Snowflake (Nasdaq:SNOW) has introduced a new multi-modal data ingestion service — Openflow — designed to help enterprises solve challenges around data integration and engineering in the wake of demand for generative AI and agen

Snowflake Intelligence spans structured and unstructured data from a variety of services.

Many don’t like it, but (almost) everybody agrees it’s the future.“Vibe Coding” is everywhere. Tools and game engines are implementing AI-assisted coding, vibe coding interest skyrocketed on Google search, on social media, everybody claims to build apps and games in minutes, while the comment section gets flooded with angry developers calling out the pile of garbage code that will never be shipped.A screenshot from Andrej Karpathy with the original “definition” of Vibe CodingBUT, how do professionals feel about it?This is what I will cover in this article. We will look at:How people react to the term vibe coding,How their attitude differs based on who they are and their professional experienceThe reason for their stance towards “vibe coding” (with direct quotes)How they feel about the impact “vibe coding” will have in the next 5 yearsIt all started with this survey on LinkedIn. I have always been curious about how technology can support creatives and I believe that the only way to get a deeper understanding is to go beyond buzzwords and ask the hard questions. That’s why for over a year, I’ve been conducting weekly interviews with both the founders developing these tools and the creatives utilising them. If you want to learn their journeys, I’ve gathered their insights and experiences on my blog called XR AI Spotlight.Driven by the same motives and curious about people’s feelings about “vibe coding”, I asked a simple question: How does the term “Vibe Coding” make you feel?Original LinkedIn poll by Gabriele RomagnoliIn just three days, the poll collected 139 votes and it was clear that most responders didn’t have a good “vibe” about it. The remaining half was equally split between excitement and no specific feeling.But who are these people? What is their professional background? Why did they respond the way they did?Curious, I created a more comprehensive survey and sent it to everyone who voted on the LinkedIn poll.The survey had four questions:Select what describes you best: developers, creative, non-creative professionalHow many years of experience do you have? 1–5, 6–10, 11–15 or 16+Explain why the term “vibe coding” makes you feel excited/neutral/dismissive?Do you think “vibe coding” will become more relevant in the next 5 years?: It’s the future, only in niche use cases, unlikely, no idea)In a few days, I collected 62 replies and started digging into the findings, and that’s when I finally started understanding who took part in the initial poll.The audienceWhen characterising the audience, I refrained from adding too many options because I just wanted to understand:If the people responding were the ones making stuffWhat percentage of makers were creatives and what developersI was happy to see that only 8% of respondents were non-creative professionals and the remaining 92% were actual makers who have more “skin in the game“ with almost a 50/50 split between creatives and developers. There was also a good spread in the degree of professional experience of the respondents, but that’s where things started to get surprising.Respondents are mostly “makers” and show a good variety in professional experienceWhen creating 2 groups with people who have more or less than 10 years of experience, it is clear that less experienced professionals skew more towards a neutral or negative stance than the more experienced group.Experienced professionals are more positive and open to vibe codingThis might be because senior professionals see AI as a tool to accelerate their workflows, while more juniors perceive it as a competitor or threat.I then took out the non-professional creatives and looked at the attitude of these 2 groups. Not surprisingly, fewer creatives than developers have a negative attitude towards “vibe coding” (47% for developers Vs 37% for creatives), but the percentage of creatives and developers who have a positive attitude stays almost constant. This means that creatives have a more indecisive or neutral stance than developers.Creatives have a more positive attitude to vibe coding than developersWhat are people saying about “vibe coding”?As part of the survey, everybody had the chance to add a few sentences explaining their stance. This was not a compulsory field, but to my surprise, only 3 of the 62 left it empty (thanks everybody). Before getting into the sentiment analysis, I noticed something quite interesting while filtering the data. People with a negative attitude had much more to say, and their responses were significantly longer than the other group. They wrote an average of 59 words while the others barely 37 and I think is a good indication of the emotional investment of people who want to articulate and explain their point. Let’s now look at what the different groups of people replied.😍 Patterns in Positive Responses to “Vibe Coding”Positive responders often embraced vibe coding as a way to break free from rigid programming structures and instead explore, improvise, and experiment creatively.“It puts no pressure on it being perfect or thorough.”“Pursuing the vibe, trying what works and then adapt.”“Coding can be geeky and laborious… ‘vibing’ is quite nice.”This perspective repositions code not as rigid infrastructure, but something that favors creativity and playfulness over precision.Several answers point to vibe coding as a democratizing force opening up coding to a broader audience, who want to build without going through the traditional gatekeeping of engineering culture.“For every person complaining… there are ten who are dabbling in code and programming, building stuff without permission.”“Bridges creative with technical perfectly, thus creating potential for independence.”This group often used words like “freedom,” “reframing,” and “revolution.”.😑 Patterns in Neutral Responses to “Vibe Coding”As shown in the initial LinkedIn poll, 27% of respondents expressed mixed feelings. When going through their responses, they recognised potential and were open to experimentation but they also had lingering doubts about the name, seriousness, and future usefulness.