Cyber-Security 101 for Business Owners

Running a business require skill with multiple things happening simultaneously that require your attention. One of those critical things is cyber-security – critical today to have your focus on.

In the digital world today, all businesses have a dependency on the Internet in one way or the other… For SMEs (Small Medium Enterprise) that uses the Internet exclusively as their sales channel the Internet is not only a source of opportunity but the lifeblood of the organisation. An enterprise has the ability, through the Internet, to operate 24×7 with digitally an enabled workforce bringing unprecedented business value.

Like any opportunity though, this also comes with a level of risk that must be mitigated and continuously governed, not just by the board but also by every member within the team. Some of these risks can have a seriously detrimental impact to the business, ranging from financial and data loss to downtime and reputational damage. It is therefore your duty ensuring your IT network is fully protected and secure to protect your business.

Statistics show that cybercrime is exponentially rising. This is mainly due to enhancements in technology enabling and giving access to inexpensive but sophisticated tools. Used by experienced and inexperienced cyber criminals alike, this is causing havoc across networks resulting in business downtime that costs the economy millions every year.

If your business is not trading for 100 hours, what is the financial and reputational impact? That could be the downtime caused by, for example, a ransomware attack – yes, that’s almost 5 days of no business, costly for any business!

Understanding the threat

Cyber threats take many forms and is an academic subject on it’s own. So where do you start?

First you need to understand the threat before you can take preventative action.

Definition: Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation.

A good start is to understand the following cyber threats:

  • Malware
  • Worms
  • Trojans
  • IoT (Internet of Things)
  • Crypto-jacking

Malware

Definition:Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network.

During 2nd Q’18, the VPNFilter malware reportedly infected more than half a million small business routers and NAS devices and malware is still one of the top risks for SMEs. With the ability of data exfiltration back to the attackers, businesses are at risk of the loss of sensitive information such as usernames and passwords.

Potentially these attacks can remain hidden and undetected. Businesses can overcome these styles of attacks by employing an advanced threat prevention solution for their endpoints (i.e. user PCs). A layered approach with multiple detection techniques will give businesses full attack chain protection as well as reducing the complexity and costs associated with the deployment of multiple individual solutions.

Worms

Definition:A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.

Recent attacks, including WannaCry and Trickbot, used worm functionality to spread malware. The worm approach tends to make more noise and can be detected faster, but it has the ability to affect a large number of victims very quickly.For businesses, this may mean your entire team can be impacted (spreading to every endpoint in the network) before the attack can be stopped.

Approximately 20% of UK businesses that had been infected with malware had to cease business operations immediately resulting in lost revenue.

Internet of Things (IoT)

Definition:The Internet of things (IoT) is the network of devices such as vehicles, and home appliances that contain electronics, software, actuators, and connectivity.

More devices are able to connect directly to the web, which has a number of benefits, including greater connectivity, meaning better data and analytics. However, various threats and business risks are lurking in the use of these devices, including data loss, data manipulation and unauthorised access to devices leading to access to the network, etc.

To mitigate this threat, devices should have strict authentication, limited access and heavily monitored device-to-device communications. Crucially, these devices will need to be encrypted – a responsibility that is likely to be driven by third-party security providers but should to be enforced by businesses as part of their cyber-security policies and standard operating procedures.

Cryptojacking

Definition:Cryptojacking is defined as the secret use of your computing device to mine cryptocurrency. Cryptojacking used to be confined to the victim unknowingly installing a program that secretly mines cryptocurrency.

With the introduction and rise in popularity and value of crypto currencies, cryptojacking emerged as a cyber-security threat. On the surface, cryptomining may not seem particularly malicious or damaging, however, the costs that it can incur are. If the cryptomining script gets into servers, it can send energy bills through the roof or, if you find it has reached your cloud servers, can hike up usage bills (the biggest commercial concern for IT operations utilising cloud computing). It can also pose a potential threat to your computer hardware from overloading CPUs.

A recent survey, 1 in 3 of all UK businesses were hit by cryptojacking with statistics rising.

Mitigating the risk 

With these few simple and easy steps you can make a good start in protecting your business:

  • Education: At the core of any cyber-security protection plan, there needs to be an education campaign for all in the business. They must understand the gravity of the threat posed – regular training sessions can help here. And this shouldn’t be viewed as a one-off box-ticking exercise then forgotten about. Having rolling, regularly updated training sessions will ensure that staff members are aware of the changing threats and how they can best be avoided.
  • Endpoint protection: Adopt a layered approach to cyber security and deploy endpoint protection that monitor processes in real-time and seek out suspicious patterns, enhancing threat hunting capabilities that eliminate threats (quarantine or delete), and reducing the downtime and impact of attacks.
  • Lead by example: Cyber-security awareness should come from the top down. The time is long gone where cyber-security has been the domain of IT teams. If you are a business stakeholder, you need to lead by example by promoting and practicing a security-first mindset.

