Q&A with James Lee, Managing Director and Head of Financial Services, Analytics and Cloud Transformation at PwC

Media 7 | August 16, 2021

James Lee, Managing Director and Head of Financial Services, Analytics and Cloud Transformation at PwC, is a well-recognized management consulting leader and senior technology executive specializing in advising global financial services organizations on “cloud-first, data-driven” digital transformation with data and analytics, AI, and intelligent automation. He has over 20 years of strategy consulting and technology operation experience in North America, Asia, and Europe that spanned across various industries including insurance, banking, asset and wealth management, private equity, and telecommunications.

In my opinion, the most forward-thinking digital leaders usually excel at constantly instilling a digital-first mindset into their workforce and encouraging employees to cherish every “fail fast” lesson learned opportunity.



MEDIA 7: Can you please take us through your 20 years of strategy consulting and technology operation professional experience? Where did your career begin?
JAMES LEE:
My pleasure. I started my career as a software developer in Asia (after graduating with an engineering degree in Hong Kong) and then spent the next 20 years in North America in various management consulting and digital executive roles. For the past decade, I have been working at PwC with a sheer focus on growing multi-competency teams to assist our global financial services clients with driving data-driven innovations and operationalizing high-impact digital transformations. From a consulting career perspective, it has definitely been a rewarding experience over the years as I was fortunate enough to participate in many large-scale transformations with companies across the globe and met a lot of amazing people along the journey. As a trained engineer with years of strategy consulting experience in the financial services world, I found my diverse background (culture, academics, work, international exposure) has given me a balanced perspective in approaching corporate digital challenges by helping organizations better leverage the power of cloud, analytics and automation within the context of their business.


M7: What is PwC’s new global strategy, The New Equation, about? How does it address some of the major challenges in the world today?
JL:
The New Equation is our new PwC global strategy that responds to fundamental changes in the world, including technological disruption, climate change, fractured geopolitics, social tension, and the continuing effects of the COVID-19 pandemic. It focuses on two interconnected needs clients face in the coming years:

Build Trust - to meet rising expectations of transparency and stakeholder engagement and

Deliver Sustained Outcomes - with an integrated and multidisciplinary approach that combine expertise in strategy, digital, data & cloud services, people & organization, ESG, cybersecurity, and AI.

Our firm will be making over US$12 billion investment over the next 5 years ($3 billion will be in the Asia Pacific to further expand business in this high growth region) with initial commitments including new ESG Centres of Excellence, Leadership Institutes, accelerated deployment of emerging technologies and increased investment to support audit quality and advisory capacity. As a result, we will be creating over 100,000 new jobs so it is definitely an exciting time to be in the professional services industry.


There have been increasingly pressing needs about ESG(especially the “E”) as evidenced by the recent United Nations IPCC report that the earth climate crisis is unequivocally caused by human activities.



M7: What are some of the successful digital and sustainable transformation strategies that you have implemented through your work at PwC?
JL:
For this question, I think it is very important to define what success means for a digital transformation journey and the answer certainly varies for different organizations. Yet from my years of experience helping global firms strategize and operationalize their digital transformation programs, there are a few key success factors in common and will continue to be crucial:

A top-down approach with clear and measurable goals: Digital transformation is not just another big project but instead a multi-year corporate journey that requires all management teams and staff to stick together to go through the ups and downs associated with the changes. Every successful digital transformation starts with a strongly supportive board with laser-focused strategic vision and an experienced, highly collaborative squad(s) that masters delivery execution with disciplined change management, outcomes-driven budgeting model, and agile-based implementation governance.

‘Employees-Led’, ‘Customer-Focused’, ‘Technology-Enabled’: I know it sounds a bit generic but these are golden rules/guiding principles a digital executive could always rely on to make sensible decisions during ambiguous situations in a transformation. Is this budget decision going to help to upskill our staff to promote the digital-first culture? Which 2 out of these 10 proposed digital servicing ideas will provide the most ‘distinctive’ customer experience? Does this seemingly cheaper or convenient technology option align with our “cloud-first, API-connected” strategy?

“Communicate, Celebrate and Communicate again”: ‘Transformation Fatigue’ is one of the biggest threats for any digital transformation. Over the years, I found the smartest digital leaders were always the ones who mastered the art of active communications and agile goal-based celebrations to continuously instill positive momentum to the organization throughout the transformation journey.

‘Data-driven’: Regardless of AI, IoT, or intelligent automation, data is the fuel that powers any high-speed digital transformation train. A solid enterprise data strategy and a secure cloud data platform are fundamental to every successful digital transformation.

‘Digital (& Sustainable) Transformation’: As ESG is gaining more attention in the boardroom, I am seeing more and more corporate digital innovators leveraging emerging technologies to try to improve their ESG outcomes. From the early digital age of automating manual, paper-based processes with RPA and OCR technologies to more recently using AI, 5G, and augmented reality to facilitate remote work to minimize air travel (oil fuel is a major source of carbon emission), I can foresee a growing trend that companies will increasingly integrate ESG factors into their digital transformation agenda to drive sustainability benefits.


