IT Infrastructure Upgrades

Saturday, 17 August 2024 marked an important date for operators of #CriticalInfrastructure in Australia - the compliance deadline for #CyberSecurity framework. Under the #SOCI Rules (LIN 23/006) 2023, if you are an operator of critical infrastructure in Australia, you are required to establish and maintain compliance with a cyber security framework. The rules in LIN 23/006 (dated 16 February 2023) apply 6 months after passing (17 August 2023), then allow 12 months for responsible entities to be compliant. These rules cover operators of 13 types of critical infrastructure assets: broadcasting, domain name system; data storage or processing, electricity, energy market operator, gas, hospital; food and grocery, freight infrastructure, freight services, liquid fuel, financial market infrastructure, and water. Operators of these assets are required to be maintaining one of the following Critical Infrastructure Risk Management Program (#CIRMP) frameworks: 🛡 ISO 27001 🛡 ASD Essential 8 🛡 Framework for Improving Critical Infrastructure Cybersecurity (US NIST) 🛡 CMMC (US DoD) 🛡 AESCSF Framework Core (AEMO) A reminder too that CIRMP annual reports for the 2023-24 Australian financial year are due by 28 September 2024!

𝗕𝘂𝗶𝗹𝗱𝗶𝗻𝗴 𝗮 𝗦𝗰𝗮𝗹𝗮𝗯𝗹𝗲 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁 𝗜𝘀𝗻’𝘁 𝗝𝘂𝘀𝘁 𝗔𝗯𝗼𝘂𝘁 𝘁𝗵𝗲 𝗠𝗼𝗱𝗲𝗹 — 𝗜𝘁’𝘀 𝗔𝗯𝗼𝘂𝘁 𝘁𝗵𝗲 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲. In the age of Agentic AI, designing a scalable agent requires more than just fine-tuning an LLM. You need a solid foundation built on three key pillars: 𝟭. 𝗖𝗵𝗼𝗼𝘀𝗲 𝘁𝗵𝗲 𝗥𝗶𝗴𝗵𝘁 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸 → Use modular frameworks like 𝗔𝗴𝗲𝗻𝘁 𝗦𝗗𝗞, 𝗟𝗮𝗻𝗴𝗚𝗿𝗮𝗽𝗵, 𝗖𝗿𝗲𝘄𝗔𝗜, and 𝗔𝘂𝘁𝗼𝗴𝗲𝗻 to structure autonomous behavior, multi-agent collaboration, and function orchestration. These tools let you move beyond prompt chaining and toward truly intelligent systems. 𝟮. 𝗖𝗵𝗼𝗼𝘀𝗲 𝘁𝗵𝗲 𝗥𝗶𝗴𝗵𝘁 𝗠𝗲𝗺𝗼𝗿𝘆 → 𝗦𝗵𝗼𝗿𝘁-𝘁𝗲𝗿𝗺 𝗺𝗲𝗺𝗼𝗿𝘆 allows agents to stay aware of the current context — essential for task completion. → 𝗟𝗼𝗻𝗴-𝘁𝗲𝗿𝗺 𝗺𝗲𝗺𝗼𝗿𝘆 provides access to historical and factual knowledge — crucial for reasoning, planning, and personalization. Tools like 𝗭𝗲𝗽, 𝗠𝗲𝗺𝗚𝗣𝗧, and 𝗟𝗲𝘁𝘁𝗮 support memory injection and context retrieval across sessions. 𝟯. 𝗖𝗵𝗼𝗼𝘀𝗲 𝘁𝗵𝗲 𝗥𝗶𝗴𝗵𝘁 𝗞𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲 𝗕𝗮𝘀𝗲 → 𝗩𝗲𝗰𝘁𝗼𝗿 𝗗𝗕𝘀 enable fast semantic search. → 𝗚𝗿𝗮𝗽𝗵 𝗗𝗕𝘀 and 𝗞𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲 𝗚𝗿𝗮𝗽𝗵𝘀 support structured reasoning over entities and relationships. → Providers like 𝗪𝗲𝗮𝘃𝗶𝗮𝘁𝗲, 𝗣𝗶𝗻𝗲𝗰𝗼𝗻𝗲, and 𝗡𝗲𝗼𝟰𝗷 offer scalable infrastructure to handle large-scale, heterogeneous knowledge. 𝗕𝗼𝗻𝘂𝘀 𝗟𝗮𝘆𝗲𝗿: 𝗜𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗶𝗼𝗻 & 𝗥𝗲𝗮𝘀𝗼𝗻𝗶𝗻𝗴 → Integrate third-party tools via APIs → Use 𝗠𝗖𝗣 (𝗠𝘂𝗹𝘁𝗶-𝗖𝗼𝗺𝗽𝗼𝗻𝗲𝗻𝘁 𝗣𝗿𝗼𝘁𝗼𝗰𝗼𝗹) 𝘀𝗲𝗿𝘃𝗲𝗿𝘀 for orchestration → Implement custom 𝗿𝗲𝗮𝘀𝗼𝗻𝗶𝗻𝗴 𝗳𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸𝘀 to enable task decomposition, planning, and decision-making Whether you're building a personal AI assistant, autonomous agent, or enterprise-grade GenAI solution—𝘀𝗰𝗮𝗹𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗱𝗲𝗽𝗲𝗻𝗱𝘀 𝗼𝗻 𝘁𝗵𝗼𝘂𝗴𝗵𝘁𝗳𝘂𝗹 𝗱𝗲𝘀𝗶𝗴𝗻 𝗰𝗵𝗼𝗶𝗰𝗲𝘀, 𝗻𝗼𝘁 𝗷𝘂𝘀𝘁 𝗯𝗶𝗴𝗴𝗲𝗿 𝗺𝗼𝗱𝗲𝗹𝘀. Are you using these components in your architecture today?