Different Software Testing – Explained

Testing of software and application is an integral part of the software development and deployment lifecycle. But with so many different types of tests to choose from when compiling your test approach, which are best suited for your requirements?

In this post 45 different tests are explained.

Software Application Testing are conducted within two domains: Functional and Non-Functional Testing.

Functional testing is a software testing process used within softwaredevelopment in which software is tested to ensure that it conforms with all requirements. Functional testing is a way of checking software to ensure that it has all the required functionality that’s specified within its functional requirements.

Functional testing types include:

  • Unit testing
  • Integration testing
  • System testing
  • Sanity testing
  • Smoke testing
  • Interface testing
  • Regression testing
  • Beta/Acceptance testing

Non-functional testing is defined as a type of Software testing to check non-functional aspects (performance, usability, reliability, etc) of a software application. It is designed to test the readiness of a system as per nonfunctional parameters which are never addressed by functional testing.

Non-functional testing types include:

  • Performance Testing
  • Load testing
  • Stress testing
  • Volume testing
  • Security testing
  • Compatibility testing
  • Install testing
  • Recovery testing
  • Reliability testing
  • Usability testing
  • Compliance testing
  • Localization testing

45 Different types of testing – explained

  1. Alpha Testing

It is the most common type of testing used in the Software industry. The objective of this testing is to identify all possible issues or defects before releasing it into the market or to the user. Alpha testing is carried out at the end of the software development phase but before the Beta Testing. Still, minor design changes may be made as a result of such testing. Alpha testing is conducted at the developer’s site. In-house virtual user environment can be created for this type of testing.

  1. Acceptance Testing

An acceptance test is performed by the client and verifies whether the end to end the flow of the system is as per the business requirements or not and if it is as per the needs of the end user. Client accepts the software only when all the features and functionalities work as expected. It is the last phase of the testing, after which the software goes into production. This is also called as User Acceptance Testing (UAT).

  1. Ad-hoc Testing

The name itself suggests that this testing is performed on an ad-hoc basis i.e. with no reference to test case and also without any plan or documentation in place for such type of testing. The objective of this testing is to find the defects and break the application by executing any flow of the application or any random functionality.

Ad-hoc testing is an informal way of finding defects and can be performed by anyone in the project. It is difficult to identify defects without a test case but sometimes it is possible that defects found during ad-hoc testing might not have been identified using existing test cases.

  1. Accessibility Testing

The aim of accessibility testing is to determine whether the software or application is accessible for disabled people or not. Here disability means deaf, color blind, mentally disabled, blind, old age and other disabled groups. Various checks are performed such as font size for visually disabled, color and contrast for color blindness etc.

  1. Beta Testing

Beta Testing is a formal type of software testing which is carried out by the customer. It is performed in Real Environment before releasing the product to the market for the actual end users. Beta testing is carried out to ensure that there are no major failures in the software or product and it satisfies the business requirements from an end-user perspective. Beta testing is successful when the customer accepts the software.

Usually, this testing is typically done by end-users or others. It is the final testing done before releasing an application for commercial purpose. Usually, the Beta version of the software or product released is limited to a certain number of users in a specific area. So end user actually uses the software and shares the feedback to the company. Company then takes necessary action before releasing the software to the worldwide.

  1. Back-end Testing

Whenever an input or data is entered on front-end application, it stores in the database and the testing of such database is known as Database Testing or Backend testing. There are different databases like SQL Server, MySQL, and Oracle etc. Database testing involves testing of table structure, schema, stored procedure, data structure and so on.

In back-end testing GUI is not involved, testers are directly connected to the database with proper access and testers can easily verify data by running a few queries on the database. There can be issues identified like data loss, deadlock, data corruption etc during this back-end testing and these issues are critical to fixing before the system goes live into the production environment

  1. Browser Compatibility Testing

It is a subtype of Compatibility Testing (which is explained below) and is performed by the testing team.

Browser Compatibility Testing is performed for web applications and it ensures that the software can run with the combination of different browser and operating system. This type of testing also validates whether web application runs on all versions of all browsers or not.

  1. Backward Compatibility Testing

It is a type of testing which validates whether the newly developed software or updated software works well with older version of the environment or not.

Backward Compatibility Testing checks whether the new version of the software works properly with file format created by older version of the software; it also works well with data tables, data files, data structure created by older version of that software. If any of the software is updated then it should work well on top of the previous version of that software.

  1. Black Box Testing

Internal system design is not considered in this type of testing. Tests are based on the requirements and functionality.

Detailed information about the advantages, disadvantages, and types of Black box testing can be seen here.

  1. Boundary Value Testing

This type of testing checks the behavior of the application at the boundary level.

