I hope everyone is staying safe and making the most of their time indoors.  Today I am rediscovering the beauty and elegance of Amazon Web Services or AWS for short.  AWS provide a cloud computing platform that allows you to build apps and infrastructure to deliver business outcomes.

Today, my session is going to focus on a very basic service called Elastic Compute Cloud or EC2 for short.  It is a simple service that allows you to build your own virtual machines or VMs.  These VMs are the most basic building block in cloud computing.  

Below is a fantastic Zoom video, that steps you through some of the basics of AWS EC2 and provides you with a simple hands-on demo on the AWS platform.  I really hope you enjoy it.

The Certified Cloud Security Professional certification is offered by the ISC2 and is one of the many courses I have helped develop at ALC Training.  It is proving to be one of the most popular certifications that I run....I have 11 others that cover cloud computing, agile, cybersecurity and big data areas.  But why?

As you can see, it covers 6 domains and we focus on a range of techniques and best practices associated with cloud computing.  For those studying CCSP, I have created a free flashcard quiz below.  This is handy for anyone that is involed in CyberSecurity and is a good way to re-enforce your knowledge.

​​​For a detailed list of learning outcomes check out the ISC2 website below....

 The reason I think CCSP is popular, is because CyberSecurity is in the Top 5 items that keep senior leaders awake at night.  The fear that the organisation you have worked hard to protect, could one day be maliciously attacked is a troubling thought for many...resulting in a cold sweat nightmare at 3am in the morning. 

To be honest there are many things that business leaders need to consider.  So let me outline 2 of the key items that spring to mind this morning....

1 - Secure the use of Identity and Access Management Systems

The key here is people....because they are the solution....not the problem.   Here is a simple checklist that everyone can follow...not just at work...but also at home.  

Tip 05 can be adapted for business, by building a list of trusted sources, i.e. a whitelist.  You can do this manually, or by using a whitelisting tool, preferably one based on Artificial Intelligence technology.  That way it can detect not just trustued sources that you list, but predict or warn when something looks malicious.  
​
2 - Simulate Probable Security Scenarios

Again the key here is people.  Create a realistic scenario....data breaches are the most common, so this is a good place to start.  Brief a small number of individuals, including leadership, that you're creating a simulated security challenge....execute the scenario for real on a non-production system with the team....then treat it like a fire drill and allow the remainder of the team to see how they react and recover from the simulation. It's a bit like paintballing...where one team attacks the castle....and the other team defends it.  Although in this scenario....the defending team is really ascertaining what happened and how best to protect the organisation going forward. 

If you need inspiration for what threats you should be simulating....take a look at the Treacherous 12....which we cover in the CCSP course.  

It's not often I blog about someone else's work, but these stats on Tesla's meteroric rise, are too good NOT to share.  Credit has to go to Tom Randall (@tsrandall), Senior Reporter at Bloomberg for the awesome pics and stats in this blog post.

But first I wanted to share my awesome experience of the latest version 9 Autopilot, that I tried out in Brisbane, a few months back,

Boy....has there been some serious improvements.  Last time I took a Tesla Model S for a test drive, was around 1.5 years ago.  And since then, the 'stay in lane' feature has come on leaps and bounds.  I used the feature for around 5 minutes on a stretch of highway.  The car in front was doing 70kmph in a 90kmph zone, and the Tesla slowed down gracefully.  It kept perfectly in the centre of the left lane, as the road curved, left, then right and sharply left again.  

At the next slip road, the vehicle in front exited.  Once it was clear of the Model S, the car gracefully accelerated up to the speed limit of 90kmph without a hitch and without any input.  All I had to do was to keep my hands on the wheel, so the car knew I was still alive.  The 'hands-on wheel' feature was brought in by Tesla after a couple of accidents in the US, where drivers had totally relied on the Autopilot and were not paying attention to the driving.  This feature aims to prevent such occurences.

All I can say it that is absolutely amazing, and I'm sure the experience translates precisely into the Model S and Model X cars.  Unfortunately you can not test drive a Model 3 in Brisbane, so here is the closest I got:

You can see from the stats below that the Model 3 is the 5th Best-Selling Sedan in the US.  

Not bad for a car that still costs around $55,000 USD.  

Let's now take a look at the value, known as market capitialisation, of the world's most valuable automotive makers:

Now this next graphic shows the progression of Tesla's cash flow.  This will likely lead to a positive $837millionUSD, as opposed to spring 2018, which was a negative at $795millionUSD:

 Mmmmm...maybe I should invest in Tesla stock???

I passed my TOGAF Essentials 2018 assessment this year...but why?  Well I run coaching and mentoring masterclasses, covering a range of new digital courses.  The most popular at the moment is the Certified Cloud Security Professional course (CCSP), which leads the CCSP certification endorsed by the ISC2.  The next most popular is the TOGAF standard, a standard of the Open Group.  As an instructor, I have to maintain my currency on all the latest materials and the TOGAF Essentials 2018 assessment is a great way of doing that.  It basically makes clear all the differences between the TOGAF Standard Version 9.1, from 2011 and the TOGAF Standard Version 9.2 standard which was released only a few weeks ago.

So let's cut to the chase.  What are some of the key differences:

1. Content in the tools / techniques section, such as Business Scenarios, have been removed from the TOGAF standard and separated out into separate guides in the TOGAF Library.  THis makes them easier to maintain, aligning to a more #Agile approach.
2. New Guides have been added that covers things like Value Streams, Business Capabilities and Establishing an EA capability.
3. Security, SOA and the Reference Models are now in separate documents and removed from teh core book.
4. Business Architecture, Phase B, has been strengthened to include new definitions, which in turn has meant some changes to the content metamodel.  Examples include new definitions of Buiness Capability, Business Model and Value Stream.
5. Updates to basic architecture concepts that better align with the ISO/IEC/IEEE 42010:2011 standards.
6. Technology Platform is now known as Technology Services in the metamodel.
7. Enterprise Security Architecture aligns more closely with the Sherwood Applied Business Security Architecture, known as the SABSA framework.
8. Inconsistencies and errors in the ADM Phases has been rectified.
9. Architecture Repository view has been updated to now include the Solutions landscape and the Architecture Requirements Repository.

Overall I really welcome the changes, and it's good to see the TOGAF standard being broken into smaller artifacts, so that they can be updated independently.  Great to see the Open Group slowly moving to a more Agile approach.

I've also released a FREE set of flashcards specifically to help you remember all the TOGAF 9.2 terminology for the Part 1 and Part 2 exams.  Check them out on Quizlet:   quizlet.com/_57zkpz

Check out our course at ALC Training:

​www.alctraining.com.au/course/togaf-9-level-1-2-certificate-course/wotertAod ApplieThered Business SBusinecurity ArchitectureSherwood Applied Business Security Architecture

TOGAF(R) is a registered trademark of the Open Group.