India government IT spending to grow 8.6% in 2022: Gartner

IT Revenue
Pic credit: DATAQUEST

India government IT spending is projected to total $8.3 billion in 2022, an increase of 8.6% from 2021 according to a latest forecast by Gartner, Inc.

“Digitalization initiatives of Indian government organizations took a giant leap in 2020 because of the global pandemic. The pandemic forced the government to shift priorities as supply chains and revenue streams dwindled,” said Apeksha Kaushik, senior principal research analyst at Gartner. “As vaccination rates increase throughout the country and public health improves, the governments will focus on furthering the digitalization efforts on concerns such as ‘citizen experience’ and digital inclusion.”

Individual digital solutions do not correlate to overall digital maturity. As a result, the overall digital maturity of Indian government organizations is low compared to its western counterparts. Moving from legacy systems to digital will be a major reason for IT spending growth in 2022. For initiatives, such as digital licensing, online judicial proceedings, digital taxation, that were initiated as a knee-jerk reaction to the pandemic in 2020, there is a still long way ahead to achieve full potential as digital inclusion is not fully met in the country. The forthcoming 5G spectrum auction in India will aim at solving some of these challenges related to digital inclusion in 2022.

Indian government organizations, both local and national, will increase spending on all segments of IT in 2022, except for telecom services. The software segment is forecast to achieve the highest growth of 24.7% in 2022 as the adoption of citizen service delivery applications with use of artificial intelligence and machine learning will improve across citizen initiatives (see Table 1). As India prepares itself for 5G rollout, the telecom market requires deep pockets to make an impact on innovation, quality of services to citizens, pricing. Hence, the focus on investing on telecom services will be lower as compared to the other segments in 2022.

“In India, with increasing investments on cloud and cyber-security, the prime focus of IT spending by government organizations is on building collaborative partnerships, along with technology solutions. Government CIOs are looking beyond implementation for signs of the impact from the technology, outcome-based futuristic direction they should take and for IT technology/service providers that go beyond provision to partner and collaborate with them to achieve their mission critical priorities,” said Kaushik.

As cloud deployments and implementations further the digital agenda, privacy and security continue to be government CIOs’ top concerns in the country. Key technologies that government CIOs in India will be prioritizing their spending on in 2022 will be digital workplace and business continuity solutions, business intelligence and data analytics, responsible AI and blockchain along with improved data privacy & data sharing tools.

Source: https://www.dqindia.com/india-government-spending-grow-8-6-2022-gartner/

Microsoft Azure Certifications- Choose your right learning path!

Microsoft Azure Certifications- Choose your right learning path-Synergetics Learning Blog Banner

We can very well state that year 2020, was a year of transformation for the IT sector. Immense changes in IT-related work patterns and profile along with fast paced development in this segment has left many learning managers, training managers perplexed. 

The present scenario reveals the L&D heads or managers and people in similar profile engaged in a conundrum. The questions spinning in their minds are – How to deliver?  How to bridge the skill gap? How to gear up for the present technology and for the coming future from the IT perspective? 

On other hand, we have IT professionals who are worried advancing in their job and waiting for deserving job opportunities. Most IT professionals are keen to acquire new Certifications or upgrade their skills or reskill themselves either through their company or at a personal expense.

Sounds difficult or challenging? Yes, but Synergetics Learning provides the most viable and reliable path forward in this situation. We make it possible to attain the desired learning targets, bridge skills gap and have certified resources ready to deliver.  We know your deliverables and wish to help you guide towards them. 

The Skills Gap

As per industry reports 

  • Nearly 78% of worldwide IT Managers report skills gaps.
  • 77% feel that risk of skill gaps pose to their team objectives is medium to high.
  • 68% IT decision-makers anticipate new skills gaps in the next two years.

The rapid onset of new technologies gaining viable presence in the market leading to emergence of new roles, new job profiles especially in niche areas. This leads to the growing demand for certified technical professionals in these areas, which takes to time to deliver. 

For instance, the current high-in demand job profiles are associated with the Cloud and Cyber security. We can confidently state that cross certification is what most L & D Managers are looking out for, such as professionals with certifications in both – Cyber security and Cloud or Cloud Developer and DevOps Engineer

For Learning Managers and HR Heads, obtaining certified and knowledgeable resources is the need of the hour and when they are able to deliver resources as required, their duties and targets are perfectly in sync.  