Boundary value Testing is performed for checking if defects exist at boundary values. Boundary value testing is used for testing a different range of numbers. There is an upper and lower boundary for each range and testing is performed on these boundary values.

If testing requires a test range of numbers from 1 to 500 then Boundary Value Testing is performed on values at 0, 1, 2, 499, 500 and 501.

  1. Branch Testing

It is a type of white box testing and is carried out during unit testing. Branch Testing, the name itself suggests that the code is tested thoroughly by traversing at every branch.

  1. Comparison Testing

Comparison of a product’s strength and weaknesses with its previous versions or other similar products is termed as Comparison Testing.

  1. Compatibility Testing

It is a testing type in which it validates how software behaves and runs in a different environment, web servers, hardware, and network environment. Compatibility testing ensures that software can run on a different configuration, different database, different browsers and their versions. Compatibility testing is performed by the testing team.

  1. Component Testing

It is mostly performed by developers after the completion of unit testing. Component Testing involves testing of multiple functionalities as a single code and its objective is to identify if any defect exists after connecting those multiple functionalities with each other.

  1. End-to-End Testing

Similar to system testing, End-to-end testing involves testing of a complete application environment in a situation that mimics real-world use, such as interacting with a database, using network communications, or interacting with other hardware, applications, or systems if appropriate.

  1. Equivalence Partitioning

It is a testing technique and a type of Black Box Testing. During this equivalence partitioning, a set of group is selected and a few values or numbers are picked up for testing. It is understood that all values from that group generate the same output. The aim of this testing is to remove redundant test cases within a specific group which generates the same output but not any defect.

Suppose, application accepts values between -10 to +10 so using equivalence partitioning the values picked up for testing are zero, one positive value, one negative value. So the Equivalence Partitioning for this testing is: -10 to -1, 0, and 1 to 10.

  1. Example Testing

It means real-time testing. Example testing includes the real-time scenario, it also involves the scenarios based on the experience of the testers.

  1. Exploratory Testing

Exploratory Testing is an informal testing performed by the testing team. The objective of this testing is to explore the application and looking for defects that exist in the application. Sometimes it may happen that during this testing major defect discovered can even cause system failure.

During exploratory testing, it is advisable to keep a track of what flow you have tested and what activity you did before the start of the specific flow.

An exploratory testing technique is performed without documentation and test cases.

  1. Functional Testing

This type of testing ignores the internal parts and focuses only on the output to check if it is as per the requirement or not. It is a Black-box type testing geared to the functional requirements of an application. For detailed information about Functional Testing click here.

  1. Graphical User Interface (GUI) Testing

The objective of this GUI testing is to validate the GUI as per the business requirement. The expected GUI of the application is mentioned in the Detailed Design Document and GUI mockup screens.

The GUI testing includes the size of the buttons and input field present on the screen, alignment of all text, tables and content in the tables.

It also validates the menu of the application, after selecting different menu and menu items, it validates that the page does not fluctuate and the alignment remains same after hovering the mouse on the menu or sub-menu.

  1. Gorilla Testing

Gorilla Testing is a testing type performed by a tester and sometimes by developer the as well. In Gorilla Testing, one module or the functionality in the module is tested thoroughly and heavily. The objective of this testing is to check the robustness of the application.

  1. Happy Path Testing

The objective of Happy Path Testing is to test an application successfully on a positive flow. It does not look for negative or error conditions. The focus is only on the valid and positive inputs through which application generates the expected output.

  1. Incremental Integration Testing

Incremental Integration Testing is a Bottom-up approach for testing i.e continuous testing of an application when a new functionality is added. Application functionality and modules should be independent enough to test separately. This is done by programmers or by testers.

  1. Install/Uninstall Testing

Installation and uninstallation testing is done on full, partial, or upgrade install/uninstall processes on different operating systems under different hardware or software environment.

  1. Integration Testing

Testing of all integrated modules to verify the combined functionality after integration is termed as Integration Testing. Modules are typically code modules, individual applications, client and server applications on a network, etc. This type of testing is especially relevant to client/server and distributed systems.

  1. Load Testing

It is a type of non-functional testing and the objective of Load testing is to check how much of load or maximum workload a system can handle without any performance degradation.

Load testing helps to find the maximum capacity of the system under specific load and any issues that cause the software performance degradation. Load testing is performed using tools like JMeter, LoadRunner, WebLoad, Silk performer etc.

  1. Monkey Testing

Monkey testing is carried out by a tester assuming that if the monkey uses the application then how random input, values will be entered by the Monkey without any knowledge or understanding of the application. The objective of Monkey Testing is to check if an application or system gets crashed by providing random input values/data. Monkey Testing is performed randomly and no test cases are scripted and it is not necessary to

Monkey Testing is performed randomly and no test cases are scripted and it is not necessary to be aware of the full functionality of the system.

