knapkins at the ready folks
the troughs about to get a filling! get those snouts in...
With £800m of other people's money in hand, UK central government is on the hunt for DevOps folk to build and manage live NHS services and oversee data system migration under the "Digital Capability for Health" scheme. Crown Commercial Services, the buying arm of The Cabinet Office, said in the sort of nebulous way only public …
The UK's National Health Service (NHS) has committed to implementing electronic health records for all hospitals and community practices by 2025, backed by £2 billion (c $2.4 billion) in funding.
The investment from one of the world's largest healthcare providers follows Oracle founder Larry Ellison's promise to create "unified national health records" in the US after the company paid $28.3 billion for Cerner, an American health software company also at the heart of many NHS record systems.
In the UK, health secretary Sajid Javid has promised £2 billion to digitize the NHS in England, including electronic health records in all NHS trusts (hospitals or other healthcare providers) by March 2025.
The top-down approach to the procurement of a £360 million data platform for NHS England is said to favor incumbent supplier Palantir as fears grow the project could be making the same mistakes that led to the failure of the country's infamous £10 billion National Programme for IT.
Reports emerged recently showing that the secretive spy-tech business was making the competition, launched in April this year, a "must-win deal" following its recruitment of Indra Joshi and Harjeet Dhaliwal, key figures in NHS England's data science and AI teams.
More than two years after England launched a COVID data store, keeping details of National Health Service (NHS) patients, the country's National Data Guardian (NDG) remains unsatisfied with who is accessing the data.
The COVID-19 data store was launched in March 2020, and would pull together medical and operational data about the spread of the virus across the country.
Jenkins, an open-source automation server for continuous integration and delivery (CI/CD), has published 34 security advisories covering 25 plugins used to extend the software.
Eleven of the advisories are rated high severity, 14 are medium, and 9 are said to be low.
The vulnerabilities described include: cross-site scripting (XSS); passwords, API keys, secrets, and tokens stored in plaintext; cross-site request forgery (CSRF); and missing and incorrect permission checks.
GitLab believes the world is in the midst of a "generational disruption" where all companies will need to embrace modern software development practices, and reckons it can take advantage by positioning itself as the enterprise-grade alternative to homegrown DevOps point solutions.
In a bullish Q1 2023 earnings conference call, GitLab co-founder and CEO Sytse "Sid" Sijbrandij said the business need for digital transformations remains strong despite uncertain economic conditions. He added that GiLab believes all companies are becoming software-driven businesses and this will require an increasing number to build modern software development practices.
"In a world where software defines a speed of innovation, we believe every company has to become great at developing, securing and operating software to remain competitive," Sijbrandij said.
Kubernetes, despite being widely regarded as an important technology by IT leaders, continues to pose problems for those deploying it. And the problem, apparently, is us.
The open source container orchestration software, being used or evaluated by 96 per cent of organizations surveyed [PDF] last year by the Cloud Native Computing Foundation, has a reputation for complexity.
Witness the sarcasm: "Kubernetes is so easy to use that a company devoted solely to troubleshooting issues with it has raised $67 million," quipped Corey Quinn, chief cloud economist at IT consultancy The Duckbill Group, in a Twitter post on Monday referencing investment in a startup called Komodor. And the consequences of the software's complication can be seen in the difficulties reported by those using it.
A phishing operation compromised over one hundred UK National Health Service (NHS) employees' Microsoft Exchange email accounts for credential harvesting purposes, according to email security shop Inky.
During the phishing campaign, which began in October 2021 and spiked in March 2022, the email security firm detected 1,157 phishing emails originating from NHSMail accounts that belonged to 139 NHS employees in England and Scotland.
"The true scope of the attack could have been much larger, as Inky detected only those attempts made on our customers," the company's VP of Security Strategy Roger Kay wrote in a blog post. "But given how many we found, it's safe to say that the total iceberg was much bigger than the tip we saw."
By 2025, half of analytics will be developed by business users via a low-code or no-code modular assembly experience, according to Gartner.
Presenting its vision for trends in data and analytics, the global analyst said the future would put business users, rather than IT or data engineering, in the driving seat, at least in terms of applications.
GitHub has announced that it will require two factor authentication for users who contribute code on its service.
"The software supply chain starts with the developer," wrote GitHub chief security officer Mike Hanley on the company blog. "Developer accounts are frequent targets for social engineering and account takeover, and protecting developers from these types of attacks is the first and most critical step toward securing the supply chain."
Readers will doubtless recall that attacks on development supply chains have recently proven extremely nasty. Exhibit A: the Russian operatives that slipped malware into SolarWinds' Orion monitoring tool. That malware made it into over 18,000 companies, around 100 of which were infected and attacked. GitHub has also had its own problems, such as when access to npm was compromised.
US surveillance-tech supplier Palantir has hired a one-time director of AI for NHSX – the former UK health service digital agency.
Indra Joshi quit her role at the end of March as NHSX and NHS Digital were merged into NHS England, a non-departmental government body.
Her arrival at Palantir will raise concerns among NHS watchers and privacy campaigners.
Biting the hand that feeds IT © 1998–2022