What Keeps a CTO Up at Night
What Keeps a CTO Up at Night
Between rapidly advancing technology, numerous security issues, and the ever-pressing need to expand, it's a wonder CTOs sleep at all.
Join the DZone community and get the full member experience.Join For Free
The Agile Zone is brought to you in partnership with Techtown Training. Learn how DevOps and SAFe® can be used either separately or in unison as a way to make your organization more efficient, more effective, and more successful in our SAFe® vs DevOps eBook.
It is not easy being a CTO, especially considering all the threats from hackers coming from every possible direction, trying to get their hands on that priceless data. Perhaps what is most nerve-racking is that even one security breach can turn a respectable company into a laughingstock. Here are some of the reasons CTOs around the country are having trouble sleeping at night.
DevOps Data Breaches
This past November, a massive data breach breach at a U.K. recruiting agency exposed the personal information of 780,000 clients. Hackers were able to access the data located on the agency’s development server, which was used by the agency’s IT provider. The American College of Cardiology, as well as parenting retailer Kiddicare, had similar incidents last year. And most notably, the Equifax data breach, which disclosed the personal information of 143 million Americans could be the worst to date. Read also: What’s Wrong with Big Data
Such incidents have become more common and are giving CTOs everywhere nightmares in addition to concerns that oversight in their DevOps implementation could be the newest route for data breaches in 2018. DevOps is quickly emerging as a weak link in the security chain and in the rush to continuously innovate, DevOps teams can introduce vulnerabilities by dismissing or overlooking corporate security standards. According to a recent survey, 80% of teams are not doing any security testing whatsoever during development and, to make matters worse, organizational silos between developers and security teams prevent the latter from enforcing security policies.
In order to meet this new challenge, companies must apply security during the DevOps process, which ensures compliance with both internal and external security regulations, without slowing down the main mission of the DevOps team, which will be challenging since security is not inherently mixed into a DevOps culture.
Managing Multi-Cloud Deployments
The massive growth of cloud-based services has made it easier like never before to bring geographically scattered teams and empower them to collaborate more closely and effectively.
In order to keep up with the demands of this new workplace model, current data centers will need to evolve into a combination of collocated, on-premises and multi-cloud environments. Multi-cloud deployments combine the best solutions and services from various cloud providers, thus overcoming vendor lock-in and flexibility issues at the same time. CTOs must address the need for a geographically dispersed infrastructure to serve a global customer as well as an employee base. They will also be challenged to construct the proper multi-cloud architecture and distribute shape, service and secure it on a constant basis.
A lot of IT departments out there are still working with platforms of loosely-connected open-source components. These “Frankestacks” are not long-term viable and if left as is, just like the monster it was named after, they will turn against their masters with dire consequences.
Companies which allow developers to patch together some sort of pseudo-platform from a collection of awkwardly integrated open source projects are taking huge risks in terms of expense and value. Inevitably, this “Frankestack” network will begin to crumble under the constantly growing pressure of keeping all of these different components integrated, secured and up to date.
Adoption of AI
AI has leaped out of sci-fi movies and is expected to become a $37 billion dollar industry by 2025. Over the past year, Amazon, IBM, Microsoft and SalesForce have released apps with AI capabilities. The appetite for AI is growing to a point where humans alone cannot effectively manage it. AI encompasses machine learning, deep learning, prescriptive and predictive intelligence, can give business intelligence and can reform daily work practices such as reducing the amount of work and increasing productivity.
Even though the adoption of AI is being driven because of business reasons, it is up to CTOs to implement AI. This often means playing catch-up in terms of understanding the technology, determining how it fits within the organization and how to prioritize resource to get the job done. The consequences of failing to adapt to digital business models are severe. According to a report by the Business Journal, more than half of the companies on the Fortune 500 list have dropped off the list because they failed to adapt.
Securing the IoT
In October 2017, a series of distributed denial-of-service (DDoS) attacks left many popular websites inaccessible for almost a whole day. These include big names such as Spotify, Twitter, and PayPal. These strikes targeted a DNS provider called Dyn and the investigation launched by the company determined that part of the DDoS came from IoT devices that were infected by the Mirai botnet malware.
The sheer magnitude of this disruption made securing the IoT a top priority for many companies. According to a recent study, around 70% of companies said that they were unsure whether or not they could bounce back after a cyber attack and the average cost of a data breach costs $4 million. This is the script of a real horror movie for CTOs everywhere.
Opinions expressed by DZone contributors are their own.