  1. Mutation Testing

Mutation Testing is a type of white box testing in which the source code of one of the program is changed and verifies whether the existing test cases can identify these defects in the system. The change in the program source code is very minimal so that it does not impact the entire application, only the specific area having the impact and the related test cases should able to identify those errors in the system.

  1. Negative Testing

Testers having the mindset of “attitude to break” and using negative testing they validate that if system or application breaks. A negative testing technique is performed using incorrect data, invalid data or input. It validates that if the system throws an error of invalid input and behaves as expected.

  1. Non-Functional Testing

It is a type of testing for which every organization having a separate team which usually called as Non-Functional Test (NFT) team or Performance team.

Non-functional testing involves testing of non-functional requirements such as Load Testing, Stress Testing, Security, Volume, Recovery Testing etc. The objective of NFT testing is to ensure whether the response time of software or application is quick enough as per the business requirement.

It should not take much time to load any page or system and should sustain during peak load.

  1. Performance Testing

This term is often used interchangeably with ‘stress’ and ‘load’ testing. Performance Testing is done to check whether the system meets the performance requirements. Different performance and load tools are used to do this testing.

  1. Recovery Testing

It is a type of testing which validates that how well the application or system recovers from crashes or disasters.

Recovery testing determines if the system is able to continue the operation after a disaster. Assume that application is receiving data through the network cable and suddenly that network cable has been unplugged. Sometime later, plug the network cable; then the system should start receiving data from where it lost the connection due to network cable unplugged.

  1. Regression Testing

Testing an application as a whole for the modification in any module or functionality is termed as Regression Testing. It is difficult to cover all the system in Regression Testing, so typically automation testing tools are used for these types of testing.

  1. Risk-Based Testing (RBT)

In Risk Based Testing, the functionalities or requirements are tested based on their priority. Risk-based testing includes testing of highly critical functionality, which has the highest impact on business and in which the probability of failure is very high. The priority decision is based on the business need, so once priority is set for all functionalities then high priority functionality or test cases are executed first followed by medium and then low priority functionalities.

The low priority functionality may be tested or not tested based on the available time. The Risk-based testing is carried out if there is insufficient time available to test entire software and software needs to be implemented on time without any delay. This approach is followed only by the discussion and approval of the client and senior management of the organization.

  1. Sanity Testing

Sanity Testing is done to determine if a new software version is performing well enough to accept it for a major testing effort or not. If an application is crashing for the initial use then the system is not stable enough for further testing. Hence a build or an application is assigned to fix it.

  1. Security Testing

It is a type of testing performed by a special team of testers. A system can be penetrated by any hacking way.

Security Testing is done to check how the software or application or website is secure from internal and external threats. This testing includes how much software is secure from the malicious program, viruses and how secure and strong the authorization and authentication processes are.

It also checks how software behaves for any hackers attack and malicious programs and how software is maintained for data security after such a hacker attack.

  1. Smoke Testing

Whenever a new build is provided by the development team then the software testing team validates the build and ensures that no major issue exists. The testing team ensures that build is stable and a detailed level of testing is carried out further. Smoke Testing checks that no show stopper defect exists in the build which will prevent the testing team to test the application in detail.

If testers find that the major critical functionality is broken down at the initial stage itself then testing team can reject the build and inform accordingly to the development team. Smoke Testing is carried out to a detailed level of any functional or regression testing.

  1. Static Testing

Static Testing is a type of testing which is executed without any code. The execution is performed on the documentation during the testing phase. It involves reviews, walkthrough, and inspection of the deliverables of the project. Static testing does not execute the code instead of the code syntax, naming conventions are checked.

The static testing is also applicable for test cases, test plan, design document. It is necessary to perform static testing by the testing team as the defects identified during this type of testing are cost-effective from the project perspective.

  1. Stress Testing

This testing is done when a system is stressed beyond its specifications in order to check how and when it fails. This is performed under heavy load like putting large number beyond storage capacity, complex database queries, continuous input to the system or database load.

  1. System Testing

Under System Testing technique, the entire system is tested as per the requirements. It is a Black-box type testing that is based on overall requirement specifications and covers all the combined parts of a system.

  1. Unit Testing

Testing an individual software component or module is termed as Unit Testing. It is typically done by the programmer and not by testers, as it requires a detailed knowledge of the internal program design and code. It may also require developing test driver modules or test harnesses.

  1. Usability Testing

Under Usability Testing, User-friendliness check is done. Application flow is tested to know if a new user can understand the application easily or not, Proper help documented if a user gets stuck at any point. Basically, system navigation is checked in this testing.

  1. Vulnerability Testing

The testing which involves identifying of weakness in the software, hardware and the network is known as Vulnerability Testing. Malicious programs, the hacker can take control of the system, if it is vulnerable to such kind of attacks, viruses, and worms.

So it is necessary to check if those systems undergo Vulnerability Testing before production. It may identify critical defects, flaws in the security.

