Amdaris’s Vlad Nanu explores the tech talent challenges employers have been navigating in the wake of recent global events.
There is no doubt that recent global events are having a strong effect on tech talent. The technology sector has experienced a lot of drastic and sudden changes over the past few years – from Covid-19 to the Ukrainian conflict.
The pandemic accelerated digital transformation on a global scale. This resulted in a huge increase in demand for developers who can help companies keep up with rapid advancements.
Businesses had to dramatically adjust their operations, and it has been proven to significantly hinder business performance if new changes are not introduced successfully.
Furthermore, the ongoing conflict between Ukraine and Russia has had a crucial effect on Ukraine’s IT outsourcing industry. This is an industry that exports $6.8bn worth of IT services each year.
Meanwhile, most IT services have decided to pull out of Russia and instead relocate to neighbouring nations including Poland and Romania.
Nevertheless, tech still remains one of the most resilient industries for employment. In Glassdoor’s top 25 best jobs in the UK for 2022, Java developers come out top. Full-stack engineer and front-end engineer appear in fourth and ninth places, respectively.
So, when it comes to talent, how has the tech industry responded to recent disruption?
Tech talent relocation
Over the past two years, the tech industry has quickly rallied in response to the pandemic and is now uniting in efforts to help the people of Ukraine.
As a result of the ongoing conflict, a lot of software developers and other technology professionals are finding themselves misplaced. Global companies acted quickly to relocate their Ukraine-based employees, a humanitarian action no one predicted until the events unfolded.
According to Sifted, Central and Eastern Europe has more than 1m engineers. Slovakia was named the number-one country in the world for finding the best developers, with Poland, Hungary and Ukraine being featured in the top five.
This further supports why the tech industry must make a united effort to support and nurture misplaced Ukrainian tech talent, in order to not lose quality developers.
Many companies have pledged to offer secure employment and job opportunities for Ukraine-based tech talent finding themselves without a workplace. Start-ups are also matchmaking Ukrainians with tech jobs according to their skillset.
This demonstrates the strong community bond and resiliency of the global technology sector coming together to support tech talent as a response to the disruption.
The effects of the pandemic
The effect of the pandemic drastically altered the technology sector’s focus. Previously seen as the field to disrupt and transform industries, the tech industry had to shift its focus to help stabilise businesses and bring them back on track.
Businesses had no choice but to rapidly adopt new technologies in order to acclimatise to the new landscape. This included new technology to assist with remote working or help with the increasing demand for customer support.
Businesses had to be robust and proactive in order to get through these challenging times. With the need to adopt new technology solutions at a higher volume, companies felt the pressure to hire new talent as quickly as possible in order to keep up.
Following the pandemic, employers turned to contractors to fill their increasing skills gaps. In some scenarios, this change has led to a decrease in the loyalty of a development team and the overall quality of projects.
Using low-cost contractors and freelancers as a quick short-term solution certainly has its benefits. Contractors can allocate their time exclusively to a project and be seen as an augmentation of the company’s IT team.
However, once a project is complete, they move on. When it comes to delivering long-term quality results and the ability to rapidly scale up, hiring high-quality tech talent may be the better solution.
Companies need to be agile
As the past two years have shown us, companies need to be more robust and agile than ever in today’s changing landscape in order to be ready to respond to any world catastrophe.
In a job market where the demand for developers is significantly higher than the supply, a new approach to finding and retaining quality tech talent is needed.
This means coming together to support talented technology professionals being affected by unprecedented circumstances and focusing on quality, long-term solutions.
The Shannon-based project aims to integrate the operations of uncrewed and conventional aircraft to modernise air traffic management in Europe.
A European consortium based in Shannon has received EU funding to develop a flight ecosystem for drones and help integrate uncrewed aircraft into our airspace.
Coordinated by Future Mobility Campus Ireland (FMCI), this consortium will conduct a three-year engineering project to develop, deploy and optimise this type of system in Europe.
Describing itself as Ireland’s “first testbed for future mobility”, FMCI is a development centre based in the Shannon Free Zone focused on innovation in both ground and air mobility tech.
Illustration of the Advanced Aerial Mobility Hub at FMCI. Image: FMCI
FMCI said the research project, known as EALU-AER, represents a “major vote of confidence” in Ireland’s local expertise, industry operators and the resourcing of air mobility development.
Other members of the consortium include Shannon Group, the Irish Aviation Authority, Collins Aerospace, Dublin-based Avtrain, and Deep Blue in Italy.
The consortium has received the three-year funding award to develop uncrewed aviation business opportunities in Ireland, as part of a collaborative research project that could help modernise air traffic management in Europe.