We at Synergetics, propose to ‘bridging’ the skill gap through the most preferred training channel leading to certification and delivery of certified billable resources.

Preferred Training, Certification and Methodology

Most organizations believe in offering formal training to their existing workforce. It could entail re-skilling the existing workforce too. Also, onboarding solutions catering to persona and role specific are given a serious thought.

More than 60% of the IT professionals prefer formal training over informal training. They emphasize on instructor-led and formal teaching methods. While the remaining professionals are keen to go ahead with informal learning systems viz. micro-learning, self-paced, on demand study methods. However, we also believe in blended learning approach that is a combination of formal as well as informal training.

Nevertheless, training with certification is the key goal for most L&D heads or managers. They go ahead to reiterate that certified team players definitely add value to their segment which goes beyond the cos of certification.

So, let us begin technology certification – 

Technology certification implies having knowledge and expertise in particular technology (especially an emerging one) which means ease in acquiring new jobs, better pay hikes or a work on a new project or assignment.  

At the individual level, this means enhanced visibility along with acquiring an expertise and of course, standing apart from the rest of the crowd.  

We have an interesting set of statistics which highlight why certification matters a great deal. More than 50% of tech professionals stated increase in the self-confidence and their capability to deliver and their expertise was much valued at their workplace.  More than 35% of these professionals got increased earnings and lastly, the hiring bosses expressed that certified employees added immense value to their organization. 

TitleNameIntroduction
Microsoft Azure DeveloperAZ-204- Microsoft Certified: Azure Developer AssociateAZ-204 This certification validates the candidate’s expertise in developing Solutions for Microsoft Azure for storage, security, monitor and optimize Azure solutions while connecting Azure and third-party services.
Microsoft Azure AdministratorAZ-104- Microsoft Certified: Azure Administrator AssociateAZ-104 This certification validates the candidate’s experience in performing and managing Azure identities and governance, storage, Azure compute resources, virtual networking and backup Azure resources.
Microsoft Azure ArchitectAZ-303- Microsoft Azure Architect Technologies   AZ-304- Microsoft Azure Architect DesignAZ-303 Seek certification for Microsoft Azure Architect Technologies and acquire skillsets in implementing, monitoring an Azure infrastructure including managing and security solutions, data platforms and apps.   AZ-304 Certify for an advisory profile with regards to offering and implementing reliable, scalable and secure cloud solutions on par with business requirements for enhanced performance and deliverables across the Microsoft Azure platform.
Data Engineer certification pathDP-203: Data Engineering on Microsoft AzureDP-203 This course is designed for students who want to attain the “Microsoft Certified: Azure Data Engineer Associate” certification. This course has contents for the Exam DP-203. The objectives covered in this course are. Design and implement data storage (40-45%) Design and develop data processing (25-30%)
Microsoft Data ScienceDP-100- Designing and Implementing a Data Science Solution on AzureDP-100 Offering yet another powerful certification to the Azure Data Scientist with setting up of Azure Machine Learning workspace and explore data science workloads across the Azure platform including data experiments, training, managing, deploying, and consuming models.  
Administering Relational Databases on Microsoft AzureDP-300: Administering Relational Databases on Microsoft AzureThis course provides students with the knowledge and skills to administer a SQL Server database infrastructure for cloud, on-premises, and hybrid relational databases and who work with the Microsoft PaaS relational database offerings. Additionally, it will be of use to individuals who develop applications that deliver content from SQL-based relational databases.
AI Engineer certification pathAI-102- Designing and Implementing an Azure AI SolutionAI-102 As an Azure AI Engineer, seek expertise and knowledge in analyzing solution requirements, design AI based solutions for deployment and manage them. Also, develop a custom API to meet the business requirements along with available data options on lines of Azure AI.  
DevOps Engineer ExpertAZ-400- Designing and Implementing Microsoft DevOps SolutionsAZ-400 This exam is for those who have experience in Azure administration and development.  Seek expertise in developing an instrumentation strategy – Site Reliability Engineering (SRE) strategy and develop a security and compliance plan and allied processes such as communication, collaboration, security, and compliance, along with integration and so on.  
Security Engineer certification pathAZ-500- Microsoft Azure Security TechnologiesAZ-500 Seek certification Microsoft Azure Security Technologies and look forward to manage identity and access, security operations while securing data and applications. This certification prepares the candidate for security controls and threat protection, managing identity and access.  