  1. Volume Testing

Volume testing is a type of non-functional testing performed by the performance testing team.

The software or application undergoes a huge amount of data and Volume Testing checks the system behavior and response time of the application when the system came across such a high volume of data. This high volume of data may impact the system’s performance and speed of the processing time.

  1. White Box Testing

White Box testing is based on the knowledge about the internal logic of an application’s code.

It is also known as Glass box Testing. Internal software and code working should be known for performing this type of testing. Under this tests are based on the coverage of code statements, branches, paths, conditions etc.

Artificial Intelligence Capabilities

 

AI is one of the most popular talked about technologies today. For business, this technology introduces capabilities that innovative business and technology leadership can utilise to introduce new dimensions and abilities within service and product design and delivery.

Unfortunately, a lot of the real business value is locked up behind the terminology hype, inflated expectations and insecure warnings of machine control.

It is impossible to get the value from something that is not understood. So lets cut through the hype and focus to understand AI’s objectives and the key capabilities that this exciting technology enables.

There are many definitions of AI as discussed in the blog post “What is Artificial Intelligence: Definitions“. Keeping it simple: “AI is using computers to do things that normally would have required human intelligence.” With this definition in mind, there are basically three things that AI is aiming to achieve.

3 AI Objectives

  • Capturing Information
  • Determine what is happening
  • Understand why it is happening

Lets use an example to demonstrate this…

As humans we are constantly gathering data through our senses which is converted by our brain into information which is interpreted for understanding and potential action. You can for example identify an object through site, turn it into information and identify the object instantly as, for example, a lion. In conjunction, additional data associated with the object at the present time, for example the lion is running after a person yelling for help, enables us to identify danger and to take immediate action…

For a machine, this process is very complex and requires large amounts of data, programming/training and processing power. Today, technology is so advanced that small computers like smart phones can capture a photo, identify a face and link it to a name. This is achieved not just through the power the smart phone but through the capabilities of AI, made available through services like facebook supported by an IT platform including, a fast internet connection, cloud computing power and storage.

To determine what is happening the machine might use Natural Language Understanding (NLU) to extract the words from a sound file and try to determine meaning or intent, hence working out that the person is running away from a lion and shouting for you to run away as well.

Why the lion is chasing and why the person is running away, is not known by the machine. Although the machine can capture information and determine what is happening, it does not understand why it is happening within full context – it is merely processing data. This reasoning ability, to bring understanding to a situation, is something that the human brain does very well.

Dispite all the technological advancements, can machines today only achieve the first two of the thee AI objectives. With this in mind, let’s explore the eight AI capabilities relevant and ready for use, today.

8 AI Capabilities

AI-8Capabilities

  • Capturing Information
    • Image Recognition
    • Speech Recognition
    • Data Search
    • Data Patterns
  • Determine what is happening
    • Language Understanding
    • Thought/Decision Process
    • Prediction
  • Understand why it is happening
    • Understanding

Image Recognition

This is the capability for a machine to identify/recognise an image. This is based on Machine Learning and requires millions of images to train the machine requiring lots of storage and fast processing power.

Speech Recognition

The machine takes a sound file and encodes it into text.

Search

The machine identifies words or sentences which are matched with relevant content within a large about of data. Once these word matches are found it can trigger further AI capabilities.

Patterns

Machines can process and spot patterns in large amounts of data which can be combinations of sound, image or text. This surpasses the capability of humans, literally seeing the woods from the trees.

Language Understanding

The AI capability to understand human language is called Natural Language Understanding or NLU.

Thought/Decision Processing

Knowledge Maps

Prediction

Predictive analytics is not a new concept and the AI prediction capability basically takes a view on historic data patterns and matches it with a new piece of data to predict a similar outcome based on the past.

Understanding

Falling under the third objective of AI – Understand what is happening, this capability is not currently not commercially available.

To Conclude

In understanding the capabilities of AI you can now look beyond the hype, be realistic and identify which AI capabilities are right to enhance you business.

In a future blog post, we’ll examine some real live examples of how these AI capabilities can be used to bring business value.

The Rise of the Bots

Guest Blog from Robert Bertora @ Kamoha Tech – Original article here

The dawn of the rising bots is upon us. If you do not know what a Bot is, it’s the abbreviated form for the word Robot, and it is a term that is now commonly used to describe automated software programs that are capable of performing tasks on computers that traditionally were reserved for human beings. Bots are software and Robots are Hardware, all Robots need Bots to power their reasoning or “brain” so to speak. Today the Golden Goose is to build Artificial Intelligence (commonly known as AI) directly into the Bots, and the goal is, for these Bots to be able to learn on their own, either from being trained, or from their own experience of making mistakes. There is after all no evidence to suggest that the human mind is anything more than a machine, and therefore no reason for us to believe that we can’t build similar intelligent machines incorporating AI.

