Tag: behind the screens

Leadership Failure: The Real Human Element Behind Cyber Attacks

Post author By Mindquest
Post date 13th August 2021
No Comments on Leadership Failure: The Real Human Element Behind Cyber Attacks

Dr. ir Johannes Drooghaag talks about the real human element behind cyber attacks and his work helping educate children and parents about cyber security.

Dr. ir Johannes Drooghaag; CEO of Spearhead Management and founder of Internet Safety for Kids; recently sat down with us to talk about the real human element behind cyber attacks. His work helping educate children and parents about cybersecurity.

🔊 Subscribe to the podcast

You might also enjoy our interview: A Career in Data Science: Unlocking The Power of Data with AI

How did your career in tech start? What do you do these days?

My career started in applied information technology and I my interest was first in the technical part of that. But I lost interest when I noticed that technology keeps rotating and innovating and reinventing itself so fast that it’s very difficult to keep up. And I started to get very interested in how can we build bridges; with the people using the technology and how they can they keep up with this enormous pace of technology.

That was more than 30 years ago and, since then, the pace has only increased. But we have not really done a lot to improve how we educate people with technology. So that became my mission. I focus mainly on the human element of technology, and I do that in the field of cybersecurity, of agile management, for digital transformation. We say it is all customer-focused, which in most cases is true. But, in many cases, we forget the people within the organisation who have to work with all that technology.

How do you advocate for this human-centred approach to technology?

I founded a company called Spearhead Management, in which we literally take, first of all, the people. We start with education and coaching, and we do that based on an approach that we could call a gap analysis. Where are we today? Where do we want to be tomorrow? And yes, there will be technology involved. But how can we enable and empower the people in the organisation to make that happen and to become part of that innovation and that digital transformation. And we do that through training. We do that through consulting, through coaching.

I also use my voice on social media. I started to actively use social media three years ago. I’ve been growing fortunately very fast in the last three years. I use that a lot to point out what the human element behind cyber attacks is. What has gone very well? What has gone not so well? And what has gone really, really bad?

And one of the things I do with my team is that, once a year, we publish a report called The Human Element in Cyber Security, and I do podcasts and keynotes around it under the title “The Human Elements in Cyber Security: And It’s Not What You Think.”

Why is it not what we think?

Because when we look at the IT community, there’s a lot of focus on the user error. So you might get the impression that the user is responsible for all cyber incidents. And when we look at the media, we get all the information about the bad fenders, about the vulnerabilities, about how somebody was hacked and everything went wrong.

But when we look at the technical information about these cyber breaches, we see that more than the human element caused 80% of them in the configuration and the management of technology, so the technical responsibility behind that technology. Now we should not take that and do the same thing by saying, the IT experts are to blame because that’s not fair nor correct.

A lot of that is leadership decisions. We know in a corporation nothing happens without approval and budget. So, the IT guy can sit there and say “I have to update those machines, I have to replace that software because it’s EOL”. But when that person doesn’t get approval and doesn’t get the budget. I assume they’re not going to pay that out of their own pocket, right?

So the human element is a lot more than just the actual making failures. The majority of that is leadership. The majority of that is completely failed risk management. If we don’t change the way we manage and lead, we will continue to have these issues.

Join our community and find your next job in IT

What would be a textbook example of leadership failure impacting cybersecurity?

There is this beautiful case of the colonial pipeline, a very high-profile case that was recently all over the media. It started with all kinds of theories about what would have been the case. And this theory immediately emerged that people were claiming that a user had opened an attachment. Other people claimed that there had been a case of social engineering through which all kinds of other theories popped up. Things popped up and they were all over the media and social media.

But then the actual experts analysed it. They found that a VPN account, which lacked basic security measures and was not in use for a very long time got compromised. Some one shared that compromised account, including the ID and password, on dark web forums. And used that account for the initial breach of the network and through that they were able to escalate.

Now there’s one thing that we have to keep in mind. There’s an FBI director who made a very interesting statement. There are two types of companies. The companies who have had their network breached by malicious actors. And the companies who do not know that their network has been breached by malicious actors. And that’s the reality that we have to assume at the moment. That we are compromised and that we must implement all potential and available countermeasures based on that assumption.

The colonial pipeline case shows us two things we should focus on. Firstly, abandoned technology. That VPN connection that we are not monitoring, not taking care of and that hasn’t been used for a long, long time: it is still open and available. Secondly, the almost mandatory segregation of network access and segmentation of the network itself to make sure that you cannot simply hop from one privilege to the next one. All that was not available. Your active monitoring, through which you keep an eye on what happens in your network. If, after five years, you suddenly see a VPN connection pop up, you should react to that. Never happened.

For me, that is a schoolbook example of knowing what should be done and not doing that. An example of having all kinds of interpretations that are not factual at the beginning of the incident and, as soon as the actual analysis is publicly known, is once again the basic step.

And that is what we see in the majority of our research as the real human element behind cyber attacks. When we follow the three basic elements of cybersecurity (patch management, access management, segmentation and segregation), we can prevent more than 90% of all cyber incidents.

You are the founder of Internet Safety for Kids. Can you tell us a bit about this initiative?

We create videos and content to enable parents and children to use the Internet in a secure and responsible manner. We do that with videos and cartoons. The kids love it. We get wonderful feedback, and the most interesting part is that parents write us to tell us that they’re learning from the videos, which they thought were intended for the kids, but we make them on purpose for the kids and the parents. It’s a beautiful project. I love it. It’s a lot of work, but it’s worth every hour that we invest in it.

What sort of cybersecurity advice do you provide in these videos?

Well, there was one episode for which the kids made the entire script from beginning to end.

They said “We have some wonderful advice: we need to inform our parents about what we do, and we should never hide what we do, and we should always explain why we want to do it. But can you please be so kind as to tell the parents that they should listen when we want to tell them something? And if we want to show them something, that they should actually take a couple of minutes?”

So we did this episode created by the kids alone and we didn’t allow the parents to criticise any of it, just focused on saying “Hey parents: yes, we can tell you what the kids should do, but you should have time for them when they want to do what we tell them to do.”

I love that so much. We had so much fun creating that. We encourage parents and kids to learn this together. It’s not that parents give these videos to the kids and say “well, be busy and learn this.” Sit down together, learn this together and use it as an input for discussions with each other. What we’ve learned with the kids is that they’re really actively involved, so they come back to the parents and they say, “hey, I watched this video and look, I’ve done this and it looks good.” And that’s the coolest thing.

Check out more of our interviews from our podcast episodes.

For more on the human element behind cyber attacks and IT in general, make sure to follow Dr. Drooghaag on Twitter, LinkedIn or through his website.

Tags behind the screens, cyber attacks, cybersecurity, human element, internet safety for kids, interview, johannes drooghaag, podcast

About us Podcast Interviews

On Learning Azure IoT and Being an Active Member of the Community

Post author By Mindquest
Post date 6th August 2021
No Comments on On Learning Azure IoT and Being an Active Member of the Community

John Lunn, also known as Jonnychipz, is a Welsh Azure MVP and MCT working as a technical architect at BT Enterprise. An organiser of the Welsh Azure User Group and an avid vlogger, John discusses the benefits of being an active member of the Azure community and how he learned Azure IoT.

Interested in cloud careers? Learn more about How to Become an Azure MVP.

🔊 Subscribe to the podcast

What made you go into Microsoft Technologies and cloud architecture?

think when you go into business you predominantly work with Microsoft Technologies, more often than not. I kind of cut my teeth in IT on that side of the fence, which was very much Microsoft focused. So, I guess that, when I took that additional career step into the world of consultancy and kind of specialized in a particular area; in my case it was unified comms when I first started in that world; Microsoft was a natural steppingstone.

I’ve dealt with it for a number of years now. I knew my way around it. I was comfortable with it. So developing those softer skills like peaking to customers and other clients and helping other people understand the technology, or yeah, or being parachuted into a completely burning disaster of a problem. You soon learn the technologies at quite a deep level. You learn quite quickly what you can and can’t do.

So, yeah. I suppose I kind of edged myself gently into the world of consultancy and architecture. Now I find myself as a technical architect working on predominantly Azure and Microsoft focused solutions for customers. It’s been quite a long career and I’ve delved into a number of different areas. But I wouldn’t change it for the world. I’ve learned so much throughout that time.