M7: What do you see as the most noticeable change right now happening in the workforce, encouraged by the rise of digital technologies?
JL:
This is a great question. I was recently invited to speak at a global digital banking summit with a few fellow C-level panelists and it is interesting that we all shared similar observations regarding some of the implications for the workforce:

The importance of “Thinking Digital, not just Being Digital”: Digital technologies bring inevitable changes to operation as well as a business model but still many companies didn’t do enough to evolve their corporate culture and business processes (“Excel is still my best friend regardless!”) after having invested millions in technology infrastructure. In my opinion, the most forward-thinking digital leaders usually excel at constantly instilling a digital-first mindset into their workforce and encouraging employees to cherish every “fail fast” lesson learned opportunity.

Upskilling in data literacy and risk governance awareness: For most companies, the primary objectives of digital transformation are to improve customer experience or time to market for products and services. While capitalizing on these benefits as part of what I called the offensive aspects of a transformation, corporations should not overlook the flip side of the coin which are the defensive duties to mitigate risks associated with the use of emerging technologies. Are your AI algorithms making decisions that align with your company’s values? How is your brand affected if you cannot explain how AI systems work to your customers and regulators? Do customers trust you with their data and did you provide adequate customer data protection training to your workforce? These are all legitimate questions that require business leaders to revisit their risk management plan and formulate an upskilling strategy for the workforce (e.g. curriculum to improve overall data and analytics literacy as well as risk governance awareness).


In this ever-changing digital world, we always emphasize to our clients the importance of upskilling so you can probably imagine most of us are vivid lifelong learners ourselves too.



M7: James, I understand you had a lot of experience helping financial services institutions with their ESG data management, analytics, and reporting needs. Would you be able to share your perspective in this space given this is such a hot topic in the industry?
JL:
Certainly. There have been increasingly pressing needs about ESG(especially the “E”) as evidenced by the recent United Nations IPCC report that the earth climate crisis is unequivocally caused by human activities. It is a sad reality but it could get worse if the slim chance remaining to stave off heating above 1.5C is not immediately addressed. It definitely requires stronger global collaborations and I think the financial services industry (as an allocator of capital) will continue to play a pivotal role in the following areas:

Sustainable Finance – promote sustainable economy through prioritizing financing decisions such as sustainability-linked loans, green bonds or carbon tax optimization,

Responsible Investment – promote ESG through thematic investing to achieve better risk-adjusted returns and value creation,

Climate Risk Analysis – mitigate climate-related operational risks (physical, transition) and achieve eco-efficiency by reducing the carbon footprint (e.g. through climate risk scenario analysis) and better managing other environmental risks (water, land, waste),

Resilient Supply Chain – transform supply chain with ESG considerations to enhance operational resilience.

From a data and AI strategy perspective, there are a few key ESG trends that I believe will continue to drive the acceleration of digital transformation in the financial services industry:

Mandatory ESG disclosure: While EU regulators were early movers in leading climate disclosures, other international financial hubs (e.g. Hong Kong Stock Exchange, London Stock Exchange) have already followed the footsteps to demand TCFD disclosures for listed companies. In addition, SEC has repeatedly expressed a new, heightened focus on disclosures about climate change. I think this compliance-driven wave will push more companies to revamp their data and reporting infrastructure to cope with the complexity of the 4Vs (volume/variety/veracity/velocity) associated with ESG data. For example, many companies are currently still using manual processes to collect internal ESG data (water consumption, carbon emissions, workforce demographics) and these data sources are usually scattered in disparate databases in various formats. Adding to the complexity of data collection is the need to bring in relevant (and material) external data sources and alternative datasets for ESG analysis.

Correlation of non-financial KPIs and financial performance: It is not uncommon these days CFOs are asked by an investor on an earning call about their firm‘s climate risk exposure or progress in diversity and inclusion. Indeed many ESG materiality assessments indicated that there are correlations between non-financial KPIs and the financial performance of a company. Given that ESG data has to be ‘Investor grade’ and audit-ready for disclosure purposes, I believe more companies will begin to incorporate ESG data and analytics into their digital finance transformation agenda by centralizing data on a cloud data lake coupled with an agile data governance process to enhance both data access and data quality.

Continuous monitoring of ESG performance: I think it is important to point out that the ultimate goal of ESG should not be just a series of sustainability reports for PR purposes. But rather an ability for companies to measure and report ESG progress in a timely manner and for investors and other stakeholders to be able to verify it with data. As I mentioned earlier, with the tightened regulatory requirements and increased complexity of ESG data, I think companies will continue to invest in emerging technologies to address the following ESG data and reporting challenges:

-      Ensure accuracy, agility, and data integrity of the relevant metrics.

-      Reduce the time and cost to prepare ESG disclosures.

-      Improve ESG industry ranking by actively monitoring sustainability KPIs to drive actionable insights.

This is an immense topic that I have a lot of passion about and can easily talk about for another hour with a beer (chuckles). If you are interested in learning more about potential ESG data and AI use cases pertaining to different sectors in financial services (insurance, asset and wealth management, banking, and capital market), I have published a few blog articles that you can easily find in my LinkedIn profile.