*Note: This list is for your reference. We cover all Microsoft Azure certification topics. Also, we have Certification + Addon (customizable) solutions for your cloud teams.

How to register and appear for a Microsoft Certification Exam –

  • Select the Microsoft online exam you wish to take from the exam list, and then select the Schedule exam button
  • Verify your profile and continue to Pearson Vue site to schedule the exam
  • If online exams are available in your country – Select the “At my home or office” option
  • Accept the online exam policies
  • Select the language to communicate with the proctor
  • Select the Exam Date and Time
  • Verify and click on “Proceed to Checkout” to make the payments and confirm the appointment

Using ML/AI to Support Infrastructure Monitoring

Image source: devops.com

Successful infrastructure monitoring enables IT teams to ensure constant uptime and performance of their company’s systems. Technologies like machine learning (ML) and artificial intelligence (AI) benefit infrastructure monitoring by more quickly collecting and analyzing data from all of the hardware and software components that comprise the IT stack. Infrastructure changes are occurring faster than ever before, but complex systems, the unique nature of applications and lack of IT skillsets can cause challenges when integrating with these newer technologies. However, it’s more important than ever that sysadmins and DevOps teams understand how ML and AI can mitigate these roadblocks, support them in staying on top of infrastructure performance and rapidly address issues that arise.

Intelligent Monitoring Support for Complex Systems

The most tangible result of intelligent infrastructure monitoring tools and processes is near-immediate alerting of performance and uptime issues, which can then be addressed in an efficient and effective manner so no business interruptions occur. However, complex systems can stunt these benefits if ML and AI are not being used and manual monitoring protocols are still in place.

Tools that use ML or AI lessen the work of IT staff immensely, freeing up critical business resources and aiding in overall productivity. Both technologies can automatically identify and update all IT stacks that comprise an enterprise’s infrastructure to keep systems up-to-date and aligned with established key performance indicators (KPIs). In addition, intelligent offerings can detect and factor those metrics against set standards so that early alerts to an “unhealthy” section of infrastructure can be identified, even as the IT stack is constantly changing. This drastically speeds up troubleshooting efforts.

Differentiation in Applications

The different applications supported by the various IT stacks will most often have unique service-level agreements (SLAs) for their performance and uptime, as well as remedies or penalties should those service levels not be achieved. Plus, system loads that stress the underlying infrastructure are frequently changed. For these reasons, it is important to identify what constitutes a “healthy” IT stack so that these minute parts of the infrastructure are not overlooked due to the variation involved.

ML and AI can be programmed to track system baselines that support a “healthy” IT stack. These technologies are particularly great at finding novel and unusual patterns in data. As the monitoring and observability landscape becomes more complex over time, driven by real changes in how developers build applications and systems, the ability to spot and detect such patterns in data can be crucial in helping make sense of it, further cutting down efforts on manual searching, detective work and “death by dashboards,” which we’ve all experienced at one time or another.

Supporting IT Team Skills with Intelligence Technology

The role of sysadmins—and to a greater extent, developers—has shifted over the past few years to become nearly as complex as the infrastructure they oversee. Nowadays, it seems as though developers are required to have expertise in all aspects of infrastructure, from monitoring to Kubernetes to machine learning. This can take quite the toll on developers who possess such skills, but in a more realistic sense, developers that can do all these things are very hard to come by. The lack of these skillsets is pervasive in the industry, which is why ML and AI can be seen as supporting technologies—they can fill in these gaps, to an extent.

With built-in intelligence and automation, ML/AI can enable even the most inexperienced sysadmin or DevOps professional to monitor complicated infrastructure like a pro, taking on most of the time-intensive work around collecting and analyzing the data and identifying where to troubleshoot. The main goal is to put humans in the driver’s seat, utilizing ML and AI for granular discovery of system issues, providing the metrics or charts that might be most relevant to IT staff as they troubleshoot their system and reducing the cognitive load of developers.