Cloud careers are evolving very rapidly. What’s your approach to keeping up with emerging trends?

As an individual, I’m constantly thinking: where are we going with technology? What’s next? Not just for my own interests and keep the passion and the interest in my career. But also: where can I add the most value? The company that I work for — how can I help them see and visualise those innovative ideas, projects and solutions?

For a number of years, I’ve been speaking internally with my management team, talking about where we’re going as an industry, and, clearly, for some time now, it’s been around IoT, edge data, machine learning, AI… All of those kinds of technologies that are going to drive innovative solution design.

So, I’ve been on a personal quest. I’ve dabbled in areas over the years. I’ve done bits and pieces and I keep telling people I know enough to be dangerous. That’s my stock answer. I know enough to dig in and make a little bit of noise. But I take it at my own personal development journey to try and dig into that in a bit more detail. IoT was one of those areas that I jumped into.

Join our community and find your next job in IT

Why Azure IoT in particular? How did you go about diving into the area?

I guess I wanted to understand right the way from that physical thing. That physical device and object, the microcontroller that is inside that device, to the LEDs and resistors and buttons. How do those things get made and then what is the code that sits on that microprocessor? How do I develop that code to then enable me to take that sensor information?

Maybe there’s, you know, some optical, temperature or humidity sensor. The common things that you find in IoT projects. How do I take that, read it with some code and send that up to this thing called the cloud? And then what do I do with that?

So, I took it upon myself to try and look at some pet projects to build this, to start looking at microcontrollers, put them in, etc. I literally got myself a 3D printer and started printing off all these random designs I made myself.

There’s the engineering mentality if you’re really starting off at the maker side of things. So, I went on this journey of learning all of these kinds of disciplines. It’s really about understanding all of these little components that go into what makes an IoT solution. And I’m really trying to understand how you join the dots between these various features and components within Azure to make those solutions.

And it’s been, more of a labour of love than anything for work. I’ve met some fantastic people out in the community that have helped me understand things, that I’ve learned from, that I’ve taken ideas from.

And going down on that journey, you learn so much about those areas of Azure that maybe you’re not using on a frequent basis. You know, you start with this high-level view of the world. I try and dig down deep as much as I can in as many different areas so that hopefully I get a little bit more of a clearer picture as to how and why you can use these things.

Do you think a hands-on approach to learning new technologies is better than a theoretical or certifications-based one?

I mean everybody is different. I think for me hands-on works well. Certification is a great way to go, especially if it’s something relatively new and unknown.

So, for example, the AZ 220 exam is the Azure IoT developer speciality exam from Microsoft. And that’s what I was going for at the time.

There are certain ways people can study for exams as Azure IoT exam AZ 220. It’s very much theory-based where you read the Microsoft docs and understand things. And you know, if you do enough Microsoft exams, you can kind of work out which questions they are going to ask you. You get to learn in an almost parrot-like fashion the areas that particular exam is going to cover. And that’s great, there have been exams where I’ve kind of just done in that way. You go in and you’ve learned something over a crammed week or two.

But the problem is that, later down the road, if you’ve not actually done anything physical or hands-on or done it yourself, I found that I forgot it.

For the Azure IoT exam, I took it relatively slowly because I wanted to absorb it and be part of it for a while. Basically, because it was so much fun. I was just having so much fun doing this tinkering and making and, like I say, it hasn’t stopped.

So yeah, I think certification; as Azure IoT exam; is definitely a great way of identifying the areas that you need to learn. But how you learn those is up to you. Everybody’s got their own style and, for me, slow and steady and hands-on sinks in more and I’m able to retain that information for longer and apply it to other things.

You are an active member of the online Azure community. You go by the nickname of Jonnychipz, and you blog and host a weekly vlog covering Azure-related news and topics. How did you become such an active part of the community? What were the beginnings like?

I had always been on the periphery, the edges of the community. And I guess I never really understood what community meant. Over the years, I’ve been fortunate enough to go to some great Microsoft events globally, and I’ve met some brilliant people. But I had never really been actively involved in the community.

But then COVID hit, and we were all locked up in our houses. I got the time to actually focus and build myself a little bit of an office space. Before, I was always out on the road, driving up and down motorways in the UK or running the kids around.

So, as we all had this additional time, I thought, OK, this is an opportunity for me to try and focus on public learning and the community a bit more. In hindsight, I didn’t really know what I was doing when I first started. I set a blog up and it was jonnychips.com, you know? And I started putting out some blogs. I started doing the 100 days of cloud, just trying to show my public learnings and hopefully give a bit back.

What does your new role in the community bring into your life? What have been the best moments so far?

Well, it sounds a bit cliched, but there have been so many different situations that were super fun and where I thought I would have never been I had not turned to the community. Things like joining and setting up and helping organise a user group – part of what I do is helping organise the Welsh Azure User Group, and we run that as a monthly virtual session.

We’ve had so many fun moments over that, just from the guys and gals that help organise the weekly or biweekly calls that we have, through to the events themselves and just the fun engagement from other people in the community. There’s been so many comedy moments and just good general laughs over things.

IoT has been one of the standout things for me. The people I’ve met in in the world of IoT, from members of the community through to the advocacy team at Microsoft themselves, I’ve managed to speak to one or two of those over the last few months. They’re all super people. Really clever, intelligent, passionate people just putting stuff out.

You forge these new friendships without you realising it. You’re virtually speaking to people across Twitter and you’re having that banter, you jump on a live Twitch stream and have a little bit of fun.

So, it’s probably safe to say that there’s not really been one best moment so far. I think the best is yet to come. I’m really looking forward to getting back to the face-to-face meetups, getting back out there to two events where I get to meet some of these great people and hopefully have a coffee or a beer and a bit of lunch or something with them. I see that being a super fun time.

Check out more of our interviews from our podcast episodes.

For more cloud careers, Azure and Azure IoT tips, make sure to follow John on Twitter, LinkedIn and YouTube or through Jonnychipz.com.

Tags azure community, azure iot, azure mvp, behind the screens, cloud careers, interview, john lunn, johnnychipz, podcast

About us Featured Podcast Interviews

The Career Path of a SAP Consultant

Post author By Mindquest
Post date 23rd July 2021
No Comments on The Career Path of a SAP Consultant

Martin Fischer, SAP Portfolio Manager at BridgingIT, SAP Mentor and a host of the SAP Coffee Corner podcast discusses the career path of an SAP consultant.

German ABAP expert Martin Fischer is a Business and SAP Portfolio Manager at BridgingIT, SAP Mentor and a host of the SAP Coffee Corner Radio podcast. He recently sat down with us to talk about how he got started with SAP and discuss the career path of an SAP consultant.

🔊 Subscribe to the podcast

Check out more of our interviews from our podcast episodes.

What is the SAP consultant career path: How did you get started in the SAP ecosystem?

I started to become interested in computers and technology when I was 16 or 17. At that time, I was about to start an apprenticeship in business administration at a wholesaler for tires and other technical products. I had had some Visual Basic for applications lessons in school before, so I started supporting the financial department by writing a macro in Excel or Access, I don’t remember for sure.

The head of the department got interested in my skills at that time, and they were about to start an SAP project to implement SAP FI in SAP 4.6c. That was the coincidence that got me started in the whole SAP ecosystem, and it’s been 20 years since.

Of all the career paths available within SAP, why did you choose ABAP?

I worked on that project for one and a half years and took over the responsibility for running that system. A year after, I decided to study computer sciences and business and, during my studies, I became more interested in software development. So, I thought, OK, I have a background in SAP, and there is a need for ABAP developers: why not look for a job in that area? And so, I did.

And what has been your career path as an SAP consultant since then?

I joined a consultancy in Zurich after my studies and was there for about a year. Then I moved over to Capgemini and was there for three years. Now I have been with BridgingIT for almost 10 years. I left the development space and moved over to more architectural stuff, as well as team leading responsibilities. I am not programming for the whole day anymore. Actually, I seldom program now. But it’s still in my roots, and I like to dig into the technological details.

Join our community and find your next job in IT

What were the biggest challenges you faced when transitioning into a more managerial role?

Becoming the team lead of my former colleagues. There are a few of them who have much more experience than I do, so it was a bit of a challenge for me. I guess it wasn’t that much of an issue with them, pr at least I had that feeling. But for me, it was different.