M7: This is the last question but it is an important one for our readers. Knowing what you know now, what advice would you give to the young people who are aspiring to pursue a successful management consulting career in digital transformation?
JL:
I would summarize into 4 key traits which I personally found are important for every management consultant: 

Listening: Management consulting is all about problem-solving for our clients. Regardless of how many world-class strategy frameworks or talented digital/data/cloud individuals a top-tier consulting firm possesses, these are all irrelevant if we don’t listen effectively to the unique challenges faced by each of our clients. Indeed the ultimate responsibility of our digital consulting practitioners is to help clients analyze their problems through active listening and then tailor a ‘fit for purpose’ digital solution approach through our global network of experienced professionals, strategic technology alliances, and intellectual assets.

Proactiveness: Management Consulting is a people business or more precisely a team sport that involves multiple stakeholders in the ecosystem: customers, employees, alliance partners, regulators, industry analysts, etc. I found almost every successful digital consulting leader has a highly proactive attitude and they never shies away from taking initiatives in their approach for innovations, stakeholders management, and professional networking,

Lifelong Learning: In this ever-changing digital world, we always emphasize to our clients the importance of upskilling so you can probably imagine most of us are vivid lifelong learners ourselves too. This trait usually goes side by side with ‘curiosity’ and I think, both are key characteristics for any individual who wants to pursue a sustainable management consulting career.

Empathy: This is my favorite one. As I mentioned before, management consulting is a professional team sport and stress management is an inevitable part of our work life. Throughout my global consulting career, I have assembled many cultural-diverse, multi-competency teams to cope with countless stressful client situations. I found ‘Empathy’ was always my best companion in those situations (for both clients and teams) and it was amazing that every time we were able to emerge as a more united and inclusive team with ever-stronger and trusted client relationships.

ABOUT PWC

With offices in 155 countries and more than 285,000 people, PwC is one of the leading professional services networks in the world that provides assurance, tax, and advisory services.

More THOUGHT LEADERS

L&T Technology Services' Sarita Bahety explains why adopting cloud is an opportunity to make existing processes more agile for organizations

Media 7 | July 28, 2022

L&T Technology Services' Sarita Bahety, Head of Strategic Alliances and Partnerships for Europe, explains how various strategic alliances contribute to the expansion of businesses.  Read on to know more about her thoughts on strategic management, cloud adoption, and leveraging alliances. ...

Read More

Oracle's Lisa Marcyes says, 'People trust people more than they trust brands'

Media 7 | May 13, 2022

The key to good social media marketing is knowing everything about the audience, shares Lisa Marcyes Director, Global Social Media at Oracle, in this interview with Media 7. Read on to find out more about the best go-to approach for audience gap analysis, top social media marketing trends to look out for this year and the best ways to generate leads on social media....

Read More

Q&A with Ariel Munafo, Founder and Board Member of MarkeTech Group

Media 7 | October 13, 2021

Ariel Munafo, Founder and Board Member of MarkeTech Group, EuropeClouds and CloudEdge. He is also an Ambassador at CNCF and a Vice President at IASA ISRAEL. Munafo is an investor and cloud computing evangelist and a personal advisor to CIOs & CTOs....

Read More

L&T Technology Services' Sarita Bahety explains why adopting cloud is an opportunity to make existing processes more agile for organizations

Media 7 | July 28, 2022

L&T Technology Services' Sarita Bahety, Head of Strategic Alliances and Partnerships for Europe, explains how various strategic alliances contribute to the expansion of businesses.  Read on to know more about her thoughts on strategic management, cloud adoption, and leveraging alliances. ...

Read More

Oracle's Lisa Marcyes says, 'People trust people more than they trust brands'

Media 7 | May 13, 2022

The key to good social media marketing is knowing everything about the audience, shares Lisa Marcyes Director, Global Social Media at Oracle, in this interview with Media 7. Read on to find out more about the best go-to approach for audience gap analysis, top social media marketing trends to look out for this year and the best ways to generate leads on social media....

Read More

Q&A with Ariel Munafo, Founder and Board Member of MarkeTech Group

Media 7 | October 13, 2021

Ariel Munafo, Founder and Board Member of MarkeTech Group, EuropeClouds and CloudEdge. He is also an Ambassador at CNCF and a Vice President at IASA ISRAEL. Munafo is an investor and cloud computing evangelist and a personal advisor to CIOs & CTOs....

Read More

Related News

CLOUD SECURITY

Prisma Cloud Delivers Context-Aware Software Composition Analysis to Secure Deployment of Open Source Software

