Infrastructure-from-Code (IfC) creates, configures, and manages cloud resources by understanding the source code of a software application without explicit description. There are 4 main approaches to Infra-from-Code: SDK-based, code annotation-based, a combination of these two approaches, and a new programming language that defines infrastructure explicitly, Infoq wrote on the topic.

The SDK-based approach allows developers to use their own code, and during deployment, tools analyze how the service’s code uses the SDK and generates the infrastructure. The SDK-based approach makes deriving usage from code more predictable, but the SDK is always a step back in leveraging new cloud features. Examples of SDK-based tools are Ampt and Nitric.

In the annotation and SDK approach, the developer annotates the code, and the tools incorporate those annotations into the framework. The main tools in this category are Encore and Shuttle. These tools can be hosted on the IfC vendor’s platform or can be integrated with third-party cloud service providers such as GCP, AWS, or Azure. Another interesting tool is AWS Chalice, which allows the creation and deployment of applications that use AWS Lambda in python.

Chef, Ansible, Puppet and Terraform are some of the first Infrastructure-as-Code (IaC) tools and have started to enable the creation and management of cloud infrastructures. The second wave of IaC used existing programming languages (Python, Go, TypeScript) to express the same idea as the first wave tools. Puluni and CDK are the tools of this second generation.

The solution is built on Red Hat OpenShift and runs on the AWS Cloud, simplifying the ability for customers to run workloads in the AWS cloud. The companies also intend to collaborate on further co-development to provide greater flexibility and choice on where to run OSDU applications. An IBM and Reuters whitepaper, sponsored by IBM, found that the energy industry is facing pressure to reduce greenhouse gases as demand for affordable energy continues to rise.

Energy companies need solutions that help drive efficiencies to free up capital, time and resources to invest in discovering new, more sustainable energy sources. Data and digital technologies can help to navigate this transition, hence an IBM survey found that less than half of oil and gas executive respondents are using data to drive that innovation.

This is in part because most of the digitization efforts have been in proprietary closed systems, hindering the potential to combine and maximize the value of data. The collaboration between IBM and AWS aims to accelerate the reduction of data barriers in the industry.

IBM Open Data for Industries is an open-source solution using the OSDU data foundation for the oil, gas and energy industry. IBM Open Data for Industries is entirely integrated with IBM Cloud Pak for Data for easy data management, and built on Red Hat OpenShift.

With this collaboration, customers will gain the flexibility to run OSDU Data Platform applications in the AWS cloud or on-premises while addressing data residency requirements. Combined with the expansive cloud infrastructure of AWS cloud services, this data platform can help energy companies reduce the cost, time and resources needed to leverage their data.  Bill Vass, vice president, engineering, AWS, commented:

“Much of the data needed to solve the complex energy challenges, such as superior subsurface decisions, already exists, yet is untapped. This is because one of the greatest values of that data is derived when it can be effectively combined, but usually, this data is locked by data residency requirements, legacy applications or proprietary data formats. By collaborating with IBM and leveraging Red Hat OpenShift, we will be able to offer customers a global, seamless offering with the flexibility to run on virtually any IT infrastructure and drive longer-term digital innovation.”

IBM and AWS collaboration will accelerate the value of this platform for global customers. The goal is to help serve the needs of energy companies today with the flexibility to adapt to change amid energy transition. According to Manish Chawla, global managing director, energy, resources and manufacturing, IBM:

“Data is a critical asset to help fuel energy transition, yet too often energy companies must choose between running applications on-premises or in the cloud, and often each deployment uses a proprietary data format. This means that rather than using all of that collective data to gather insights, augment operations and inform innovation, some of it was going unused. Our collaboration with Amazon Web Services is addressing the need to make it easier for energy customers to access their data and provides the industry with a flexible solution to meet the challenges of today, as well as more easily adapt as the industry evolves.”

The collaboration underscores the value of IBM and Red Hat to provide flexibility and unlock greater business value for operational data across industries.

The largest areas of spending are communications services ($1.4 trillion projected for 2021) and IT services ($1.2 trillion), with the latter expected to grow more rapidly, primarily due to investment in cloud infrastructure to support remote working and continued digital transformation. John-David Lovelock, distinguished research vice president at Gartner, said in a press release:

“Technology spending is entering a new build budget phase. CIOs are looking for partners who can think past the digital sprints of 2020 and be more intentional in their digital transformation efforts in 2021. This means building technologies and services that don’t yet exist, and further differentiating their organisation in an already crowded market.”