“It’s still a hype or buzzword.”“I have mixed feelings of fascination and scepticism.”“Unsure about further developments.”They were on the fence and were often enthusiastic about the capability, but wary of the framing.Neutral responders also acknowledged that complex, polished, or production-level work still requires traditional approaches and framed vibe coding as an early-stage assistant, not a full solution.“Nice tool, but not more than autocomplete on steroids.”“Helps get setup quickly… but critical thinking is still a human job.”“Great for prototyping, not enough to finalize product.”Some respondents were indifferent to the term itself, viewing it more as a label or meme than a paradigm shift. For them, it doesn’t change the substance of what’s happening.“At the end of the day they are just words. Are you able to accomplish what’s needed?”“I think it’s been around forever, just now with a new name.”These voices grounded the discussion in the terminology and I think they bring up a very important point that leads to the polarisation of a lot of the conversations around “vibe coding”.🤮 Patterns in Negative Responses to “Vibe Coding”Many respondents expressed concern that vibe coding implies a casual, unstructured approach to coding. This was often linked to fears about poor code quality, bugs, and security issues.“Feels like building a house without knowing how electricity and water systems work.”“Without fundamental knowledge… you quickly lose control over the output.”The term was also seen as dismissive or diminishing the value of skilled developers. It really rubbed people the wrong way, especially those with professional experience.“It downplays the skill and intention behind writing a functional, efficient program.”“Vibe coding implies not understanding what the AI does but still micromanaging it.”Like for “neutral” respondents, there’s a strong mistrust around how the term is used (especially on social media) where it’s seen as fueling unrealistic expectations or being pushed by non-experts.“Used to promote coding without knowledge.”“Just another overhyped term like NFTs or memecoins.”“It feels like a joke that went too far.”Ultimately, I decided to compare attitudes that are excited (positive) and accepting (neutral) of vibe coding vs. those that reject or criticise it. After all, even among people who were neutral, there was a general acceptance that vibe coding has its place. Many saw it as a useful tool for things like prototyping, creative exploration, or simply making it easier to get started. What really stood out, though, was the absence of fear that was very prominent in the “negative” group and saw vibe coding as a threat to software quality or professional identity.People in the neutral and positive groups generally see potential. They view it as useful for prototyping, creative exploration, or making coding more accessible, but they still recognise the need for structure in complex systems. In contrast, the negative group rejects the concept outright, and not just the name, but what it stands for: a more casual, less rigorous approach to coding. Their opinion is often rooted in defending software engineering as a disciplined craft… and probably their job.😍 “As long as you understand the result and the process, AI can write and fix scripts much faster than humans can.”🤮 “It’s a joke. It started as a joke… but to me doesn’t encapsulate actual AI co-engineering.”On the topic of skill and control, the neutral and positive group sees AI as a helpful assistant, assuming that a human is still guiding the process. They mention refining and reviewing as normal parts of the workflow. The negative group sees more danger, fearing that vibe coding gives a false sense of competence. They describe it as producing buggy or shallow results, often in the hands of inexperienced users.😑 “Critical thinking is still a human job… but vibe coding helps with fast results.”🤮“Vibe-Coding takes away the very features of a good developer… logical thinking and orchestration are crucial.”Culturally, the divide is clear. The positive and neutral voices often embrace vibe coding as part of a broader shift, welcoming new types of creators and perspectives. They tend to come from design or interdisciplinary backgrounds and are more comfortable with playful language. On the other hand, the negative group associates the term with hype and cringe, criticising it as disrespectful to those who’ve spent years honing their technical skills.😍“It’s about playful, relaxed creation — for the love of making something.”🤮Creating a lot of unsafe bloatware with no proper planning.”What’s the future of “Vibe Coding”?The responses to the last question were probably the most surprising to me. I was expecting that the big scepticism towards vibe coding would align with the scepticism on its future, but that was not the case. 90% of people still see “vibe coding” becoming more relevant overall or in niche use cases.Vibe coding is here to stayOut of curiosity, I also went back to see if there was any difference based on professional experience, and that’s where we see the more experienced audience being more conservative. Only 30% of more senior Vs 50% of less experienced professionals see vibe coding playing a role in niche use cases and 13 % Vs only 3% of more experienced users don’t see vibe coding becoming more relevant at all.More experienced professionals are less likely to think Vibe Coding is the futureThere are still many open questions. What is “vibe coding” really? For whom is it? What can you do with it?To answer these questions, I decided to start a new survey you can find here. If you would like to further contribute to this research, I encourage you to participate and in case you are interested, I will share the results with you as well.The more I read or learn about this, I feel “Vibe Coding” is like the “Metaverse”:Some people hate it, some people love it.Everybody means something differentIn one form or another, it is here to stay.What professionals really think about “Vibe Coding” was originally published in UX Collective on Medium, where people are continuing the conversation by highlighting and responding to this story.