Infrastructure-as-Code is the cleanest path to Compliance-as-Code. Each Terraform module or CloudFormation stack defines a control: Encryption, tagging, logging. - Git repos give us immutable evidence. Who changed what, when, and why. - Policy-as-code gates in CI/CD stop non-compliant resources before they hit prod. - Automated drift detection alerts when reality drifts from the declared standard. The payoff? Audits shift from screenshot scavenger hunts to a simple git log. Our DevOps pipelines should be ready to double as our compliance repo. When we treat infrastructure definitions as living controls, we unlock a tamper-proof audit trail. Exactly what future audits will demand. #GRCEngineering

I’ve been asked this question countless times: "Our data center servers are over 6 years old, consume over 66% of DC energy, but provide only ~7% of compute. How can we consolidate more efficiently?" The reality is staggering: 💡 40% of the world's servers are outdated (6+ years old). ⚡ They consume 66% of data center energy. 📉 Yet, they only deliver 7% of the total compute power! The solution? Modernizing with high-efficiency architectures like AMD EPYC (Turin) 5th Gen ✅ 7:1 Server Consolidation – One EPYC server can replace up to 7 aging Intel Cascade Lake servers. ✅ Up to 192 Zen 5 cores – Maximizing compute density per rack. ✅ Lower Power, Higher Performance – Cutting energy costs while boosting workloads. 💬 Data center consolidation isn’t just about performance—it’s about sustainability and TCO. What are your biggest challenges in DC modernization? Let’s discuss. #Server #Consolidation #Efficiency #Sustainability #AMD #EPYC #Innovation

🌿 As software practitioners, how can we adopt green software practices? Here are the key steps: 1. Awareness: Start by becoming aware of the environmental impact of your software. Understand that your application's overall design and efficiency contribute to its energy consumption. 2. Understanding: Gain a deeper understanding of your code's impact using tools and frameworks. The Software Carbon Intensity (SCI) specification and the Impact Framework from our Green Software Foundation are open-source and provide valuable insights into your software's carbon footprint. Leverage these resources to measure and understand the energy consumption of your applications. 3. Opportunity to Apply: Once you are aware and understand your impact, look for opportunities to apply green software practices. There are two main approaches: -- Optimizing Existing Code/Infrastructure/Architecture: Start with small, impactful changes. For example, improve the efficiency of your current codebase and infrastructure. -- Strategic Replacement: When possible, replace parts of your code with more efficient alternatives. For example, A sidecar implementation in Kubernetes transitioned a portion of code from JavaScript to Rust, achieving a 75% reduction in CPU usage and a 95% reduction in memory usage. This shows how strategic replacements can lead to substantial energy savings. (Link to the use case in comments section) 4. Spread the Word: You have the power to make a difference. Share your knowledge and experiences with your peers. Encourage others to adopt green software practices and raise awareness about the importance of sustainability in software development. By taking these steps, we, as a community of software practitioners, can make a significant impact on reducing the environmental footprint of our software. Let’s inspire each other to adopt green software practices. 🌱💡 #Sustainability #GreenSoftware #EnergyEfficiency #TechInnovation #SCI #OpenSource

