Tag Archives: Compliance

Compliance Death Curve [Working Session 1]

The compliance death curve is something I’ve been working on as an evolving concept that tries to explain how companies fight compliance governance and standardization efforts, something that is critical to platform team and infrastructure operations.

Today we try to decompose some of the mathematics that I’ve been using into more universal, more easily understood components. We built a compliance flywheel that I found really fascinating which you can see an example of that work in our podcast description.

It could also be helpful to check out my previously recorded compliance death curve talk that has been released.

Resources:
www.youtube.com/watch?v=4RUKsakKZI0

Transcript: otter.ai/u/k9q5ZZ81Hm-EAAtfkV…?utm_source=copy_url

Compliance is Fun! (and why you care)

We dive deep into the technical subject of governance and policy enforcement, including the tools, techniques and processes that you need to be aware of to do a good job with policy and governance enforcement.

We cover how to get started, what to think about, what to be aware of, and chip away at your governance and policy challenges including developer development portals, infrastructure pipelines and DevSecOps.

Transcript: otter.ai/u/ND90jKHwbklUBOAwT1…?utm_source=copy_url
Image by Dall-E prompt “please make a carton that shows a regulator who is managing cloud and IT assets using impractical tools”

Rob’s Hot Take:

Rob Hirschfeld, CEO and co-founder of RackN and host of the Cloud 2030 Podcast, discusses the October 19th conversation about limiting large language models (LLMs) and AI. The discussion focused on creating legal limitations for artificial intelligence and technology, highlighting the potential impact of regulations such as Section 230, which governs internet service providers’ moderation of content. Hirschfeld suggests that changes to Section 230 could be a critical component in controlling emerging technologies, inviting listeners to explore the insightful conversation at the2030.cloud.

Compliance Comes to Kubernetes

What does it take to implement governance and compliance, because they are process controls much more than individual technologies. Today we discuss that a lot of the talks seem to be about governance and compliance, and we have a fascinating discussion about governance compliance and Kubernetes.

The idea that Kubernetes is maturing, losing the drama that is a hallmark of its first decade now and moving into a focus on managing how to control and have security, compliance and normality. Yet all of those things have a degree of tension with the vendors and users, which puts single choice compliance and governance
in direct conflict with open source competitive ecosystems.

This makes for a fascinating conversation where we touch on some really important issues for the industry.

Transcript: otter.ai/u/mAkvsYgMYMp_W8Bizk…?utm_source=copy_url
Image: Generated by Dall-E

Book Discussion: Investments Unlimited

This is the second installment of our book group, which is a discussion about Investments Unlimited. We have one of our authors, and a great all around DevOps enthusiast, John Willis, on the call with us.

As you might expect, while we talk about the book and John gives a lot of background and details about the book, we treat it with the classic cloud2030 style, and bring in AI, large language and advanced DevOps.

We take the topics of the book to the next level, and frame it in the moment of the year, looking beyond and into how the concepts of compliance, validation, team coordination and risk assessment are incorporated into the coming AI and how it changes in our landscape.

Sources
Book www.amazon.com/Investments-Unlim…tal/dp/1950508536
techstrong.ai/aiops/the-rise-of-shadow-ai/
guidehouse.com/insights/financia…-lines-of-defense

Transcript: otter.ai/u/uC9c3xJS4oATQx7BrY…?utm_source=copy_url