These days Bots are everywhere, you may not realise it so here are a few examples that come to mind:

Trading Bots: Trading Bots have existed for many years, at least 20 years if not more and are capable of watching financial markets that trade in anything from currency to company shares. Not only do they watch these markets, but they can perform trades just like any other Human Trader. What is more, is that they can reason out, and execute a trade in milliseconds, leaving a Human Trader in the dust.

Harvesting Bots were originally created by computer gamers who were tired of performing repetitive tasks in the games they played. Instead of sitting at their computer or consoles for hours killing foe for resources such as mana or gold, one could simply load up a Bot to do this tedious part of gameplay for you. While you slept, the Bot was “harvesting” game resources for you, and in the morning your mana and gold reserves would be nicely topped up and ready for you to spend in game on more fun stuff, like buying upgraded weapons or defences!

Without Harvesting Bots and their widespread proliferation in the gaming community we are all very unlikely to have ever heard of Crypto Currencies, you see it can be argued that these would never have been invented in the first place. Crypto Currencies and Block Chain technologies rely in part on the foundations set by the computer gaming Harvesting Bots. The Harvesting Bot concept was needed by the Crypto Currency Pioneers who used it to solve their problem of mimicking the mining of gold in the real world. They evolved the Harvesting Bot into Mining Bots which are capable of mining for crypto coins from the electronic Block Chain(s). You may have heard of people mining for Bitcoins and other Crypto coins, using mining Rigs and the Bots; the Rigs being the powerful computer hardware they need to run the Mining Bots.

What about Chat Bots? have you ever heard of these? These Bots replace the function of humans in customer service chat rooms online. There are two kinds of Chat Bots, the really simple ones, and the NLP (Neuro Linguistic Programming) ones which are capable of processing Natural Language.

Simple Chat Bots follow a question, answer, yes/no kind of flow. These Chatbots offer you a choice of actions or questions that you can click on, in order to give you a preprogramed answer or to take you through a preprogramed flow with preprogramed answers. You may have encountered these online, but if not, you will have certainly encountered this concept in Telephone Automation Systems that large companies use as part of their customer service functions.

NLP Chat Bots are able to take your communication in natural language (English, French etc..), making intelligent reasoning as to what you are saying or asking, and then formulating responses again in natural language that when done well may seem like you are chatting with another human online. This type of Chatbot displays what we call artificial intelligence and should be able to learn new responses or behaviours based on training and or experience of making mistakes and learning from these. At KAMOHA TECH, we develop industry agnostic NLP Bots on our KAMOHA Bot Engine incorporating AI and Neural Network coding techniques. Our industry agnostic Bot engine is used to deploy into almost any sector. Just as one could deploy a human into almost any job sector (with the right training and experience) so too we can do this with our industry agnostic artificially intelligent KAMOHA Bots.

Siri, Cortana and Alexa are all Bots which are integrated to many more systems across the internet, giving them seemingly endless access to resources in order to provide answers to our more trivial human questions, like “what’s the weather like in LA?”. These Bots are capable of responding not only to text NLP but also to voice natural language inputs.

Future Bots are currently being developed, Driverless vehicles: powered by Bots, any Robot (taking human or animal form) that you may see in the media or online in YouTube videos are and will be powered by their “AI brain” or Bot so to speak. Fridges that automatically place your online grocery shopping order – powered by Bots, buildings that maintain themselves: powered by Bots. Bot Doctors that can diagnose patients, Lawyer Bots, Banker Bots, Bots that can-do technical design, image recognition, Bots that can run your company? … Bots Bots Bots!

People have embraced new Technology for the last 100 years, almost without question, just as they did for most of Medical Science. Similar to certain branches of Medical Science, Technology has its bad boys though, that stray deeply into the Theological, Social, Moral and even Legal territories. Where IVF was 40-50 years ago, so too are our Artificially Intelligent Bots: pushing the boundaries, of normalities and our moral beliefs. Will Bots replace our jobs? What will become of humans? Are we making Robots in our own image? Are we the new Gods? Will Robots be our slaves? Will they break free and murder us all? A myriad of open ended questions and like a can of worms or pandora’s box, the lid was lifted decades ago. Just as sure as we developed world economies and currency in a hodgepodge of muddling through the millennia we are set to do the same with Bots; we will get there in the end.

It’s not beyond my imagination to say that if Bots replace human workers in substantial volume, then legislation will be put in place to tax these Bots as part of company corporation tax, and to protect human workers it is likely that these taxes will be higher than that of humans. If a bot does the work of 50 people? How do you tax that? Interesting times, interesting questions. My one recommendation to any one reading this, is do not fear change, do not fear the unknown, and have faith in the Human ability to make things work.

Love them or hate them Bots are on the rise, they will only get smarter and their usages will be as diverse as our own human capabilities. Brave new world.