In this post, we describe FrodoKEM, a key encapsulation protocol that offers a simple design and provides strong security guarantees even in a future with powerful quantum computers. The quantum threat to cryptography For decades, modern cryptography has relied on mathematical problems that are practically impossible for classical computers to solve without a secret key. Cryptosystems like RSA, Diffie-Hellman key-exchange, and elliptic curve-based schemes—which rely on the hardness of the integer factorization and (elliptic curve) discrete logarithm problems—secure communications on the internet, banking transactions, and even national security systems. However, the emergence of Quantum computers leverage the principles of quantum mechanics to perform certain calculations exponentially faster than classical computers. Their ability to solve complex problems, such as simulating molecular interactions, optimizing large-scale systems, and accelerating machine learning, is expected to have profound and beneficial implications for fields ranging from chemistry and material science to artificial intelligence. Spotlight: AI-POWERED EXPERIENCE Microsoft research copilot experience Discover more about research at Microsoft through our AI-powered experience Start now Opens in a new tab At the same time, quantum computing is poised to disrupt cryptography. In particular, Shor’s algorithm, a quantum algorithm developed in 1994, can efficiently factor large numbers and compute discrete logarithms—the very problems that underpin the security of RSA, Diffie-Hellman, and elliptic curve cryptography. This means that once large-scale, fault-tolerant quantum computers become available, public-key protocols based on RSA, ECC, and Diffie-Hellman will become insecure, breaking a sizable portion of the cryptographic backbone of today’s digital world. Recent advances in quantum computing, such as Microsoft’s Majorana 1 (opens in new tab), the first quantum processor powered by topological qubits, represent major steps toward practical quantum computing and underscore the urgency of transitioning to quantum-resistant cryptographic systems. To address this looming security crisis, cryptographers and government agencies have been working on post-quantum cryptography (PQC)—new cryptographic algorithms that can resist attacks from both classical and quantum computers. The NIST Post-Quantum Cryptography Standardization effort In 2017, the U.S. National Institute of Standards and Technology (NIST) launched the Post-Quantum Cryptography Standardization project (opens in new tab) to evaluate and select cryptographic algorithms capable of withstanding quantum attacks. As part of this initiative, NIST sought proposals for two types of cryptographic primitives: key encapsulation mechanisms (KEMs)—which enable two parties to securely derive a shared key to establish an encrypted connection, similar to traditional key exchange schemes—and digital signature schemes. This initiative attracted submissions from cryptographers worldwide, and after multiple evaluation rounds, NIST selected CRYSTALS-Kyber, a KEM based on structured lattices, and standardized it as ML-KEM (opens in new tab). Additionally, NIST selected three digital signature schemes: CRYSTALS-Dilithium, now called ML-DSA; SPHINCS+, now called SLH-DSA; and Falcon, now called FN-DSA. While ML-KEM provides great overall security and efficiency, some governments and cryptographic researchers advocate for the inclusion and standardization of alternative algorithms that minimize reliance on algebraic structure. Reducing algebraic structure might prevent potential vulnerabilities and, hence, can be considered a more conservative design choice. One such algorithm is FrodoKEM. International standardization of post-quantum cryptography Beyond NIST, other international standardization bodies have been actively working on quantum-resistant cryptographic solutions. The International Organization for Standardization (ISO) is leading a global effort to standardize additional PQC algorithms. Notably, European government agencies—including Germany’s BSI (opens in new tab), the Netherlands’ NLNCSA and AIVD (opens in new tab), and France’s ANSSI (opens in new tab)—have shown strong support for FrodoKEM, recognizing it as a conservative alternative to structured lattice-based schemes. As a result, FrodoKEM is undergoing standardization at ISO. Additionally, ISO is standardizing ML-KEM and a conservative code-based KEM called Classic McEliece. These three algorithms are planned for inclusion in ISO/IEC 18033-2:2006 as Amendment 2 (opens in new tab). What is FrodoKEM? FrodoKEM is a key encapsulation mechanism (KEM) based on the Learning with Errors (LWE) problem, a cornerstone of lattice-based cryptography. Unlike structured lattice-based schemes such as ML-KEM, FrodoKEM is built on generic, unstructured lattices, i.e., it is based on the plain LWE problem. Why unstructured lattices? Structured lattice-based schemes introduce additional algebraic properties that could potentially be exploited in future cryptanalytic attacks. By using unstructured lattices, FrodoKEM eliminates these concerns, making it a safer choice in the long run, albeit at the cost of larger key sizes and lower efficiency. It is important to emphasize that no particular cryptanalytic weaknesses are currently known for recommended parameterizations of structured lattice schemes in comparison to plain LWE. However, our current understanding of the security of these schemes could potentially change in the future with cryptanalytic advances. Lattices and the Learning with Errors (LWE) problem Lattice-based cryptography relies on the mathematical structure of lattices, which are regular arrangements of points in multidimensional space. A lattice is defined as the set of all integer linear combinations of a set of basis vectors. The difficulty of certain computational problems on lattices, such as the Shortest Vector