it a first world problem and says that one feeds the other. Apttus operates in a fast evolving market and that, says Verma, helps feed innovation. Verma believes that the company’s key goal is to help customers prepare for the service economy. Customers and prospects are having to rethink how they sell long standing products as a service. Raj Verma, Chief Operating Officer, Apttus At the core of this move to as a service, according to Verma, is how do you configure, price, quote and set SLAs to deliver it. Verma talked about what was happening with the introduction of Max, the Apttus AI which received a refresh at Accelerate. Kirk Krappe, CEO, Apttus, told the media that uptake of the product was only about 10% of the customer base. Verma explains that this has been because customers, to date, see it as a nice to have. However, that is changing. The conversation also touched on the deal with IBM and the company’s relationship with IBM including blockchain. There is an increasing amount of technology sharing going on and with IBM announcing its own Apttus practice, that is likely to increase. To hear what else Verma had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there

James Strachan talks Kubernetes. CI/CD and DevOps

  • 3 months ago

At the CNCF and KubeCon 18 conference Enterprise Times cornered James Strachan, Senior Architect at Cloudbees for a chat. We talked about the need to optimise CI/CD for Kubernetes. Strachan is excited about what Kubernetes brings to the DevOps process. For Strachan, Kubernetes brings a lot of excitement in how we build, test, deploy, release and promote software. Perhaps the biggest thing that Kubernetes has changed is deployment. This is because it enables people to standardise how they do it. Instead of a myriad of software routines and deployment tools, Kubernetes makes life simple. For cloud vendors, it means that they can automate everything. James Strachan, Senior Architect at Cloudbees Strachan talked about the latest work going on at Jenkins, Jenkins X. This is a project that anyone attending Jenkins World will hear much more about in September. Jenkins X gives every team their own development and staging areas that allow people to promote when they want. The goal is to get people to do tiny changes and get those into production as quick as possible. Strachan believes that if we get the size of changes down we not only get faster but it is far easier to reverse a change if there are problems. To hear what else Strachan had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Understanding Unit4 direction with Jeremy Roche

  • 3 months ago

Jeremy Roche on stage at Unit4 Connect in Amsterdam This week Unit4 held its Connect Ambassadors conference in Amsterdam. Enterprise Times attended the event and had the opportunity to sit down with Jeremy Roche to discuss the weeks news and its strategy.  The key message from the event was around the message “We create space for people to do more work that really matters”.  Roche expands on that and identifies the three products and four vertical markets that Unit4 will concentrate on. Like many other vendors Unit4 is also talking about the service economy and XaaS, everything as a service. Roche explains the Unit4 approach and how his job role has evolved from being a Chief Product Officer to the point where Chief Solution Officer might be a better title. His ultimate vision is for Unit 4 to move towards a value based offering. Roche admits that there is still much thought that needs to go into this but he shares his current position on the matter. He also talks about the partnership with Microsoft and how it has developed over recent months. To hear what else Roche had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Alexis Richardson talks about CNCF and where it is going

  • 3 months ago

At the recent Cloud Native Computing Foundation (CNCF) and KubeCon conference in Copenhagen, Enterprise Times caught up with Alexis Richardson. In addition to being the CEO of Weaveworks, Richardson is also the Chair of the TOC at the CNCF. Richardson started by giving us an update on where all the projects are within the CNCF. It recently hit a major milestone when Kubernetes became the first project to graduate from incubator status. In the next few months it will be followed by FluentD, Prometheus and Envoy. For Richardson this is a big step forward. All of this has been achieved in less than two years. He believes that this shows the CNCF is no longer a start-up as an organisation. Alexis Richardson, CEO Weaveworks and Chair of TOC, CNCF One of the interesting things about the CNCF is its relaxed approach to governance. Rather than impose a large set of rules on projects, the CNCF allows projects to do their own thing provided they play well together. Richardson likes this model. He believes that it gives projects freedom to develop and that the community will ensure that projects integrate if they solve problems. Richardson likes to talk about integration and Lego. The problem is that while the CNCF and the community can help drive integration to projects inside the CNCF, getting support from external projects is not as simple. Richardson sees a key part of the solution being APIs and importantly, open APIs. This is not always what organisations want. No matter how easy APIs are to use, they do not want to be building and maintaining their own integrations. One of the potentials for containers is to revolutionise how we write software. Could it solve the promise of Object Orientation from the 1980’s? Richardson believes is can. To hear what else Richardson had to say listen to the podcast. Where can I get it? obtain it, for Android devices from play.google.com/music/podcasts use the Enterprise Times page on Stitcher use the Enterprise Times page on Podchaser listen to the Enterprise Times channel on Soundcloud listen to the podcast (below) or download the podcast to your local device and then listen there.

Share This Podcast

Own This Podcast?

00:00:00/00:00:00