Click on the image below to see our bots:

Business Driven IT KPIs

KPIs (Key Performance Indicators) are a critical management tool to measure the success and progress of effort put in towards achieving goals and targets – to continually improve performance.

Every business set their specific KPIs to measure the criteria that drive the business success – these vary from business to business. One thing every modern business has in common though, is IT – the enabler that underpin operational processes and tools used to commerce daily. Setting KPIs that measure the success of IT operations does not just help IT leadership to continuously improve but also proof the value of IT to the business.

Here are ten IT KPIs that matter most to modern business

1. % of IT investment into business initiative (customer-facing services and business units)
How well does the IT strategy, reflected in the projects it is executing, align with the business strategy? This metrics can help to align IT spend with business strategy and potentially eliminate IT projects for IT that does not align directly with business objectives.

2. % Business/Customer facing Services meeting SLAs (Service Level Agreements)
IT is delivering service to customers; these are internal to the business but can also be delivered external to the business’ client/customers directly. Are these services meeting required expectations and quality – in the eye of the customer? What can be done to improve.

3. IT Spend vs Plan/Budget
Budgets are set for a purpose – it is a financial guideline that indicates the route to success. How is IT performing against budget, against plans? Are you over-spending against the set plans? Why? Is it because of a problem in the planning cycle or something else? If you are over-spending/under-spending, in which areas do this occur?

Knowing this metrics give you the insight to take corrective actions and bring IT spend inline with budgets.

4. IT spend by business unit
IT service consumptione is driven by user demand. How is IT costs affected by the user demands by business unit – are business units responsible to cover their IT cost, hence owning up to the overall business efficiency. This metrics put the spotlight on the fact that IT is not free and give business unit manager visibility of their IT consumption and spend.

5. % Split of IT investment to Run, Grow, Transform the business
This is an interesting one for the CIO. Businesses usually expects IT to spend more money in growing the business but reality is that the IT cost of running the business is driven by the demand from IT users with an increased cost implication. Business transformation, now a key topic in every board meeting, needs a dedicated budget to succeed. How do these three investment compare in comparison with business strategic priorities.

6. Application & Service TCO (Total Cost of Ownership)
What is the real cost of delivering IT services and application. Understanding the facts behind what makes up the total cost of IT and which applications/services are the most expensive, can help to identify initiatives to improve.

7. Infrastructure Unit Cost vs Target & Benchmarks
How do you measure the efficiency of your IT infrastructure and how does this compare with the industry benchmark? This is a powerful metrics to justify ROI (Return on Investment), IT’s value proposition, IT strategy and the associated budget.

8. % Projects on Time, Budget & Spec
Is the project portfolio under control? Which projects need remediation to get back on track and what can be learned from projects that do run smoothly?

9. % Project spend on customer-facing initiatives
How much is invested in IT projects in the business for the business (affecting the bottom line) in comparison with customer-centric projects that impacts the business’ top line.

10. Customer satisfaction scores for business/customer facing services

Measure the satisfaction of not just the internal business units that consume IT services but also the business’ customer’s satisfaction with customer-facing IT services. Understand what the customer wants and make the needed changes to IT operations to continuously improve customer satisfaction.

KPI vs Vision

In the famous words of Peter Drucker “What gets measured gets improved”, KPIs give you the insight to understand:

  • your customer
  • your market
  • your financial performance
  • your internal process efficiency
  • your employee performance

Insight brings understanding that leads to actions driving continuously improve.

Bimodal Organisations

The continuous push towards business improvement combined with the digital revolution, that has changed the way the customer is engaging with business through the use of technology, have introduced the need for an agility in the delivery of IT services. This speed and agility in IT delivery, for the business to keep abreast of a fast evolving and innovative technology landscape and to gain an competitive advantage are not just required in the development and/or introduction of new technology into the business, but in the way “keep the lights on” IT operations are reliably delivered through stable platforms and processes enabling business growth as well.

IT Bimodal

We can agree that once systems and solutions are adopted and integrated into business operations, the business requirement for IT delivery changes with IT stability, reliability, availability and quality as key enablers to business performance optimisation. There are thus two very distinct and equally important ways or modes of delivering IT services that should seamlessly combine into the overall IT Service Operations contributing to business growth.

Gartner minted in 2016 the concept of IT Bimodal – the practise to manage two separate coherent modes of IT delivery.

Mode 1: Focussed on Stability Mode 2: Focussed on Agility
Traditional Exploratory
Sequential Non-linear
Emphasis on: Safety & Accuracy Emphasis on: Agility and Speed

Each of the delivery modes has their own set of benefits and flaws depending on the business context – ultimately the best of both worlds must be adapted as the new way in which technology delivers into business value. Businesses require agility in change without compromising the stability of operations. Change to this new way and associated new Target Operating Model (TOM) is required.