Palo Alto Network | September 23, 2022

Open source software is a critical component of cloud-native applications, allowing developers greater speed and modularity without having to reinvent the wheel each time they code. However, as the Unit 42 Cloud Threat Report, 2H 2021 found, open source software can often contain known vulnerabilities, which can open organizations up to significant risk. Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today introduced the industry's first context-aware software composition analysis (SCA) solution to help developers safely use open source software components. The integration of SCA into Prisma® Cloud further demonstrates why Palo Alto Networks is the leading provider of cloud-native security. Traditional SCA solutions are standalone products that can produce a large number of alerts but lack the runtime context to help fix vulnerabilities. With the addition of SCA to the Prisma Cloud platform, developers and security teams can proactively surface and prioritize known vulnerabilities that impact the application lifecycle (i.e., code, build, deploy and run). Prisma Cloud SCA delivers deep dependency detection and remediation of vulnerabilities in open source software before applications reach production. It can also help developers prioritize remediation based on software components that are already in use. These capabilities are not possible when SCA solutions are deployed as single point products. "Developers leveraging open source software should be able to build applications with the confidence they aren't opening the organization up to risk, With the average application consisting of 75% open source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build with speed." Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks As a complete cloud-native application protection platform (CNAPP), Prisma Cloud is context-aware at every stage of the application lifecycle to provide a unified view of risk across organizations' cloud environments. Where current approaches to cloud security rely on siloed products that provide intermittent visibility without remediation, Prisma Cloud approaches cloud security with a comprehensive, prevention-first framework. With 188% increase in cloud incident response cases over the past three years, this shift in approach has become mandatory. A complete code-to cloud CNAPP needs to incorporate the following five key principles in order to keep organizations safe: Security from code to cloud — protects applications at every stage of the development lifecycle — from code, build, deploy and run. Continuous, real time visibility — uses real-time and contextual security analysis of cloud environments to help prevent misconfigurations, vulnerabilities and threats. Prevention-first protection — stopping attacks and defending against zero-day vulnerabilities to drive down mean time to remediation. Choice for every cloud journey — aligning security needs with current and future cloud priorities by supporting a breadth of cloud service providers, workload architectures, continuous integration and continuous delivery (CI/CD) pipelines, integrated development environments (IDEs), and repositories with a unified platform Cloud scale security — consistently secures applications as cloud environments scale. In addition to SCA and to further increase the safety of cloud-native applications, Prisma Cloud introduced a software bill of materials (SBOM) among other capabilities for developers to easily maintain and reference a complete codebase inventory of every application component used across cloud environments. Implementing SCA and SBOM ensures Prisma Cloud aligns with these principles. "Buyers looking for cloud-native security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past," said Frank Dickson, program vice president, Security and Trust at IDC. "Security should be embedded throughout the application development life cycle. This means that buyers need to fundamentally change their approach to security, although they need to continue to protect their run-time environments, they must also embrace solutions that embed security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes." About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

CLOUD SECURITY

Blue Planet Automation Accelerates CSP Adoption of 5G and Multi-Cloud

Blue Planet | September 28, 2022

Blue Planet, a division of Ciena has added new software enhancements to its intelligent automation product portfolio, helping communication service providers (CSPs) accelerate their digital transformation and quickly monetize innovative digital services built on 5G and multi-cloud infrastructure. These enhancements deliver end-to-end observability and control to automate service lifecycle management, improve operational agility and optimize customer experience. The latest software innovations across the Blue Planet intelligent automation portfolio address multiple CSP digital transformation challenges and opportunities: 5G automation: The emergence of 5G standalone, network slicing and multi-access edge computing (MEC) allows CSPs to monetize their network in new ways by delivering innovative slice-based services and offering true digital experiences. Blue Planet is providing new 5G automation capabilities that include: An open, productized 5G network slicing solution that incorporates end-to-end orchestration and observability for zero-touch lifecycle management – automating design, activation, assurance, and modification – of slices, including sub-slice management, across the radio access network (RAN) to the core. Dynamic inventory for visualizing the optimal placement of physical and cloud-native resources as well as the end-to-end 5G service topology to help CSPs plan and deploy their 5G resources quickly and efficiently. Multi-Cloud extensibility: Open cloud-based approaches are critical to increasing scale and agility, as well as enabling elastic connectivity models with cloud providers. New Blue Planet multi-cloud enhancements include: Broad Kubernetes support that enables the intelligent placement and orchestration of cloud-based network functions (CNFs) and applications in distributed multi-cloud environments. As a truly cloud-native platform, Blue Planet can be deployed in any public or private cloud and can be consumed in a software-as-a-service (SaaS) model. As a key player in the multi-cloud ecosystem, Blue Planet has recently joined Nephio, a new Linux Foundation open-source project seeded by Google and focused on Kubernetes-based intent-driven automation of network functions and the underlying infrastructure that supports them. Low-code usability: Low-code technology helps CSPs improve operational agility by empowering them and their system integration partners to design and build new service types and applications for end customers with minimal IT and vendor support. New Blue Planet low-code enhancements include: A single set of integrated development tools across the Blue Planet portfolio to accelerate the onboarding of new network resources and declarative templating abilities that simplify the modeling and creation of new services. "With the rise of 5G and cloudified services, CSPs’ network and service operations will become even more complicated, making automation a necessity. Blue Planet has been making steady incremental progress to enable CSP automation, with its vendor-agnostic, modular, programmable take on service lifecycle management. This latest product upgrade from Blue Planet, with its focus on simplicity for the customer, provides telcos with an opportunity for growth and to engage with the digital economy,” said Francis Haysom, Principal Analyst, Appledore. "Digitization is accelerating for CSPs as they modernize their operations to deliver innovative new services more quickly and cost-effectively,” said Rick Hamilton, At Blue Planet, we are laser-focused on creating intelligent automation capabilities that help our CSP customers digitize operations and deliver exciting new digital services to improve the customer experience.” Senior Vice President, Blue Planet. You can learn more about these new and enhanced features by visiting Blue Planet this week at Digital Transformation World (DTW) 2022, September 20-22 in Copenhagen, Denmark, where Blue Planet is participating in the ‘Supercharged edge-aware marketplaces’ Catalyst demonstration. About Blue Planet Blue Planet provides proven software solutions that accelerate digital transformation through intelligent automation. With more than 200 deployments worldwide, our modular, vendor-agnostic product portfolio enables real-time visibility and control to manage changing network operating environments. Backed by a global team of delivery specialists and an ecosystem of partners, Blue Planet is a division of Ciena that combines expertise across IT, network, and business operations to enable the agility necessary for creating differentiated end-customer experiences.