Gartner’s projections are split across five categories, all of which are expected to expand in 2021 and into 2022. The highest projected growth rate is in enterprise software, at 13.2% in 2021 and 11.7% to $670 billion in 2022. Meanwhile, devices, which have seen a bumper 2021 thanks to the pandemic (13.9% growth), are projected to see much lower – although still positive – demand in 2022 (0.2%).

The IT services segment, which includes cloud, is projected to grow 9.8% in 2021 and 8.5% in 2022 primarily due to continued demand for IaaS. In 2020 the worldwide IaaS public cloud services market expanded by 40.7% in 2020, according to Gartner. While the firm has not yet broken out projections for IaaS in 2021/2022, it is likely that this trajectory will continue.

Recent research among UK IT leaders found that cloud IaaS/PaaS spending topped the shopping list, followed by end-user compute and then security software.

The event was attended by guests and specialists in the cybersecurity sector, which are the main focus of our digital everyday life. Here is more from the discussion.

Diana Stefanova, Vice President of Global Sites Strategy at VMware, said that the Global Security Insights 2020– study involved 14 countries from all around the world, which makes it extremely comprehensive. The results can be defined as very interesting. 542 professionals from the cybersecurity industry took part in the study. 70% of them have stated that they have suffered at least once a breakthrough in the systems. 69% reported an increase in attacks by 60-70%. Stefanova commented:

“Thanks to COVID, we have had to move towards accelerated digital transformation. This has placed new challenges for security teams. 80% of the participants believe that they have been the subject of cyber-attacks because of the majority of employees working from home.”

Diana Stefanova gave an example of what happened to Colonial Pipeline, who were forced to pay a ransom to hackers in order to resume their work. Another example she mentioned was T-Mobile. According to her, in such cases, companies must react reactively.

According to the study, 79% of respondents say that cyberattacks have become more challenging and more difficult to deal with. Among the leading reasons of this, the study identifies several reasons:

14% responded that this is due to outdated processes, technologies and methods of organizations.

According to the panellists, some of the security measures that we should consider include Internal policies and updated technology. 98% of the respondents commented that they use the Cloud-first approach, which turned up to be a double-edged sword.

The key challenges that the companies have to overcome are three:

Too many surfaces to defend

Too many silos

Too little context.

Diana Stefanova introduced Ventsislav Pochekanski, the leader of the Carbon Black team at VMware, who is completely focused on security. Carbon Black is a new team for Bulgaria, built in the last year and is the main unit of VMware. He commented:

“More and more employees are mobile and work with different points of view, which is a problem. Multiple end devices are used to access the data. Organizations maintain their traditional applications, but also develop new ones. Both new data centres and new cloud technologies are available, and it is also important to use extremely complex networks to provide connectivity between customers, users, etc.,”

According to him, there is a lack of context in the operation of these protection systems. The goal is not to protect individual components, but the entire system. Pochekanski also said that systems must see all components of protection and understand the interconnections on them.

“Our vision at VMware is for a security system that is built into the infrastructure, instead of many tools that we need to take care of, update, maintain, etc.,”

According to him, there is a lack of context in the operation of these protection systems. The goal is not to protect individual components, but the entire system. Pochekanski also said that systems must see all components of protection and understand the interconnections on them.

“Our vision at VMware is for a security system that is built into the infrastructure, instead of many tools that we need to take care of, update, maintain, etc.,” he said.

The moderator of the meeting was Boycho Popov, Editor-in-Chief of Investor. bg, as well as a presenter at Bloomberg TV, who also introduced Yuri Genov, Executive Director and Head of IT and Operations at DSK Bank.

“The work of global companies and the publication of such research provide a good insight into how the market is evolving. We were very careful during the pandemic and focused on these aspects of staff work. It is always good for someone with authority to confirm what is happening on our market, “

What actually matters is that managers are starting to focus more and more on this topic. What the statistics show is that incidents are increasing dramatically – in 2019 attacks were less than 1000, in 2020- around 2000, and in 2021 the expected number is 3000. There are several reasons behind this:

• COVID-19 pandemic
• Visualization
• Third-party software suppliers
• Cloud usage.