The second one was having to care about more people and things in many aspects. So, consulting, finding the right project assignments for my team, etc. It was a bit hard because the role involves some pre-sales and that part was hard in the beginning to learn. Also having to accept that I don’t have that much time anymore to focus on my technology topics. Now I have multiple other topics to devote time to during the day, and I had to accept that I will, over time, lose the deep knowledge of the latest technologies.

But now, after more than four years, I have accepted it and I’m fine with it.

What do you enjoy the most about your new role?

The possibility to drive things in the direction I want to, or which I think is the correct one. Of course, I don’t decide that all by myself, but I have a bit more influence than I did before.

I also enjoy very much the interaction with customers, so the pre-sales part that was so challenging in the beginning turned out to be something I really like. I’m much more confident in these discussions now. The first times, you are very nervous. At least I was. Nowadays it has become more of a routine, and I really like it.

What do you value more, certifications or experience?

There are many things you have to learn for the certification exam that you don’t ever use again. That’s actually one reason why I’m not really convinced that getting many certifications is real proof of qualification or knowledge. I’m quite sure you can get the certifications if you do a proper preparation for them and learn the stuff they will ask you for. But you will not really be able to work with the technology you are certified for. I rate experience higher than certifications.

When does pursuing certifications make sense?

I would say at the point in time I did my certification, as a junior, it was a good thing to have it because, especially if you work for a consultancy, it helps you to get better project assignments. Some customers are still looking for it. But, in the development area, I don’t see the need to do all the certifications that come with the technology. I don’t see the value in that.

Sometimes you have to do it as a partner to maintain your partner status. That’s another reason why sometimes you have to get certified.

But, from a career perspective, I’m not a big fan of certifications. I think there are better ways of getting a deeper understanding of what you are doing. Get involved in small projects, do a POC, get your hands on the latest technology somehow.

You are an SAP Mentor. What is the Mentors program like?

The program has changed a lot over the last 3-4 years. I’m now almost at the end of my 4th year in the program.

There’s a new program called SAP Champions which took over the community focus and the focus on the outside community, which was also part of the Mentors program. The program now focuses more on providing feedback to SAP on certain topics.

It’s an honour to work with all other mentors in the team because they are all very experienced. The international aspect is also very valuable for me because you get to hear things going on in the United States, Australia, or Asia, and things are different in different countries, so it’s also something you have to learn.

What career advice would you give to other SAP and IT experts in general?

Stay curious and never stop learning. That is very important. And work in something that you like to do. I am lucky to have a job I really like. I cannot imagine investing so much time in something I don’t really want to do.

I think that’s very important. More important than more money, etc. If you have passion for your job, money, at least in technology, comes along.

For more tips on how to navigate the career path of an SAP consultant, make sure to follow Martin on Twitter and LinkedIn and through SAP Coffee Corner Radio.

Want to make the most of your career in SAP with S/4HANA? Check out our definitive S/4HANA Careers Guide.

Interested in DevOps too? Find out more about career opportunities in this promising field through this expert’s DevOps career story.

Need advice on how to start or develop your freelance consulting business in tech or IT? Need to start a new permanent or freelance assignment? Join Mindquest and get support from our team of experts.

Tags abap, behind the screens, bridgingIT, career advice, career path sap consultant, germany, interview, podcast, S/4HANA, SAP

About us Featured Podcast Interviews

How to Become an Azure MVP

Post author By Mindquest
Post date 16th July 2021
No Comments on How to Become an Azure MVP

Gregor Suttie, Microsoft MVP and MCT, working as an Azure Architect at Dutch firm Intercept, discusses his career in IT and how one can become an Azure MVP.

Gregor Suttie is a Glasgow-based Microsoft Azure MVP and Microsoft Certified Trainer working as an Azure Architect at Dutch firm Intercept. He helps run the Glasgow Azure User Group and is a prominent Azure family and community member. He recently stopped by Mission Control Center to discuss cloud careers and how to become an Azure MVP.

🔊 Subscribe to the podcast

How did you get started in IT and with Microsoft technologies?

I have been in IT for more than years, so it was quite a while ago. I was one of those people who don’t know what they’d like to do in life when they are at school. But a high school friend encouraged me to try doing some computer programming, and I really enjoyed it. After school, we went on to do some college-level computing and programming courses, and I got a part-time doing AS/400 at a bus company.

After that, I went to Paisley University just to the West of Glasgow to do a one year-degree in media technology, which is slightly computer and programming-related even though it sounds like media. When I finished there, I applied for a developer role and gained some Microsoft experience but nothing too deep. I started learning HTML from Notepad, believe it or not. That was back in the day when HTML was the first thing. Using notepad to code was interesting. I was even learning Java in Notepad as well. It wasn’t even an IDE. So that’s kind of how we got into baseline Microsoft technologies, just using basic programming.

I then got my very first junior role at a software company: Interactive Developments in Sterling. And I went in there as a junior with absolutely zero experience, so it was quite frightening but really exciting at the same time. I was really lucky there was a very senior lady who was the senior dev, and she took me under her wing and basically showed me how to write code properly and test it, how to deploy it and, more importantly, write good tests to the code that I was trying to write, which wasn’t very good at that point, but she kept me right. And that’s kind of how I started. I was basically doing VB 6 in that job for three years, learning VB 6 under the wing of a good teacher. Very lucky to have someone mentor me like that.

And then you became one of the first 50 Microsoft Certified Solutions Developers (MCSD) in the world. How did that happen, how did it feel?

Yeah. After about three years, we were moving away from VB 6 and towards Microsoft .NET, so I was learning that during the day at my job, and at night as well.

It was the first time that they had ever offered the MCSD exams. I think it was two exams, and I went for them and passed them on the first attempt, which was really cool. But mainly because I was doing a lot of studying and hands-on.

I got a letter signed by Bill Gates together with a copy of the software saying that was one of the first 50 people in the world to have passed that exam. I don’t actually still have it, as it got lost when I moved house, but I got the Visual Studio box with all the posters and all the CDs in there signed by Bill Gates, which was exciting.

Read a very exhaustive Azure developer job description.

You are also an Azure MVP. How can one become an Azure MVP?

Three or four years ago, you used to be able to nominate yourself for the distinction. But they got rid of self-nomination because so many people were nominating themselves, so they just couldn’t cope with the number of nominees. They changed it to make it that you had to be nominated by someone from Microsoft or an existing MVP. So, I asked someone to nominate me and eventually happened.

It’s all basically based on community contributions. How to become an Azure MVP? The main thing is that you shouldn’t try to become an MVP. You should just do what you do, and it will eventually come along. You have to do blog posts, talks, help out through user groups, all that kind of good stuff. If you’re doing that on a regular basis, then someone might nominate you.

Once you are nominated, you have a form to fill in with all the contributions that you’ve made over the last 12 months. You fill that out and send it off, and the person who deals with the form contacts you within three months just to let you know if everything is okay with your form.

And then it basically goes into the ether. You don’t hear anything until you get awarded. On the 1st of every month, they come out and communicate the seven or eight people in the UK who have now been awarded the MVP. That’s kind of the short version of how it works.

I couldn’t believe it when I got it. It’s probably my biggest achievement so far.

As someone who knows well how to become an Azure MVP, what’s your advice for those who are just starting out in their cloud careers? What certifications should they pursue?

I always ask people: what are you interested in? Sometimes it’s worth trying to write the Venn diagram and put in circles what you like. So, are you a developer or are you more of an ops person? Can you code? Would you like to code, or not? That’s kind of how you start.

What’s your background? Some people don’t have any background and they’re just learning from the very start. If you want to learn from the very start, it’s probably best to start off with the Azure Fundamentals exam. In fact, I always recommend that you start off with the Azure Fundamentals exam because it will give you a nice introduction to the Azure exams. It will also give you the confidence that you have managed to pass a fairly tricky exam.

If you’re new to the cloud, the Azure Fundamentals exam is actually a little tricky because it covers quite a lot of things. If you’ve got experience in Azure, fair enough, but, if you’re new to it, I would start with the fundamentals. And that goes for all of the courses.

These days, there’s quite a lot of demand for Azure administrators, people who can set up all the Azure resources. So, the Azure Administrator certification is quite a good one to go after. But other areas like Azure Power Apps are becoming very popular as well. Power Apps is a low-code platform, so it’s nice for people who aren’t massive programmers but are into coding.