Read More

CLOUD SECURITY

New Spectro Cloud Palette Edge Platform Brings World-Class Security and Operational Efficiencies to Kubernetes at the Edge

Spectro Cloud | September 30, 2022

Spectro Cloud, a leader in modern Kubernetes (K8s) management software, today announced a major new release of its Palette Edge platform. Kubernetes at the edge has spurred the interest of businesses around the world as they seek to enhance competitiveness and agility. To date, however, K8s at the edge has failed to realize its true potential. Why? A study by Dimensional Research found 72% of Kubernetes users effectively said: “It’s too challenging to deploy and manage Kubernetes on edge devices.” The Palette Edge platform, first launched in March 2022, earned Spectro Cloud recognition as a 2022 Gartner Cool Vendor in Edge Computing solves this problem, enabling organizations to re-define how cost-efficiently they can deploy and manage edge K8s clusters at scale, including at locations with small form factor devices, no on-site IT skills and marginal connectivity. Palette Edge delivers remote troubleshooting, zero-downtime rolling upgrades and patch management, even in single-server edge deployments, due to its unique A/B OS partition, multi-node failsafe design and support for both ARM and x86 architectures, including Intel’s Trusted Platform Module (TPM). Palette Edge derives its functionality from Spectro Cloud’s core Palette platform, which enables organizations to consistently manage K8s clusters across their full lifecycle, across public clouds, virtualized or bare metal data centers, as well as edge locations. Through a unique extension of Cloud Native Computing Foundation (CNCF’s) Cluster API, Palette enables IT teams to model their full Kubernetes stacks from the OS to the application in a true declarative model, creating project-curated, reusable Cluster Profiles while providing a choice of operating systems, K8s distributions and tools from the broad K8s ecosystem. Palette is architected to scale, delivering centralized and automated management combined with decentralized orchestration and policy enforcement — together enabling a virtually infinite scale from few to tens of thousands of clusters. Extending this core Palette foundation, Palette Edge today adds unique security, visibility and usability capabilities, setting a new industry standard for deploying and centrally managing edge K8s at scale, dramatically lowering total cost of ownership and risk for organizations of any size expanding to the edge. Palette Edge is purpose-built to support key industry use cases including Internet of Things device management and orchestration, data ingestion, streaming, analytics and AI inference. “For us, edge is an enabler to help clinicians deliver better patient outcomes by deploying technology closer to the user,” said Vignesh Shetty, SVP & GM Edison AI and Platform at GE Healthcare Digital. “The need for a secure, cost-effective approach to manage Kubernetes at the edge at scale is more relevant than ever before.” The new Palette Edge delivers on the key priorities for edge K8s users with: Tamperproof security for Kubernetes at the edge: Spectro Cloud research found that security is the #1 concern when adopting edge Kubernetes. Edge Kubernetes devices deployed in remote, unmonitored locations are particularly vulnerable to deliberate tampering and unintentional configuration drift, where their operating system, distribution and other software elements move out of compliance through ad hoc configuration changes. Palette Edge now enables operations teams to build highly secure configurations for edge devices, including their preferred Kubernetes distribution and the underlying OS, which once deployed become immutable, read-only and unmodifiable by the application user, just like the firmware on a smartphone. The now-immutable stack also enables zero-downtime rolling upgrades, due to a failsafe deployment design. Palette eXtended Kubernetes Edge (PXK-E): This new edge-optimized Kubernetes distribution version of Spectro Cloud’s CNCF-upstream Kubernetes distribution is available now to all Palette customers. PXK-E incorporates Palette’s new immutability capability, along with NIST-800 security hardening. It is certified for more than 50 open source and commercial cloud native integrations and provides high availability and zero-downtime rolling upgrades even in single-server configurations. With Palette Edge, businesses can choose the PXK-E distribution or Palette-optimized versions of any other K8s distribution, verified and supported by Spectro Cloud. A powerful NOC-like dashboard: Now organizations scaling to thousands or tens of thousands of edge devices have the power to manage their fleet more easily and with greater control than ever before. Palette Edge’s Network Operations Center-like (NOC) dashboard provides a highly intuitive user experience with live status for key events, plus advanced capabilities to filter, tag and drill down to clusters by location, status or other attribute. Importantly, operators can define powerful workflows for managing clusters, with almost infinite possibilities: for example, they can phase deployments of cluster updates by location for canary testing, or schedule patching to follow the sun. Ultra-simple edge device onboarding: In edge Kubernetes projects, organizations can find the act of deploying new devices in remote locations incredibly problematic; often, costly field engineering truck rolls are needed. Palette Edge makes it easy for non-specialist staff to quickly power up and onboard a new device into a managed cluster, using a variety of methods, such as through Palette Edge’s user interface, leveraging its open API, the Spectro Cloud Terraform provider, or by simply scanning a QR code on the edge device itself. The features delivered in this new Palette Edge release reflect real customer requirements of K8s at the edge. To address them and also contribute to the broader cloud native community, Spectro Cloud is now leading a unique open source project which delivers failsafe immutability at the edge: Kairos. Version 1.0 of Kairos is now generally available with extended community support, and is free to download and use. For more information, visit www.kairos.io. This is another example demonstrating Spectro Cloud’s continued commitment to foster innovation as a member of the CNCF and Linux Foundation, contributing to major Kubernetes ecosystem projects such as Cluster API and the Cluster API Provider for Canonical MAAS. These major new features are available today in Spectro Cloud’s Palette Edge edition and further position Palette as the first choice for organizations running Kubernetes at the edge at scale, enabling them to bring modern applications and data close to their end-users. Customers of Palette Edge are already realizing significant benefits by avoiding otherwise necessary field engineering visits at edge locations, which can result to up to 90% reduction in operational costs. “A key use case for 5G Edge compute is mission critical, ultra-low latency, workloads. That means cyber-security is a foundational principle for Edge and not an afterthought. Spectro Cloud is delivering a customer solution for deploying modern apps to the Edge that can integrate readily into end-to-end Zero Trust architectures,” said Dr. Ken Urquhart, Global Vice-President, 5G at Zscaler. “This brand new set of capabilities is making edge K8s locations as easy as a cloud for our customers, With a platform that can scale to tens of thousands of edge locations, requirements like security, resiliency and ease-of-use can be game changers, and this has been our focus in the latest release. At Spectro Cloud we are committed champions of the innovation coming out of the open source community, and we couldn’t be more excited to collaborate with some of the most interesting projects to deliver some of those new capabilities.” Spectro Cloud co-founder and CEO Tenry Fu About Spectro Cloud Spectro Cloud uniquely enables organizations to deploy and manage Kubernetes in production, at scale. Its Palette enterprise Kubernetes management platform gives IT Operations and DevOps engineering teams effortless control of the full Kubernetes lifecycle even across multiple clouds, data centers, bare metal and edge environments. Ops teams are empowered to support their developers with curated Kubernetes stacks and tools based on their specific needs, with granular governance and enterprise-grade security.