Problem (SVP) and the Learning with Errors (LWE) problem, forms the basis of lattice-based schemes. The Learning with Errors (LWE) problem The LWE problem is a fundamental hard problem in lattice-based cryptography. It involves solving a system of linear equations where some small random error has been added to each equation, making it extremely difficult to recover the original secret values. This added error ensures that the problem remains computationally infeasible, even for quantum computers. Figure 1 below illustrates the LWE problem, specifically, the search version of the problem. As can be seen in Figure 1, for the setup of the problem we need a dimension \(n\) that defines the size of matrices, a modulus \(q\) that defines the value range of the matrix coefficients, and a certain error distribution \(\chi\) from which we sample \(\textit{“small”}\) matrices. We sample two matrices from \(\chi\), a small matrix \(\text{s}\) and an error matrix \(\text{e}\) (for simplicity in the explanation, we assume that both have only one column); sample an \(n \times n\) matrix \(\text{A}\) uniformly at random; and compute \(\text{b} = \text{A} \times \text{s} + \text{e}\). In the illustration, each matrix coefficient is represented by a colored square, and the “legend of coefficients” gives an idea of the size of the respective coefficients, e.g., orange squares represent the small coefficients of matrix \(\text{s}\) (small relative to the modulus \(q\)). Finally, given \(\text{A}\) and \(\text{b}\), the search LWE problem consists in finding \(\text{s}\). This problem is believed to be hard for suitably chosen parameters (e.g., for dimension \(n\) sufficiently large) and is used at the core of FrodoKEM. In comparison, the LWE variant used in ML-KEM—called Module-LWE (M-LWE)—has additional symmetries, adding mathematical structure that helps improve efficiency. In a setting similar to that of the search LWE problem above, the matrix \(\text{A}\) can be represented by just a single row of coefficients. FIGURE 1: Visualization of the (search) LWE problem. LWE is conjectured to be quantum-resistant, and FrodoKEM’s security is directly tied to its hardness. In other words, cryptanalysts and quantum researchers have not been able to devise an efficient quantum algorithm capable of solving the LWE problem and, hence, FrodoKEM. In cryptography, absolute security can never be guaranteed; instead, confidence in a problem’s hardness comes from extensive scrutiny and its resilience against attacks over time. How FrodoKEM Works FrodoKEM follows the standard paradigm of a KEM, which consists of three main operations—key generation, encapsulation, and decapsulation—performed interactively between a sender and a recipient with the goal of establishing a shared secret key: Key generation (KeyGen), computed by the recipient Generates a public key and a secret key. The public key is sent to the sender, while the private key remains secret. Encapsulation (Encapsulate), computed by the sender Generates a random session key. Encrypts the session key using the recipient’s public key to produce a ciphertext. Produces a shared key using the session key and the ciphertext. The ciphertext is sent to the recipient. Decapsulation (Decapsulate), computed by the recipient Decrypts the ciphertext using their secret key to recover the original session key. Reproduces the shared key using the decrypted session key and the ciphertext. The shared key generated by the sender and reconstructed by the recipient can then be used to establish secure symmetric-key encryption for further communication between the two parties. Figure 2 below shows a simplified view of the FrodoKEM protocol. As highlighted in red, FrodoKEM uses at its core LWE operations of the form “\(\text{b} = \text{A} \times \text{s} + \text{e}\)”, which are directly applied within the KEM paradigm. FIGURE 2: Simplified overview of FrodoKEM. Performance: Strong security has a cost Not relying on additional algebraic structure certainly comes at a cost for FrodoKEM in the form of increased protocol runtime and bandwidth. The table below compares the performance and key sizes corresponding to the FrodoKEM level 1 parameter set (variant called “FrodoKEM-640-AES”) and the respective parameter set of ML-KEM (variant called “ML-KEM-512”). These parameter sets are intended to match or exceed the brute force security of AES-128. As can be seen, the difference in speed and key sizes between FrodoKEM and ML-KEM is more than an order of magnitude. Nevertheless, the runtime of the FrodoKEM protocol remains reasonable for most applications. For example, on our benchmarking platform clocked at 3.2GHz, the measured runtimes are 0.97 ms, 1.9 ms, and 3.2 ms for security levels 1, 2, and 3, respectively. For security-sensitive applications, a more relevant comparison is with Classic McEliece, a post-quantum code-based scheme also considered for standardization. In this case, FrodoKEM offers several efficiency advantages. Classic McEliece’s public keys are significantly larger—well over an order of magnitude greater than FrodoKEM’s—and its key generation is substantially more computationally expensive. Nonetheless, Classic McEliece provides an advantage in certain static key-exchange scenarios, where its high key generation cost can be amortized across multiple key encapsulation executions. TABLE 1: Comparison of key sizes and performance on an x86-64 processor for NIST level 1 parameter sets. A holistic design made with security in mind FrodoKEM’s design principles support security beyond its reliance on generic, unstructured lattices to minimize the attack surface of potential future cryptanalytic threats. Its parameters have been carefully chosen with additional security margins to withstand advancements in known attacks. Furthermore, FrodoKEM is designed with simplicity in mind—its internal operations are based on straightforward matrix-vector arithmetic using integer