IT spending soars, generative AI investments barely leave a mark - These forecasts have been confusing in recent years. They’re always increasing, and yet the trends are always cost savings: ‘“Digital business transformations are beginning to morph,” said Lovelock. “IT projects are shifting from a focus on external-facing deliverables such as revenue and customer experience, to more inward facing efforts focused on optimization." The trend is reflected in where spending growth is highest. Gartner expects software, the fastest-growing segment, to achieve a double-digit growth rate of 14% on the year, as organizations reallocate spending to squeezing more value out of ERP and CRM applications, as well as other core platforms that deliver efficiency gains.’ // Also, yeah: with AI it’s way too early in the corporate planning and strategy cycle to be allocating lots of cash to it. It’ll just be small PoCs for at least a year.

No one has an “appetite for risk” - “I think there is a better way to express what we aim to express when we say ‘risk appetite.’ What we are talking about is the organization’s failure tolerance. How often is it okay for the organization to experience security failures? How big can the failures be (impact) and still be tolerable?"

personal organization - “Here’s my one piece of advice about personal organization: (calendars, tasks, planning, tracking): Think hard about your needs, pick a system, and then do not under any circumstances change it until at least one full year has passed."

Checking In on the State of TDD - Great round-up or the current thinking and research! But: Kids these days! “Look at it this way: 19 out of 20 startups fail. That means that odds are that you will never see this code again. You’d be a fool to spend any more time on it than absolutely necessary.” This is the kind of advice that’s fine for failed startups. And maybe even strategic if you’re just looking for a valuations run-up cash-out. But for #20, you’re just building your own legacy trap for you or the company that awaited you. Also, for enterprises, it’s worse: a bank is going to have that code for a decade or more and will be fucked in three to five years if it’s not well tested.

Also, even for the startups you’re just passing that tech debt onto whoever acquired you. “Merry Christmas,” to your new coworkers as you’re sitting in the pool all those TDD-free options bought you, and your new pals are working through the holidays to add some simple code ther should have only taken 15 minutes…if only there was a way to verify that it didn’t break anything.

What the Government Email Account Hack Says About the Future of Cybersecurity - Always be securing all the things.

Security Team Culture Matters - Being in security should be a happy job. // “Security and risk teams are more motivated and purpose-driven than others. As a 25-year cybersecurity veteran, this totally checks out for me. “Almost everyone I know in [IT security] is mission- and purpose-driven. They took on this job to protect others!"

Deploying the Swift Method to Modernize a Singapore Government Legacy System - Good description of what it feels like to be stuck in the legacy trap: “The [Singapore] government agency in this case study faced a similar issue with a legacy system that supported critical business processes, integrated with other business-critical applications, and was developed and maintained by third-party vendors. Over time, the codebase had become highly coupled within different business domains and contexts, making it difficult for developers to work on. This situation led to product development squads being slowed down by dependencies on the support team for this legacy system. The development squads also lacked confidence to make changes to this system themselves—given the low automated test coverage—and faced uncertainty about what they would be able to deliver for their own work streams independently.” You can see the original talk this is based on here.

In the face of volatility, CFOs—and their organizations—adapt - Belt-tightening watch. Lots of micromanagement and management by finance metrics ahead: “In the year ahead, CFOs plan to increase their focus on operational value drivers, management of KPIs, cash management, and capital structure. Other priorities have decreased in importance since Q3 2022."

IBM takes on AWS, Google, and Microsoft with Watsonx - If it works, it lets enterprises build up huge, custom trained models, and it has enough governance controls, it’d be a big deal for IBM. They key things learned from ChatGPT is that it has to be super easy, frictionless to get started with. That’s difficult for enterprises software makers, and it’s also hindered by governance, access control, and pricing per seat and data access. To be valuable to individuals, a company will need to put as much of their data into their models as possible. If you’re just querying your own email and files, it won’t be impressive enough to show long-term value to individuals. And if you restrict the model to just a handful of people (as is done with most corporate data), then it also will be hard to show long-term value. This will freak out security people and lawyers. Back in the 2000’s when file sharing in enterprises (like SharePoint and intranet search) became popular, there was a wave of people freaking out that previously hidden in plain sight documents were now findable.

Beware the Digital Whiteboard - The assertion: writing with whiteboarding/Sticky notes is not good, and can lead to leaky abstractions. Seem more like a “right tool for the job” thing, plus the usual garbage in, garbage out, regardless of the tool used to process the garbage.