Read More

CLOUD SECURITY

Prisma Cloud Delivers Context-Aware Software Composition Analysis to Secure Deployment of Open Source Software

Palo Alto Network | September 23, 2022

Open source software is a critical component of cloud-native applications, allowing developers greater speed and modularity without having to reinvent the wheel each time they code. However, as the Unit 42 Cloud Threat Report, 2H 2021 found, open source software can often contain known vulnerabilities, which can open organizations up to significant risk. Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today introduced the industry's first context-aware software composition analysis (SCA) solution to help developers safely use open source software components. The integration of SCA into Prisma® Cloud further demonstrates why Palo Alto Networks is the leading provider of cloud-native security. Traditional SCA solutions are standalone products that can produce a large number of alerts but lack the runtime context to help fix vulnerabilities. With the addition of SCA to the Prisma Cloud platform, developers and security teams can proactively surface and prioritize known vulnerabilities that impact the application lifecycle (i.e., code, build, deploy and run). Prisma Cloud SCA delivers deep dependency detection and remediation of vulnerabilities in open source software before applications reach production. It can also help developers prioritize remediation based on software components that are already in use. These capabilities are not possible when SCA solutions are deployed as single point products. "Developers leveraging open source software should be able to build applications with the confidence they aren't opening the organization up to risk, With the average application consisting of 75% open source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build with speed." Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks As a complete cloud-native application protection platform (CNAPP), Prisma Cloud is context-aware at every stage of the application lifecycle to provide a unified view of risk across organizations' cloud environments. Where current approaches to cloud security rely on siloed products that provide intermittent visibility without remediation, Prisma Cloud approaches cloud security with a comprehensive, prevention-first framework. With 188% increase in cloud incident response cases over the past three years, this shift in approach has become mandatory. A complete code-to cloud CNAPP needs to incorporate the following five key principles in order to keep organizations safe: Security from code to cloud — protects applications at every stage of the development lifecycle — from code, build, deploy and run. Continuous, real time visibility — uses real-time and contextual security analysis of cloud environments to help prevent misconfigurations, vulnerabilities and threats. Prevention-first protection — stopping attacks and defending against zero-day vulnerabilities to drive down mean time to remediation. Choice for every cloud journey — aligning security needs with current and future cloud priorities by supporting a breadth of cloud service providers, workload architectures, continuous integration and continuous delivery (CI/CD) pipelines, integrated development environments (IDEs), and repositories with a unified platform Cloud scale security — consistently secures applications as cloud environments scale. In addition to SCA and to further increase the safety of cloud-native applications, Prisma Cloud introduced a software bill of materials (SBOM) among other capabilities for developers to easily maintain and reference a complete codebase inventory of every application component used across cloud environments. Implementing SCA and SBOM ensures Prisma Cloud aligns with these principles. "Buyers looking for cloud-native security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past," said Frank Dickson, program vice president, Security and Trust at IDC. "Security should be embedded throughout the application development life cycle. This means that buyers need to fundamentally change their approach to security, although they need to continue to protect their run-time environments, they must also embrace solutions that embed security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes." About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