Go to Microsoft Learn and click on the certifications link on there. Have a look around and try and figure out what you are best at.

Also, the online Azure community online is amazing. If you go on Twitter for example, under the hashtag #AzureFamily, you will find lots of amazing Azure people. If you want to get started with Azure and got questions on how to get started or even about how to become an Azure MVP, then definitely please do reach out to me or reach out to anyone in the #AzureFamily and they will definitely help you. Don’t be shy if you’re stuck with anything. Reach out and someone will help.

Join our community and find your next job in IT

Your background is in development, and then you moved into DevOps. What was it like to be, all of a sudden, in the middle of development and operations teams?

It was interesting. I worked at a large bank two jobs ago, and the developers were on one side of the fence and the operation teams were on the other and they had nothing in between. And I couldn’t really understand this. So, what we would do is work on a two-week Sprint, and then we would build a code tester code and I would pass it over to the OPS team who would then deploy it, but we would never really speak to each other, and I thought this is really bizarre. “How does this work? This can’t be a good relationship.”

So, I got to know the operations team. They were in New York and we were in Glasgow. I got really friendly with them and kind of started to bridge the gap; and I created a role for myself where I sat in between the two teams. I made sure that the code was all built and tested. Then I could help pass it over to ops team and show them how to deploy it correctly because before that they would just deploy it. It would break because there was no real handover.

Anyone in the operations team could pick up and deploy the code, and the devs had an idea of what documentation to make. It was quite an interesting role. Before I did that, there were two separate teams who didn’t talk to each other. It was a good way to kind of bring the operations and dev people together.

Now you are an Azure Architect at Intercept. What are you working on as part of your role?

We are helping independent software vendors (ISVs) from all around Europe move from on-premise to Azure. The projects that we’re working on these days are basic setup designs for companies who want to move to the cloud or that are already in the cloud and want some extra governance.

We design it, we implement it, and we also look after it. So, we’re doing managed services. I’m really loving working here. Plus, it’s really interesting to work for a foreign company. I’m based in the United Kingdom, in Scotland, and I work for a company in the Netherlands. So, it has been really good fun.

Since the Covid-19 pandemic began, a lot of companies have been rushing to migrate to the cloud. What are the biggest mistakes you are seeing being made as a result of this hastiness?

I do some workshops on governance and Azure, so basically setting up things correctly from the get-go. And sometimes we see customers who have started in Azure and have created resource groups and have started deploying stuff but there’s no governance in place. There are no rules, no naming conventions. There are no limits to what you can deploy and who can deploy what.

When I deliver my governance workshops, it’s quite interesting to see people who are like “Oh, I didn’t know you could do that.” It’s just things like stopping people from being able to deploy huge virtual machines. stopping people from leaving things running. In the cloud, you can spin up things quickly, but some of them can cost quite a lot of money. You can burn through your credits and your money quite quickly in the cloud if you’re not careful.

I have also seen some poor naming conventions where everything is just random names and it’s really hard to work out who deployed what and when and what. It’s quite funny when you see a mess and you’ve got to go and tidy it up. I don’t often see that, but one or two customers have kind of run before they can walk.

So, governance is mainly the thing that people need to keep an eye on. It’s easier to do it from the start. You can certainly put governance in once you’ve got your Azure environment running, but it’s just nicer and easier to do it at the start.

Check out more of our interviews from our podcast episodes.

For more tips on cloud careers and how to become an Azure MVP, make sure to follow Gregor on Twitter and LinkedIn and don’t forget to check out his blog.

Tags azure architect, azure careers, azure mvp, behind the screens, cloud careers, how to become an azure mvp, interview, microsoft azure mvp, microsoft carrers, microsoft cloud, podcast

About us Featured Podcast Interviews

Becoming an Oracle Certified Master: My Ticket to a Stellar DBA Career

Post author By Mindquest
Post date 8th July 2021
No Comments on Becoming an Oracle Certified Master: My Ticket to a Stellar DBA Career

Rodrigo Mufalani, Infrastructure Specialist for hybrid cloud projects at IBM discusses how becoming an Oracle Certified Master boosted his DBA career.

Born in Brazil, Rodrigo Mufalani is an expert Oracle DBA working at IBM as an Infrastructure Specialist for hybrid cloud projects. He recently sat down with us to discuss how he got started in his DBA career and how becoming an Oracle Certified Master and Oracle ACE catapulted his career and allowed him and his family to start a new life in Luxembourg.

🔊 Subscribe to the podcast

How did you get started in your DBA career?

My journey in the database world started a long time ago, back in 2004, and it happened by chance.

I was at college at that time and applied to a developer position at a company, but my programming logic was not as good as that expected from a developer at the company. But the HR department saw that I did pretty well on the SQL part of the test and invited me to apply to an internship position as a DBA.

Why did you decide to pursue that opportunity and go down the Oracle DBA career path?

When they offered me the position of DBA, I started looking on the Internet for what exactly a DBA was. I had no idea at that time.

I had started my career doing first line IT support, helping out with Windows installations and network stuff. But I was searching for something closer to the development side of things, as that’s what I was studying in college. So, that offer was perfect.

And that’s how I became an Oracle DBA. I think it was destiny.

And now you are an Oracle Certified Master (OCM) and Oracle ACE. How has that helped you in your DBA career?

It has helped a lot in my career. It’s why I am speaking to you from Luxembourg. Until 2018, I used to live in Brazil with my family (my wife and kid). Because after the certification, I got an invitation from a company based here in Europe to move here and help them with their customers.

How is the exam to become an OCM?

I cannot talk a lot about it because I have an NDA, but I can tell you it’s pretty hard.

You have to prove you have hands-on expertise in a list of skill sets in different areas, some of which you rarely use on a daily basis. And it’s pretty hard because you have time, your mind and the exam itself against you. It’s a two-day exam at Oracle’s headquarters, and I took my exam in the UK.

At the moment, and due to Covid-19, the exam is suspended, so there have not been new Oracle OCMs since 2020. But the future OCM exam, if there is one, will probably be related to the cloud and offered online.

Join our community and find your next job or expert in IT

What about the Oracle ACE award? When did you receive that one? How has it helped you in your DBA career?

I can’t believe it happened more than ten years ago, in 2009. Especially because it’s not an easy distinction to maintain over the years. If you receive the award but you don’t keep participating in the community, sharing your knowledge with the community, you lose the award.

It’s funny because I remember I was reading the email in which they notified me that I had been awarded the distinction when my boss at that time called me into his office to go over some stuff. And I told him I just got awarded the Oracle ACE award, and he goes “Oh, congratulations! But what exactly is that?” He just had no idea. It was so long ago. I was the third person in all of Brazil to be given the award.

The program has grown a lot since then, and it’s a pleasure to continue being part of it. I like talking to a lot with people and love to do presentations and talks at conferences. I founded the Luxembourg Oracle User Group with some colleagues, and I’ve had the opportunity to speak at several conferences. Also, I even had the opportunity to go to Azerbaijan before the Covid pandemic, and it was amazing. I have met so many great people through these conferences.

I must really thank the Oracle ACE program for giving me the opportunity to meet all these amazing people.

What is your main role at IBM?

Right now, I am helping with a large migration project for a big customer. I am doing some automation and am involved in all the migration activities as part of the cloud migration team. So, ensuring performance, that all is done according to the plan and on time, etc.

For the moment, I am mainly helping with Oracle-related subjects. My role is a little bit wider, spanning to all things database-related, but for the moment I am mainly playing with Oracle.

As a DBA, what are the most challenging aspects of working in a hybrid cloud environment?

Nothing in particular. The same challenges that we have all the time. So, tight deadlines for delivering projects, ensuring as little downtime as possible, etc. The customer always wants to have the, and we try to deliver the best to them.

What advice would you give to those starting in IT?

My advice for the starters in the field of technology would be to read and research as much as possible. Try to pay attention to the senior people around you and don’t be embarrassed to ask questions. But ask questions after you try. Of course, in a safe environment, not in the production environment.

I prefer that someone asked me after trying these or that step and failing to find a solution. Sometimes, people get so accustomed to getting every answer at once that they don’t even try.

Check out more of our interviews from our podcast episodes.

For more advice on cloud careers, make sure to follow Rodrigo on Twitter and LinkedIn, as well as on his blog.

Tags behind the screens, dba career, IBM, interview, luxembourg, oracle, oracle ace, oracle dba, podcast, rodrigo mufalani

About us Featured Podcast Interviews

Two Months into My First Software Developer Job

Post author By Mindquest
Post date 1st July 2021
No Comments on Two Months into My First Software Developer Job

Two months into her first software developer job, Olena Drugalya chats with us about her beginnings and what other debuting developers should expect.

Olena Drugalya recently went from being a stay-at-home mom to landing her first software developer job, joining Novatec Consulting as a junior software engineer. Two months into the role, she chats with us about her beginnings, first learnings, and what other people starting their web developer career should expect from the first weeks at the job.

🔊 Subscribe to the podcast

Congrats on first software developer job? What projects have you been working on so far?

I’m actually not working on any client-facing projects right now because I’m still in the learning phase. Novatec has a Talent Hub, and every new employee in the software engineering department starts there. We spend a lot of time learning, as the project we will be involved in later require a lot of additional skills and knowledge of languages and frameworks. So, they want to be sure that we know all these things in advance.

What’s the talent hub like?

There are a lot of new developers in the hub: juniors, trainees, students… And we work together on pretty much the same program. We learn back-end, Java, Kotlin and some frameworks, but we also learn front-end tools and frameworks. Then, in the end, we are given a project to do by ourselves, and we present it and show everything that we have learned so far.

Some need two months to complete the program, others need more time. It really depends on the person, but it usually takes no more than six months. We need to deeply understand the concepts and processes, so we can use as much time as we need to learn. They don’t rush us. I really love Novatec’s idea of the talent hub.

Pretty cool, isn’t it? Sounds like a great way to get started.

Yes. I was so happy when they took me in. This was something I was looking for because I don’t have that much experience and they give us the possibility to learn and cooperate with other developers and see what the process of development is really like.

We participate in all the company meetings, as well as in sprints and refinements. So, from the first day, we can see what the other developers are doing and how they manage the development process. We are not taking part in it yet, but we are already aware of what the project looks like from the inside and how people are working on it, and this is a very valuable experience.

What are you finding to be the most challenging part of this learning process?

The most challenging for me probably has been working on a project inside a team. Before this, I was doing everything by myself. So, if I had a project to get done, it was just me doing all the thinking, projecting via framing and coding. Now it’s just a bit different situation.

You have other developers in your team, and the planning of the project takes more time than the coding part itself. That’s because it needs to be divided into small parts, and everyone in your team needs to understand what their task is and what they’re going to do.

And I bet you learned many things as a result.

Yes. I learned how to develop the user story, how to create a ticket, how to cooperate with other developers using GitLab and all these things which I would have never learned by, for example, being a freelancer.

You mentioned you’re learning back-end, and your previous training was in front-end tech. How is going full-stack like?

I was lucky because was able to handle the back-end pretty well because I had some experience with C#. So, Java was not that difficult for me, but still, it took me probably a month to dive deeper into it, to go beyond the basics and learn new stuff. Then it became easier when I started with Kotlin and the various back-end frameworks. The most challenging part was Java itself.

How was the experience of going through the onboarding process? Was there something in particular that positively surprised you?

I was really surprised with it all, as that the onboarding process was really well organised. Everything was on time and there were so many people presented their teams and projects. They were telling us with enthusiasm and happiness, explaining how they were handling things and that they were happy to see us at the company. That was very inspiring and surprising in a positive way.

What advice would you give to others just starting with their web developer career?

For the junior developers who are just starting their web developer career, I think the most valuable advice I could give is: don’t be afraid to ask questions. Everything you want to know, everything you are not sure about, just ask. There are a lot of people who will help you, who will guide you and mentor you.

In a good software engineering team, they all want you to succeed. That’s the beauty of cooperation. Everyone helps each other out when they are working on a joint project.

Join our community and find your next job or expert in IT

What about work-life balance? Starting a new job can be stressful. How are you doing with it all? Are you working from home, or at the office?

Work-life balance is pretty much on schedule and going well. We’re still working from home remotely, but we can go into the office if we feel like we want to socialize with other colleagues. So, from time to time, we meet at the office. I do like work from home, as that way I don’t have to spend that much time in traffic to go to the office and back.

You were blogging quite a lot before starting your first job as a software developer. How is blogging given how busy you must be? Are your new experiences prompting you to write about new topics?

Yes, it’s difficult now with the content. I know there are a lot of people on Twitter who juggle their work with content creating, family and everything, but it was difficult for me these first two months. It being a new job, and my first software developer job, I wanted to get to know everything, to learn as much as possible. And that didn’t leave too much time for content creation.

So, my blog is still where it was before, but still coming up with ideas. At Novatec we also have the possibility to write blogs, so I will probably think about that as well. I would like to pick up blogging again soon and write about all the new back-end tech I am learning to use, about Java and Kotlin – there are so many topics waiting to be written about.

Check out more of our interviews from our podcast episodes.

For more guidance in your web developer career, make sure to follow Olena on Twitter and LinkedIn and don’t forget to check out her blog and Hashnode activity.

Need more tips on how to find a job in IT? Check out our IT job hunting guide.

Tags behind the screens, first job, german devs, interview, olena drugalya, podcast, software developer, women who code

About us Featured Growing your career: permanent & freelance IT Consultants Podcast Interviews

A Career in Data Science: Unlocking The Power of Data with AI

Post author By Mindquest
Post date 24th June 2021
No Comments on A Career in Data Science: Unlocking The Power of Data with AI

We chat with Ton Badal, machine learning engineer at London-based DataOps start-up Synthesized; about pursuing a career in data science and the challenges of working with data.

🔊 Subscribe to the podcast

Check out more of our interviews from our podcast episodes.

How did you get started in tech, what made you go for data science career and machine learning in particular?

Since school, I have had an engineering mentality, I’ve always had this problem-solving way of thinking. I’ve always enjoyed math and solving problems. In university, I studied telecommunications engineering and specialised in audiovisual systems, so the processing of audio, images, video and other audiovisual systems from a technical perspective.

There I started doing research in machine learning, AI and data science. I started discovering this super interesting world. After that, I was sure that I wanted to do a data science career. So I went for a master’s in AI. And that’s how I discovered this very, very interesting and challenging world.

What did you find to be the most challenging part of this process of learning data science as career and becoming a machine learning engineer?

When I started university, it was not a clear path yet. Eighteen or fifteen years ago, you couldn’t see the path of a data scientist from start to end. Data science sits between computer science and math. And, throughout my career, I’ve been closer to computer science than to math. But the challenge is that you have to know as much as possible from both worlds. But at the same time combine them as well as possible. So I think it’s been quite challenging to be able to unify both worlds.

What’s the best career advice you have ever been given?

This is not really a piece of advice that someone has given me, but rather something that I’ve seen people do. I’ve realised that, when I was starting to look for jobs and was looking for a career, I was kind of looking for anything. I felt like I was the only one selling myself. But at some point, you realise that it’s important that the company also sells itself to you. The company also has to be interested in the person who’s applying. It’s not just top-down, but also bottom-up. There has to be this mutual understanding. When I started looking for jobs, I didn’t care that much about that. But after a while, I realised that it’s really important to feel confident and be in a good environment. It’s crucial for your career development and for example a data science career.

So, I would recommend to everyone to not just get the first job and be very selective about what they want and what they seek to accomplish. Also, the people who interview you: you have to look at them and ask as many questions as you can about the company. It’s not only about selling yourself, but also about understanding the company and making sure that the step you’re going to take is the best one for you because that’s going to influence the rest of your career.

CV Writing Tips for IT Professionals

What’s your advice for those who want to learn data science?

If you want to learn something, the best way to learn it is to get hands-on, to find a project that you’re interested in. There are a lot of open source projects that require some help. For example, at Synthesized, we’re now going to open source a fairness package. If you’re interested in this field, you can collaborate on many, many different projects. The best way to learn computer science and data science is to get a project, get a data set. Sign up for a Kaggle Competition, for example, and try to solve it and get as close as you can to the top of the ranking.

Need tips on how to find a job in IT? Check out our IT job hunting guide.

What are the biggest issues with working with data these days?

First of all, there is the problem of ending up with a poor signal-to-noise ratio. The amount of data that you can find nowadays is huge. But, many times, this data contains a lot of noise. And, if you are not careful, you are just going to end up with just a lot of noise that renders it useless.

The second big issue is compliance, so GDPR, HIPAA, etc. If you have data that is not privacy-compliant or that is discriminating against some groups, that’s going to be not only useless, but it’s also going to be illegal to use. So you need to work closely with compliance teams. You need to spend time with the legal team to make sure that you make proper use of your data.

Finally, there’s the problem of data sets becoming data silos. More and more, to access data, you need a data engineer, a data scientist or a machine learning engineer — someone who can do the magic with the data. It’s getting more and more complex to access the data because doing so requires the knowledge of a data engineer or a test engineer.

How is Synthesized helping to solve these problems?

Synthesized has a core engine that is able to solve these problems by enabling users to easily access their data products in many different ways. So, for example, let’s take one of the problems that I was mentioning before: working with compliance and privacy. Our engine is able to generate data that is representative of the original data but is free from privacy issues and from even biases.

Another of the problems is related to infrastructure, to data silos. Current approaches are data warehouses and data lakes. There are some problems with these approaches, for example, the signal-to-noise ratio in the case of data lakes. There’s a lot of data in there, but it’s very difficult to use. But, the infrastructure problem is also there because the data is very centralised and you need a data engineering team to get to it. So what we’re working on is a new infrastructure called data mesh that aims to decentralise data access. It tries to decentralise all these data products so that each team can access the data independently. Both for internal and for external collaboration.

Can you tell us a bit more about your role at the company?

I’m very lucky to have been a very early employee of the company. I joined at a very early stage, and this meant that, although my official title is machine learning engineer, I’ve been able to touch a bit of everything.

However, my main role as a machine learning engineer is making sure that the core technology is as good as possible. But that also involves a lot of what a pre-sales person would do. So, going to the clients, asking them for requirements, and making sure that the product works well for them and is as tailored as possible to their requirements. But about also improving the product.

And there is also some marketing work involved, like developer relationships. We need to push into that direction because we’re a small company with very new technology and we need to make sure that we sell bottom-up, not top-to-bottom. We approach customers as machine learning engineers, as the nerds who sell to other developers, not as the marketing guys who are trying to sell something to them. Otherwise,+j the message doesn’t get through that well.

What’s next for data? Where do you see data science in, let’s say, five years from now?

I think that, right now, we’re in a very crucial moment for data. We are having all these privacy issues, fairness problems, and the users are more and more aware of this. So, we have to make sure that we have the best practices in place, that we make the best that we can with our data but still respect users. It’s going to be a very challenging time.

At Synthesize, we mainly work with structured data, but I think it’s worth mentioning unstructured data. What’s happening with OpenAI, GPT-3 or other generative models — what’s being done is amazing. It’s a very exciting time. I’m very, very excited to see what the next new thing is going to be.

You’ve been based in London for a while. What do you like the most about the London tech scene?

What I like the most about it is that there are a lot of people working on the same topic, and you can very easily meet people doing really interesting things. And that’s one of the most powerful things when you are doing research or trying to improve your product. Just talking to people, understanding their problems and just having a conversation about something that probably you don’t understand and you don’t even know about.

Discussing new tech trends with people at other companies, that can really help. You discover new things and go out of your usual boundaries. London is great for that because there are a lot of meetups. Well, there were before corona. But yeah, you can talk to and meet a lot of people. There’s this big ecosystem where a lot of things are happening and there’s so much to learn. I’m really happy to be living here.

Join our community and find your next job or expert in IT

You can follow Ton on LinkedIn and on Twitter.

Looking for a job in IT? Check out our IT job hunting guide.

Tags behind the screens, data, Data Science, data science career, interview, machine learning engineer, podcast, synthesized, ton badal

About us Featured Podcast Interviews

‘If it’s Useful for You, Then It’s Useful for Someone Else’: DevRel and Creating Content for Web Devs

Post author By Mindquest
Post date 3rd June 2021
No Comments on ‘If it’s Useful for You, Then It’s Useful for Someone Else’: DevRel and Creating Content for Web Devs

What’s the secret to creating content for web devs? We continue our chat with Stefan Judis, developer relations lead at Contentful, blogger and front-end expert. Here is why and how he shares what he knows and learns with the community.

🔊 Subscribe to the podcast

Creating content for web devs

After building a career as a front-end developer, you’re now leading developer relationsfor Contentful. What does exactly the job involve?

Developer relations is still a fairly new field. What we see over the last decade is that a lot of technology companies. And especially the developers using these technologies have a lot of decision power. We at Contentful are one of these software providers, a headless CMS (Content Management System) that you can put anywhere. And our developer relations team doesn’t work directly on the product. We have completely separated engineering teams that are building the APIs and the product itself.

And the DevRel team is there to spread the word about Contentful but also going into the communities and helping developers with whatever they’re struggling with. And this can be Contentful related, but very often it’s also just web development related. So, what we’re doing is that we are blogging, we are building code examples, etc. And whenever we are talking to users or customers or friends; we are basically the bridge between the product and the developer communities out there.

When someone has a problem with something, our team are usually the first people that they go back to. And we’re then feeding all these things back into the process and building this trust within the developer community. So, yeah, we are blogging, speaking, writing, and hanging out on our community Slack. To connect with the people, have a little bit of fun and build cool stuff. That’s what I do for a living.

But you also enjoy creating content for web devs in your free time, right?

Yes. Since this year, so since 2021 and the pandemic and being stuck home, I’m writing a weekly newsletter. If people are interested in random web development stuff to read on a Monday morning over their coffee… It’s usually something around 10 resources, some GitHub repositories, some music, etc. And I’m writing that every Sunday. So if you’re up for some random good stuff I thought was good over the week, people can subscribe here.

So where do you draw the line between your personal blogging and the one you do as part of your developer relations job?

Well, when you work in DevRel, the line is very, very blurry. Where does work start and where does it end? So I usually do a lot of things on the side. Right. So I do a lot of blogging on my own blog and occasionally I do something for the Contentful blog. Lately, I am leading the DevRel team, which means that I’m not hands-on with the content that much anymore. But I’m still around and the line is very, very blurry.

When you work in these semipublic roles, it’s usually like “Oh yeah, Stefan is the Contentful guy”. And when someone writes me DM on Twitter on a Saturday because they’re struggling with something, well, I’m the last person to say “Yeah, no, it’s the weekend, not going to help you right now”. So it’s very hard to tell where it starts and ends. But I’m just really into web development and I like to share all the things that I learn and that are exciting. And that’s just what I do.

Join our community and find your next job or expert in IT

What advice do you have for other IT pros who want to create content and share tips to help out others? How did you start creating content for web devs?

It’s hard for me to give advice, but I can say what I do. I made it a habit of writing something down or creating a video or some sort of content around things that I discover. I’m also reading a lot. I’m subscribed to a gazillion newsletters. So when on a Sunday morning, I read something and have this thought “Huh, I didn’t know that”, I put it somewhere. It could be on my own website, or it could be on Twitter. But just making this habit of constantly documenting what you’re learning helps with this whole idea that you don’t know anything about web development, because this fear is just so big.

I have been doing this for three or four years. And what that comes down to is that I now have, I don’t know, 200, 300, 400 learnings on my own website. And these are primarily for me. So this is how it started. Because I wanted to come back a month later or six months later and look at it and say “Man. You got a lot smarter over the last six months”. But, after some time, more and more people discovered what I wrote. Because, if it’s useful for me, usually I’m not alone.

And that’s one piece of advice that I would give to people that want to start creating content or blogging. If it’s useful for you, you are usually not alone. And there is nothing like “Oh, beginner content is not useful” or “It has to be this 2,000-word, in-depth article with a lot of scientific, engineering knowledge”. That’s absolutely not the case. We have so many people joining the industry. And whenever you learn something or when someone learns something, I think it’s a very good habit to just write it down.

And then you have the greatest feeling in the world. When some people write me an email or send me a tweet tell me “Hey, Stefan, I just learned this thing. You learned that three months ago and now there’s two of us.” And that’s just beautiful because you can kind of connect the two things, helping people but also documenting your journey.

And you have even built some tools to help you and others in the learning journey, Tiny Helpers and Random MDN. Can you tell us a bit about them?

Tiny Helpers is a very simple website that I created around Christmas one and a half years ago. There are so many self-built or quick build tools that you usually cannot Google. For example, there are a lot of people that build tools for accessibility or tools for defining font sizes, but when you Google them, you will never, ever find them because they are not SEO optimised. There are not a lot of words in them. If you find them and don’t bookmark them, you will always lose them. So, I just built this little resource collection that is Tiny Helpers, and I put it online because that’s what I do.

I thought, “Well, if it’s useful for you, then it’s probably useful for someone else.” And the whole thing is open for contributions. I think I have had over 100 contributions. And there are quite a few people that just come in and say “Oh, that’s useful. I should add that to Tiny Helpers because that’s where I go to find little online tools.” And, when I’m looking for a very specific tool that I’ve seen online, I’m going there as well and it’s the same thing. If it’s useful for me, it’s usually useful for someone else.

The other project that you mentioned, Random MDN is a quick and easy Twitter bot that I built to support my learning journey. So MDN is the developer resource for Mozilla, and it is huge. There is so much knowledge in there and I just had this random thought: “Hey, it would be kind of cool if there was something that tweeted out random MDN pages. It tweets six times a day. It just grabs the sitemap from MDN, picks a random page and tweets it out. And I learn new things just because of it. Sometimes I see a tweet and I am like “Huh, I didn’t know that.” And very often this me to blogging about it, just because my own bot taught me something about web development.

Check out more of our interviews from our podcast episodes.

Follow Stefan through his blog, Twitter, GitHub, and LinkedIn.

Also discover our article: A Data Centre Migration Is About Technology and People

Tags behind the screens, contentful, creating content for web devs, front-end development, interview, podcast, stefan judis, web dev, web development

About us Featured Podcast Interviews

From Hacking NASA to Protecting Your Online Accounts: A Chat with Rickey Gevers

Post author By Mindquest
Post date 27th May 2021
No Comments on From Hacking NASA to Protecting Your Online Accounts: A Chat with Rickey Gevers

We interview Rickey Gevers, cybersecurity expert and founder of Scattered Secrets to discuss his career and ethical hacking.

Ethical hacking can be the solution to some of our most serious cybersecurity issues. We interview Rickey Gevers, cybersecurity expert and founder of Scattered Secrets, a password breach notification and prevention service that is helping businesses and individuals protect their online accounts.

Here is how this Dutch security pro got into hacking, was arrested by the authorities, and went on to show how that his talents could also be a force for good.

🔊 Subscribe to the podcast

How did you get into hacking?

My dad was really the one who introduced me to tech. I’m not a typical technical person. I like to play outside and those kinds of things. So, not necessarily being behind a computer. But my dad bought a computer when I was young, so I started playing with it at a young age too. I liked the Internet a lot because you could search for anything you wanted. I am a very curious person, so I was looking things up all the time.

But an Internet connection was very expensive back then, and at one point my parents had to pay a lot of money because of me. So, they used a Windows password. But I managed to break into the Windows user account and started using the Internet again. They got mad again, and then my dad used a BIOS password, which was a proper measure to keep me out for a month or so.

Then I managed to take out the whole modem, put it in my own computer, install all of the drivers and use the phone connection from the moment they left the house. And I put my computer in such a position that if they came home, I could see them entering and remove the cable, remove the modem, and put them back in my dad’s computer just in time before they entered the house. That’s how I sort of started hacking, in a pretty natural way. I wasn’t really busy with hacking or anything. I just wanted to get the things done.

Then, at the age of 13, you created Waarneming.nl, a leading community-driven platform where users collect and share data for nature conservation, research or education. How did you go from there to the major leagues of hacking?

Usually, when I talk about the things that I have achieved, I see Waarneming.nl as the brightest thing that I’ve done. I didn’t make any money from it, but it contributes a lot to society. And at one point the website got hacked, which I will never forget. One guy just took it offline and put some defacement posters on it. I put the website back online but, after half an hour, the guy defaced the website again. It a lot of fun for him but, of course, it was not for me.

I decided I didn’t want this to happen anymore in the future. And the only way to stop it was to understand how hackers work. So, I started to learn to hack and, pretty quickly, I hacked my first computer. I kept on challenging myself. Back in the day, nobody got arrested for it. I didn’t break any computers ; didn’t delete any files or whatever you can imagine ; I just hacked the computer and that’s all I did. So I started aiming for higher targets. I went from one computer to a computer network. I went to universities because they had fast Internet connections. And I moved up the ladder and eventually was able to basically hack any network, move laterally within the network and become the main admin. And that’s sort of where my story ended.

Join our community and find your next job or expert in IT

Then you got caught.

For some reason, the University of Michigan did a forensic investigation, found me and arrested me. As I said, this was back in the day, so not a lot of hackers got arrested. I had also hacked NASA, to just give you an example. And I remember one guy got arrested for hacking NASA, but at that time, it was very normal to hack computers at NASA.

What exactly happened with the whole University of Michigan incident?

Well, the University of Michigan was sort of my playground, because the Internet connection there was very slow. So, if I wanted to try some new tools that I had found, I usually tried to do it on a network there, which is probably one of the reasons they caught me. But they did a proper forensic investigation and they determined that I was in the network, that I had full control of the network, but that I didn’t do anything else. So that’s why the FBI basically did not chase me.

Then the high-tech crime unit here in the Netherlands was established and they contacted the FBI and asked them if they had anything they could do for them. So that’s when the FBI said, well, we have a file here. We know its name, we know where he lives, so maybe you can pick up the case. And that’s basically what they did. I got arrested by the high-tech crime unit as one of the first hackers they arrested, I believe. They thought I was a really big hacker, which I wasn’t, of course. I did hack a lot of computers, but I never did anything with it. So, I was basically a huge disappointment.

Then, after some years under trial, and a suspended sentence, you went back to hacking, but with a different approach. You went on to create Scattered Secrets. What was your thinking?

At first, when I went on trial, I wondered “should I continue this?” But after two years, I was like “well, I’m only good at one thing, so let’s just fight back and show everybody that I’m on the good side and that I don’t have anything to do with criminals or whatever.” And I started hacking again.

I did a lot of penetration testing, and at one point I noticed that you can easily hack any company and you usually do it with the same trick. That’s when I started building Scattered Secrets, because I believe you can hack any company by simply looking at the passwords that have been leaked. So that’s what we’re trying to fight against right now. We’re basically doing the low hanging fruit for most hackers. It’s not that interesting. It’s not that advanced. But, in our opinion, it’s the most dangerous and easiest way to hack any company right now.

So, you basically monitor for passwords that have been hacked and leaked. Where do hackers get these passwords?

The funny thing is that most passwords are leaked through only a few databases. We have a few enormous leaks. One of them is MyHeritage. The other one is MySpace. And the third one is LinkedIn. That’s where most passwords come from. It’s often the small databases people are in, but once every two years, you have an enormous breach.

Given these ongoing data leaks and recent headline-grabbing global breaches, how do you think we are doing in terms of cybersecurity?

Often, if you talk to security experts, they say we’re not getting better. But in my opinion, there won’t be a single day without hacks. That’s simply because you have the human factor, and the human factor is always vulnerable. We can build secure systems, but there’s still a human using them, so it will always be vulnerable. So, we have to deal with the fact that there will always be hacks.

At the same time, when it comes to multinationals – back in the day, in 2014 or prior to that, we had these flat networks, and you could easily become the administrator. It was pretty easy to hack large companies. I think most multinationals now have a certain base level. And, sure, in the news we see the ones that don’t have that base level. But we’re getting more and more mature. I think that’s the most valuable lesson.

To you, what’s the most challenging aspect of cybersecurity?

As a security researcher, I think the most challenging part is that you have to keep up with your knowledge, you have to continue learning and working. If you stop doing certain things, your knowledge starts to lag behind. It’s a constant battle to keep your knowledge at a certain level.

And what are your go-to cybersecurity education resources to stay at that level?

Without a doubt, the SANS Institute. In my opinion, they’re the only real experts. It’s very expensive, between six and eight thousand euros, but it’s absolutely worth the money. I try to do a course every year, but it’s not always easy to find the time.

Check out more of our interviews from our podcast episodes.

You can follow Rickey on Twitter and LinkedIn.

Tags behind the screens, cybersecurity, cybersecurity careers, ethical hacking, hacking, interview, podcast, rickey gevers

About us Featured Podcast Interviews

Changing Lives Through Tech Education: Interview with BeCode’s Karen Boers

Post author By Mindquest
Post date 20th May 2021
No Comments on Changing Lives Through Tech Education: Interview with BeCode’s Karen Boers

Tech education is a force for social transformation. We interview Karen Boers, co-founder & CEO of BeCode, a Belgian coding school bridging social divides through tech education. A social entrepreneur at heart, Karen has kick-started various successful digital transformation projects over the years – including the European Startup Network, the EU’s first network of national startup associations.

🔊 Subscribe to the podcast

How did your professional career begin? How did you enter the tech space?

Well, after some time in HR, I joined what at that point was a brand-new research institution focusing on software innovation. I joined as a management assistant, so absolutely nothing to do with the tech part of the company. But it was a burgeoning institution, and we grew quite rapidly. I evolved into marketing and communications and took on HR as well for a research staff of one thousand people across multiple universities in our country.

We worked closely with industry partners to understand their needs and design software solutions for real-life problems. Not just economic problems, but also societal problems like children that have been ill for a long time and have been isolated from the learning environment. It was the pre-Internet era. So, we started working on solutions for children to have a virtual playground and play and chat with their friends. It was really cool. That’s what got me interested in technology. Not the technology itself, but how it can offer answers to societal problems and bring human-centred solutions into the world.

Then you went on to create several business and career development projects, as well as Europe’s first unified startup network. And at what point did you decide to dive into education and create BeCode?

I saw there was a huge war for talent raging all over the tech world. Not just for startups, but also in bigger companies. During one of our international missions to Kenya, we visited a coding school that was taking people off the streets, providing them housing, and giving them the training to become programmers. They would then introduce them to European startups looking for new talents, offering them as remote employees. And I thought “cool idea, but maybe there are similar solutions to be found closer to home.”

If we cannot find the right talents to join these companies, then we’re going to be in trouble. And not only from an economic point of view. We also have a huge societal problem with lots of people that are being isolated, cornered, and that face a lack of prospects. And, if we don’t address that problem, then we have an even bigger issue coming up.

Being the mother and stepmother of five teenagers, that was kind of in my face. I thought “if I don’t help resolve these issues, my children are going to be in huge trouble five to 10 years from now.” So, for me, the sense of urgency was pretty high. That’s how BeCode emerged from my multiple professional experiences.

I had my love for education, my industry experience, my experience in marketing, and my first steps as an entrepreneur. It all came together into a bigger project where we basically go hunt for untapped talent. We go look for people who are low-educated, in long-term unemployment, of immigrant background, etc. People who, for whatever reason, are struggling in today’s job market today, but definitely not for lack of talent or motivation.

Join our community and find your next job in IT

How do you reach these at-risk people and help them realise and unleash the potential of a career in tech?

We go search for them. We try to inspire them into considering ICT as a career. Often, the problem is not that they’re not talented, but rather that they don’t know that they’re talented. They’re not aware of the potential they have. So, there’s a lot of awareness and evangelisation to be done with these audiences, to get them excited about tech and consider such a career choice.

Then we help them through really hands-on training programs. Not through too much theory, not through listening to the big expert who will tell you what to do, but basically through trial and error. We give you a small exercise, a project, then something more complex, etc. You have a small group of peers and lots of resources that you can draw on. Basically, nobody reads a manual before they start solving a puzzle either, right? They just pick up the pieces. They try bits and pieces. And if it works, it works. And if it doesn’t, you search for another solution. That’s what they do.

What skills are you putting the focus on through your tech education programs?

The funny thing is that our tech education does not actually focus on the tech skills themselves. I mean, it’s a means, but not an end. What we focus on mostly is teaching them how to learn in a technical environment, because whatever competency or programming language teach them today, tomorrow the context and the technologies will have changed. So, they will have learned basically nothing, or at least not how to continue developing themselves as professionals.

That’s why we focus a lot on learning how to learn: understanding where the resources are; how you can apply them to a use case; what to do when you get stuck; how to build a network of peers where you can go and ask for advice; how you look at examples and copy-paste, but not exactly copy-paste, and debug, etc. So, it’s much more about the soft skills and the learning process around technology.

In the end, they come out with a basic set of technical skills, but mostly with the ability to continue learning once they leave this environment. Especially because in seven months you can’t learn everything. So, whatever they come across, they will have to keep learning for probably the rest of their careers.

And that’s what we hear from the companies that hire our graduates. It’s a combination of, “OK. It’s nice to have people with a different perspective around the table, but it’s also nice to see that eagerness to learn and that ability to learn and be a problem solver rather than a bringer of problems.” Also, the ability to resolve problems as a team and work towards goals together.

What’s usually your main piece of advice for those starting out with their tech education?

Always dare to fail. If you don’t try, if you don’t experiment, you’re not going to learn. When you learn how to walk as a kid or even how to ride a bike, which is already a bit more complex, you don’t go sit down and read the manuals first. You fall flat on your face at least a couple of times. But you get back up on your feet. You look at your parents to ask “what exactly did I do wrong?” And maybe they give you a little nudge left or right, and you try again. You do better. And that’s how we learn.

It’s our natural way of learning. We have to accept that, if we want to learn as adults, we also have to fall flat on our face a few times and hurt ourselves a little bit. We’ll look at other people for small tips and pieces of advice, then take those and try again. And that’s OK. It’s not shameful to try something and not succeed at the beginning, or even not to succeed at all. But if we don’t dare to venture out there and try, then we will get nowhere.

What are some of the most incredible stories of personal transformation you have seen at BeCode over the years?

That’s a tough choice. We have seen over 1,500 stories pass in front of our eyes, and many of them are absolute tearjerkers. I think the one that touched me the most was that of a female refugee. She spent two years trying to come to Europe and had asked for asylum. It was a really rough journey where she saw a lot of hardship and people suffering around her. I don’t think she even dares to tell the people that she met here in Belgium.

She then spent another two years here going through the motions of becoming a refugee: doing the paperwork, learning the local language, etc. And then she came across BeCode. She was so eager to learn.

While she was with us, she was also trying to get her children, who she had had to leave behind, over to the country. And she succeeded not only in finishing the programming course and securing herself a job, but also in getting her children here. You could see it in her eyes that she was absolutely convinced that she was going to make this happen. No was not an option. And she persevered. She had a rough time during the training at certain points, but she always saw it through and found a way out, and she was always open to helping other people. When you see people like that graduate, secure a job, see them reunited with their children; those stories, they stick with you for life.

But I love helping the local people as well. It can be equally rewarding to see somebody who’s been a truck driver for twenty, twenty-five years and started struggling with their back and is not able to drive the truck anymore. That was basically their whole life. They spent their whole life in their truck and then, all of a sudden, they’re completely stuck. If you can somehow make them see that there might be an alternative career for them through tech education, an alternative future; that can be a life-changer.

What new tech education projects is the BeCode team working on these days?

We have seen that, for some, becoming a professional programmer is a good career choice. But for some, it’s a bridge too far, and that’s okay. Right now, we are developing a number of shorter training programs, so that they can just taste and try and then decide whether it’s something for them.

But we are also working on programs to teach people basic digital skills, how they can survive in a collaborative workspace so that we all had to become acquainted due to the global pandemic. Things like how to download your work schedule from the Internet as a factory worker, how to apply for your holidays through an app instead of by writing on paper.

If you look at recent studies, the digital divide is mostly on those digital skills. Yes, there’s clearly a shortage of programmers. But the biggest problem is on fairly basic digital skills that really hamper people from being proficient as professionals and in their personal lives. And that’s a disaster.

If you look just at Belgium – and we’re quite a developed country, aren’t we? – 40 per cent of all Belgians lack the digital skills to be proficient in what they do today. And, if you look at low-educated people or people in low-paid jobs, that number rises to seventy-five per cent. So there’s a lot of work still to be done and not just on the programming side. That’s our conclusion and our path forward, to include these people as well and not leave them side-lined.

Check out more of our interviews from our podcast episodes.

Follow Karen on LinkedIn and Twitter.

You can connect with BeCode through their website, LinkedIn, Facebook and YouTube.

Tags becode, behind the screens, coding schools, interview, karen boers, mindquest, podcast, tech education