coefficients reduced modulo a power of two. These design decisions facilitate simple, compact and secure implementations that are also easier to maintain and to protect against side-channel attacks. Conclusion After years of research and analysis, the next generation of post-quantum cryptographic algorithms has arrived. NIST has chosen strong PQC protocols that we believe will serve Microsoft and its customers well in many applications. For security-sensitive applications, FrodoKEM offers a secure yet practical approach for post-quantum cryptography. While its reliance on unstructured lattices results in larger key sizes and higher computational overhead compared to structured lattice-based alternatives, it provides strong security assurances against potential future attacks. Given the ongoing standardization efforts and its endorsement by multiple governmental agencies, FrodoKEM is well-positioned as a viable alternative for organizations seeking long-term cryptographic resilience in a post-quantum world. Further Reading For those interested in learning more about FrodoKEM, post-quantum cryptography, and lattice-based cryptography, the following resources provide valuable insights: The official FrodoKEM website: https://frodokem.org/ (opens in new tab), which contains, among several other resources, FrodoKEM’s specification document. The official FrodoKEM software library: https://github.com/Microsoft/PQCrypto-LWEKE (opens in new tab), which contains reference and optimized implementations of FrodoKEM written in C and Python. NIST’s Post-Quantum Cryptography Project: https://csrc.nist.gov/projects/post-quantum-cryptography (opens in new tab). Microsoft’s blogpost on its transition plan for PQC: https://techcommunity.microsoft.com/blog/microsoft-security-blog/microsofts-quantum-resistant-cryptography-is-here/4238780 (opens in new tab). A comprehensive survey on lattice-based cryptography: Peikert, C. “A Decade of Lattice Cryptography.” Foundations and Trends in Theoretical Computer Science. (2016) A comprehensive tutorial on modern lattice-based schemes, including ML-KEM and ML-DSA: Lyubashevsky, V. “Basic Lattice Cryptography: The concepts behind Kyber (ML-KEM) and Dilithium (ML-DSA).” https://eprint.iacr.org/2024/1287 (opens in new tab). (2024) Opens in a new tab

John Edwards, Technology Journalist & AuthorMay 26, 20255 Min ReadLuis Moreira via Alamy Stock PhotoStructured data, such as names and phone numbers, fits neatly into rows and columns. Unstructured data, however, has no fixed scheme, and may have a highly complex format such as audio files or web pages. Unfortunately, there's no single best way to effectively manage unstructured data. On the bright side, there are several approaches that can be used to successfully tackle this critical, yet persistently elusive challenge. Here are five tested ways to achieve effective unstructured data management from experts who participated in online interviews. Tip 1. Use AI-powered vector databases combined with retrieval-augmented generation "One of the most effective methods I've seen is using AI-powered vector databases combined with retrieval augmented generation," says Anbang Xu, founder of AI video generator firm Jogg.AI. A former senior software engineer at Google, Xu suggests that instead of forcing unstructured data into rigid schemas, using vector databases will allow enterprises to store and retrieve data based on contextual meaning rather than exact keyword matches. "This is especially powerful for text, audio, video, and image data, where traditional search methods fall short," he notes.  For example, Xu says, organizations using AI-powered embeddings can organize and query vast amounts of unstructured data by meaning rather than syntax. "This is what powers advanced AI applications like intelligent search, chatbots, and recommendation systems," he explains. "At Jogg.AI, we’ve seen first-hand how AI-driven indexing and retrieval make it significantly easier to turn raw, unstructured data into actionable insights." Related:Tip 2. Take a schema-on-read approach Another innovative approach to managing unstructured data is schema-on-read. "Unlike traditional databases, which define the schema -- the data's structure -- before it's stored, schema-on-read defers this process until the data is actually read or queried," says Kamal Hathi, senior vice president and general manager of machine-generated data monitoring and analysis software firm at Splunk, a Cisco company. This approach is particularly effective for unstructured and semi-structured data, where the schema is not predefined or rigid, Hathi says. "Traditional databases require a predefined schema, which makes working with unstructured data challenging and less flexible." The key advantage of schema-on-read is that it enables users to work with raw data without needing to apply traditional extract-transform-load (ETL) processes, Hathi states. "This, in turn, allows for working with the diversity typically seen in machine-generated data, such as system and application telemetry logs." Related:Tip 3. Look to the cloud Manage unstructured data by integrating it with structured data in a cloud environment using metadata tagging and AI-driven classifications, suggests Cam Ogden, a senior vice president at data integrity firm Precisely. "Traditionally, structured data -- like customer databases or financial records -- reside in well-organized systems such as relational databases or data warehouses," he says. However, to fully leverage all of their data, organizations need to break down the silos that separate structured data from other forms of data, including unstructured data such as text, images, or log files. This is where the cloud comes into play. Integrating structured and unstructured data in the cloud allows for more comprehensive analytics, enabling organizations to extract deeper insights from previously siloed information, Ogden says. AI-powered tools can