CLOUD SECURITY

Blue Planet Automation Accelerates CSP Adoption of 5G and Multi-Cloud

Blue Planet | September 28, 2022

Blue Planet, a division of Ciena has added new software enhancements to its intelligent automation product portfolio, helping communication service providers (CSPs) accelerate their digital transformation and quickly monetize innovative digital services built on 5G and multi-cloud infrastructure. These enhancements deliver end-to-end observability and control to automate service lifecycle management, improve operational agility and optimize customer experience. The latest software innovations across the Blue Planet intelligent automation portfolio address multiple CSP digital transformation challenges and opportunities: 5G automation: The emergence of 5G standalone, network slicing and multi-access edge computing (MEC) allows CSPs to monetize their network in new ways by delivering innovative slice-based services and offering true digital experiences. Blue Planet is providing new 5G automation capabilities that include: An open, productized 5G network slicing solution that incorporates end-to-end orchestration and observability for zero-touch lifecycle management – automating design, activation, assurance, and modification – of slices, including sub-slice management, across the radio access network (RAN) to the core. Dynamic inventory for visualizing the optimal placement of physical and cloud-native resources as well as the end-to-end 5G service topology to help CSPs plan and deploy their 5G resources quickly and efficiently. Multi-Cloud extensibility: Open cloud-based approaches are critical to increasing scale and agility, as well as enabling elastic connectivity models with cloud providers. New Blue Planet multi-cloud enhancements include: Broad Kubernetes support that enables the intelligent placement and orchestration of cloud-based network functions (CNFs) and applications in distributed multi-cloud environments. As a truly cloud-native platform, Blue Planet can be deployed in any public or private cloud and can be consumed in a software-as-a-service (SaaS) model. As a key player in the multi-cloud ecosystem, Blue Planet has recently joined Nephio, a new Linux Foundation open-source project seeded by Google and focused on Kubernetes-based intent-driven automation of network functions and the underlying infrastructure that supports them. Low-code usability: Low-code technology helps CSPs improve operational agility by empowering them and their system integration partners to design and build new service types and applications for end customers with minimal IT and vendor support. New Blue Planet low-code enhancements include: A single set of integrated development tools across the Blue Planet portfolio to accelerate the onboarding of new network resources and declarative templating abilities that simplify the modeling and creation of new services. "With the rise of 5G and cloudified services, CSPs’ network and service operations will become even more complicated, making automation a necessity. Blue Planet has been making steady incremental progress to enable CSP automation, with its vendor-agnostic, modular, programmable take on service lifecycle management. This latest product upgrade from Blue Planet, with its focus on simplicity for the customer, provides telcos with an opportunity for growth and to engage with the digital economy,” said Francis Haysom, Principal Analyst, Appledore. "Digitization is accelerating for CSPs as they modernize their operations to deliver innovative new services more quickly and cost-effectively,” said Rick Hamilton, At Blue Planet, we are laser-focused on creating intelligent automation capabilities that help our CSP customers digitize operations and deliver exciting new digital services to improve the customer experience.” Senior Vice President, Blue Planet. You can learn more about these new and enhanced features by visiting Blue Planet this week at Digital Transformation World (DTW) 2022, September 20-22 in Copenhagen, Denmark, where Blue Planet is participating in the ‘Supercharged edge-aware marketplaces’ Catalyst demonstration. About Blue Planet Blue Planet provides proven software solutions that accelerate digital transformation through intelligent automation. With more than 200 deployments worldwide, our modular, vendor-agnostic product portfolio enables real-time visibility and control to manage changing network operating environments. Backed by a global team of delivery specialists and an ecosystem of partners, Blue Planet is a division of Ciena that combines expertise across IT, network, and business operations to enable the agility necessary for creating differentiated end-customer experiences.

Read More

CLOUD SECURITY

New Spectro Cloud Palette Edge Platform Brings World-Class Security and Operational Efficiencies to Kubernetes at the Edge

