Notes on data, AI, IT
and security
No marketing fog. The way I think about real problems with founders and managers.
Cloud cost management: from IT expense to managed budget
Why cloud costs get out of control, and what it takes to turn them from an unpredictable line item into a managed operational expense.
A single source of truth for operational reporting
Why most companies lack a single authoritative number, and what it takes to create one - without a large IT project.
Cambridge Analytica: a data governance lesson beyond platforms
What the Facebook and Cambridge Analytica story means for ordinary companies - not platforms, but those that use data about people in their daily work.
Kubernetes: when it helps and when it adds complexity
A practical look at container orchestration - for which companies Kubernetes solves real problems and when it creates more issues than it resolves.
GDPR data inventory is not a legal task
Why the personal data register that GDPR requires is operationally useful - and how to build it properly before the regulation comes into force.
AI readiness: what companies confuse with actual preparation
Why the gap between interest in AI and operational readiness to deploy it is much larger than it appears after a conference or a demo.
The real cost of moving to microservices
What gets overlooked when companies plan a migration from a monolith to a microservices architecture, and how to assess those costs before the work starts.
A data pipeline is a production system, not a script
Why companies lose trust in their analytics when they treat data pipelines as one-off tasks rather than operated systems.
Meltdown and Spectre: when the CPU layer became a security problem
What processor vulnerabilities mean for executives, and why they change the conversation about security at the infrastructure level.
Bitcoin, blockchain, and what business actually needs from either
While bitcoin sets records, I separate two different conversations: cryptocurrency as a speculative asset and blockchain as a business tool.
Technical debt: how to talk about it with non-technical leadership
Why technical debt is not just a technical problem, and how to discuss it with boards and owners in a way that leads to decisions rather than defensiveness.
GDPR takes effect in six months: what companies with EU exposure need to do
The European data protection regulation goes live in May 2018. Companies with European customers or offices are required to comply, regardless of where they are based.