classify and enrich both structured and unstructured data, making it easier to discover, analyze, and govern in a central platform, he notes. "The cloud offers the scalability and flexibility required to handle large volumes of data while supporting dynamic analytics workloads." Additionally, cloud platforms offer advanced data governance capabilities, ensuring that both structured and unstructured data remain secure, compliant, and aligned with business objectives. "This approach not only optimizes data management but also positions organizations to make more informed and effective data-driven decisions in real-time." Related:Tip 4. Use AI-powered classification and indexing One of the best ways to get a grip on unstructured data is to use AI-powered classification and indexing, says Adhiran Thirmal, a senior solutions engineer at cybersecurity firm Security Compass. "With machine learning (ML) and natural language processing (NLP), you can automatically sort, tag, and organize data based on its content and context," he explains. "Pairing this approach with a scalable data storage system, like a data lake or object storage, makes it easier to find and use information when you need it." AI takes the manual work out of organizing data, Thirmal says. "No more wasting time digging through files or struggling to keep things in order," he states. "AI can quickly surface the information you need, reducing human error and improving efficiency. It's also excellent for compliance, ensuring sensitive data -- like personal or financial information -- is properly handled and protected." Tip 5. Create a unified, sovereign data platform An innovative approach to managing unstructured data goes beyond outdated data lake methods, says Benjamin Anderson, senior vice president of technology at database services provider EnterpriseDB. A unified, sovereign data platform integrates unstructured, semi-structured, and structured data in a single system, eliminating the need for separate solutions. "This approach delivers quality-of-service features previously available only for structured data," he explains. "With a hybrid control plane, organizations can centrally manage their data across multiple environments, including various cloud platforms and on-premises infrastructure." When it comes to managing diverse forms of data, whether structured, unstructured, or semi-structured, the traditional approach required multiple databases and storage solutions, adding operational complexity, cost, and compliance risk, Anderson notes. "Consolidating structured and unstructured data into a single multi-model data platform will help accelerate transactional, analytical, and AI workloads." About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

John Edwards, Technology Journalist & AuthorMay 26, 20255 Min ReadLuis Moreira via Alamy Stock PhotoStructured data, such as names and phone numbers, fits neatly into rows and columns. Unstructured data, however, has no fixed scheme, and may have a highly complex format such as audio files or web pages. Unfortunately, there's no single best way to effectively manage unstructured data. On the bright side, there are several approaches that can be used to successfully tackle this critical, yet persistently elusive challenge. Here are five tested ways to achieve effective unstructured data management from experts who participated in online interviews. Tip 1. Use AI-powered vector databases combined with retrieval-augmented generation "One of the most effective methods I've seen is using AI-powered vector databases combined with retrieval augmented generation," says Anbang Xu, founder of AI video generator firm Jogg.AI. A former senior software engineer at Google, Xu suggests that instead of forcing unstructured data into rigid schemas, using vector databases will allow enterprises to store and retrieve data based on contextual meaning rather than exact keyword matches. "This is especially powerful for text, audio, video, and image data, where traditional search methods fall short," he notes.  For example, Xu says, organizations using AI-powered embeddings can organize and query vast amounts of unstructured data by meaning rather than syntax. "This is what powers advanced AI applications like intelligent search, chatbots, and recommendation systems," he explains. "At Jogg.AI, we’ve seen first-hand how AI-driven indexing and retrieval make it significantly easier to turn raw, unstructured data into actionable insights." Related:Tip 2. Take a schema-on-read approach Another innovative approach to managing unstructured data is schema-on-read. "Unlike traditional databases, which define the schema -- the data's structure -- before it's stored, schema-on-read defers this process until the data is actually read or queried," says Kamal Hathi, senior vice president and general manager of machine-generated data monitoring and analysis software firm at Splunk, a Cisco company. This approach is particularly effective for unstructured and semi-structured data, where the schema is not predefined or rigid, Hathi says. "Traditional databases require a predefined schema, which makes working with unstructured data challenging and less flexible." The key advantage of schema-on-read is that it enables users to work with raw data without needing to apply traditional extract-transform-load (ETL) processes, Hathi states. "This, in turn, allows for working with the diversity typically seen in machine-generated data, such as system and application telemetry logs." Related:Tip 3. Look to the cloud Manage unstructured data by integrating it with structured data in a cloud environment using metadata tagging and AI-driven classifications, suggests Cam Ogden, a senior vice president at data integrity firm Precisely. "Traditionally, structured data -- like customer databases or financial records -- reside in well-organized systems such as relational databases or data warehouses," he says. However, to fully