The consortium said the new funding will help build an end-to-end ecosystem that supports the safe operation of uncrewed flights. The goal is to help integrate the operations of both uncrewed and conventional aircraft.
“This will result in developing and building out the critical infrastructure to allow advanced air mobility proliferate across Europe,” FMCI CEO Russell Vickers said.
“It will secure access to airspace for large numbers of drones and eVTOL [electric vertical take-off and landing] aircraft, resulting in safe, cost-effective and sustainable transport of freight and people in the future.”
The project’s work will be based at FMCI’s Advanced Aerial Mobility Research Test and Development Facilities in Shannon, but will include a network of Advanced Air Mobility routes across Ireland.
FMCI has already worked with Avtrain and Shannon Group to trial freight delivery services using beyond visual line of sight (BVLOS) drones.
“We are entering a new era of innovation where the success of the industry will depend on the integration of uncrewed aircraft into our airspace, rather than the segregation of airspace,” Avtrain CEO Julie Garland said.
Funding for the project came from the SESAR 3 Joint Undertaking, which is partnership of private and public sector entities in the EU that aim to accelerate the delivery of the Digital European Sky through research and innovation.
It comes as people are increasingly looking at the potential of drones and uncrewed flight technology. A Dublin City Council initiative recently looked to show how local government can utilise drones in areas such as civil defence, emergency response, public safety and environmental monitoring.
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.
Having an ice pack strapped to your chest – that’s how some describe the experience of taking a walk in cold weather when you have breast implants. Silicone only slowly reaches body temperature once out of the cold, so that icy feeling can persist for hours. As well as being uncomfortable, for breast cancer survivors it can be an unwelcome reminder of a disease they would rather put behind them.
Every year, 2 million people worldwide are diagnosed with breast cancer and the treatment often involves removing at least one breast. But most choose not to have their breasts reconstructed; in the UK, it is only about 30%. Now a handful of startups want to change that, armed with 3D-printed implants that grow new breast tissue before breaking down without a trace. “The whole implant is fully degradable,” says Julien Payen, CEO of the startup Lattice Medical, “so after 18 months you don’t have any product in your body.”
It could spell the end not only of cold breasts, but the high complication rates and long surgeries associated with conventional breast reconstruction. The first human trial of such an implant, Lattice Medical’s Mattisse implant, is scheduled to begin on 11 July in Georgia. Others will soon follow. “We expect to start clinical trials in two years’ time,” says Sophie Brac de la Perrière, CEO of another startup, Healshape.
“It’s exciting,” says Stephanie Willerth, professor of biomedical engineering at the University of Victoria, Canada, who is not involved with the companies. “As engineers, we’ve been playing with 3D printing for half a decade”, but having a clinical use that doctors recognise as useful for patients is key to getting the technology out there, she says.
But in a field fraught with difficult medical compromises, unequal access issues and expectations about what women want, the question is how big an impact the new technology will actually have.
Today, there are two main types of breast reconstruction: silicone implants and flap surgery. While implants are easy to install, flap surgery is a highly specialised business that requires a tissue “flap” being taken from the stomach, thigh or back. Surgeons often recommend flaps because, while there’s a lot of initial surgery and a longer recovery period, it gives a good, long-lasting result.
Silicone is still the most common choice. It is easy and simple, which appeals to cancer patients who either medically can’t have or mentally can’t face having tissue removed from another part of their body. But “it’s far from perfect”, says Shelley Potter, an oncoplastic surgeon at the University of Bristol and the Bristol Breast Care Centre. “It’s quite high risk. There’s a 10% chance of losing an implant.”
Silicone implants also require replacement every 10 or so years and they have had their fair share of scandals: the 2010s PIP scandal, in which a major implant manufacturer was found to have made its implants of dodgy silicone, and the 2018 Allergan scandal, in which popular textured implants were linked to an increased risk of a rare lymphoma. And as an American study from last year shows, it is mainly the idea of having that foreign object stuck inside your body that puts many off reconstruction altogether.
“So what we want to do,” says Brac de la Perrière, “is to give the benefits of the different solutions without the constraints.” In other words: the single, simple surgery of an implant, but without any lingering foreign material to cause trouble.
This can be achieved in different ways. Healshape uses a hydrogel to 3D-print a soft implant that will slowly be colonised by the person’s own fat cells, the initial batch of which is injected, while the implant disappears over six to nine months. The company CollPlant is developing something similar using a special collagen bioink, extracted from tobacco leaves it has genetically engineered to produce human collagen. “I think it will change the opinion of many patients,” says CEO, Yehiel Tal.
Lattice Medical has a different approach. Its implant is a 3D-printed cage made of a degradable biopolymer, in which they encase a small flap from underneath the breast area. This flap then grows to fill the cage with fat tissue, while the cage itself is absorbed by the body, ultimately leaving a regrown breast in its place.
Regrowing breasts using a cage has been shown to work in humans before, in a 2016 trial. However, it only worked in one of five women and the cages were not degradable. Andrea O’Connor from the University of Melbourne, Australia, who led the trial’s engineering team, hopes the new trial will address the problems raised in the first – for example, that patient responses can vary greatly. But if successful, it “would have the potential to help many women to achieve a superior reconstruction”, she says. Lattice Medical says its cage is an improvement because a flat base and larger pores help the tissue grow.
One big unknown is how much feeling the regrown breasts will have. A mastectomy usually means losing some sensation and, according to plastic surgeon Stefania Tuinder from the Maastricht University Medical Centre+ in the Netherlands, reconstruction affects it too. “From our data, it seems that implants have a negative effect on sensation, so the feeling in the skin is less than when you have only a mastectomy,” she says. In comparison, reconstruction from a flap with connected nerves can bring back some feeling within a few years.
Tuinder suspects the implant numbness is both because of nerve damage when the implants are inserted, and because the nerves can’t grow back once they are blocked by a lump of silicone. Whether that will also apply to the new implants remains to be seen, but since eventually there will be nothing to block the nerves, hopes are that sensation will be better.
Tissue engineered implants, however, are not the only recent innovations in the field. Many groups are working on perfecting a reconstruction technique using injections of the person’s own fat, boosted with extra stem cells to help the tissue survive. Medical professionals are still debating the safety and how the breasts hold up long term. In contrast to the new implants, the procedure might have to be done several times.
While any of these new techniques could result in something better than what’s currently on offer, Potter warns that we have a tendency to jump at new and shiny tech – an optimism bias. “We always think it’s going to be brilliant,” she says, but “we don’t want a situation like with vaginal mesh, where in 10 years’ time … we find out we have done something that isn’t helpful.”
Other solutions to the problems of reconstruction do exist. One is living without breasts, known as “going flat”. Contrary to the companies that think they can turn the reconstruction statistics around, people within the flat movement argue that if people were better informed, even more would opt out. “I reckon if [going flat] was given as an equal option,” says Gilly Cant, founder of the charity Flat Friends, “at least another 30-50% of women wouldn’t have [reconstruction].”
At the moment, the guidance from the National Institute for Health and Care Excellence (Nice) says that doctors should be aware that some might not want reconstruction. But Cant says it is often presented to people as part of the treatment process. “It’s like, ‘OK, we need to do a mastectomy. Then you have chemo. Then you’ll have your radiotherapy and then we’ll do reconstruction.’ So women live for that reconstruction at the end,” she says. It comes to signal the finish line.
It is particularly contentious when only one breast is removed, because some might want the other taken off to feel and look symmetrical, rather than have a new one made. But according to Cant, many doctors don’t want to remove a healthy breast. Part of the doctors’ concern is that women will regret their decision, says Potter, but “women know what they want to do with their own bodies. We should help and support them to do what they want to do.”
Potter herself would like to see more of the ultimate alternative: not having a mastectomy in the first place. “There’s no evidence that mastectomy gives you better cancer outcomes than a breast-conserving operation,” she says. In this case, the tumour is removed but the breast is kept. For example, one of her patients had a breast reduction that removed her cancer while giving her breasts a lift. “She calls them her silver lining breasts.”
So even without tissue-engineered implants, there are enough options to make the choice a hard one. To help people choose, some charities pair up people considering a specific procedure with someone who has already been through it. At the charity Keeping Abreast, show and tell sessions give people the chance to ask the questions they might be uncomfortable asking their doctor and see the results for themselves.
But according to a 2018 report by the all-party parliamentary group on breast cancer, knowing what you want is not the same as having access to it. “There’s a massive postcode lottery,” says Potter. It stems from flap surgery being so involved that it often requires specialist plastic surgeons who can do minute surgery under a microscope. Many clinics don’t have such experts in-house and while the Nice guidance says people should still have the option, in practice it limits access.
The companies say this won’t be a problem with the new implants, because they are specifically designed to be easy to put in. Flap surgery can take from three to 12 hours depending on the flap, but insertion of Lattice Medical’s implant, for example, takes only one hour and 15 minutes. “It’s really accessible to all plastic surgeons,” says Payen.
This accessibility will no doubt be crucial in taking the new implants from a cool technology to something with real impact. But from Potter’s perspective, it’s just one potential piece in a big puzzle, not a techno-fix. The implants “would be an option for a lot of women”, she says. “But I think the main advance is all around access, proper information, giving women choice and hopefully reducing the number of mastectomies that we need.”
The latest threat security research into operational technology (OT) and industrial systems identified a bunch of issues — 56 to be exact — that criminals could use to launch cyberattacks against critical infrastructure.
But many of them are unfixable, due to insecure protocols and architectural designs. And this highlights a larger security problem with devices that control electric grids and keep clean water flowing through faucets, according to some industrial cybersecurity experts.
“Industrial control systems have these inherent vulnerabilities,” Ron Fabela, CTO of OT cybersecurity firm SynSaber told The Register. “That’s just the way they were designed. They don’t have patches in the traditional sense like, oh, Windows has a vulnerability, apply this KB.”
In research published last week, Forescout’s Vedere Labs detailed 56 bugs in devices built by ten vendors and collectively named the security flaws OT:ICEFALL.
As the report authors acknowledged, many of these holes are a result of OT products’ being built with no basic security controls. Indeed, Forescout’s analysis comes ten years after Digital Bond’s Project Basecamp that also looked at OT devices and protocols and deemed them “insecure by design.”
A few hours after Forescout published its research, CISA issued its own security warnings related to the OT:ICEFALL vulnerabilities.
CVEs: The problem? Or the fix?
“Up until this point, CVEs haven’t been generated for these insecure-by-design-things, and there’s a reason for that,” Fabela said. “It’s bad for the industry.”
Once a CVE is generated, it sets into motion a series of actions by industrial systems’ operators, especially in heavily regulated industries like electric utilities and oil and gas pipelines.
First, they have to determine if the environment contains any affected products. But unlike enterprise IT, which usually has centralized visibility and control over IT assets, in OT environments, “everything is distributed,” Fabela noted.
If industrial and manufacturing environments do have any products impacted by the vulnerability, that triggers an internal review and regulatory process that involves responding to CISA and developing a plan to improve security.
One SynSaber customer sarcastically described OT:ICEFALL as “the gift that keeps on giving,” Fabela said. “He said, ‘Now I have this on top of all my other like, the real vulnerabilities’,” which present a slew of other problems when it comes to patching — such as having to wait until a planned maintenance outage that may be months out — if the manufacturer has a patch at all.
OT protocols don’t use authentication
For example: The current Modbus protocol, which is very commonly used in industrial environments, does not have authentication.
Forescout’s analysis details nine vulnerabilities related to unauthenticated protocols and disputes the argument that against assigning a CVE ID to a product with an insecurity OT protocol.
“On the contrary, we believe a CVE is a community recognized marker that aids in vulnerability visibility and actionability by helping push vendors to fix issues and asset owners to assess risks and apply patches,” the authors wrote.
While this makes sense from an IT security perspective, Fabela said it’s unrealistic from an OT perspective, and ultimately doesn’t make critical infrastructure any more secure.
Modbus, as a protocol that does not use authentication, could generate “thousands” of CVEs that “affect every product line in the world,” he Fabela. “You’re tying up the product security teams with the OEMs and you’re tying up the customers, the asset owners with CVE that they can’t do anything about.”
Basecamp researcher weighs in
Reid Wightman is a senior vulnerability researcher with OT security shop Dragos’ threat intel team. He’s also one of the original Project Basecamp researchers, and, more recently has done work on the ProConOs and MultiProg software vulnerabilities.
Forescout cited some of his research, and dedicated a section of the ICEFALL analysis to security flaws with the ProConOS runtime in PLCs.
In an email to The Register, Wightman noted that a lot of industrial controllers have the same set of problems that isn’t going away: “they allow unauthenticated code to run on the PLC.”
“This means that one malicious logic transfer to the PLC may permanently compromise the PLC,” he added, noting that, because the control logic is causing the change, it can happen outside of a normal firmware update. “It’s kind of a thing I’ve harped on since the Basecamp days, but may be worth repeating. Over and over again. Until the sun burns out, probably.”
Lately, one of Wightman’s “big, personal concerns” is that some vendors say they can use TLS and client certificates to secure controllers, presumably to avoid. In reality, this would just make the traffic more difficult to inspect, Wightman said.
“If an attacker gets onto the engineering system, they may load a malicious payload using CVE-2022-31800/CVE-2022-31801 (or any of the similar problems that exist in almost every logic runtime) into the controller,” he added. “Only, now we have no way of telling whether they did it because the traffic is encrypted.”
So how do we fix the problem?
“I guess my answer would be: if your engineering system is compromised, throw away all of the controllers that it was allowed to talk to,” Wightman said. “And I doubt most end users would go to that level of paranoia.”
Which, again, points to the insecure-by-design nature of how these systems are engineered.
“Thankfully, we see no signs of any widespread abuse of these protocols or ‘features’ in spite of some of the bugs being well-known for years,” Wightman added. “I really do hope it stays that way.” ®