# HPE Chief Technologist's Five-Point Plan to Cut AI Infrastructure Emissions TLDR; Sustainability for AI needs to be planned from the outset and consider the full stack, not bolted on later. Great to see our own John Frey, Senior Director and Chief Technologist for Sustainable Transformation at HPE, interviewed in this article for Capacity Media - a techoraco brand this week. John runs through the five levers of efficiency, and here's my take on them: 1. Equipment efficiency: We typically overprovision and underutilise IT equipment, so consider how to maximise utilisation of the assets you have before adding more capacity 2. Energy efficiency: Maximise performance per Watt of energy consumed, and make use of low power states when resources are idle 3. Resource efficiency: Advanced cooling options like DTC and fanless liquid cooling are more energy efficient than air cooling for power dense workloads. Consider heat recovery to convert waste heat into an asset that can decarbonise other forms of heating 4. Software efficiency: In AI, Python is popular for notebooks and experimentation but as a high-level interpreted language it's also the least energy efficient. Particularly when deploying to production, consider compiled alternatives like Rust or C++ to minimise processor cycles. The Green Software Foundation's Software Carbon Index (SCI) is a useful tool for calculating the carbon impact of software in meaningful terms like number of concurrent users, prompts or tokens 5. Data efficiency: Data exists everywhere and it is inherently messy, it resists our attempts to constrain it into neat boxes. Data strategies need to consider the energy cost of data movement - embracing a hybrid, distributed approach to data management and bringing the AI to the data can significantly reduce unnecessary data movement, loading and duplication. Check out the full interview with John here: https://lnkd.in/eimVfv9d HPE has a long history of building some of the world's most energy efficient AI computers, making use of technical and energy innovations to optimise performance per watt. Now that AI is becoming part of everyone's IT portfolio, efficiency is more important than ever. #sustainableIT #livingprogress #fiveleversofefficiency #ITefficiency

What Really is IAAS, PAAS & SAAS This is going to be the simplest explanation you have ever seen - Stay with me; You have probably heard of IaaS, PaaS, and SaaS in Cloud Computing. But what do these terms actually mean? These are the three main cloud service models, each offering a different level of control and responsibility. The more you manage, the more control you have, but also responsibility. Let’s break it down using something everyone understands: Pizza. 🍕 1️⃣ IaaS (Infrastructure as a Service) – You Make the Pizza from Scratch You buy the ingredients, knead the dough, add toppings, and bake it yourself. You have full control, but it requires effort. In cloud computing this gives you the hardware, servers, network and storage while you build what you want off of these. Use Case: ✅ Ideal for businesses that need full control over their infrastructure. ✅ Used for hosting virtual machines, storage, and networking without managing physical hardware. Examples: AWS EC2, Azure Virtual Machines, Google Compute Engine. 2️⃣ PaaS (Platform as a Service) – You Buy a Frozen Pizza You get a ready-made pizza base, add your toppings before baking. Less work, but still customizable. In Cloud computing, this involves everything in PaaS and then the operating system while you focus on the applications. Use Case: ✅ Ideal for developers who want to build applications without worrying about infrastructure. ✅ Used for app development, testing, and deployment without managing servers. Examples: Azure App Services, AWS Elastic Beanstalk, Google App Engine. 3️⃣ SaaS (Software as a Service) – You Order Pizza Delivery You order a pizza, fully made and it’s delivered ready to eat. No work needed, just enjoy. In cloud computing, this gives you both everything, you just bring your data. This is usually accessible from a Web browser Use Case: ✅ Ideal for businesses and individuals who want fully managed software without setup or maintenance. ✅ Used for email, collaboration tools, and customer relationship management (CRM). ✅ Examples: Microsoft 365, Google Drive, Dropbox, Salesforce etc. Some organizations want full control over their servers, networks, and storage. Others just want to deploy applications without worrying about the underlying setup. And some simply need ready-made software they can use instantly. Why Does This Matter in Cybersecurity? Each model has different security considerations: 🔹 IaaS: You’re responsible for security configurations, patching, and compliance. 🔹 PaaS: The provider secures the platform, but you must secure your applications. 🔹 SaaS: The provider manages everything, but you must protect data and access controls. So, next time you hear IaaS, PaaS, or SaaS, just think about how much effort you want to put into your pizza. 🍕😆 If you found this useful share with your network and follow me Jonathan Ayodele for more Cyber & Cloud Security Career Growth Tips.

🚀 “Cloud is everywhere… but do I really understand the basics?” That’s the question I asked myself when starting with Azure Cloud. So here’s Day 1 of #learningAzureCloud, where I’m breaking down the foundations. 🔹 IaaS (Infrastructure as a Service) 1. Provides virtualized servers, storage, networking. 2. You manage the OS, runtime, security patches, and apps. 3. Maximum flexibility + control, but also maximum responsibility. ➡️ Example: Azure Virtual Machines (VMs), Azure Virtual Network 🔹 PaaS (Platform as a Service) 1. Preconfigured environment with OS, middleware, runtime. 2. Developers focus only on application code, not infrastructure. 3. Speeds up development, but offers less fine-grained control. ➡️ Example: Azure App Service, Azure SQL Database 🔹 SaaS (Software as a Service) 1. Fully managed software delivered over the internet. 2. No infra worries—just log in and use. 3. Best for end-users or teams that want ready-to-go solutions. ➡️ Example: Microsoft 365, Dynamics 365, Power BI 🌍 Regions & Availability Zones (AZs) Region = a physical location with data centers (e.g., Central India, South India, West Europe). Availability Zone (AZ) = one or more isolated data centers within a region. Deploying across AZs ensures high availability, fault tolerance, and disaster recovery. Choosing the right region = better latency, compliance, and redundancy. Drop it in the comments 👇 I’d love to learn from your experience. #LearnInPublic #Azure #CloudComputing #AzureFundamentals #RitiksCloudQuest

In our push to stay secure, it’s easy to overlook the environmental cost of digital defense. India’s data center capacity is set to reach 2,070 MW by the end of 2025, nearly double from where we are today. It’s a sign of progress, but also a wake-up call. These centers consume massive amounts of energy, and without sustainable practices, the impact can be severe. But there’s hope. Companies are taking proactive steps. For instance, the Adani Group is set to supply clean energy to power Google’s cloud services in India, aligning with Google’s goal to operate entirely on clean energy by 2030. As cybersecurity professionals, we have a role to play: 🔹 Optimizing Data Storage: Implementing smart data retention policies to cut down on unnecessary storage and energy consumption. 🔹 Adopting Energy-Efficient Encryption: Using hardware-accelerated encryption to enhance security while saving energy. 🔹 Enhancing Data Center Efficiency: Targeting lower Power Usage Effectiveness (PUE) to ensure more efficient energy use. This #EarthDay, let’s commit to embedding sustainability into our cybersecurity frameworks. By doing so, we not only protect our digital assets but also contribute to the health of our planet. #EarthDay2025 #Cybersecurity #GreenIT #DigitalDefense #CyberSustainability #DataCenters

Building and scaling infrastructure is both an art and a science. Here’s my quick breakdown of what I used to calculate infrastructure costs effectively: Understand Peak Usage: Start by identifying your system’s peak usage. Engage with business stakeholders to align on assumptions and expectations. This is your foundation. Map Users & Processes: Calculate the number of users or processes interacting with your system. Estimate the volume of requests and the processing power required to handle them. Data Usage Analysis: Data at Rest: This is your stored data. It impacts storage costs but not processing. Data in Transit: This is the moving data that fuels processing and can increase costs. Estimate Resource Needs: Based on the above, estimate the required CPU, storage, and ephemeral storage. This will help you determine the type and number of machines needed. Choose Machine Types: With these parameters, select the right machine types and quantities. This forms your initial infrastructure cost. Leverage Pre-Commitment Discounts: Don’t forget to explore pre-commitment options with cloud vendors. These can significantly reduce costs while ensuring scalability. Regularly revisit your assumptions and usage patterns. Infrastructure costing isn’t a one-time exercise—it’s an ongoing optimization process. #TechLeadership #Infrastructure #CloudComputing #CostOptimization #CLevel #Scalability #DataManagement