leverage all of their data, organizations need to break down the silos that separate structured data from other forms of data, including unstructured data such as text, images, or log files. This is where the cloud comes into play. Integrating structured and unstructured data in the cloud allows for more comprehensive analytics, enabling organizations to extract deeper insights from previously siloed information, Ogden says. AI-powered tools can classify and enrich both structured and unstructured data, making it easier to discover, analyze, and govern in a central platform, he notes. "The cloud offers the scalability and flexibility required to handle large volumes of data while supporting dynamic analytics workloads." Additionally, cloud platforms offer advanced data governance capabilities, ensuring that both structured and unstructured data remain secure, compliant, and aligned with business objectives. "This approach not only optimizes data management but also positions organizations to make more informed and effective data-driven decisions in real-time." Related:Tip 4. Use AI-powered classification and indexing One of the best ways to get a grip on unstructured data is to use AI-powered classification and indexing, says Adhiran Thirmal, a senior solutions engineer at cybersecurity firm Security Compass. "With machine learning (ML) and natural language processing (NLP), you can automatically sort, tag, and organize data based on its content and context," he explains. "Pairing this approach with a scalable data storage system, like a data lake or object storage, makes it easier to find and use information when you need it." AI takes the manual work out of organizing data, Thirmal says. "No more wasting time digging through files or struggling to keep things in order," he states. "AI can quickly surface the information you need, reducing human error and improving efficiency. It's also excellent for compliance, ensuring sensitive data -- like personal or financial information -- is properly handled and protected." Tip 5. Create a unified, sovereign data platform An innovative approach to managing unstructured data goes beyond outdated data lake methods, says Benjamin Anderson, senior vice president of technology at database services provider EnterpriseDB. A unified, sovereign data platform integrates unstructured, semi-structured, and structured data in a single system, eliminating the need for separate solutions. "This approach delivers quality-of-service features previously available only for structured data," he explains. "With a hybrid control plane, organizations can centrally manage their data across multiple environments, including various cloud platforms and on-premises infrastructure." When it comes to managing diverse forms of data, whether structured, unstructured, or semi-structured, the traditional approach required multiple databases and storage solutions, adding operational complexity, cost, and compliance risk, Anderson notes. "Consolidating structured and unstructured data into a single multi-model data platform will help accelerate transactional, analytical, and AI workloads." About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Artificial intelligence (AI) relies on vast amounts of data. Enterprises that take on AI projects, especially for large language models (LLMs) and generative AI (GenAI), need to capture large volumes of data for model training as well as to store outputs from AI-enabled systems. That data, however, is unlikely to be in a single system or location. Customers will draw on multiple data sources, including structured data in databases and often unstructured data. Some of these information sources will be on-premises and others in the cloud. To deal with AI’s hunger for data, system architects need to look at storage across storage area networks (SAN), network attached storage (NAS), and, potentially, object storage. In this article, we look at the pros and cons of block, file and object storage for AI projects and the challenges of finding the right blend for organisations. The current generation of AI projects are rarely, if ever, characterised by a single source of data. Instead, generative AI models draw on a wide range of data, much of it unstructured. This includes documents, images, audio and video and computer code, to name a few. Everything about generative AI is about understanding relationships. You have the source data still in your unstructured data, either file or object, and your vectorised data sitting on block Patrick Smith, Pure Storage When it comes to training LLMs, the more data sources the better. But, at the same time, enterprises link LLMs to their own data sources, either directly or through retrieval augmented generation (RAG) that improves the accuracy and relevance of results. That data might be documents but can include enterprise applications that hold data in a relational database. “A lot of AI is driven by unstructured data, so applications point at files, images, video, audio – all unstructured data,” says Patrick Smith, field chief technology officer EMEA at storage supplier Pure Storage. “But people also look at their production datasets and want to tie them to their generative AI projects.” This, he adds, includes adding vectorisation to databases, which is commonly supported by the main relational database suppliers, such as Oracle. For system architects who support AI projects, this raises the question of where best to store data. The simplest option would be to leave data sources as they are, but this is not always possible. This could be because data needs further processing, the AI application needs to be isolated from production systems, or current storage systems lack the throughput the AI application requires. In addition, vectorisation usually leads to large increases in data volumes – a 10 times increase is not untypical – and this puts more demands on production storage. This means that storage