As more processes become digitized, many industries and cybersecurity measures that used to be overlooked are starting to become an inseparable part of our everyday lives.
Secure software development makes a great example here. Its importance has grown exponentially in the last decade. And with the rising tide of cyberthreats, cybersecurity, naturally, became one of the most important elements of the development cycle.
To find out why often underestimated cybersecurity measures like robust antivirus should never be discounted when installing software, we reached out to Jędrek Fulara, CTO of Sparkbit – a software house specializing in machine learning, data processing, and backend systems.
What has your journey been like? How did the idea of Sparkbit come about?
As for the three co-founders, after many years in software development, we started searching for more independence and a way to bring our vision to life. We wanted to impact how the projects are conducted, choose the right team, and focus on doing challenging and exciting projects.
Over the years, we worked with all types of businesses, from pre-seed startups to large governmental agencies. We created long-term relations with clients from the US, Japan, and Europe. We worked on solving many challenging problems, which was a great journey for Sparkbit.
Can you introduce us to what you do? What are the main challenges you help navigate?
We're a boutique software house focused on non-trivial projects, often defined as innovative or R&D. Our main specializations are data processing systems and machine learning. Some of the projects we currently work on are:
- Deep learning and mathematical model-based system for human body assessment that recognizes postural disorders and builds up a personalized exercise plan.
- Cell tower inspection and supervision system that uses multiple computer vision techniques to assess 3D digital twins.
Sparkbit's primary goal is to partner with clients who perceive software the same way we do. Those clients care about quality and need a team of engineers to design, build, and implement the solution. The challenging project landscape often means performing in-depth research or translating scientific knowledge into the business environment to solve a problem with a software application that has never happened before.
Why do you think companies often hesitate to try out new and innovative solutions that would enhance their business operations?
I believe that there are three main reasons why companies would not want to innovate despite the storm of information that the market demands avant-garde.
- High cost – every transformation requires heavy investments in finance and people. Changing the mindset (sometimes drastically) and suspending current operations during the transition might seem like a big red flag for some companies.
- Ambiguity – innovation is usually an unknown. Possibly a long process that we don't know the outcome of. The promising outputs of user testing, market research, or trend foresight are just signals that might tip the balance towards innovating, yet the actual result might still be a failure.
- Attitude – this might seem obvious, but many businesses practice the philosophy of "if something works, there's no need to change that."
Despite the above, we must remember that many companies actively pursue innovation. Some of them embraced innovation as their main characteristic. They understand that standing still drastically increases the possibility of the company fading from the market, as innovation is the main source of competitive advantage, even if it means temporarily destabilizing the business
How did the recent global events affect your field of work?
The pandemic situation didn't affect our core business that much, but switching to the remote-only model created an opportunity to put even more focus on building strong company culture and integrity.
We also stopped limiting the recruitment area to our city and opened up to the whole country. It drastically increased the available talent pool and allowed us to work with many excellent software engineers that were previously beyond our reach.
What are some of the best practices organizations should follow when developing software or applications?
I'd put good contact with a client on top. Understanding the problem from a business and technical perspective assures that the client gets what he needs, and the development team knows exactly what to do. It's also an excellent foundation for building a culture of proactiveness.
Considering the experimental nature of a research-based approach to developing innovations, the next should be setting up proper metrics for each project. It's the only way that we can constantly track the progress we're making.
Then there is a company-wide adoption of agile methodologies. Scrum, Kanban, and their derivations are a standard in the software development world because their main goal is to minimize risk. Continuous process improvement and setting up achievable short-term goals without losing sight of the bigger picture is the key here. With R&D projects, it's even more important, as the frequent evaluation of software and many fluctuations in business vision are inevitable.
Lastly, I'd put a constantly growing organizational culture that blends the board's vision with what's essential for the employees. It's the backbone of solid and efficient teams that solve problems collectively. As a software engineer, when you know you can rely on the team, develop in the desired direction and be honest with the management, you're a part of a stress-free environment focused on sharing knowledge and delivering solutions.
What predictions do you have for the future of AI and machine learning? Do you think these technologies are going to become commonplace soon?
If the "commonplace" means that it's widely spread across the customer base, and the use of AI is no surprise to anyone, then we can say that it's pretty commonplace already. Think of the recommendation engines used in every e-commerce app, social media, or VOD - all of our internet activity is constantly analyzed by dozens of AI agents.
In terms of business, new reports show that the adoption curve is going up and the number of AI applications has grown exponentially in the past year. This means that the business attitude to AI is changing, and the technology itself is becoming more mature.
Focusing on the near future, I'm sure that ML will cover more and more areas of everyday life in the short term. For example, we're introducing AI to consumers' kitchens in one of our recent projects. Our team develops an ML engine that understands the dependencies between spices and herbs and their impact on dishes. The goal is to automatically elevate home cooking by enhancing recipes or suggesting replacements for ingredients we don't have or we're allergic to.
In such a way, I believe there will be a new meaning for “smart”, as it won’t be just processed data gathered from a sensor but an actual learning entity standing behind the device.
As the world gets more connected, what security tools do you think everyone should have in place to keep themselves safe?
One of the often neglected but easy to solve is the password problem. Every internet user should have a password manager. Hard-to-guess passwords, different for each service we use, would significantly reduce the possibility of getting the account hacked. If so, there would be no chain reaction from sharing the same password in different applications or websites.
Two-factor authentication (2FA) is the other basic safety measure that is commonly available. Be it a USB key or just a token generator (e.g., Google Authenticate), it adds another security layer you're in control of.
The last one would be updating software often. As trivial as it sounds, every update fixes some of the vulnerabilities in the previous version.
What advancements and innovations in the software development field do you hope to see in the near future?
Definitely an increase in automation adoption. CI/CD pipelines are becoming a common practice, and many development companies are leveraging the possibilities offered by cloud computing, containerization, and serverless approach. I hope we’ll proceed in that direction, moving the boundaries even further, especially for the infrastructure as code (IaC) tools and practices.
Widespread adoption of DevSecOps practices would also hugely benefit the software development industry. IT security is the #1 concern for many businesses, and recent world events are grist to the mill of black hats' malicious attempts.
One of the most promising ways to mitigate the problem is to validate software security and compliance at every step of the SDLC, preventing breaches rather than fixing them during the maintenance and support stage.
What does the future hold for Sparkbit?
We want to keep pursuing our specialization and focus on challenging projects requiring superior engineering knowledge and skills. Putting quality over quantity, our goal is to gather top talent. Still, the company growth won't be based on the increased number of employees as much as on extending their overall technical capabilities.