Spectro Cloud | September 30, 2022

Spectro Cloud, a leader in modern Kubernetes (K8s) management software, today announced a major new release of its Palette Edge platform. Kubernetes at the edge has spurred the interest of businesses around the world as they seek to enhance competitiveness and agility. To date, however, K8s at the edge has failed to realize its true potential. Why? A study by Dimensional Research found 72% of Kubernetes users effectively said: “It’s too challenging to deploy and manage Kubernetes on edge devices.” The Palette Edge platform, first launched in March 2022, earned Spectro Cloud recognition as a 2022 Gartner Cool Vendor in Edge Computing solves this problem, enabling organizations to re-define how cost-efficiently they can deploy and manage edge K8s clusters at scale, including at locations with small form factor devices, no on-site IT skills and marginal connectivity. Palette Edge delivers remote troubleshooting, zero-downtime rolling upgrades and patch management, even in single-server edge deployments, due to its unique A/B OS partition, multi-node failsafe design and support for both ARM and x86 architectures, including Intel’s Trusted Platform Module (TPM). Palette Edge derives its functionality from Spectro Cloud’s core Palette platform, which enables organizations to consistently manage K8s clusters across their full lifecycle, across public clouds, virtualized or bare metal data centers, as well as edge locations. Through a unique extension of Cloud Native Computing Foundation (CNCF’s) Cluster API, Palette enables IT teams to model their full Kubernetes stacks from the OS to the application in a true declarative model, creating project-curated, reusable Cluster Profiles while providing a choice of operating systems, K8s distributions and tools from the broad K8s ecosystem. Palette is architected to scale, delivering centralized and automated management combined with decentralized orchestration and policy enforcement — together enabling a virtually infinite scale from few to tens of thousands of clusters. Extending this core Palette foundation, Palette Edge today adds unique security, visibility and usability capabilities, setting a new industry standard for deploying and centrally managing edge K8s at scale, dramatically lowering total cost of ownership and risk for organizations of any size expanding to the edge. Palette Edge is purpose-built to support key industry use cases including Internet of Things device management and orchestration, data ingestion, streaming, analytics and AI inference. “For us, edge is an enabler to help clinicians deliver better patient outcomes by deploying technology closer to the user,” said Vignesh Shetty, SVP & GM Edison AI and Platform at GE Healthcare Digital. “The need for a secure, cost-effective approach to manage Kubernetes at the edge at scale is more relevant than ever before.” The new Palette Edge delivers on the key priorities for edge K8s users with: Tamperproof security for Kubernetes at the edge: Spectro Cloud research found that security is the #1 concern when adopting edge Kubernetes. Edge Kubernetes devices deployed in remote, unmonitored locations are particularly vulnerable to deliberate tampering and unintentional configuration drift, where their operating system, distribution and other software elements move out of compliance through ad hoc configuration changes. Palette Edge now enables operations teams to build highly secure configurations for edge devices, including their preferred Kubernetes distribution and the underlying OS, which once deployed become immutable, read-only and unmodifiable by the application user, just like the firmware on a smartphone. The now-immutable stack also enables zero-downtime rolling upgrades, due to a failsafe deployment design. Palette eXtended Kubernetes Edge (PXK-E): This new edge-optimized Kubernetes distribution version of Spectro Cloud’s CNCF-upstream Kubernetes distribution is available now to all Palette customers. PXK-E incorporates Palette’s new immutability capability, along with NIST-800 security hardening. It is certified for more than 50 open source and commercial cloud native integrations and provides high availability and zero-downtime rolling upgrades even in single-server configurations. With Palette Edge, businesses can choose the PXK-E distribution or Palette-optimized versions of any other K8s distribution, verified and supported by Spectro Cloud. A powerful NOC-like dashboard: Now organizations scaling to thousands or tens of thousands of edge devices have the power to manage their fleet more easily and with greater control than ever before. Palette Edge’s Network Operations Center-like (NOC) dashboard provides a highly intuitive user experience with live status for key events, plus advanced capabilities to filter, tag and drill down to clusters by location, status or other attribute. Importantly, operators can define powerful workflows for managing clusters, with almost infinite possibilities: for example, they can phase deployments of cluster updates by location for canary testing, or schedule patching to follow the sun. Ultra-simple edge device onboarding: In edge Kubernetes projects, organizations can find the act of deploying new devices in remote locations incredibly problematic; often, costly field engineering truck rolls are needed. Palette Edge makes it easy for non-specialist staff to quickly power up and onboard a new device into a managed cluster, using a variety of methods, such as through Palette Edge’s user interface, leveraging its open API, the Spectro Cloud Terraform provider, or by simply scanning a QR code on the edge device itself. The features delivered in this new Palette Edge release reflect real customer requirements of K8s at the edge. To address them and also contribute to the broader cloud native community, Spectro Cloud is now leading a unique open source project which delivers failsafe immutability at the edge: Kairos. Version 1.0 of Kairos is now generally available with extended community support, and is free to download and use. For more information, visit www.kairos.io. This is another example demonstrating Spectro Cloud’s continued commitment to foster innovation as a member of the CNCF and Linux Foundation, contributing to major Kubernetes ecosystem projects such as Cluster API and the Cluster API Provider for Canonical MAAS. These major new features are available today in Spectro Cloud’s Palette Edge edition and further position Palette as the first choice for organizations running Kubernetes at the edge at scale, enabling them to bring modern applications and data close to their end-users. Customers of Palette Edge are already realizing significant benefits by avoiding otherwise necessary field engineering visits at edge locations, which can result to up to 90% reduction in operational costs. “A key use case for 5G Edge compute is mission critical, ultra-low latency, workloads. That means cyber-security is a foundational principle for Edge and not an afterthought. Spectro Cloud is delivering a customer solution for deploying modern apps to the Edge that can integrate readily into end-to-end Zero Trust architectures,” said Dr. Ken Urquhart, Global Vice-President, 5G at Zscaler. “This brand new set of capabilities is making edge K8s locations as easy as a cloud for our customers, With a platform that can scale to tens of thousands of edge locations, requirements like security, resiliency and ease-of-use can be game changers, and this has been our focus in the latest release. At Spectro Cloud we are committed champions of the innovation coming out of the open source community, and we couldn’t be more excited to collaborate with some of the most interesting projects to deliver some of those new capabilities.” Spectro Cloud co-founder and CEO Tenry Fu About Spectro Cloud Spectro Cloud uniquely enables organizations to deploy and manage Kubernetes in production, at scale. Its Palette enterprise Kubernetes management platform gives IT Operations and DevOps engineering teams effortless control of the full Kubernetes lifecycle even across multiple clouds, data centers, bare metal and edge environments. Ops teams are empowered to support their developers with curated Kubernetes stacks and tools based on their specific needs, with granular governance and enterprise-grade security.

Read More