Category: Cyberinfrastructure

Latest Read: Grokking Continuous Delivery

Post author By Don Kasprzak
Post date February 22, 2025

Grokking Continuous Delivery by Christie Wilson.

Christie holds a Bachelor of Technology, Data Communication, Network Administration & Security from The British Columbia Institute of Technology. Today she is a Software Engineer at Google working on Go and Python, Specializing in distributed systems, scalable and maintainable code. She co-created Tekton, a cloud-native CI/CD platform built on Kubernetes.

Grokking Continuous Delivery teaches you the design and purpose of continuous delivery systems that you can use with any language or technology stack. I have always enjoyed reading all Grokking titles. Christie outlines in fact, the basic nuts and bolts of continuous delivery. Perfect for for developers and pipeline designers. She demonstrates the proper approaches to tackle real-world challenges regarding CD pipelines.

CD is in fact, a very well written book for software engineers seeking to understand, implement, and master CD pipelines. The book is certainly practical and is a great resource for both new users seeking to understand CD and experienced engineers.

Tags Christie Wilson, Continuous Delivery, Grokking, Innovation

Cyberinfrastructure Education Network Reading

Latest Read: Zero Trust Networks

Post author By Don Kasprzak
Post date July 13, 2024

Zero Trust Networks: Building Secure Systems in Untrusted Networks by Razi Rais.

Razi holds a BS In Computer Science from Karachi University and Masters in Computer Science from Shaheed Zulfikar Ali Bhutto Institute of Science and Technology. Today Razi is a Microsoft Senior Product Manager for Microsoft Security + AI.

Zero Trust is yet another confusing and misleading security phrase which confuses almost everyone including IT teams. Yet, it is a very critical network security strategy. Today this is needed more than ever before. This strategy assumes no one or device is trustworthy by default. This requires all users authenticating with their devices before accessing, networks, applications and data.

The core concept is to simply: assume breach. As odd as this will sound at first, continuously monitoring and logging of user and device activity will detect threats. By inspecting network traffic, the verification of each request will be based on an any organization’s access policy. This greatly reduces risk of insider threats, data protection. In addition to the unknowingly misuse of employee’s personal home computers lacking security standards set by their organization. Even in 2024, employee’s home computers still lack anti-virus, malware, or identity theft protection.

Tags cybersecurity, Network

Artificial Intelligence Cyberinfrastructure Education Reading

Latest Read: Cybersecurity: The Insights You Need

Post author By Don Kasprzak
Post date March 16, 2024

Cybersecurity: The Insights You Need from Harvard Business Review.

So let’s start with the end in mind to avoid all misunderstandings: this is targeted to every leader and board member regardless of market or industry. They simply must fully comprehend why cybersecurity has been and always will be an ongoing risk.

This is a well written, high level and most importantly a non-technical overview of cybersecurity. This risk can no longer be overlooked by organizations and delegated like it was 1994. Today more than ever before cybersecurity impacts your bottom line, including non-technology based organizations.

And in 2024 we can simply cut to the chase. If your organization’s cybersecurity service is not AI based, it is time to pivot to a vendor that deploys machine learning services to protect your organization, your data and most importantly, your customer data. Just query your insurance carrier for a list of approved vendors that deploy AI cybersecurity services. For the most part the pandemic made this pivot mandatory.

In fact, cyber risk management can no longer be isolated to your organization’s CIO and CISO. This is simply an organization-wide issue. Today every organization’s technology services group have become the key component for organizational success.

Tags cybersecurity, Harvard Business Review, risk management

Cyberinfrastructure Education Reading Technology

Latest Read: Click Here to Kill Everybody

Post author By Don Kasprzak
Post date July 31, 2021

Click Here to Kill Everybody, Security and Survival in a Hyper-connected World by Bruce Schneier. He is a fellow at the Berkman Klein Center for Internet & Society at Harvard University, lecturer in Public Policy at the Harvard Kennedy School, and board member of the Electronic Frontier Foundation, AccessNow, and the Tor Project. He is also an Advisory Board Member of the Electronic Privacy Information Center and VerifiedVoting.org.

Consequently, Bruce details many key issues in computer security that require the leadership and legislative pen of Congress. I certainly could not have picked a better time to read this book. My review is certainly just scratching the surface of his book. Bruce has communicated a much needed story for every consumer.

Above all, consider the 2021 Colonial Pipeline ransomware attack, the 2016 attacks upon our voting infrastructure, or even China’s digital espionage stealing almost every aspect of American innovation.

Do you think the internet is still growing in size? It is not the number of people, but rather the millions of new devices that pose increased risks. Therefore Bruce is calling for policies to protect these devices, knows as the Internet of Things (IoT). Examples of cyber attacks upon automobiles, electric and nuclear plants, medical devices and even airplanes is certainly proof that we are at greater risk.

A different era of industrial controls

Above all, cyber risk originates from different time in history. Besides, in the 1950s did consumers in South America have access to the internet? Any talented programmer in South America had no means to hack conventional hydroelectric dam controllers. However, today this is a reality. So then, the programmatic controls for any damn in American could not have envisioned this threat:

former National Cybersecurity Center director Rod Beckstrom summarized it this way: (1) anything connected to the Internet can be hacked; (2) everything is being connected to the Internet; (3) as a result, everything is becoming vulnerable.
p. 27

At the same time, we really don’t have to look forward, but rather back at the innovations created in the 1950s and 1960s that launched the connected internet.

Tags Bruce Schneier, Click Here to Kill Everybody, cybersecurity

Cyberinfrastructure Education Network Ransomware Reading Technology

HBO’s The Perfect Weapon

Post author By Don Kasprzak
Post date June 18, 2021

In 2020 HBO released the documentary The Perfect Weapon based upon the best-selling book by David Sanger a New York Times national security correspondent. The book was a fantastic review of cyber attacks conducted by Russia, China and other countries deemed hostile to the US and the West. Accordingly, this documentary reveals how cyber war began. This is certainly the primary strategy today for nation state attacks. This documentary is also available on Amazon Prime.

Stuxnet, known as the cyber attack “Olympic Games” was an original US/Israel joint cyber attack. The concern was understanding the risk to a nuclear war in the Middle East in supporting Israel’s defense. The Bush Administration chose to invoke a new type of warfare.

Tags china, cyber war, david sanger, Iran, Russia, the perfect weapon