Categories
About us Captains’s Log Testimonials

AI in the workplace

In this post, we discuss AI in the workplace with our Chief Digital Officer, Felix Lemaignent.


Need advice on how to start or develop your freelance consulting business in tech or IT? Need to start a new permanent or freelance assignment? Join Mindquest and get support from our team of experts.


Who are the that AI revolution will affect employees affected and what are their challenges?

Artificial Intelligence

There are two categories of employees who will face different impacts. Firstly, those whose jobs will be directly transformed by AI. They will have to use it on a daily basis to accomplish their tasks, or work on its development. These are often technical or technology-related profiles. These employees absolutely must stay up to date on AI and understand how to integrate it into their work.

Then there are employees in more traditional professions. They will experience an indirect impact. As with those who have already mastered Excel or Google, those who know how to use generative AI will have an advantage. They will be more productive and versatile, completing their tasks faster and more autonomously. However, this does not always guarantee a better quality of work.

AI is already integrated into many tools, often invisibly. But here, we’re talking about generative AI, that works via prompts or a chatbot interface. This type of AI raises questions about the digital divide. Digital inequalities could increase with the rise of AI.


In this AI expert job description you will find everything you need to know about this profile.


AI in workplace: between challenge and opportunity for employees

Artificial Intelligence

Another main challenges is job-related fear. Many wonder whether AI will replace their jobs. Does using AI mean it can do the same job as them? In the case of budgets cuts, will they have to compete with their colleagues to keep their jobs? The ability to use AI to stay competitive will be essential in many areas. For some, AI represents a survival issue.
For others, it is fascinating. Many people are already accustomed to learning new tools, but generative AI marks an important change.

Unlike traditional tools with menus and buttons, AIs like ChatGPT work with text queries. This requires a new way of interacting with technology and developing critical thinking skills. It’s important to understand that the answers provided by AI are not always based on facts. They follow a probabilistic logic.

As with the transition from fax machine to computer, generative AI marks a turning point. The computer has transformed employees into “equipped workers”. Those who master AI will become “augmented workers”.

What are the risks for profiles that don’t train at the IAG?

Artificial Intelligence

The digital divide, already visible between generations, will widen between “augmented workers” and “outdated workers”. AI in workplace is here to stay. Those who train will become more competitive, more productive and more versatile. Employees need to be trained, whether in AI or in skills not covered by AI.

But training alone will not suffice. Mastery of generative AI will come with experience and regular use. This process will develop the digital acuity that is essential to remain competitive.

This reasoning also applies to companies. Companies that don’t invest in training their staff run the risk of being left behind. They will also have to deal with data protection and security issues. They can’t afford to have their employees blindly following the mistakes of an AI or copying unverified content.

Will IAG become a criterion for employability?

Artificial Intelligence

Companies are looking to optimize productivity while reducing costs. A candidate capable of using AI is an asset. However, mentioning this skill on a CV is not enough. During an interview, the candidate must provide concrete evidence of the impact of these technologies on business problem-solving.

Workers who have mastered AI show their curiosity, adaptability and versatility. These qualities make them capable of evolving and taking on new challenges – profiles that are highly sought-after.
Generative AI is also becoming a valuable training tool. Coupled with lifelong learning, it makes it possible to rapidly deepen knowledge and put new concepts into practice. This capacity for self-training will be crucial to staying competitive.

In career terms, the adoption of generative AI offers a competitive advantage. It accelerates skills development and broadens the scope of users’ tasks.
Take the example of office tools: thanks to AI, a professional can use a wider range of Excel formulas without having to memorize them. Similarly, AI can suggest page layouts or structure PowerPoint content more effectively.

In written communication, AI transforms the drafting of emails and reports. It speeds up the process and improves accuracy, clarity and tone. Employees gain in efficiency and credibility.
These improvements go far beyond increased productivity. They enable employees to devote more time to high value-added tasks, such as strategic thinking or human interaction, which are essential for career development.


Also, read Top 5 Strategies to Overcome the AI Talent Gap


AI in workplace: what does Mindquest do for its employees and customers?

Mindquest

Mindquest offers AI awareness workshops to train its employees, as well as personalized coaching. We actively monitor prompting best practices, AI-related risks and the latest innovations.

We also develop in-house AI tools to meet our needs while maintaining control over our data. Integrating AI into our recruitment processes is nothing new, but generative AI marks a major step forward.

However, we remain vigilant about possible AI biases. At Mindquest, we have put safeguards in place to prevent these biases. AI is not a substitute for human expertise. Properly used, it improves efficiency and ensures fairness in our recruitment processes.


Find your next assignment on our freelance and permanent IT recruitment platform, or join Mindquest so you don’t miss out on any job opportunity!


Categories
About us Featured Podcast Interviews

The Transition to Independent PHP Developer

Christoph Rumpel is a PHP developer and Laravel expert from Vienna who has his own development and consulting company and teaches others through Laravel Core Adventures and Mastering PhpStorm. He discusses how he got started with coding and his transition from employee to independent developer.

🔊 Subscribe to our podcast


Interested in more coding tips? Discover how to learn Python.

How did you start coding?

I began coding 10 years ago when I was at university. I started university a little bit late because I was playing in a punk-rock band for around 10 years, and we tried to make that happen. We started when I was 14 and we played till I was 25 or something like that, and we really wanted to make this dream come true. But the music business is so hard, and it was very difficult.

After three albums and a lot of concerts in different countries, it was going quite well. But it wasn’t enough to say “okay, this is working out as we expected.” And then, 24, I thought “okay, what should I do next? Should I get a normal job, something similar to what other people have?

I had had contact with doing little websites for the band, making videos, recording a little bit. So, everything regarding multimedia was of interest to me. Then I started university doing something where you did all those things, but also where we had design and programming. And that’s when I started programming.

And yeah, right from the beginning, I thought “okay, this is really cool. You just have a text editor, you type something, you code something, and suddenly you can create something.” And it was this feeling which really got me right from the beginning. I switched my focus from audio and video recording to coding, and that’s when I really started coding and started using PHP. I think I’ve been using PHP for 19 years now, so quite some time.

Why did you decide to become a PHP developer in particular?

I chose to use PHP first because it was very easy for me to use. We also had Java at university and I struggled a lot with it, especially coming from a creative design perspective. Java wasn’t something that I enjoyed, right from the beginning.

PHP was pretty cool because it was very easy to start with and you had a lot of dynamic features already. And, yeah, those easy wins I think is what drove me to use PHP at the beginning. But it wasn’t like it was always fun.

After the first two years of PHP, I felt that I was evolving but I felt like “okay, it’s cool, but it feels like PHP is holding me back.” Especially back then, like 8-10 years ago, PHP was in a phase where you felt like it was getting old. It was maybe not maintained that well anymore. The sources available were not that good anymore.

It didn’t feel like professional coding to me at that time, so I thought about switching to something else like Ruby. I started with a little bit of Ruby for a few weeks or months, and I really enjoyed it. Everything is an object, it’s still simple, but also clean and more professional. And, I thought, “okay, I’ll stop with PHP and I’m going to be a Ruby developer now.”

And then what happened?

But then I got a new job and they were using PHP. And then I was back with PHP again and I’m like “oh my, okay, so I still have to work with PHP.” But it was like a turning point for PHP, I felt.

I think the release back then was something like 5.3. And I think they introduced namespaces and also closures, and then, suddenly, there was Composer. Suddenly, everything changed because now you had this way of getting packages, of getting code from others. You could also check out those repositories, see if there were tests done, how many people were working on it. Suddenly, you had this scale. It was like suddenly PHP is evolving again and there are a lot of things happening.

Also, It was back then when I started with the Laravel PHP framework. And Laravel at that point was using the latest features of PHP. It felt like PHP but also looked very different. I thought “okay, maybe I should give PHP another chance”. And yeah, I’m pretty happy that I did and don’t regret my decision at all.