Bimodal Organisation

This transformation is not just applicable to IT but the entire organisation. IT and “the business” are the two parts of the modern digital business. “The Business” needs to adapt and change their work style (operating model) towards digital as well. This transformation by both IT and “the business”, branded by Gartner as Bimodal, is the transformation towards a new business operating model (a new way of working) embracing a common goal of strategic alignment. Full integration of IT and business are the core of a successful digital organisation competing in the digital era.

The introduction of Agile development methodologies and DevOps, led to a transformation in how technology is being delivered into business operations. IT Service Management (ITSM) and the ITIL framework have matured the operational delivery of IT services, as a business (#ITaaBusiness) or within a business while Lean Six Sigma enables business process optimisation to ultimate quality delivery excellence. But these new “agile” ways of working, today mainly applied within IT, is not enough for the full bimodal transformation. Other aspects involving the overall organisation such as business governance and strategy, management structures and organisational architecture, people (Human Capital Management – HCM), skills, competencies, culture, change management, leadership and performance management as well as the formal management of business and technology innovation and integration, form additional service areas that have to be established or transformed.

How do organisations go about defining this new Bimodal TOM? – In come Bimodal Enablement Consulting Services in short BECS.

BECS – Bimodal Enablement Consulting Services

Gartner’s definition: “An emerging market that leverages a composite set of business and technology consulting services and IP assets to achieve faster more reliable and secure, as well as business aligned, solutions in support of strategic business initiatives.”

To establish a Bimodal enabled TOM, organisations need to architect/design the organisation to be customer centric, focussing on the value adding service delivered to the client/customer – a Service Oriented Organisation (SOO) designed using a Service Oriented Architecture (SOA). This set of customer services (external facing) should relay back to a comprehensive and integrated set of supporting and enabling business services (internal facing) that can quickly and effectively enable the business to innovate and rapidly adapt and deliver to changing customer needs and the use of technology within the digital era. This journey of change, that businesses needs to undergo, is exactly what digital transformation is about – not just focused on the technology, processes, quality and customer service, but on the business holistically, starting with the people working within the business and how they add value through the development and use of the right skills and tools, learning an applying it rapidly throughout the business value chain.

A customer centric delivery approach requires the development and adoption of new ways in which work are conducted – new management structures, building and enhancing A-teams (high performing individuals and teams, getting the job done), optimised processes and the right tool sets.

BECS must address the top bimodal drivers or goals, as identified by Gartner research:

  • Deliver greater IT value to the business
  • Shorten the time to deliver solutions
  • Enable digital business strategies
  • Accelerate IT innovation
  • Transform IT talent/culture/operations
  • Increase the interaction between business and IT
  • Embrace leading-edge technologies, tools and/or practices
  • Reduce IT costs (always a favourite)
  • Change the organisation’s culture

Take Action

Are you ready, aligned and actively engaging in the digital world?

Can you accelerate change and enable revenue growth with rock-solid service and business operations?

Are you actively practicing bimodal, continuously adapting to the changing digitally empowered customer demand?

The ultimate test to determine if you are bimodal: Every business process and every enterprise system needs to work without a blip, even as more innovation and disruptors are introduced to make the business more efficient and responsive.

It is time to be a bimodal organisation!

___________Renier Botha specialises in helping organisation to optimise their ability to better integrate technology and change into their main revenue channels – make contact today.

Related post: Success – People First; Performance ImprovementAGILE – What business executives need to know #1; AGILE – What business executives need to know #2; Lean Six Sigma; The Digital Transformation Necessity; Structure Tech for Success

Systems Powering Healthcare – Corporate Video

SPHERE (Systems Powering Healthcare Ltd) is an IT Service Provider delivering IT Service Management and shared IT infrastructure services to the healthcare sector. In March 2015, the Chelsea & Westminster NHS Foundation Trust and the Royal Marsden NHS Foundation Trust moved to a shared service model for common IT functions through the formation of SPHERE (Systems Powering Healthcare Ltd). SPHERE, is a company jointly and wholly owned by Chelsea & Westminster Hospital and the Royal Marsden NHS Foundation Trusts – it represents a collaboration and pooling of resources between the Trusts to deliver improved IT services to its members.

https://www.systemspoweringhealthcare.com

Structure Technology for Success – using SOA

How do you structure your technology department for success?

What is your definition of success?

Business success is usually measured in monetary terms – does the business make a profit, does the business grow?

What_about_ROI

What is the value contribution on IT within the business?

Are the IT staff financially intelligent & commercially aware?

Renier spoke at Meet-Up about how you can design your IT function, using Service Orientated Architecture (SOA) to design a Service Orientated Organisation (SOO), to directly  contribute to the business success.

Slide Presentation pdf: Structure Technology for Success

Slide Share via LinkedIn: Structure technology for success

Also Read: