Cloud Out Loud Podcast

SummaryWe start off discussing the recent developments and timeline of generative AI models, particularly ChatGPT, GPT-4, Bard, Llama2, Gemini, and Claude. We covered the release of these models by companies like OpenAI, Google, Meta, and Anthropic, their performance benchmarks, and the emerging ecosystem of models. The discussion highlighted the commoditization of these models, the need to understand their capabilities and limitations, and the potential security risks and challenges associated with their use. The meeting also touched upon the concept of 'centaurs' and 'reverse centaurs' in the context of human-AI collaboration and the potential need for human oversight. Additionally, it mentioned an upcoming project involving a product based on generative AI.LINKSCory Doctorow - Human in the Middle AI ChatGPT Gemini Anthropic Claude Episode Transcript 

Unveiling the Future of Cloud and AI at Google Cloud Next Episode 28: Show NotesIn this episode, we delve into the most recent big cloud conference, Google Cloud Next. We discuss what we saw, felt, and heard at this year's iconic Google Cloud Next and provide listeners with our biggest takeaways from the event. We discuss the cutting-edge tools in generative AI and machine learning that Google has rolled out and the potential these new Google offerings hold for developing robust enterprise solutions. Gain insights into the products and services that have the most potential, the obvious shift in Google’s approach to providing enterprise solutions, the integration of its new tools into current business operations, and much more! We also offer listeners our expectations of Amazon's upcoming conference and why the future of cloud computing is brighter than ever. To stay on the cutting edge of the cloud and AI revolution, tune in now!Key Points From This Episode:Logan shares his thoughts on the conference, particularly on the generative AI content.Hear highlights of the new features and services Google had on showcase.Discover exciting new generative AI and machine learning tools from Google.Other interesting new features that enhance productivity in the cloud.The potential that Google’s new features have for developing enterprise solutions.Integrating Google’s new tools into a business's process and operations.We unpack Google’s noticeable shift in focus and approach to business.What we think are the most exciting new features and services.An incredible data migration story that was shared at the conference.Our expectations for Amazon’s upcoming conference: AWS re: Invent.Quotes:“It was really clear that [Google’s] butts were kicked into gear by OpenAI and ChatGPT and they are playing a bit of catchup.” — Logan Gallagher [0:02:50]“Google is finally embracing the real world [with] a lot of these new tools.” — Jon Gallagher [0:07:49]“The hard work of an enterprise, the hard work of running a business is still being with the new tools from Google.” — Jon Gallagher [0:11:34]Links Mentioned in Today’s Episode:Google Cloud Next 2023Duet AIVertex AIGKE EnterpriseAWS re: Invent 2023Jon Gallagher on LinkedInLogan Gallagher on LinkedIn

Episode 27: Show NotesWelcome back to Cloud Out Loud as we continue our discussion on generative AI and machine learning. Today is all about exploring the risks of modern machine learning and how we can properly navigate them as a society. Jon and Logan walk us through the benefits of AI tools for software companies, the dangers of poorly-trained generative AI models, why good code may not always be the kept standard, and how to assess the cost-effectiveness of the machine learning models at your company. Then, we dive into our concerns about the data of large language models, what generative AI could mean for the future of the internet itself, the perils of hallucinated AI data, stochastic parrots and other security vulnerabilities of generative AI, and so much more! To hear about the importance of transparency in machine learning and to find out what we’ll be talking about next week, press play now. Key Points From This Episode:The risks to consider when implementing AI and/or machine learning in your company.Assessing the best AI tools for software companies and the benefits thereof. The importance of accurately separating good code from bad code after the initial prompts. Exploring the dangers of mistraining a generative AI model. How to know when your AI output is valid and how to monitor the system for updates. Balancing costs: how cost-effective is your machine learning model for your business?Why we’re concerned about the data that is going into large language models.  How we don’t yet know what machine learning models could mean for the internet’s future.  Our fears surrounding hallucinated AI data and the (possible) universal adoption of bad code. Some careers that could experience a boom as a result of widespread AI adoption. Stochastic parrots and the lesser known/discussed security vulnerabilities of generative AI.What we need to focus on to make generative AI and machine learning more secure.   Why more transparency is needed around the data that is produced by generative AI tools.Recapping everything we’ve discussed today and what you can look forward to next time. Tweetables:“Cleaning and curating your data is the least sexy but most important part of getting any value out of any of these [generative AI] tools.” — Logan Gallagher [04:39]“We may be increasingly reaching the point where the internet is going to be so full of AI-generated content that our subsequent versions of generative AI models will be a snake eating its own tail.” — Logan Gallagher [21:36]“This is something that I worry about much more than Skynet — that we end up with fragile systems or we end up with unknown attack surfaces because of frameworks that are being generated for us without our ability to have an audit trail of how this came to be.” — Jon Gallagher [32:29] Links Mentioned in Today’s Episode:ChatGPT GitHub Copilot ‘Stochastic Parrots: A Novel Look at Large Language Models and Their Limitations’‘Undetectable backdoors for machine learning models’Jon Gallagher on LinkedIn Logan Gallagher on LinkedIn

Generative AI and ChatGPT with Logan and JonEpisode 26: Show NotesMachine learning and AI are fast becoming integrated into our everyday lives. However, despite its rising popularity, there is still a lot of confusion and misunderstanding around the subject. In this episode, we unravel the fundamental principles of machine learning and artificial intelligence. We start by setting the context before diving into the technical and business side of AI. We explain the different terms used, why people are so interested in machine learning, and how it is going to shake up Silicon Valley. We also provide listeners with an overview of the benefits and drawbacks of AI and machine learning and discuss how using AI can go wrong. Learn about neural networks, the transformer algorithm, the cost of implementing AI, and how to effectively leverage these technologies. We examine both positive and negative use cases, debunk common misconceptions, and emphasize the continuous nature of AI implementation. Lastly, we navigate the landscape of cognitive computing, exploring the threats it presents along with the opportunities it brings. Tune in now to ensure you do not get left behind in the AI and machine learning race!Key Points From This Episode:Useful definitions and different terms are explained.Find out the difference between AI and machine learning.What algorithms popular AI tools are based on.Hear about exciting new technologies emerging in the space.Learn about the power of the transformer algorithm.The limitation of AI and machine learning: data.How much AI and machine learning can cost companies. Ways companies are leveraging AI to reduce costs.An overview of the good and bad use cases of AI and machine learning.Common misconceptions surrounding AI and machine learning. Why implementing AI and machine learning is a continuous process.Threats and opportunities of cognitive computing. Tweetables:“Artificial intelligence is a broad field of study. It is an umbrella term under which these technologies fit into.” — Logan Gallagher [0:02:42]“When you are interacting with a model that uses transformer, it can generate very human-readable and human-intelligible text and outputs that pass off as very convincing.” — Logan Gallagher [0:05:52]“[Deploying new versions of AI] is a continuous process. If you are standing still, you are going to get left behind.” — Logan Gallagher [0:19:43]“The business opportunity [of AI] is huge here. Thus, we are not only engaged in the standard hype cycle of technology, but we are looking at a Silicon Valley that is figuring out what business it is going to be in.” — Jon Gallagher [0:22:12]Links Mentioned in Today’s Episode:ChatGPTThe Transformer Model Tutorial‘Transformer: A Novel Neural Network Architecture for Language Understanding’OpenAIJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Best Environment for Machine LearningEpisode 25: Show NotesLately, there’s been a lot of hype about AI. In today’s podcast, we too are going to chat about AI, and specifically the subset of artificial intelligence called machine learning. Instead of talking about the political, social, and moral aspects of this subject, however, we’re going to speak about some of the more mundane aspects of deploying this technology. Tuning in, you’ll hear about some of the recent technologies that have been the subject of hype cycles, what Logan learned about the hype cycle of crypto and how it affected AWS, and how this relates to the current hype cycles of AIML. We then discuss the ML and production experience of the three major cloud platforms (AWS, GCP, and Azure), the ML APIs that these companies have made available, and how you can extend these APIs for your unique requirements. To learn more about how to differentiate between the different cloud providers, the importance of being able to update existing models, the necessity for the automated collection and evaluation of the current model, and so much more, tune in today!Key Points From This Episode:Examples of recent technologies that have been the subject of hype cycles.What Logan learned from the hype cycle of crypto and how it affected AWS.Google’s level of maturity in terms of AIML, despite seeming behind in this current hype cycle.The importance of knowing how to integrate AIML. Three major cloud platforms’ ML and production experience. The types of ML APIs that these companies have made available and some examples.AutoML and how you can extend these APIs for your unique requirements. Examples of how you can use this technology in your company, and possible pitfalls. How to differentiate between the different cloud providers, and choosing the right one. What Google’s BigQuery ML is and how it works.How each cloud provider has an AIML suite of tools that enables people to train their models.Why the ability to update existing models is so important. The necessity for the automated collection and evaluation of the current model for ongoing development of improved models.How the software practices that we’ve been learning and implementing over the years, still apply.Tweetables:“Maybe some of these companies like OpenAI will emerge as major players moving forward, but I think we can be sure that one of the big winners is guaranteed to be the cloud platforms.” — Logan Gallagher [0:04:01]“That is the real use case that we can identify for ML; the ability to extend the capabilities of the working software we have.” — Jon Gallagher [0:06:14]“What’s maybe more important than deploying a model for production is having the ability to update that model.” — Logan Gallagher [0:22:39]“With ML and AI, there is a temptation to treat this as something new and different, but I really see all of the important software practices that we’ve been learning and implementing over the years, still applying here.” — Logan Gallagher [0:29:01]Links Mentioned in Today’s Episode:ChatGPT“AWS and Blockchain”AWSGCPAzure petqts.com SnowflakeJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Leaving the CloudEpisode 24: Show NotesWhile our preference is always to use the cloud to address IT problems, today we look at a company that is doing the opposite. 37signals, the company behind the project management software Basecamp and the email system Hey, has decided to bring their workloads off the cloud and back into a data center. DHH, the Co-owner and CTO of 37signals, recently announced that the company had spent $3.2 million on Amazon Web Services (AWS) and felt that the money would have been better spent purchasing their own servers and running it themselves. In this episode, we break down the cost structure of what 37signals spent their money on in 2022, the typical arguments for moving out of the cloud and into a data center, and what key factors you need to consider before doing the same. With so many layoffs occurring in tech companies like Google, Amazon, Microsoft, and Salesforce, and so much instability in the industry, business concerns are driving developments in the tech space more than ever before. Tune in to find out more about the future of the cloud, why moving away from it may be the right decision for 37signals, and why this is not the right move for every company.Key Points From This Episode:An introduction to 37signals and the products that they are known for.The announcement by 37signals’ CEO that they would be moving off the cloud.The breakdown and cost structure of what 37signals spent their money on in 2022.The number that jumped out: their S3 spend. Some of the typical arguments for moving out of the cloud and into the data center. The key element that’s needed to move from the cloud to a data center.A big advantage of the cloud that 37signals does not make use of.Why you need to understand your user patterns before switching from the cloud to a data center.How 37signals has taken advantage of being as neutral to a vendor platform as possible. Key factors to consider before moving away from the cloud. The instability of the economy and thoughts on the lay-offs we’re seeing in tech companies. Insights into the future of the cloud.How the tech stack could be changed to be more efficient.What you can expect from the podcast this year. Tweetables:“Some of the advantages that the cloud has that the data center does not have, such as the ability to dramatically auto-scale out and scale back to respond to your traffic needs, are not going to be as appealing to [37signals].” — Logan Gallagher [0:11:23]“I think it’s very interesting that they did take advantage of the cloud for that early scaling growth and it probably was beneficial at the time when Hey was growing faster than anticipated.” — Logan Gallagher [0:13:28]“Every layoff represents a failure of management, a failure of management either to have the right kind of people or the right kind of growth or to anticipate where the economy was.” — Jon Gallagher [0:18:23]“The cloud added more space to the tool chest, a new set of tools. Those are the tools that we pick up first. But every set of tools in IT still has a role.” — Jon Gallagher [0:19:25]Links Mentioned in Today’s Episode:37signals Basecamp Hey "Our cloud spend in 2022"  David Heinemeier Hansson / DHHJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Demystifying the Security Career Path with Marsha WilsonEpisode 23: Show NotesToday we welcome back popular guest Marsha Wilson from ScaleSec, as we unpack some of the particulars about what a career in security requires and can look like. Marsha's wealth of experience and insight are so helpful in answering some of the fundamental questions that aspiring security professionals may have now and a little further down the road too, and in our chat, we get to cover the most important of these. Our guest shares her perspective on the best characteristics to embody when stepping into a new role, how security can be integrated with product management, why a natural passion for the field is irreplaceable, and much more. She also shares some powerful questions that can help you uncover where you would like to set your sights and focus your energy. Towards the end of our chat, Marsha talks a little about the help she offers companies who employ her hiring expertise, before we sign off with some closing thoughts about the security field and ScaleSec going into a new year. Join us to hear it all!Key Points From This Episode:General thoughts on the best steps for getting started as a professional in the security space.Forward-thinking and detail-orientation; the value of these qualities early on.Learning about and engaging with risk as a means to make progress. Integrating security and product management teams in sensible ways.  Comparing the paths of internal security professionals and consultants. The passion and personal interest that is necessary to have success in security.  Technology disruption and content moderation; limitations in the current landscape. The process that Marsha goes through when helping companies find the right person to hire.  Plans going into the final stages of the year and into 2023! Tweetables:“I would say find the thing that is curious for you.” — Marsha Wilson [0:02:44]“In the beginning, when you are trying to demonstrate that you understand what is going on in your environment from a security perspective, detail-orientation is very important.” — Marsha Wilson [0:06:59]“I think consuming ultimately vote with their feet, and if they are not leaving, there is no motivation for them to change.” — Marsha Wilson [0:19:59]“Even reading things that are not specific to your industry, still broadens your mind, still gives your things to mentally munch on, that you bring back fresh and clear, provocative ideas to your team.” — Marsha Wilson [0:34:15]Links Mentioned in Today’s Episode:Marsha Wilson on LinkedInScaleSecShel SilversteinJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Episode 22: Show Notes‌‌The past week in tech has been eventful, to say the least. FTX declared bankruptcy, Elon Musk is sowing chaos with his latest decisions at Twitter, and David Heinemeier Hansson published a post on his decision to move 37signals off of the cloud. In today’s episode, we take a closer look at the high cost of cloud services and what can be done to make these services more affordable for users. We investigate 37signals’ move away from the cloud, why it was the right choice for their company, and how the responsibility is falling on engineers to make cost-effective decisions without compromising quality. Our conversation also covers Mike Julian’s article for The Duckbill Group called Why Cloud Finance Is Broken and Ineffective, and what the Japanese concept of Kaizen can teach business leaders about continuous improvement. For an informative episode on the state of cloud finance and what to do about it, make sure you tune in today!Key Points From This Episode:An overview of the eventful news in tech this week.The latest developments at FTX and Twitter.The evidence of immaturity in the tech space and how it’s reflected in its leadership.Why the cloud marketplace and cloud engineering are still in their infancy.Evidence that companies are paying too much to be in the cloud.David Heinemeier Hansson’s decision to move 37signals off of the cloud.Why this decision makes sense for his organization.An overview of Mike Julian’s article for The Duckbill Group: Why Cloud Finance Is Broken and Ineffective.The pressure on engineering teams to develop an effective product that is also the most cost-efficient.Why it’s so important for everyone in your company to understand the business flow.The next step into maturity that tech companies need to take.The Japanese concept of Kaizen and how to implement it to improve business processes.Links Mentioned in Today’s Episode:37signalsThe Duckbill GroupWhy we're leaving the cloudWhy Cloud Finance Is Broken and IneffectiveHow to Use Kaizen Methodology to Improve Business ProcessesJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Women in IT, Cloud Security, and InfoSec with Marsha WilsonEpisode 21: Show NotesWelcome back to another episode of Cloud Out Loud! Today we are joined, once again, by Marsha Wilson to discuss the presence of women in IT, cloud security, and InfoSec. Marsha is the CEO of ScaleSec and has had a fascinating career that spans the military and the private sector. Tuning in you’ll hear Marsha’s thoughts on how the field has evolved since she first started out, along with the changes she’d like to see going forward. We discuss the importance of soft skills when it comes to a career in cloud security and what can be done to encourage more women to pursue cloud security as a career. Marsha wraps things up by sharing her advice on how companies can support women in the field of cloud security and InfoSec, like sponsoring women in meetups and conferences, offering to speak at colleges, and making yourself available as a person women can reach out to for mentorship. Key Points From This Episode:Today’s episode: The presence of women in IT, Cloud Security, and InfoSec.An introduction to Marsha Wilson, CEO of ScaleSec.How women have reached near parity with men in fields outside of cloud security and IT.Marsha’s thoughts on how the field has evolved since she started her career in cloud security.Hear about Marsha’s experience working for the military and the private sector.How men and women tend to value and prioritize different aspects of their job experience.Why soft skills are so important as you progress in cloud security.Why ScaleSec decided to hire a full-time corporate trainer.An overview of the generational differences on Marsha’s team.Why Marsha is excited about upcoming generations.Marsha’s advice for those in the IT world looking to make a transition into InfoSec.Book recommendations for those interested in transitioning into cloud security.Why there is such a pressing need for more talent in the cloud security sector.Marsha, Jon, and Logan’s indirect paths into cloud security.Learn about the Executive Women’s Forum.Marsha’s advice for companies looking to hire more women in the CloudSec universe.Tweetables:“[There is] an incredible emphasis on soft skills as you progress in cloud security.” — Marsha Wilson [0:08:33]“The truth is every promotion that you receive in information security, and cloud security, you have to be able to work the business acumen side, you have to be able to work the EQ side, and women have the advantage there.” — Marsha Wilson [0:08:41]“We all want to learn from each other. We want to leverage experience … so that all of us can expand our involvement in areas that we don't know about. Overall, I find that smart people, regardless of their generation, are seeking opportunities to grow and have a positive impact.” — Marsha Wilson [0:17:57]Links Mentioned in Today’s Episode:Marsha Wilson on LinkedInScaleSecThe Phoenix ProjectThe Cloud Resume ChallengeCloud Computing for DummiesExecutive Women’s ForumBlack Girls CodeBlack Girls HackJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Diminishing Risk, Increasing Profit, and Reducing Costs Through Security with Marsha Wilson of ScaleSecEpisode 20: Show NotesToday we continue with Part 2 in our conversation with Marsha Wilson, CEO of ScaleSec. While the first episode covered Martha's advice to startups on how to create a foundation of security, this episode delves into how to deal with security issues a few years down the line if you didn't follow Martha's advice in the beginning. A lot of the recommendations included in this podcast aren't specifically directed only to those in software or hardware startups, but apply across the board as security affects all users of technology in a business. Tuning in you'll hear how to make sure that security is inherent to your business, how to convince an organization that certain secunty barriers are worth the inconvenience to your developers, and how you can reduce risk, increase profit, and reduce costs by spending money on security. We discuss the 'Cloud and Web Security Challenges in 2022' report and the hot topic of data loss prevention and compromise through third-party vendors. Martha also shares her advice to any organization that has already been breached. Tune in to hear more about the true value of your data and why your entire organization needs to understand this and be responsible for its security.Key Points From This Episode:Today's episode: how to deal with security issues in your company a few years down the line.How to make sure that security is inherent to your businessWhy you should attach security work to the business drivers in the company itself.How you can reduce risk, increase profit, and reduce costs by asking for training money for a development team to learn how to incorporate security and deploy code.How to convince an organization that certain security barriers put in place are worth the inconvenience to your developers.How security personnel can inform sales personnel about the level of security they're able to provide.The tension between security and monetary reward and how we can ensure a minimum level of security can be created with financial feedback.How to get security into all parts of the organization through forming relationships in the company.Thoughts on how modern technology is more secure.The value of the human brain and expertise over security systems.Insight into the Cloud and Web Security Challenges in 2022 report.The hot topic of data loss prevention and compromise through third-party vendors.Tweetables:“You can never have enough security. Security is never going to max out.” — Marsha Wilson [0:16:57]“You’re not going to get the data to begin with if you don’t prove to the customers that trusted you with their data that you’re going to keep it safe ” — Marsha Wilson [0:33:31]“You have a commitment that you’ve made in gathering this data, that it is valuable to your company, you’re going to process it, it’s obviously valuable to the end user. You are therefore making a moral and many times legal commitment to preserving that data.” — Jon Gallagher [0:35:49]Links Mentioned in Today’s Episode:Marsha Wilson on LinkedInScaleSecCloud and Web Security Challenges in 2022  Cloud Data Loss PreventionJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Startup Security Tips from ScaleSecEpisode 19: Show NotesIf you’re starting up a business in this day and age, cloud security should be your first priority from day one. Having basic security systems in place from the get-go can only have long-term benefits. Joining us today to talk about the importance of good security hygiene in the early stages of starting a business is Marsha Wilson, the CEO of ScaleSec. ScaleSec is a compatriot of long standing in the cloud wars and with her expertise in both security and business, Marsha has much great insight to impart. In this episode, Marsha fills us in on the most common ways in which data is breached in small businesses and breaks down the fundamental steps of cloud security. Tune in to find out how breaches happen, how to prevent them, and where to learn more about all things cloud security-related.Key Points From This Episode:CEO of ScaleSec, Marsha Wilson, fills us in on the services the company provides.Why she’s committed to helping startups navigate cloud security.The most common ways in which data is breached in small businesses.The importance of good security hygiene in the early stages of starting a business.How breaches happen on Amazon Web Service (AWS), specifically.Three basic yet crucial foundational security measures.The benefits of having a password manager.The most effective multifactor authentication methods.Marsha’s best practices for laptop and mobile device management.The importance of old-hire deprovisioning.The nuances of email security.Why it’s recommended to use the security available to you from the cloud.How the cloud aids security.Marsha’s top three recommended cloud security-focused actions.Planning for durability and availability.Secure code and software supply chain options.How best to secure your technology.How to manage your cloud security posture.How to prevent misconfigurations.How to protect secrets.How to educate yourself further about cloud security. Marsha shares an anecdote to emphasize the importance of learning how the cloud works.Tweetables:“Ransomware, stolen credentials, and phishing are the number one ways that very small businesses are pwned.” — Marsha Wilson [0:02:45]“If you are able to use as many as possible of the managed services available to you from the cloud you’ve selected, the better off you’re going to be.” — Marsha Wilson [0:15:23]Links Mentioned in Today’s Episode:Marsha Wilson on LinkedInScaleSecScaleSec Startup Security Slide DeckVerizon 2022 Data Breach Investigations ReportAWS Digital TrainingAWS Security Maturity ModelAWS Security Maturity RoadmapAWS Security FundamentalsJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Episode 18: Show NotesRecently we’ve seen some big dollar commitments from companies to facilitate their move towards cloud. While we are big fans of cloud and going serverless, there are some key issues with these types of public commitments (with huge sums of money behind them) that bear interrogation. In today’s episode, we consult a Twitter thread by Simon Wardley, a British researcher, and former CEO best known for the creation of Wardley mapping, to help us break down what we can learn from these trends and how to find a better path forward. Tuning in you’ll hear us unpack why many of these financial commitments can be described as vanity projects, why a successful cloud journey is best undertaken through small steps, and why any large company in the IT space only starting this journey now is way behind the times. We also discuss why 80 percent of IT projects fail, the benefits of going serverless, and how to start building a culture around using serverless technologies. Tune in today for a spicy overview of these topics and the cloudy wisdom of Simon Wardley!Key Points From This Episode:Introducing today’s topic: The Cloudy Wisdom of Simon WardleyLearn about Simon Wardley and the Twitter thread that inspired today’s episode.Why big companies that are only investing in cloud now, in 2022, are way behind the times.How large companies are spending huge sums on vanity projects related to cloud computing and why they won’t deliver on their promises.An outline of why 80 percent of IT projects fail.Why IT solutions and cloud projects are best achieved through a succession of small steps, rather than a large vanity project.What we can learn from the close access Simon Wardley has to C-suite executives.Why large sum investments in cloud, especially those issued in press releases, are often more about moving markets rather than solutions or products.Why companies need to be engaging more closely with their engineering staff.The conclusion of Wardley’s thread and why he is advocating for going serverless.How to start building a culture around using serverless technologies.Tweetables:“If you're trying to tell me that you're spending a big dollar amount on cloud, you're behind the times. And often five to six years behind the times, because at this point a lot of companies have stopped just talking about that, and are well underway on that cloud journey.” — Logan Gallagher [0:01:58]“In 2022, if you are a large corporation [that’s] been in business and IT is a critical aspect of your company. If you're not in the cloud and actively looking to decommission data centers, you're way, way, way behind the times.” — Jon Gallagher [0:02:35]“Remember, the awful truth about IT is that 80% of IT efforts and IT projects fail. And that is a hard, goshdarn number.” — Jon Gallagher [0:05:43]“That dollar amount, especially in these press releases, appears to just be to move markets and maybe not actually move products.” — Logan Gallagher [0:08:41]Links Mentioned in Today’s Episode:Simon Wardley on LinkedInSimon Wardley on TwitterSimon Wardley Twitter ThreadPlatformonomicsJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Disaster Episode 17: Show NotesWe here in the Pacific Northwest have been experiencing a slow-moving disaster of enormous proportions. Namely, the heatwave that much of Europe has also recently been confronted with. Similarly, in the context of the cloud, there has also been a pretty significant disaster. On 19 July 2022, there was a well-documented outage, where the London data center for Google experienced the simultaneous failure of multiple cooling systems. This impacted multiple Google Cloud services, which had a series of significant consequences for users worldwide. In the past, there have been multiple natural disasters that have affected cloud computing, and these events are only likely to become more frequent in the future. From global warming to inflation, there is a range of global factors that will impact how we use the cloud. In today’s episode, we’ll be covering how to prepare for these eventualities, and how to have proper defenses in place. Our conversation covers how to guard the systems we already have, the structures that we're building, and how to implement cloud technology optimally. We also discuss the concept of chaos engineering and how Netflix has implemented it to create resilient applications. There’s a lot to unpack here, so make sure you tune in for all the relevant details on how to prepare for the future without feeling overwhelmed!Key Points From This Episode:Introducing today’s topic: Disaster.An overview of the heat waves that the northern hemisphere has been experiencing.How this heat wave facilitated an outage at the Google data center in London.The failure of several cooling systems and the impact this had on multiple Google Cloud Services.How past natural disasters have affected cloud services and what we predict for the future.Why the London outage was unexpected and why the next event will likely also be unanticipated.How mobility can help you prepare for disasters in the US.How to implement load balancing between regions.The role of planning and building to prepare for potential natural disasters.Why emulation is crucial to be fully prepared.A breakdown of how companies can practice their disaster recovery policy.The concept of chaos engineering and how it ensures resilience.How Netflix has implemented chaos engineering to make their applications extra resilient.Why exploring these areas of vulnerability takes tremendous commitment.How to apply these lessons to your own business.An overview of the tools that companies can leverage to ensure resilience.Links Mentioned in Today’s Episode:NetflixChaos Monkey on GithubJanitor Monkey on GithubConfiguration Monkey on GithubSpinnakerJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Armoring Yourself Against MarketingEpisode 16: Show NotesWelcome back to another episode of Cloud Out Loud! We are proud public cloud advocates and believe that the public cloud is going to be the ultimate platform for IT, computing, and AI for the foreseeable future. However, there is often confusion about two areas regarding cloud computing, namely multi-cloud and hybrid-cloud. These are two very different approaches for deployment, surrounded by common misconceptions about their benefits. In this episode, we lay the confusion to rest. We delve into everything multi-cloud and hybrid cloud, defining them, identifying the differences between them, and addressing common misconceptions surrounding them. We talk about what motivates companies to choose multi-cloud or hybrid cloud approaches, and why we don’t believe multi-cloud is the best option for them. You’ll also hear about some of the common issues associated with the multi-cloud and hybrid clouds before delving into how to use multiple clouds to leverage tools available, why these approaches do not offer a competitive advantage, and a new powerful tool available to developers. Tune in to this informative episode to learn everything you need to know about multi-cloud and hybrid cloud deployment!Key Points From This Episode:We define what the public cloud is and the different tiers available.What a private cloud is and the different off-shoots available.The various reasons for choosing a private cloud approach.Attractions and benefits of the public cloud to companies. How companies can unintentionally take the hybrid-cloud approach.Differences between a hybrid cloud and multi-cloud.Reasons why a multi-cloud is not the best option for companies.Examples of rare scenarios where a multi-cloud deployment would be beneficial.Why moving to a public cloud also requires a cultural shift. Security issues that are associated with deploying in multiple clouds.Common misconceptions about the competitive advantage of multi-cloud.Why using the range of ‘tools’ available from multiple clouds may be beneficial.Learn about a powerful new service from the cloud: Workload Identity. An example of how Workload Identity could be leveraged. Aspects to consider when deciding to take a multi-cloud approach.Links Mentioned in Today’s Episode:Jon Gallagher on LinkedInLogan Gallagher on LinkedInEpisode 10 - Protecting Your Assets from Cyber AttacksWorkload Identity Workload Identity Federation 

Cost Control in the CloudEpisode 15: Show NotesWelcome back to Cloud Out Loud! As we record this at the start of July, there are lots of interesting doldrums occuring in all sectors of life. Particularly, the tech industry is being challenged. We are in the middle of a lot of lay-offs, and we are seeing a plummet in the success of startups that were thriving at the start of last year. As engineers, we’re able to identify things you could have done to limit this, and things you can implement today with the systems you are currently running in the cloud. During today’s episode, we discuss two approaches to help you to regain control of your costs. The first of these involves designing new systems that support cost control, and the second part of our conversation covers how to work with the ones we already have in place. Key Points From This Episode:The plummet we are seeing in tech startup success in July 2022.What we are discussing today: cost control from an engineer’s perspective.Two approaches including designing systems and working with the ones we have in place.The opportunity you have to save money through using managed services.How costs can run out of control by leaving managed services online.Why there is a variety of opinions on cost transparency.The engineer’s tendency to solve problems without cost considerations if they are not provided.How organizational policies can create guardrails around costing.Why it is important to turn off access to regions that you don’t use for every Cloud provider.When to make exceptions to the guardrails you put in place.What happens when neither of our initial two recommendations are effective.Managed services and how they can facilitate running things on demand.Having monitoring around API calling and API call throttling to reveal hidden costs.A hard and fast rule: if you are consuming a service on a per call basis, you are monitoring the quantity of API calls you are making.Why it is so essential to flag that something anomalous has happened that you need to react to immediately.Logan’s final thought: when you are picking a managed service, really look at how you will be using it in your architecture.The opportunities that often exist to spend less money on a service if you don’t need its full power.Links Mentioned in Today’s Episode:Jon Gallagher on LinkedInLogan Gallagher on LinkedInCorey Quinn - The Essential Gadfly of the Cloud and Cloud CostsAWS - Cost Management GuidelinesGoogle Cloud - Cost Management GuidelinesAzure - Cost Management GuidelinesFinOps - What is FinOps

Cloud in SportsEpisode 14: Show NotesWe often hear about various ways the Cloud is applied, but what about sport? In this episode, we focus on sports and the public Cloud, a subject that Logan has investigated in detail. More specifically, we chat about how the various sports leagues leverage the Cloud for their data analytics platforms. We dive deep into the topic and learn how the Cloud is used to interact with the audience, the size and type of data being collected by leagues, a rundown of the various cloud-based tools being used in the space, and how the various data are being collected. We also discuss some of the challenges and controversies of sports leagues using data analytics, such as enhanced sports betting! Don't miss out on this episode to discover the fascinating and innovative applications of data analytics in sports! Key Points From This Episode:A rundown of the sports leagues which are using cloud-based analytics.The trait that makes sports special: it is broadcast live.How the Cloud is being used by sports leagues to interact with the audience.Jon shares a practical example of data analytics in sports.An outline of the insight that data analytics provides to both athletes and audiences.We discuss the details of user-facing data and team-facing data.An example of team-facing data that can be beneficial to a league.We find out how much data is collected and used by sports leagues.The amount and arrangement of cameras operating during a typical baseball game.An interesting Google tool being used is explained: Anthos, a unified and controlled platform.Ways to enrich the data being collected by collecting supplementary data. Highlights of the differences between the various sports and how data is collected.Some examples of how different sports leagues are using data analytics.How the ‘internet of things’ is being pushed into the space.The challenges in collecting performance data for contact sports.Logan tells us about a league that is using sensors and the internet in an interesting way.We talk about the potential that data analytics has to improve sports for audiences. The controversial application of data analytics to sports betting is discussed.Tweetables:“This is a huge volume of data that they are collecting from every single game and every single team, across their leagues.” — Logan Gallagher [0:04:50]“Aggregating all these data points into this one score is really fascinating and potentially can inform decision-making on the field.” — Logan Gallagher [0:15:29]“All these analytics, all these data points could also lead to advanced forms of gambling.” — Logan Gallagher [0:23:27]Links Mentioned in Today’s Episode:WheelhouseAnthosNext Gen Stats NFLJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Episode 13: Show NotesWhile we may have been negative about WEB3 on many occasions, today we are talking about a company implementing WEB3 technology in a way that truly seems to be a good idea. Hivemapper is a crowdsourced open source mapping platform. As the world’s first crypto-enabled dashcam, Hivemapper mines HONEY Tokens and grows a map while you drive. Tuning in you’ll hear how Hivemapper identified gaps in the marketplace and is using crypto to help fill them, how you can make money through this platform, and how different parties can benefit from it. To hear more about the effects and disappointments of crypto, some of the lessons that crypto is avoiding, and why we believe that Hivemapper is a great use of WEB3 technology, tune in today! Key Points From This Episode:How WEB3’s current manifestations have been brought to the market in a way that has undermined it in people's perceptions.Why our hosts have been so skeptical of some crypto technologies. Today’s topic: Hivemapper and how it gestures toward some of the real potential in the WEB3 space.  How Hivemapper works as a crowdsourced open source mapping platform.How this hits home for Jon who worked for two different startups in a similar spaceHow Hivemapper identified gaps in the marketplace and is using crypto to help fill them.How you can make money through this platform.How insurance companies could benefit from this in light of the California wildfires. The elaborate nature of Hivemapper’s board game-like rules.How it seems to be built as a platform upon which you can build additional products. Thoughts on the effects and disappointments of crypto and some of the lessons that crypto is avoiding. The value of the incentivization on both sides of the Hivemapper platform.Some other thoughts and conversations that tie into this subject.Tweetables:“[Hivemapper] They’ve identified gaps in the marketplace, or opportunities in the marketplace, for freshness of data, coverage, etc, that they are then using crypto to help fill .” — Jon Gallagher [0:05:44]“Video games I’m sure have contributed to how they’re setting up some of the incentive structures and game mechanics of this project.” — Logan Gallagher [0:10:22]“If there’s a project that actually looks solid on its fundamentals, like this appears to be, we’ll applaud it. As technologists, we’re about the technology and we’re skeptical when technologies get a little too hyped.” — Logan Gallagher [0:15:47]“What I think really appeals to us is the alignment, not just of crypto as a way of people getting paid but of the incentivization on both sides of it.” — Jon Gallagher [0:16:49]Links Mentioned in Today’s Episode:HivemapperHivemapper Dashcam How HiveMapper Works: The HONEY Token Yanis Varoufakis on Crypto & the Left, and Techno-Feudalism Cory Doctorow: A useful, critical taxonomy of decentralization, beyond blockchains Cory Doctorow: Undetectable backdoors for machine learning models Jon Gallagher on LinkedInLogan Gallagher on LinkedIn

Episode 12: Show NotesLazy and cheap is the tagline of many programmers and often interpreted in a negative context. Being lazy and cheap has to do with streamlining operations and cutting costs, which are the goals of many organizations and companies. Many people are now beginning to see the advantages of cloud-based computing and automation to help streamline procedures and operations while reducing costs. In today’s episode, we define what is meant by cheap and lazy, how you can leverage cloud-based solutions, and the advantages of outsourcing and automating processes. We hear some practice examples of cloud-based approaches and the benefits that companies will see when using cloud-based approaches. We also discuss serverless cloud-based computing, its advantages, as well as misconceptions surrounding the approach. Tune in to hear insider tips and tricks about the power of cloud-based computing on another informative episode of Cloud Out Loud.Key Points From This Episode:Introduction about today’s topic: lazy and cheap.How being lazy and cheap will ultimately lead you to the best solution.What the concept of being lazy and cheap means to Logan.What you can leverage from the cloud to reduce costs and increase productivity.Jon explains the mindset shift that is starting in IT regarding the cloud.Benefits that a company will see if they focus on processes involving the IT department.Jon shares an approach of focusing on IT and data that Walmart used.The balance between cutting costs while making processes more efficient.Example of the initial effort needed before you can automate processes.The importance of monitoring the changes and alterations to workflow.Outline of the approach one can use to be cheap and lazy.Potential the cloud has to offer for cutting costs and streamlining workflow.How to leverage services provided by other companies to streamline your own.We find out about serverless cloud-based computing and its advantages.A brief highlight of the misconceptions surrounding serverless cloud-based computing.Resource for listeners to demonstrate the power of the serverless approach.The takeaway message that Jon and Logan have for listeners. Tweetables:“Lazy to us means minimizing the effort necessary to accomplish something.” — Logan Gallagher [0:01:07]“Cheap in our context means minimizing the amount of resources to be expended to accomplish something.” — Logan Gallagher [0:02:43]Links Mentioned in Today’s Episode:Pet Cuties Jon Gallagher on LinkedInLogan Gallagher on LinkedIn

Cloud certification tests can be incredibly stressful to take and are a big investment for companies. They require a tremendous amount of time, money, and expertise to create, and need to be updated regularly. While the majority of tests used to be done on-site, the COVID 19 pandemic has meant that most tests now take place online, which brings with it a unique set of challenges. They require moderators to ensure that all candidates write their tests in a fair environment and adhere to strict parameters, while also making accommodations for students with special needs. In today’s episode, we discuss how Amazon and Google arrange their tests, what you can expect from them, and how best to prepare. We describe some of the stress responses we’ve had during our exams and break down the best practices we’ve developed that you can follow when writing these tests. We also unpack some of their practice questions and demonstrate methods that will help you answer every question to the best of your abilities. To learn how to optimally budget your time during an exam, and ensure that you understand what’s being asked of you in any given question, make sure you tune in today!Key Points From This Episode:An overview of how Amazon and Google arrange their certification tests.What public cloud service providers expect from certification tests.Logan’s recent experience taking two very different tests.The Cloud Digital Leader certification and who it’s for.The time, money, and effort it takes to create a single certification-worthy question. The best practices that we’ve developed from taking these tests.Why taking the practice test is so beneficial and how to approach it.How to prepare for taking the exam.What it’s like to take the exam on-site.What to do if you need adaptations or assistance.The stress of taking these exams and Logan’s strategy for how to complete them.How to budget your time during these exams.The psychological and physiological effects of being in a testing environment.The best approach for understanding what's really being asked of you in a question.What operator words can tell you about a question and the answer they require.How to use the process of elimination when answering questions.How to use other questions for context details on a difficult question.The challenges of taking these tests online instead of on-site.What to expect from taking the test online and how to make sure you are adequately prepared and equipped to take it.Examples of the questions that Amazon and Google have released as practice questions.A breakdown of how Amazon and Google differ in their approach.Links Mentioned in Today’s Episode:AWS CertificationGoogle Cloud Certification Google Cloud - Cloud Digital LeaderAWS - Cloud PractitionerAWS - Professional Solutions ArchitectGoogle Cloud - Professional Cloud ArchitectJon Gallagher on LinkedInLogan Gallagher on LinkedIn

Protecting Your Assets From Cyber AttacksEpisode 10: Show NotesThe Russian invasion of Ukraine has caused a heightened paranoia about cyber attacks, prompting the Department of Homeland Security to release a warning that we should be prepared to respond to disruptive cyber activity. In this episode we are going to explain why transitioning to the cloud (if you aren’t already there) is the best way to make sure that your information is secure. By leveraging cloud architecture, you can protect yourself against so many different types of attacks, and the important monitoring and auditing systems are automatically available to you at no extra cost (in contrast to on-prem systems). For advice about how you can ward off a cyber attack in the cloud in a business context and a personal one, tune in for today’s episode of Cloud Out Loud! Key Points From This Episode:Fears about a cyber attack that have gained traction since the Russian invasion of Ukraine.The warning that was released by the Department of Homeland Security in February.Security versus useability. Examples of how to maintain security hygiene. The additional level of security that exists in the cloud. Ease of access to monitoring and audit systems in the cloud, in comparison to on-prem systems.Why it is crucial to continuously revisit your policies and make sure you are enforcing the principle of least privilege.A method of assessing whether your permissions are too permissive.Why a ransomware attack is more difficult to execute in the cloud.Infrastructure segmentation that is possible in the cloud but not in on-prem systems. Problems that can arise when fixing security holes.Why you should always stay up to date with operating system and application updates.The story of the (consensual) hacking of Jeffrey Katzenberg. Tweetables:“Whether you’re on premise or in the cloud, good security hygiene is your first line of defense.” — Logan Gallagher [0:03:47]“The cloud has systems that are capturing important API calls and important commands as they happen, and give you an audit trail that you can review. Leverage that and help your security team understand what that means and align that with the data governance that you operate under.” — Jon Gallagher [0:07:26]“My rule of thumb [is] if you spend a whole week without someone sending you an email asking for more permissions, your permissions are too permissive.” — Jon Gallagher [0:09:36]“The cloud doesn’t think of machines, the cloud thinks of service, and when you’re using cloud SQL and RDS (and you should), the infrastructure that the service runs on is not corruptible like it is on prem.” — Logan Gallagher [0:15:30]Links Mentioned in Today’s Episode:Jon Gallagher on LinkedInLogan Gallagher on LinkedInThe Phoenix ProjectThe Subtle KnifeJeffrey Katzenberg Gets Hacked [Twitter Thread]