Speaking of decisions – after some time being an employee, you decided to go off on your own and become an independent PHP developer. How was the transition?

The transition from being employed to having my own company was, of course, a big one. Everything changes from one moment to the other for me.

I was pretty happy at my last company. We had a really amazing team and amazing company. But I always had it in the back of my head that I wanted to try something on my own.

I also enjoy working alone quite much so you have to think about several things. Do you like working alone? Do you like doing your own taxes, your own finances?

These are things that definitely change a lot, and you switch from maybe coding 80% of the time to maybe only coding 50% of the time because the rest you have to be thinking about your company.

You have to get clients. And You have to talk to them. You have to go to meetings. Everything that is normally spread amongst all the employees, you have to do on your own, and you have to think about that a lot before being self-employed.

Connect with Mindquest Newsletter

But for me, I was always the type of person who really wants to be part of every task at a company. So, if there is a design decision, I wanted to take part of it as much as possible. Why are we doing this? What is the benefit? I always ask myself that, and not every company wants you as a developer to be in everything because it could be difficult. I really like being part of all the tasks, and this is why it was a perfect fit for me.

Another thing you have to think about a lot is how you get clients, or what you want to do to make money. For me, currently, it is about doing freelancing. So I help other companies with coding, maybe just helping them out as a consultant. So, I can help them in very different ways. But I also have my own products, video courses. And these are the two different ways how I get my income.

What was particularly helpful during this transition?

The one thing helping me a lot while making the transition from having a company to being autonomous was that I was already quite active in the community. On Twitter, and I was also active at local meetups one or two years before I switched, etc.

I didn’t pay attention to it at the time, but by the time I decided to be autonomous, people were already coming up to me and saying, ‘Hey, I know you are autonomous now, could you help us with this or that?’” So, I didn’t have to ask anyone. People were already coming to me and asking me if I could help them with stuff.

I only realised later how helpful was for me to be out there. Sharing code on Twitter, on repositories or on GitHub, writing blog articles, etc. In everything you do, at some point people will notice you and may come back to you for help, and that was a great help.

It helped me get clients and projects. Especially the first year, when you want to have something so that you can make some money and that the transition is not too big.

What’s the best career advice you have ever been given?

It’s a very boring one. But it’s just true and it just has helped me so much. And that is going step by step with everything that you do. It sounds super boring but it has helped me so much in my career, with every project, with every goal that had in my life.

It feels super overwhelming at the beginning, it feels maybe even impossible. But if you break everything down into little steps, then you see a road down which you can go. You have those little wins with every step that you take and that will help you stay focused, stay motivated and keep going and going step by step.

It’s the one tip that was shared with me many years ago and that now I’m sharing with others because it has just helped me so much on my journey.

Read our article : Web developer: Job Description


For more tips from an expert PHP developer, courses, and Laravel tips make sure to follow Christoph on Twitter, LinkedIn, and through his website.


Check out more of our interviews in our podcast episodes.

Categories
About us Featured Podcast Interviews

Why An Economist Turned Data Scientist Is Now Pursuing a PhD

Maxence Azzouz-Thuderoz is a data scientist specialising in AI and natural language processing at French consulting firm Axys Consultants. Here is how he went from studying economics and econometrics to embracing data science, and why he is now thinking of pursuing a PhD in automatic speech recognition.

🔊 Subscribe to our podcast


Interested in more AI and data science tips? Here’s how to unlock the power of data through a career in data science.

Your background is in economics. How did you end up working as a data scientist?

I went into economics and econometrics because I wanted to be an economist when I was younger. But at the end of my graduate education, I discovered data science.

I got some short lessons and, in the last year of my studies, I decided to change my plans and move to data science.

That’s how I started with economics and ended with a data scientist job.

What did the shift to data science require of you, how was the process?

It requires coding. In economics we didn’t study code that much, so I learned coding. But the transition was kind of easy because I had the mathematical and statistical background that we have in economics and specifically in econometrics, a domain of statistics and economics.

And the transition to data science and traditional machine learning tools was kind of easy because it is about the same mathematical tools, the same statistical tool. So, it was kind of easy.

What was the most challenging part then?

To work with real data. You can find open-source data that is very clean, very nice for studying something, but when you are working with real-world data it can be very complicated.

So, how did you actually manage to get from your economic studies to your current position as a data scientist?

I got a very good friend that found a job in a consulting company in northern France, and he knew that I was looking for an internship. So, he called me and said “Max, I have an opportunity for an internship as a data analyst that I think could be a nice first step for you.”

So, I started at the of commerce with a little internship for my studies and then, when I finished my studies, I went for an internship as a data analyst. Then I found a data scientist job in the consulting industry.

What’s a typical day like in your current role as a data scientist?

Our days are very different because we are always making different things, but, in general, the data scientist job is 70% working with data and 30% is about modelling. No, actually, I would say it’s 70/20 and then maybe 10% is for industrialization. That’s something we have to consider.

What’s the hardest part of working with data these days?

It’s about the information you have about the data.

Some time ago, I was working with a big French banking group, and we did not have all the documentation about the data. Documentation is a very important aspect because you can have the data, but, if you don’t know what it corresponds to, how to work with it, that is a big problem. Sometimes we were working with data that we didn’t completely understand, so we didn’t really understand what we were doing.

Connect with Mindquest Newsletter

It’s about the information you have about the data.

Some time ago, I was working with a big French banking group, and we did not have all the documentation about the data. Documentation is a very important aspect because you can have the data, but, if you don’t know what it corresponds to, how to work with it, that is a big problem. Sometimes we were working with data that we didn’t completely understand, so we didn’t really understand what we were doing.

Where do you see data science and AI 5 years from now?

I think we will see the first industrial applications of quantum computing in AI.

Additionally, 5G is going to change many things. We will have super-connected houses, apartments, etc. So maybe we will have new projects for AI.

Also, cell phones are becoming more powerful every year. So, I would not be surprised if we have AI technology that today we cannot make work on our phones become a reality in coming years.

For example, automatic speech recognition needs a lot of resources. It’s a big challenge. A big part of current research in automatic speech recognition is about the reduction of the parameters in models so that it all needs fewer resources. So, in the years to come, we might see some kind of automatic speech recognition technology working on smartphones, for instance.

You have decided to pursue a PhD. Why is that?

In my current job, I discovered what it was like to work on research and development projects. It was the first time I was working on such ambitious projects, and I found it very interesting. And I really became aware of the difference in understanding between someone who is simply a skilled data scientist and the scientists, PhD people.

People with a PhD were working on the same project as me, and we were absolutely not at the same level of understanding. I think this is one of the reasons why I want to go ahead with a PhD program. Because I want to reach another level.

And the other reason is that I’ve always been interested in research, the university research system. So yes, it’s a little dream, an old dream that I have and that I think could be nice to realise soon.

So, I recently started to check out universities, looking for a PhD program around automatic speech recognition. It’s a big area.


For more tips on data science, AI and automatic speech recognition, make sure to follow Maxcence on LinkedIn.


Check out more of our interviews in our podcast episodes.

Categories
About us Featured Podcast Interviews

Cybersecurity Career Tips From a Ballerina Turned Pentester

Lola Kureno is an Israeli-born cybersecurity engineer living in Tokyo and working for IT training and certifications provider INE. An expert pentester and ethical hacking advocate, Lola shares cybersecurity career tips and discusses how a single event changed her life forever and set her on an unexpected professional path.

🔊 Subscribe to our podcast


Interested in more cybersecurity career insights? Discover what makes a state-of-the-art SOC.

You have quite an amazing career story. You set out on a very different path, and then a major event changed everything. What happened?

It’s quite a long story. My background was not in tech at all. Since I was three years old, I was a classical ballerina. That’s what I was set to be my whole life, or so I thought. I was a professional. I was with dancing companies and had all my life centred around classical ballet. That’s all I knew how to do.

And then I had a very bad car accident. I spent six months in the hospital, plus two years of rehabilitation just to get back on my feet. It was really bad. I was a passenger in my coworker’s car. She broke a couple of bones but was okay. But it was a frontal impact for me, and it was not only the physical side of things. It is not good for your mental health to think that all that your life is about can end in a second.

After I was kind of physically recovered, I really didn’t know what to do. That’s why I left the US, where I was living, and went to Europe. I spent about a year not doing anything. I didn’t know what to do with my life.

Later I went to Lisbon and that’s where I met my husband and got married. We moved to Tokyo, and life here was very different from anything that I was used to. And eventually, I had to get a job, but I didn’t know how to do anything else besides ballet.

So, I got a normal job in a company, like 8 to 5, but I wasn’t happy. It paid, but it wasn’t anything that let me be ambitious, be competitive, learn and study. It was boring. Get back from work and watch TV, go to sleep and repeat. The same routine. It didn’t make me happy.

And then you found tech. Why did you go into IT and pursue a career in cybersecurity?

Computers were always a hobby for me. My father was an engineer, and I got my first computer when I was really young. But it was just something I did when I had time.

And I shared with my husband that I was feeling like I was a waste, that I wasn’t doing anything. And he said “well, you shouldn’t. You’re smart just do something with the computer. You like computers.”

But, you know, I had that image, that thought that if I didn’t have a degree in engineering or computer science or something related, I couldn’t do anything. And I was in my early 30s, I was not a kid anymore.

I didn’t know what to do, so I started researching about maybe getting a first degree, something like that that I could do. And I came across something along the lines that you could actually hack for a living. And I was like really, hack for a living? That was very intriguing to me. I was very curious about it. So, I started researching and that’s when I learned about cybersecurity and something got into me. I started researching more career options and that’s how it started.

So, how did you actually get started in your cybersecurity career?

After discovering all of this, I couldn’t think of anything else but that. I still had my full-time job, but I would come back from work and be back on the computer. I did that on the weekends.

And, talking to people, I met someone who was studying for the eLearnSecurity Junior Penetration Tester (eJPT) certification. And he said, well, there is this platform where you study and, when you feel ready, you just buy the test, take it and can get certified. I had read about some other certifications, but I didn’t feel qualified to take any of them. I was just starting, you know.

So, I would study every day using materials from the cyber mentor Heath Adams. He was my first big source of information. And then I started looking at cyber security content from Neal Bridges. That was another community that really gave me lots of information. From there, I met many amazing professionals like Phillip Wylie, an amazing pentester who now is a personal friend of mine besides being a colleague in the industry.

And yeah, that’s how it started. I eventually took the eJPT test and passed it. Later, I got an internship, being an intern for Neal Bridges’ personal consulting company. I spent some months being his intern and learned a lot of things.

I was learning continuously. It was an everyday thing. I didn’t do anything else, just study. And then the opportunity to work at INE was presented to me, and I took it.

What does your current position as a cybersecurity engineer involve?

Actually, penetration testing is just a small portion of my current job tasks. I do much more than that. I would say that penetration test is maybe like 15% of it all, 20% perhaps.

Lots of what I do involves talking not only to coworkers but talking to clients. If you don’t know how to talk to people, you’re behind. So, you need to have those soft skills.

Connect with Mindquest Newsletter

Are programming skills a must for a successful cybersecurity career?

You don’t need to be a developer, you don’t need to be a coder. But it helps to at least to understand what’s going on in a piece of code. You use Bash, PowerShell, Python, Go, Ruby. Those are some of the languages that we are always using.

You don’t need to know how to use these languages at a development level, but knowing what’s going on helps. If you come from a development background, it helps. Absolutely, very helpful.

What skills would you recommend others to focus on to advance their cybersecurity career? 

would say that it’s wonderful that you’re focusing on all your hacking and pentesting skills, but know that you need some other skills to go with that.

Right now, a big part of my routine is learning cloud. My job is a lot in the cloud. Of course, I’m still studying pentesting, but I am studying cloud because I need it for my job. I know the fundamentals, but I still feel that’s not enough, and cloud it’s now a crucial skill for the whole cybersecurity world. It doesn’t matter what your job is in cyber: you need to know some cloud.

What other advice would you give to people pursuing a cybersecurity career?

There is always room for improvement. It doesn’t matter if you are someone who’s one year into the industry or 10 or 20. There is always something new to learn. It doesn’t stop.

Talk to people. Don’t hide behind your computer screen. Network.

Also, make sure to have an active LinkedIn profile. Many people think that LinkedIn is only for job hunting, so after they finally find a job, they let their LinkedIn profile die, and that’s a big mistake.

The fact that you already have a job doesn’t mean you shouldn’t be open to opportunities. There are always things to do, not only your full-time job. So, keep networking, keep talking to people.

Go to conferences. If you can’t go to a conference, volunteer for them. Volunteering for conferences gives you the opportunity to be in contact with wonderful people. Brush your soft skills.

And if you’re not in the industry yet, if you’re still hoping to get your first cyber job, finding a mentor is a good idea. Plenty of people would be very happy to help you out. Don’t be afraid of connecting to people.

Lastly, don’t give up. Many times, when I was job hunting, I came very close to giving up. But, since I had networked so much, I had so many people who knew that I was job hunting. And they didn’t let me give up. That’s another benefit of networking. These people have your got back, they keep you accountable, they keep you on track. So, don’t give up.

It’s hard. You will get many noes for silly reasons. You will get 10, maybe 15 or 100 noes. But you will get that yes.


For more tips about pentesting and cybersecurity careers, make sure to follow Lola on Twitter and LinkedIn.


Check out more of our interviews in our podcast episodes.

Categories
About us Podcast Interviews

From the US Marines to AWS: A DevOps Career

From US Marines to AWS, a DevOps Career. Jake Furlong is a Technical Lab Developer at Amazon Web Services (AWS) and a self-taught DevOps expert, Site Reliability Engineer and cloud architect. He tells us how he went from being in the US Marine Corps to DevOps Career and to becoming an all-around DevOps specialist. And shares DevOps career tips and insights.

🔊 Subscribe to the podcast


Interested in DataOps? Learn more about a career in data science.

You spent several years with the US Marines and your educational background is in business. How did you transition into tech and devops career?

I got out of the US Marine Corps and, honestly, I just took the first job that I could find. I started training new employees on how to use an Avaya telecom system; which I myself had no idea what that was. I did that for a few months and then they moved me into another role; as director of admissions systems and analytics. I had access to some free courses. So I took calculus and some computer architecture classes because that was kind of was interested in.

Then I stumbled across a CompTIA certification road map online and picked up an A+ book. I started reading through that and I stumbled across a book called Automate The Boring Stuff and started learning some Python. And most of my job was done through CRM and a lot of Excel, a lot of functions. I just started converting it to Python to automate my job and then I automated my friends’ jobs. And before you know it, it was all just running Python.

And I was talking about it while playing World of Warcraft, of all things. I had a friend in my WoW guild who worked for an SAP company and said “hey, we’re hiring if you want to switch into tech”. I talked to my family about doing a complete and total career switch.

The interview went horrible, but they were very very nice. I was willing to learn and they had seen how much I had learned in such a short time at my previous job and gave me a chance. I got an offer and that was the beginning.

You have quite a portfolio of certifications. Is that how you learned the most?

As I said, I read through that A+ book, but mostly for the knowledge. Based on what I wanted to do in IT, I didn’t really want a hardware-related certification. Because I think that, for hiring managers, sometimes it’s easy to misconstrue a person’s skills based on what certifications they have. So I wanted to make sure I was marketing myself in a way I thought was relevant for the things that I wanted to do.

That’s when I found AWS and I kind of looked at the state of IT at the time and figured that cloud was really the way forward. I got AWS certified and then my company was getting really hands-on with GCP. So I got GCP certified and all of that was through free online courses and a paid Linux Academy subscription. I thought about getting an IT degree but it was just too expensive and there wasn’t enough hands-on. It was mostly theory. So I kind of took the theory from the books that I had, and then once I found Linux Academy, I just did every course.

Anything operating systems, Windows, Linux, database programming, web stuff, web development, cloud — whatever I could find. Then I found a site called Open Source Society University, and they have a GitHub page that basically gives you a list of courses from edX, Coursera or other free online tools that teach you the equivalent of a computer science degree.

That was very, very helpful. Then I just took that information and volunteered for every project at work. I took any ticket and tried to automate it, stuff like that. And the whole time, I was told that certs aren’t important to all the people that I worked with. But I think that hiring managers and HR might disagree. And let’s be honest, it’s kind of hard to get jobs without proving you have the knowledge and.

Since I don’t have a degree in anything technology related, I felt I needed to kind of differentiate myself a little bit. So I got those to kind of compensate for not having a degree.

What’s your opinion on free courses vs bootcamps or official certifications?

I always go with free stuff or at least like the inexpensive Udemy sales. I think bootcamps are great for entry-level, but they don’t really allow you to work past that and most of the content online will get you through the basics. Try to solve a problem or find a problem to solve and really get your hands dirty with development or cloud engineering.

Certs are fine if you need them for a specific position or career goal. But I wouldn’t do one to learn. I might take the study guide and use that, but I think certs are a huge market and there’s a lot of money to be made from people that are looking to get certified.

I honestly just went to a lot of meetups. And I pretty much changed my podcasts to tech podcasts and just listened to those all the time.

I also focused on vendor documentation as opposed to online learning. Whether that’s the Kubernetes administrator guides or AWS or GCP documentation. Because you’re getting it straight from the horse’s mouth, and, as a musician (I studied jazz) we always go back to who was the original musician and study their technique and their ideas. So I kind of took the same approach to tech. Where did JavaScript come from? Where did Python come from? And try to study the root of where that came from.

How was the experience of being with the Marines. What’s your biggest takeaway from your time with them?

I had a great time in the Marine corps. Believe it or not, I thought it was a lot of fun.

My biggest takeaway was really about how to work on a team. As much as there’s a lot of technical things I learned and things like that.

There’s just something about being humble and being a life-long learner and always striving to be better. About knowing your weaknesses and seeking self-improvement and being self-reliant and self-disciplined.

In tech, you have to because nobody is going to force you to hone your skills or learn a new programming language or how to administer Docker containers. You know, just that whole self-reliant aspect of being a continuous learner.

You design and implement technical labs, which are training programs for AWS customers. What does that involve?

I work on the training and curriculum team, and we deliver content to our AWS customers. We have an awesome team.

I work with them to help build and design labs and lab instructions. So, if you were to go to AWS, and want to take a course to learn how to be an architect, for example, we have designers and curriculum developers, architects, managers and product managers that we worked together with to formulate a plan to build a course.

Connect with Mindquest Newsletter

And my job day-to-day is to go through and support them so that, when they get to the hands-on portion, that a student can click start lab and that everything underneath the hood is provisioned and ready, works every time, and is repeatable across multiple devices or operating systems. I also ensure that the lab instructions are clear and easy to understand, from people who may have a lot of experience to people for whom this is their first time working with the cloud.

So it’s a technical role, but there’s a lot of human aspect to it. Understanding how people learn and how people learn technology – as a person who is basically self-taught, I use that a lot in this role.

First in DevOps career, now DataOps. The DevOps philosophy seems to be permeating all areas of IT. What do you think is the success behind this way of thinking? What will be the next “Ops”?

I will start by saying that I don’t think DevOps is a real thing. As a community, we can’t even agree on what it is. We’ve been doing this since the 70s, the 80s? Really since the 60s. With Deming, and all of the work he did toward continuous improvement, total quality management, things like that.

And I think what we’re going to see is that we’ll revisit value stream mapping. How can we best automate and streamline value stream maps. Right now, we’re automating everything, and it’s all about pipelines and getting the developers close.

I think that’ll be short lived. We should have always been doing that, and I think connecting development to automation and ops problems is good. I think DevOps, the core of it, we want the developer problems and ops problems to kind of be the same problems, right? Where ops informs development workflows.

Developers use that workflow to produce either new tools or better tools, or even more consistent infrastructure. But sometimes ops doesn’t want things to change. And, as somebody who’s worked in the ops world, I totally respect that and I completely understand. As somebody who’s worked on the devish side of DevOps, I understand needing to get new versions of things out and upgrading things and patching things so that there’s a balance between it.

But I think what we’re really going to see is that, as you get to DataOps and really anything that needs to inform ops, is that everything is going to be data-driven. But it’s going to have to be value streamed.

So, what is the most important? What do you get the most benefit from as far as value? How much money are we really making or saving by approving X project or making Y operations a department priority?

I think, eventually, and once you start finding an efficient way and accurate way to attach dollars or time to these things, you may have some time and value attached to them as it pertains to the business and not just how many commits you made last month or something

DevOps career: What’s the day-to-day of a DevOps team like

A lot of it is requests for automation, declarative infrastructure, tons of monitoring, moving into containerization or modernizing orchestration tools, stuff like that.

I think a lot of it is also developer advocacy and just DevOps evangelism. Because it’s been around for a while, but it’s still relatively new. It hasn’t really permeated all the cultures yet. So, while a lot of people have a DevOps team, the cultural side I think needs a lot of work. So a lot of time is spent explaining why we’re doing this.

It sounds like the value is obvious, but it still takes up a lot of time to describe why we need resources, why we need time, why we should be doing certain projects.

A lot of the time is spent researching new tech, building up labs on your workstation or in the cloud somewhere, and testing a deployment meeting with ops teams to discuss their pain points.

And then, of course, all the pipeline things, so it’s a very collaborative job. You’re not going to see a DevOps person in a silo.

On a given day, you never know what you’re going to do. But it’s always going to be automating something or fixing something or updating something or monitoring something, justifying what it is that you’re doing.

What’s the best career advice you have ever been given?

Ironically, it actually came from a conductor of a music organization. He said “find something you love and do that because, no matter what you do or where you go, you’ll always be doing something that you enjoy.

Just do what you know is right and provide value to everyone around you and don’t worry too much about certifications. If you have the knowledge, it will all come together.

Just always be learning.


For more tips about DevOps career, make sure to follow Jake on LinkedIn.


Check out more of our interviews in our podcast episodes.

Categories
About us Podcast Interviews

Reskilling From Auto Body Mechanic to Web Integrator

My name is Thomas Mercier, alias “TomCodeur” on Youtube, and I am 24 years old. Almost a year ago, I began a reskilling journey to become a web integrator/web designer. 


Looking to transition into web development? Check out the story of how a stay-at-home-mom became a full-time developer.

We are at the end of October. It is a little after 4 p.m., and I am in the office of my employer’s accountant in order to finally sign the termination of my contract. 

I say “finally” because this transitional moment had been hard to accomplish. To undergo this reskilling, I had to find a way to finance my training. 

My plan was simple: call on Fongecif, an organization accessible to employees wishing to retrain without having to terminate their employment contract.

Rather attractive, isn’t it? 

Yes, except that I never managed to benefit from it. And I wasted over a year trying to put together cases that were all turned down. 

So, I decided to change my plan and discuss it with my employer. Luckily, my boss was understanding and offered me a mutually agreed departure. The advantage? It provides access to aid for getting back to work, which includes financing for training. 

Well, there was still an important step left:

Convincing the French governmental employment agency Pôle emploi of the seriousness of my reskilling project and show that this decision was not taken on a whim. 

I told you that I wasted a year before starting my training. In reality, it was not completely the case: during this year, I took the time to inform myself and I discovered multiple web development training courses within the Haut-de-France region. 

This research greatly helped me when I had to demonstrate to my government unemployment advisor that I was highly motivated and determined to carry out this project. 

During this “lost” year, I also completed a few self-taught development projects. They were greatly appreciated by my advisor and it really made a difference. 

My effort and serious commitment paid off in the end. My financing request has been accepted. 

So, here I am in the accountant’s office. All the documents have been signed, the withdrawal period has passed and my month’s notice is over. I am finally leaving my company and my current position, on the way to developer training! 

Want to know what happened next? 

In the three months after I graduated from Pop School, a 6-month boot camp to become a Web & Mobile Web Developer, I had five interviews. Out of those five interviews, I received two offers. This proves that there is work for the reskilled profiles. 

(Discover How to Prepare for an IT Job Interview)

So, what do I take away from this whole story? Reskilling cannot be done overnight. It takes a long time, a time in which we doubt and we are afraid of failure. But it is all well worth the effort. 

You just have to believe in it and don’t let go! 

If I had to give four tips to someone who, like me, to completely change their career and start working as a developer, I would say: 

1. Prepare to learn: your brain will be your best friend in this new adventure. So help it receive all the information you are going to feed it. 

2. Set up a routine that suits your lifestyle. 

3. Eliminate all distractions: organisational tools and lo-fi music … give yourself every chance to stay focused and be productive

4. Test your future job: you must ask yourself if it is possible … but know that there are different ways to do it and that this initiative will teach you a lot about your future job. 

The final word? Stay motivated and don’t give up! 


For more advice on how to get started in your web developer career or transition into development, make sure to follow Thomas on YouTube and through his website.

Connect with Mindquest Newsletter

Join our community and find your next job or expert in IT

Categories
About us Featured Podcast Interviews

How To Learn Python With Rune

Rune holds a PhD in Computer Science and works as a freelance Python consultant specialising in big data and back-end development. When the pandemic hit, he kickstarted the learning platform Learn Python With Rune to teach others how to learn Python and apply it. He tells us about his career story & how to learn Python, how one should go about mastering this powerful programming language.

🔊 Subscribe to the podcast


You might also enjoy this interview on how to code well.

How did you go from doing a PhD to working in tech?

Back in the days when I started university, I actually didn’t think of doing a PhD in the first place. I was just starting but I thought learning is awesome, so I immediately decided I wanted to get a PhD.

But while I was studying for my PhD, I realised it wasn’t really for me because it wasn’t really deeply about science. It’s more about publishing papers and getting funding to continue your career. 

So after I finished my PhD, I started as a developer mainly in the security area (I’ve been working a lot in the security business.) I realised that the one thing that I liked was getting things done, getting projects done. So, I slowly became also a manager type person and worked a few years as a manager. Then I continued working in a SaaS company as an engineering manager for architecture and back-end teams and stuff like that. 

But then you went back to development. How is that? When did you decide to kickstart Learn Python With Rune?

I realised I missed programming a lot, and that’s actually where my journey with Learn Python With Rune started. 

I wanted to learn programming again. As a manager, you slowly lose touch with programming because you’re not really doing any professional code anymore. And I kind of missed that. 

So, a bit more than a year ago, I got the idea. It was actually when the coronavirus pandemic started. I had more time and was working from home, and I was like “I want to program again.” So, I started this small project.  I started producing small projects, publishing them on a web page, and one thing led to another. And it just escalated. 

Now, I work as a freelance consultant and they hire me and I do programming again in a freelance manner. And the reason I like that is because you kind of get more freedom. So, if you want to have some vacation, you just do it. It’s more freedom. 

Why Python? What makes Python so great?

I had to start somewhere, right? I hadn’t been programming that much in Python professionally, but I’ had been programming in C a lot. C is a really low-level programming language and it’s very effective, but you can make so many errors, pointers and stuff like that. It’s just a pain when you don’t know much because you can just do what a processor can do.

But Python is abstracted away. And what happened with Python over the last maybe 10 years is that it has so many libraries. So you can do everything efficiently. It has been developed a lot, for instance, in data science and big data and stuff like that (I myself work with Python in the big data and back-end side of things.) And you can do all this processing now because you have the libraries that can do all the heavy work, but you just manage it in Python code so it can get beautiful. 

It’s easy to understand, It’s readable. It’s almost super code. That’s the main reason I love Python. But there are also some things that I’m not so fond of. 

Like what? What is Python not so great at?

It does hide some of the things away, some of the objects and how they are represented. When you are programming in C you know everything exactly on a byte level. In Python, it’s kind of hidden away.

And I see a lot of beginners having a hard time and struggling with what an object is and what object-oriented programming is, for instance. Because we say that, in Python, everything is an object, but really, is it?. I don’t know. It depends on the implementation. And then they confuse object-oriented programming on top of that.

So, I think it does a really good job, but there are some areas that are not easy to understand in Python. But the pain you get from that is way less than the efficiency and productivity you can get from writing code in Python. 

How should one learn Python? What are your main pieces of advice?

Nowadays it’s difficult to start actually, in some sense, because there’s so much information out there. So my first advice is to ask yourself: what is it that you want to achieve with Python? What is it that you want to learn? What is it you want to code? 

If you just start thinking “I want to program in Python,” then you start a little bit here, a little bit there. All the information is available. The problem is that it’s unstructured. So you get excited about this little bit here, and then you do that, but they are different types of using Python. 

If you want to program back-end like I’m doing, then that is one kind of doing. If you just want to do data science, that’s a different way. You don’t really need to master programming that well, you just need to use some libraries and understand a little about math and so on. 

So it really depends on what you want to achieve. I think people often go around too much. So, advice number one is figure out what it is that you want with it. 

Connect by Mindquest Newsletter

Then find one teacher, one style. It’s just easier. If you take a little bit of this tutorial on the Internet, then a different tutorial, people can do things very differently and it can be difficult to have a cohesive approach. 

The third issue is about managing your expectations about how fast it is to learn. When you learn a new language, you can listen to it and understand it. But when you have to express yourself, it’s different. It’s difficult. You don’t know how to say things, but you understand it. And it’s the same with programming. 

Suddenly, when you see the solution, how people solved it, you go “yeah, I understand it all and that makes total sense.” But when you have to write it, you might have no idea how to solve problems. And that’s kind of the same problem you have right when you start. You understand Python, but you cannot express yourself in it. 

So, I think that would be my three main pieces of advice for beginners. 

One: figure out what you want to do. Two: find one tutor or one style of programming, one book. Three: manage your expectations. It takes a bit more time to learn to write Python than to read it. 

What’s the difference between a senior Python developer and a junior one?

There are actually some aspects I think people overlook. 

One of them is that, when you have a junior in a work environment, you need to help them. If you take somebody straight out of college, for instance, there are a lot of things they don’t teach in college. You know, how to do metrics, monitoring, how to ensure everything is healthy in your system. They don’t teach them that, so that’s one thing they’re lacking. It’s the experience.

Another thing that juniors tend to do is focus on building small systems. Most college-educated and self-taught people tend to do small projects because they’re easier and you have greater chances of success.

But there is an enormous difference between having one tiny system with one tiny server and a distributed system with tens and sometimes hundreds of systems that need to interact with each other and you need to figure out what to do. 

What happens when you make changes to this small thing here? How do you rebuild it when it breaks? How do you build systems that scales in features and amount of users and volume of data? 

Juniors usually can solve small-scale problems, whereas a senior developer can handle bigger scale problems. 

Another aspect I noticed over the years is that juniors are often a bit afraid. When starting in a team, when starting to develop, a junior will not be so quick to contribute to it and will want people to check the code more often and to help them more, because they are a bit afraid. 

So, when things go wrong, they don’t really have the confidence to just do stuff. and break stuff and put it back up again. They like that kind of experience and confidence. 

My advice for new people is to build something bigger. Build something with somebody else. 

You might have done tiny projects in college, or you may have worked together with other people for a bit. But try to make something bigger because you need to be able to build interfaces that interact with each other., where somebody builds one piece and somebody else builds another piece. That will teach you the kind of architecture design principles behind all of it.

I still think that’s a less important part today because there’s a tendency to go to all these microservices or services that are small in framework. And that makes them easier to understand, easier to debug, easier to maintain by other people. 

So it’s not as difficult as back in the day when you had this one big monolith that was running everything. Right now, you have small services that are easier to understand, but it also moves the problem somewhere else. How do you find where the problem is when the system goes down? You need to have really really good monitoring to find things nowadays. 

So you actually move some of the complexity over to the infrastructure guys or the SREs (Site Reliability Engineers). That’s why they are paid a higher rate now than they used to be. A good SRE is so valuable when you need to find problems in big systems. 


For more tips on how to master Python, make sure to follow Rune on Twitter, YouTube and Facebook.

He’s working on a new course portfolio focusing on how to use Python for financial analysis, so stay tuned!


Check out more of our interviews from our podcast episodes.

Categories
About us Featured Podcast Interviews

A Data Centre Migration Is About Technology and People

Sarah Lean, aka Techielass, is a Scotland-based IT infrastructure, ops, and sys admin expert and Azure community evangelist. The founder of the Glasgow Azure User Group, Sarah works as a Senior Cloud Advocate at Microsoft and blogs, tweets and has her own YouTube channel. She discusses, cloud careers, how you can get into community relations. What makes a successful data centre migration, and how Data Centre Migration is about technology and people.

🔊 Subscribe to the podcast


Interested in cloud careers? You might also enjoy our interview about how to become an Azure MVP.

How did you get started in tech?

I started off in a Sys Admin role, so I was a helpdesk engineer doing morning password resets for everybody, fishing out bits of broken paper from their printers, and stuff like that. I worked my career through those various different roles. In the UK, we call helpdesk roles first-level roles and then second-level is the support engineers that go out to people’s desks. Third-level is when you get to design systems for customers.

So, I basically went through those support levels within my career and just built up lots of experience both internally and externally. I was in companies where they just had a small IT department and they didn’t understand what IT departments did and how crucial they were. And then I also worked for managed service providers, dedicating myself to various different customers, etc.

How did you eventually become a Microsoft cloud advocate and a prominent figure in the Azure community?

I kind of fell into the community role because I wanted to learn Azure and there were no user groups in Scotland. I think the closest user group to me at the time was in London. Which is obviously not something you want to do it you finish working on Wednesday night; go down to London to user group and then come back up to your work the next day. It’s obviously not logistically feasible, so I basically started the Glasgow Azure user group to fulfil my need. Basically, to learn Azure and find out where everybody else was fitting this into the on-prem and cloud worlds.

And yeah, I kind of fell into running the user group and then started speaking at events. People were like “you need to speak at events and share your story and journey”. Which I didn’t want to do. But then I fell into it and; before I knew it; I was getting headhunted to become a cloud advocate at Microsoft.

It definitely hasn’t been a planned evolution in my career, if I’m going to be brutally honest about it. But one that I’m really enjoying and has given me some excellent experiences of travelling to different parts of the world and doing some amazing stuff and meeting some amazing people in the community as well.

What does the cloud advocate position entail?

My role can be quite varied. A summary of my job is to help others find out how to use Microsoft Technologies. Whether that be by telling the story in a simplified manner, maybe in a blog post or a video that kind of connects the dots between. For example, what your on-prem system looks like and what your cloud system would look like.

I’m sure we’ve all read some official documentation on various different products. Not just Microsoft products, and not understood what they were talking about. Being able to digest that into a way that makes sense for everybody. Whether that be someone who’s a project manager or someone who has 100 years of experience in IT, and being able to get that story across to them is something that I do. So, my day can be quite varied.

It can be creating videos, creating blogs, doing podcasts… Or it can be just playing with technology, or creating new Microsoft Learn content as well. There are lots of different facets, and there are lots of different things I can do throughout the day. So it can be quite fun. And obviously, Covid has stopped me from travelling, so that would have been a big part of my job had we not had a pandemic. But we’re making it work.

Besides being a cloud advocate for Microsoft, you also have a personal blog and do a weekly update on YouTube as Techielass. How do the two intertwine? Do you usually post work-related stuff, separate both worlds, or a mix of both?

I think it’s a bit of both to be honest. Because a lot of people know me as Techielass and from before I was a cloud advocate, through my blog. Some things like my weekly update on YouTube was something that I actually started in anticipation for this job. Because I knew I would have to be on camera or I knew I’d have to do some presentations for this job.

I started that weekly update nearly two years ago now, to basically get more familiar with looking at the camera and being able to connect to it and doing all the things that go around video production and so that that’s kind of interlinked. Although it’s become a kind of side project because I just enjoy doing that kind of medium as well.

Connect with Mindquest Newsletter

My blog is sometimes intertwined with my job. You’ll find me, you know, blogging about random things that I find. I’ve been supporting my husband and working from home lately. So there’s some random support ticket type questions he’s asked me that I’ve blogged about, because I know he’s going to ask me in about 6 weeks’ time. And I’m not going to remember how I did it, so yeah, there’s various different things on my blog.

So yeah, my blog kind of intertwines with my job, but it’s not necessarily always about my job.

Is there anything in particular that you like to blog about within the world of Azure?

I think I’ve tried to specialise in data centre migrations. I think we’ve probably all been involved in an on-prem data centre migration. And I’ve tried to take some of that experience and that knowledge and transfer it into how you would actually migrate to the cloud.

So, you’ll find me talking a lot about migrating. I tend to talk more about the processes around that nowadays rather than the technology because I think that’s a part of the journey that a lot of people struggle with. We can understand the technology quite easily, I think. But trying to put that into practice; how you think about things like training your staff; and how you change that culture within your organization; how do start the project for your migration…

So, I talk a lot about data centre migrations and, although I talk a lot about the culture and the process around it. You’ll find me talking about Azure migrate quite a bit and intertwining that into how you actually do your data centre migration. So that’s kind of my specialty, what a lot of people reach out to me and ask about.

What are the biggest mistakes being made in this data centre migration to the cloud, especially now that some companies might be rushing their transition because of the pandemic?

I think lots of people forget to actually assess what they have inside their on-prem data centre right now. They want to get to the actual delivery part. They want to get to put some resources in Azure, and they want to prove the value and say “we’ve completed that project”. And, like you say, some have been rushing because of Covid and the challenges that it’s thrown up.

I always try and say: take a step back, have a look at what’s in your environment. Try and understand not only the technology in your environment, but also what your staff needs are. So, your technology is going to have a bunch of needs when you move it to the cloud. Things are maybe not even going to be able to be moved to the cloud because they’re legacy. Or they’re far too complex, etc.

But what about the the staff within your environment as well? Do people know how to use Azure once you’ve moved into that? I think it that can often be a stumbling block as well. I’ve seen some customers who bring in third-party companies to do the migration. They move all the technology and then that third-party company leaves. The staff don’t have any clue on how to support the things that are now in Azure.

And before you know it, they’ve got into this situation where they think that the cloud is rubbish. Because the staff haven’t been able to support it because they themselves haven’t been supported in learning it. That’s why I always say that a data centre migration is about technology and people, so make sure you’re investing in the staff within your IT department.

Also, make sure you’re looking towards the end users, the people that use these applications that are in your data centre. Do you know how they use them? Is this an opportunity to ditch some of the ones that they hate? Is it that time to look at new solutions?

So, technology and people are the things you should be thinking about in your data centre migration.

Join our community and find your next job in IT

What advice would you give to other IT specialists who might want to get into community relations and advocacy?

If you want to get into the community space, try and do it in your spare time. I know that’s a big ask, because we probably don’t have a lot of spare time, (I definitely don’t have a lot of spare time myself), but it’s definitely a job you have to have a passion for because it’s very different from the technology world, from being a consultant, from being an engineer.

There are so many facets to it. I do things in marketing, I do video editing, I do image creation. I’m a bit of a designer occasionally. I’m also a technical writer. I have to be a presenter.

There’s a ton if things before I even get to the technology. Sme days might I don’t even touch any of the technology because I’m in things like Adobe Creative Cloud, so that’s a big change.

If you’re not ready to give up the toolbox, if you’re not ready to give up playing with the technology. Then it’s not something for you right now, and that’s why I say do it in your spare time, because, if you find that and you enjoy doing these things, if you enjoy doing podcasts, if you enjoy doing videos you enjoy doing the blogging, you’ll naturally find that you’ll progress more and more to that and away from being hands on the tools as such.

I see a lot of people wanting the glamour, but they don’t realise that there’s a lot of time where you’re actually not touching technology. But it is a great job. It has offered me fantastic opportunities , but I think a lot of people need to be aware of the fact that there’s so much to it and it’s not just talking about tech all the time.

And your advice for the larger IT community?

Besides that, just support people who are creating content, whether that be people like myself that do it as a job or whether it be people doing it as a hobby. It definitely means a lot, even if it’s just a small like on a YouTube video or a retweet on Twitter. That means a whole load to us as content creators.

So, definitely support people when they do that, because it can make a massive difference. That 10-minute video could have taken me like 3 days to create so that small little like on a YouTube video means the world to me and it means that I actually spend my time valuably.

Support the content creators out there.


Check out more of our interviews from our podcast episodes.


For more cloud careers and Azure tips, make sure to follow Sarah on Twitter, YouTube, LinkedIn or through the Techielass blog.

Categories
About us Podcast Interviews

Leadership Failure: The Real Human Element Behind Cyber Attacks

Dr. ir Johannes Drooghaag; CEO of Spearhead Management and founder of Internet Safety for Kids; recently sat down with us to talk about the real human element behind cyber attacks. His work helping educate children and parents about cybersecurity.


🔊 Subscribe to the podcast


You might also enjoy our interview: A Career in Data Science: Unlocking The Power of Data with AI

How did your career in tech start? What do you do these days?

My career started in applied information technology and I my interest was first in the technical part of that. But I lost interest when I noticed that technology keeps rotating and innovating and reinventing itself so fast that it’s very difficult to keep up. And I started to get very interested in how can we build bridges; with the people using the technology and how they can they keep up with this enormous pace of technology.

That was more than 30 years ago and, since then, the pace has only increased. But we have not really done a lot to improve how we educate people with technology. So that became my mission. I focus mainly on the human element of technology, and I do that in the field of cybersecurity, of agile management, for digital transformation. We say it is all customer-focused, which in most cases is true. But, in many cases, we forget the people within the organisation who have to work with all that technology.

How do you advocate for this human-centred approach to technology?

I founded a company called Spearhead Management, in which we literally take, first of all, the people. We start with education and coaching, and we do that based on an approach that we could call a gap analysis. Where are we today? Where do we want to be tomorrow? And yes, there will be technology involved. But how can we enable and empower the people in the organisation to make that happen and to become part of that innovation and that digital transformation. And we do that through training. We do that through consulting, through coaching.

I also use my voice on social media. I started to actively use social media three years ago. I’ve been growing fortunately very fast in the last three years. I use that a lot to point out what the human element behind cyber attacks is. What has gone very well? What has gone not so well? And what has gone really, really bad?

And one of the things I do with my team is that, once a year, we publish a report called The Human Element in Cyber Security, and I do podcasts and keynotes around it under the title “The Human Elements in Cyber Security: And It’s Not What You Think.”

Why is it not what we think?

Because when we look at the IT community, there’s a lot of focus on the user error. So you might get the impression that the user is responsible for all cyber incidents. And when we look at the media, we get all the information about the bad fenders, about the vulnerabilities, about how somebody was hacked and everything went wrong.

But when we look at the technical information about these cyber breaches, we see that more than the human element caused 80% of them in the configuration and the management of technology, so the technical responsibility behind that technology. Now we should not take that and do the same thing by saying, the IT experts are to blame because that’s not fair nor correct.

A lot of that is leadership decisions. We know in a corporation nothing happens without approval and budget. So, the IT guy can sit there and say “I have to update those machines, I have to replace that software because it’s EOL”. But when that person doesn’t get approval and doesn’t get the budget. I assume they’re not going to pay that out of their own pocket, right?

So the human element is a lot more than just the actual making failures. The majority of that is leadership. The majority of that is completely failed risk management. If we don’t change the way we manage and lead, we will continue to have these issues.

Join our community and find your next job in IT

What would be a textbook example of leadership failure impacting cybersecurity?

There is this beautiful case of the colonial pipeline, a very high-profile case that was recently all over the media. It started with all kinds of theories about what would have been the case. And this theory immediately emerged that people were claiming that a user had opened an attachment. Other people claimed that there had been a case of social engineering through which all kinds of other theories popped up. Things popped up and they were all over the media and social media.

But then the actual experts analysed it. They found that a VPN account, which lacked basic security measures and was not in use for a very long time got compromised. Some one shared that compromised account, including the ID and password, on dark web forums. And used that account for the initial breach of the network and through that they were able to escalate.

Now there’s one thing that we have to keep in mind. There’s an FBI director who made a very interesting statement. There are two types of companies. The companies who have had their network breached by malicious actors. And the companies who do not know that their network has been breached by malicious actors. And that’s the reality that we have to assume at the moment. That we are compromised and that we must implement all potential and available countermeasures based on that assumption.

Connect with Mindquest Newsletter

The colonial pipeline case shows us two things we should focus on. Firstly, abandoned technology. That VPN connection that we are not monitoring, not taking care of and that hasn’t been used for a long, long time: it is still open and available. Secondly, the almost mandatory segregation of network access and segmentation of the network itself to make sure that you cannot simply hop from one privilege to the next one. All that was not available. Your active monitoring, through which you keep an eye on what happens in your network. If, after five years, you suddenly see a VPN connection pop up, you should react to that. Never happened.

For me, that is a schoolbook example of knowing what should be done and not doing that. An example of having all kinds of interpretations that are not factual at the beginning of the incident and, as soon as the actual analysis is publicly known, is once again the basic step.

And that is what we see in the majority of our research as the real human element behind cyber attacks. When we follow the three basic elements of cybersecurity (patch management, access management, segmentation and segregation), we can prevent more than 90% of all cyber incidents.

You are the founder of Internet Safety for Kids. Can you tell us a bit about this initiative?

We create videos and content to enable parents and children to use the Internet in a secure and responsible manner. We do that with videos and cartoons. The kids love it. We get wonderful feedback, and the most interesting part is that parents write us to tell us that they’re learning from the videos, which they thought were intended for the kids, but we make them on purpose for the kids and the parents. It’s a beautiful project. I love it. It’s a lot of work, but it’s worth every hour that we invest in it.

What sort of cybersecurity advice do you provide in these videos?

Well, there was one episode for which the kids made the entire script from beginning to end.

They said “We have some wonderful advice: we need to inform our parents about what we do, and we should never hide what we do, and we should always explain why we want to do it. But can you please be so kind as to tell the parents that they should listen when we want to tell them something? And if we want to show them something, that they should actually take a couple of minutes?”

So we did this episode created by the kids alone and we didn’t allow the parents to criticise any of it, just focused on saying “Hey parents: yes, we can tell you what the kids should do, but you should have time for them when they want to do what we tell them to do.”

I love that so much. We had so much fun creating that. We encourage parents and kids to learn this together. It’s not that parents give these videos to the kids and say “well, be busy and learn this.” Sit down together, learn this together and use it as an input for discussions with each other. What we’ve learned with the kids is that they’re really actively involved, so they come back to the parents and they say, “hey, I watched this video and look, I’ve done this and it looks good.” And that’s the coolest thing.


Check out more of our interviews from our podcast episodes.


For more on the human element behind cyber attacks and IT in general, make sure to follow Dr. Drooghaag on Twitter, LinkedIn or through his website.

Categories
About us Podcast Interviews

On Learning Azure IoT and Being an Active Member of the Community

John Lunn, also known as Jonnychipz, is a Welsh Azure MVP and MCT working as a technical architect at BT Enterprise. An organiser of the Welsh Azure User Group and an avid vlogger, John discusses the benefits of being an active member of the Azure community and how he learned Azure IoT. 

Interested in cloud careers? Learn more about How to Become an Azure MVP.

🔊 Subscribe to the podcast


What made you go into Microsoft Technologies and cloud architecture?

think when you go into business you predominantly work with Microsoft Technologies, more often than not. I kind of cut my teeth in IT on that side of the fence, which was very much Microsoft focused. So, I guess that, when I took that additional career step into the world of consultancy and kind of specialized in a particular area; in my case it was unified comms when I first started in that world; Microsoft was a natural steppingstone.

I’ve dealt with it for a number of years now. I knew my way around it. I was comfortable with it. So developing those softer skills like peaking to customers and other clients and helping other people understand the technology, or yeah, or being parachuted into a completely burning disaster of a problem. You soon learn the technologies at quite a deep level. You learn quite quickly what you can and can’t do.

So, yeah. I suppose I kind of edged myself gently into the world of consultancy and architecture. Now I find myself as a technical architect working on predominantly Azure and Microsoft focused solutions for customers. It’s been quite a long career and I’ve delved into a number of different areas. But I wouldn’t change it for the world. I’ve learned so much throughout that time.

Cloud careers are evolving very rapidly. What’s your approach to keeping up with emerging trends?

As an individual, I’m constantly thinking: where are we going with technology? What’s next? Not just for my own interests and keep the passion and the interest in my career. But also: where can I add the most value? The company that I work for — how can I help them see and visualise those innovative ideas, projects and solutions?

For a number of years, I’ve been speaking internally with my management team, talking about where we’re going as an industry, and, clearly, for some time now, it’s been around IoT, edge data, machine learning, AI… All of those kinds of technologies that are going to drive innovative solution design.

So, I’ve been on a personal quest. I’ve dabbled in areas over the years. I’ve done bits and pieces and I keep telling people I know enough to be dangerous. That’s my stock answer. I know enough to dig in and make a little bit of noise. But I take it at my own personal development journey to try and dig into that in a bit more detail. IoT was one of those areas that I jumped into.

Join our community and find your next job in IT

Why Azure IoT in particular? How did you go about diving into the area?

I guess I wanted to understand right the way from that physical thing. That physical device and object, the microcontroller that is inside that device, to the LEDs and resistors and buttons. How do those things get made and then what is the code that sits on that microprocessor? How do I develop that code to then enable me to take that sensor information?

Maybe there’s, you know, some optical, temperature or humidity sensor. The common things that you find in IoT projects. How do I take that, read it with some code and send that up to this thing called the cloud? And then what do I do with that?

So, I took it upon myself to try and look at some pet projects to build this, to start looking at microcontrollers, put them in, etc. I literally got myself a 3D printer and started printing off all these random designs I made myself.

There’s the engineering mentality if you’re really starting off at the maker side of things. So, I went on this journey of learning all of these kinds of disciplines. It’s really about understanding all of these little components that go into what makes an IoT solution. And I’m really trying to understand how you join the dots between these various features and components within Azure to make those solutions.

And it’s been, more of a labour of love than anything for work. I’ve met some fantastic people out in the community that have helped me understand things, that I’ve learned from, that I’ve taken ideas from.

And going down on that journey, you learn so much about those areas of Azure that maybe you’re not using on a frequent basis. You know, you start with this high-level view of the world. I try and dig down deep as much as I can in as many different areas so that hopefully I get a little bit more of a clearer picture as to how and why you can use these things.

Do you think a hands-on approach to learning new technologies is better than a theoretical or certifications-based one?

I mean everybody is different. I think for me hands-on works well. Certification is a great way to go, especially if it’s something relatively new and unknown.

So, for example, the AZ 220 exam is the Azure IoT developer speciality exam from Microsoft. And that’s what I was going for at the time.

There are certain ways people can study for exams as Azure IoT exam AZ 220. It’s very much theory-based where you read the Microsoft docs and understand things. And you know, if you do enough Microsoft exams, you can kind of work out which questions they are going to ask you. You get to learn in an almost parrot-like fashion the areas that particular exam is going to cover. And that’s great, there have been exams where I’ve kind of just done in that way. You go in and you’ve learned something over a crammed week or two.

But the problem is that, later down the road, if you’ve not actually done anything physical or hands-on or done it yourself, I found that I forgot it.

For the Azure IoT exam, I took it relatively slowly because I wanted to absorb it and be part of it for a while. Basically, because it was so much fun. I was just having so much fun doing this tinkering and making and, like I say, it hasn’t stopped.

So yeah, I think certification; as Azure IoT exam; is definitely a great way of identifying the areas that you need to learn. But how you learn those is up to you. Everybody’s got their own style and, for me, slow and steady and hands-on sinks in more and I’m able to retain that information for longer and apply it to other things.

Connect with Mindquest Newsletter

You are an active member of the online Azure community. You go by the nickname of Jonnychipz, and you blog and host a weekly vlog covering Azure-related news and topics. How did you become such an active part of the community? What were the beginnings like?

I had always been on the periphery, the edges of the community. And I guess I never really understood what community meant. Over the years, I’ve been fortunate enough to go to some great Microsoft events globally, and I’ve met some brilliant people. But I had never really been actively involved in the community.

But then COVID hit, and we were all locked up in our houses. I got the time to actually focus and build myself a little bit of an office space. Before, I was always out on the road, driving up and down motorways in the UK or running the kids around.

So, as we all had this additional time, I thought, OK, this is an opportunity for me to try and focus on public learning and the community a bit more. In hindsight, I didn’t really know what I was doing when I first started. I set a blog up and it was jonnychips.com, you know? And I started putting out some blogs. I started doing the 100 days of cloud, just trying to show my public learnings and hopefully give a bit back.

What does your new role in the community bring into your life? What have been the best moments so far?

Well, it sounds a bit cliched, but there have been so many different situations that were super fun and where I thought I would have never been I had not turned to the community. Things like joining and setting up and helping organise a user group – part of what I do is helping organise the Welsh Azure User Group, and we run that as a monthly virtual session.

We’ve had so many fun moments over that, just from the guys and gals that help organise the weekly or biweekly calls that we have, through to the events themselves and just the fun engagement from other people in the community. There’s been so many comedy moments and just good general laughs over things.

IoT has been one of the standout things for me. The people I’ve met in in the world of IoT, from members of the community through to the advocacy team at Microsoft themselves, I’ve managed to speak to one or two of those over the last few months. They’re all super people. Really clever, intelligent, passionate people just putting stuff out.

You forge these new friendships without you realising it. You’re virtually speaking to people across Twitter and you’re having that banter, you jump on a live Twitch stream and have a little bit of fun.

So, it’s probably safe to say that there’s not really been one best moment so far. I think the best is yet to come. I’m really looking forward to getting back to the face-to-face meetups, getting back out there to two events where I get to meet some of these great people and hopefully have a coffee or a beer and a bit of lunch or something with them. I see that being a super fun time.


Check out more of our interviews from our podcast episodes.


For more cloud careers, Azure and Azure IoT tips, make sure to follow John on Twitter, LinkedIn and YouTube or through Jonnychipz.com.