But how does the transition to a virtual work model affect cybersecurity?

According to Yuri Genov, the current situation taught society many things, better discipline, better security measures, etc. As threats grow, so does the culture of citizen behaviour, awareness, and precautionary measures against phishing attacks. Security is not just about finance, because the problem covers bigger and bigger perimeter. The Cloud increases data security, but its model increases the potential for problems. Security starts with people’s behaviour and habits and is developed and supported by technology.

The discussion was also attended by Georgi Sharkov, who manages the interface of a software institute – Center for Eastern Europe and the Laboratory of Cybersecurity in Sofia Tech Park.

“Both phishing and ransomware attacks are on the rise because of the pandemic, but also because of the virtualisation of education, shopping, communication and our lives in general. The infrastructure and the environment in which communication is changed. New signals for attacks and imagination have also appeared on channels that have not yet been presented in Bulgaria,”

Vihren Slavchev made an interesting emphasis on new technologies such as AI, ML and Deep Learning. Their applications are very large and one of the reasons for their widespread penetration is that they can be applied on both the good and the bad side.

“We know how drones save lives, make deliveries, etc., but they can also hit military targets with extraordinary power. In terms of cybersecurity, we are at war. It runs between machines and machines. We position software, algorithms and centres, 95% controlled by AI. On the other side are those who attack. They use AI, which studies and analyses your behaviour so that it launches the attack very successfully. Even in a prepared organisation, we see phishing emails that are incredibly neat and done with research for months. Despite years of experience behind many specialists, out of 10 phishing emails, they manage to recognise 6, 7. At some point, people will become spectators of this war and as such will lose control.

On the question of who will win the war, Slavchev noted that historically, the attackers are always one step ahead. On the other hand, the defence must be approached with a great deal of study of all models of attack. Serious research is needed and millions of dollars can be spent on defence, but the weak link in the human factor, that could open the door and welcome the enemy every time.

Georgi Sharkov continued the military analogy, saying that there are no unconquered fortresses in world history. The defender is always in an unfavourable situation.

“A fortress that is not designed to be protected cannot be. We need to think about how to design the protection. The attackers have no ethical, moral or regulatory restrictions on the use of funds. They have an advantage. The AI ​​itself needs to be protected! AI’s cybersecurity is a very important aspect.

He added that in all wars, there is no winner, and cyberspace is not an exclusion. Sharkov also said that artificial intelligence is the only tool that could help against enemy AI.

On the question asked by DevStyleR “What are the three steps that a company must take after an attack”

Ventsislav Pochekanski commented that if companies are thinking ahead, they need to ensure maximum protection for vulnerabilities and the traditional, outdated applications that are used. They are often attacked and this is done through constant monitoring. Current behaviour-based protection systems should also be used. It is also necessary to ensure the protection of internal systems. But when it comes to a cyber attack and a ransom demand, there is no technological solution.

Vihren Slavchev emphasized another curious thing – should the ransom be paid? If the company can recover relatively quickly, then there is no need. But attackers often destroy backups, which is already a big problem. He also noted that talks are underway to criminalize the payment of ransom.

As protection steps, first, he listed “trust a professional” because “pulling the cable and cutting services” is not good. Also, you need to isolate the perimeter. As a third step, you must have a crisis plan because if everything is done at the last moment, then it becomes very complicated.

Yuri Genov agreed that every company must have a ready-prepared plan and that Bulgaria has systems in place to interact with national authorities. He is of the opinion that the legislation should be observed and authorized persons should be dealt with. There are well-prepared organizations that can help, and paying a ransom should be an incredible last resort to save a business.

Load balancing is a key component in your cloud infrastructure and plays a pivotal role in the digital experience of your users. As the gateway between users and your application, load balancers enable the availability, scalability, and agility that your business needs in today’s digitally transformed world.

In his article, Gopi covered interesting insights of the Oracle Cloud Infrastructure Flexible Network Load Balancer such as the Pass-through layer 4 (TCP/UDP) load balancing and Scaling network virtual appliances and transparent layer-3 next hop.

Check out the next steps and the capabilities that Oracle Cloud Infrastructure offers from here.