With the vast benefits that intelligent technologies possess, integrating them into your IT stack can help mitigate challenges experienced with complex systems, application differentiation and the skills deficit experienced in the IT team. The important ingredient in making ML and AI effective in infrastructure monitoring is using tools that incorporate the right formulas, algorithms and automation that can best help determine success when it comes to your desired outcome.c

Source: https://devops.com/using-ml-ai-to-support-infrastructure-monitoring/

“Synergetics offers Innovative Persona-based learning solutions for the best engagement of resources Experience for Learners”

How and Why Persona-based learning solutions are important

A quality onboarding solution gives much weightage to employee engagement to determine its success. As a veteran provider of learning services, Synergetics is constantly innovating its onboarding solutions to offer zealous productive teams with a high engagement factor.

We go to lengths to make the onboarded freshers feel valued and resourceful too. The concept of quality investment made by the company for them is in the best interests of both, the organization as well as the individuals.

Synergetics develops onboarding solutions taking into account the most desired outcomes from our customer’s point of view i.e., immediate delivery from onboarded freshers, better and well-cultivated work culture and of course, less attrition. 

Over the two decades plus of delivery, we have garnered the right skillsets to bridge the gap between expectations and delivery of these values. Hence our onboarding solutions are a class apart. We are willing to share some of our trade secrets with you.

To begin with, our approach is quite transparent, and we believe in working with our customers to design and develop our onboarding solutions based on the following mind exercises

Synergetics Onboarding Solutions

Prospect Mapping

In the initial stages, vision relates to an imaginary scene but for achieving it in reality does pose a different picture and the challenging path forward. Similarly, it is essential that the organization’s vision is well relayed to their freshers who should related with it well. This is essential for their apt contribution in realizing the vision in terms of investment of key resources and their deliverables.

Our onboarding solution will focus on the prospect mapping aspect through
Synergetics Onboarding Solution Prospect Mapping

The purpose of the Prospect Map is to assimilate the workforce, processes, data, and technology with the organization’s culture and mission

Creation of Personas

A self-explanatory term. It means someone similar to an actual individual and in reality, no two individuals are exactly the same.

With regards to onboarding solutions, Synergetics takes additional effort to identify the participants of the onboarding solutions. In most cases, the onboarding solutions are designed for a set of fresh recruits but the batch of fresh recruits keeps changing!

This means the attributes of the previously onboarded batch of freshers could be different from the current one and hence the onboarding solution has to be tailor-made for the current one for precise delivery. This brings us to the necessity of developing personas.

Over years of our onboarding experience, we have deduced that though most organizations prefer to go ahead with an existing onboarding solution that is not the case. The premise “one size fits none” is absolutely correct. 

We go to lengths to develop personas that help us in formulating and customizing onboarding solutions for apt delivery.  Our persona-based delivery incorporates overcoming the key challenges of a varied persona based while final outcome matches the desired delivery outcomes.

Though considered by most organizations an additional task or effort, it does help the onboarding service providers in a meticulously developed and on-target delivery program.

Path Forward

Synergetics Learning takes into consideration the personas of the participants of onboarding solutions while developing the path forward and realizing the onboarding program.

Apart from the quantifiable targets, the qualitative targets and parameters will be in perfect sync with the imparted knowledge, skills, talents, and prospects of the organization as envisioned.

These three mind exercises form the basis of our onboarding program, going further we delve into the following set of questions –
  • Do the existing process flows require remapping?
  • Is the suggested technology capable of achieving the chosen prospect?
  • Is it possible to have a roadmap and implementation schedule in place?
  • What about the costing vis-à-vis the success of the onboarding solution?

About Synergetics

Synergetics is a learning solutions company firm focused on helping small and medium enterprises through the Big Data Revolution. We offer a gamut of services that include learning delivery across various data-oriented profiles such as DevOps, Data Analyst, Data Engineer, Data Scientist, and so on along with emerging technology for learning Solutions Company

Each of our delivery services is centered on quality learning services with billable resources while reskilling and upskilling services focus on seamless migration towards the adoption of new technology as cost-effective solutions for most organizations. Synergetics, the right company for infinite learning solutions on emerging technology offers bespoken and most viable onboarding solutions, for more details do get in touch with us on info@synergetics-india.com or you can Call or What’s App us on +91 8291362058 or visit our contact us page to discuss your learning requirement.

Critical Vulnerability Affects Millions of IoT Devices

Picture source: OSRAM

Mandiant, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), and Internet of Things provider ThroughTek have disclosed a critical vulnerability affecting millions of IoT devices that could let attackers spy on video and audio feeds from Web cameras, baby monitors, and other devices.

CVE-2021-28372 was discovered by Mandiant’s Jake Valletta, Erik Barzdukas, and Dillon Franke, and it exists in several versions of ThroughTek’s Kalay protocol. It has been assigned a CVSS score of 9.6.

The Kalay protocol is implemented as a software development kit (SDK) that is built into client software, such as a mobile or desktop application, and networked IoT devices such as smart cameras. ThroughTek claims to have more than 83 million active devices and at least 1.1 billion monthly connections on its platform, and its clients include IoT camera manufacturers, smart baby monitors, and digital video recorder (DVR) products.

Because the Kalay protocol is integrated by OEMs and resellers before devices reach consumers, the researchers who discovered the vulnerability were unable to determine a complete list of devices and organizations it affects.

This isn’t the first ThroughTek flaw disclosed this year. In May 2021, researchers with Nozomi Networks disclosed a security camera vulnerability affecting a software component from ThroughTek. Unlike this flaw, CVE-2021-28372 allows attackers to communicate with devices remotely and in doing so, control devices and potentially conduct remote code execution.

Mandiant researchers used two approaches to analyze the protocol. They first downloaded and disassembled applications from Google Play and the Apple App Store that contained ThroughTek libraries. They also bought different Kalay-enabled devices, on which they conducted local and hardware-based attacks to obtain shell access, recover firmware images, and perform more dynamic testing.

Over a series of months, the team created a functional implementation of the Kalay protocol and with this, they were able to perform device discovery, device registration, remote client connections, authentication, and process audio and video data on the network. Their familiarity with the protocol allowed them to then focus on identifying logic and flow vulnerabilities in it.

CVE-2021-28372 affects how Kalay-enabled devices access and join the Kalay network, the Mandiant team explains in a blog post on their findings. They found device registration only requires a device’s 20-byte unique assigned identifier (UID) to access a network. The UID is usually provided to a Kalay-enabled device from a Web API hosted by the product’s seller.

If attackers gain access to the UID of a target device, they can register that device with the same UID on the network and cause the Kalay servers to overwrite the existing device. With this done, attempts at a client connection to access the victim UID will redirect to the attackers. The attackers can continue the connection and access the username and password needed to log in to the device.

“With the compromised credentials, an attacker can use the Kalay network to remotely connect to the original device, access AV data, and execute [remote procedure call] calls,” the researchers write. “Vulnerabilities in the device-implemented RPC interface can lead to fully remote and complete device compromise.”

A successful attack would require “comprehensive knowledge of the Kalay protocol” as well as the ability to create and send messages, researchers note. The attackers would need to obtain Kalay UIDs via social engineering or vulnerabilities in the APIs and services that return Kalay UIDs. This would allow them to attack devices linked to the UIDs they have.

Mitigations for Vulnerable Devices
Mandiant disclosed the vulnerability along with ThroughTek and CISA. Organizations using the Kalay protocol are advised to adopt the following guidance from ThroughTek and Mandiant:

If the implemented SDK is below version 3.0, upgrade the library to version 3.3.1.0 or version 3.4.2.0 and enable the Authkey and Datagram Transport Layer Security (DTLS) features the Kalay platform provides. If the implemented SDK is version 3.1.10 or above, enable Authkey and DTLS. Companies are also advised to review the security they have in place on APIs or other services that return Kalay UIDs.

Mandiant urges IoT device owners to keep their software and applications up to date and use complex, unique passwords for accounts associated with their devices. Further, they should avoid connecting to vulnerable devices from untrusted networks, such as public Wi-Fi.

For manufacturers, the company recommends ensuring IoT device manufacturers apply controls around Web APIs used to obtain Kalay UIDs, usernames, and passwords, as this would decrease attackers’ ability to access the data they need to remote access target devices.

“CVE-2021-28372 poses a huge risk to an end user’s security and privacy and should be mitigated appropriately,” the researchers write. “Unprotected devices, such as IoT cameras, can be compromised remotely with access to a UID and further attacks are possible depending on the functionality exposed by a device.”

CISA has also issued an advisory warning of the ThroughTek flaw.

Source: https://www.darkreading.com/iot/critical-vulnerability-affects-millions-of-iot-devices