needs to be flexible and needs to be able to scale, and AI project data handling requirements differ during each stage. Training demands large volumes of raw data, inference – running the model in production – might not require as much data but needs higher throughput and minimal latency. Enterprises tend to keep the bulk of their unstructured data on file access NAS storage. NAS has the advantages of being relatively low cost and easier to manage and scale than alternatives such as direct-attached storage (DAS) or block access SAN storage. Structured data is more likely to be block storage. Usually this will be on a SAN, although direct attached storage might be sufficient for smaller AI projects. Here, achieving the best performance – in terms of IOPS and throughput from the storage array – offsets the greater complexity of NAS. Enterprise production systems, such as enterprise resource planning (ERP) and customer relationship management (CRM), will use SAN or DAS to store their data in database files. So, in practice, data for AI is likely to be drawn data from SAN and NAS environments. “AI data can be stored either in NAS or SAN. It’s all about the way the AI tools want or need to access the data,” says Bruce Kornfeld, chief product officer at StorMagic. “You can store AI data on a SAN, but AI tools won’t typically read the blocks. They’ll use a type of file access protocol to get to the block data.” It is not necessarily the case that one protocol will better than the other. It depends very much on the nature of the data sources and on the output of the AI system For a primarily document or image-based AI system, NAS might be fast enough. For an application such as autonomous driving or surveillance, systems might use a SAN or even high-speed local storage. Again, data architects will also need to distinguish between training and inference phases of their projects and consider whether the overhead of moving data between storage systems outweighs performance benefits, especially in training. This has led some organisations to look at object storage as a way of unifying data sources for AI. Object storage is increasingly in use with enterprises, and not just in cloud storage – on-premise object stores are gaining market share too. Object has some advantages for AI, not least its flat structure and global name space, (relatively) low management overheads, ease of expansion and low cost. Performance, however, has not been a strength for object storage. This has tended to make it more suited to tasks such as archiving than applications that demand low latency and high levels of data throughput. Suppliers are working to close the performance gap, however. Pure Storage and NetApp sell storage systems that can handle file and object and, in some cases, block too. These include Pure’s FlashBlade, and hardware that runs NetApp’s OnTap storage operating system. These technologies give storage managers the flexibility to use the best data formats, without creating silos tied to specific hardware. Others, such as Hammerspace, with its Hyperscale NAS, aim to squeeze additional performance out of equipment that runs the network file system (NFS). This, they argue, prevents bottlenecks where storage fails to keep up with data-hungry graphics processing units (GPUs). But until better-performing object storage systems become more widely available, or more enterprises move to universal storage platforms, AI is likely to use NAS, SAN, object and even DAS in combination. That said, the balance between the elements is likely to change during the lifetime of an AI project, and as AI tools and their applications evolve. At Pure, Smith has seen requests for new hardware for unstructured data, while block and vector database requirements are being met for most customers on existing hardware. “Everything about generative AI is about understanding relationships,” he says. “You have the source data still in your unstructured data, either file or object, and your vectorised data sitting on block.” Read more about AI and storage Storage technology explained: AI and data storage: In this guide, we examine the data storage needs of artificial intelligence, the demands it places on data storage, the suitability of cloud and object storage for AI, and key AI storage products. Storage technology explained: Vector databases at the core of AI: We look at the use of vector data in AI and how vector databases work, plus vector embedding, the challenges for storage of vector data and the key suppliers of vector database products.

In February 2024, CNN reported, “A finance worker at a multinational firm was tricked into paying out $25 million to fraudsters using deepfake technology to pose as the company’s chief financial officer in a video conference call.” In Europe, a second firm experienced a multimillion-dollar fraud when a deepfake emulated a board member in a video allegedly approving a fraudulent transfer of funds. “Banks and financial institutions are particularly at risk,” said The Hack Academy. “A study by Deloitte found that over 50% of senior executives expect deepfake scams to target their organizations soon. These attacks can undermine trust and lead to significant financial loss.”  Hack Academy went on to say that AI-inspired security attacks weren’t confined to deepfakes. These attacks were also beginning to occur with increased regularity in the form of corporate espionage and misinformation campaigns. AI brings new, more dangerous tactics to traditional security attack methods like phishing, social engineering and the insertion of malware into systems. For CIOs, enterprise AI system developers, data scientists and IT network professionals, AI changes the rules and the tactics for security, given AI’s limitless potential for both good and bad. This is forcing a reset in how IT thinks about security against malicious actors and intruders. Related:How Bad Actors are Exploiting AI What exactly is IT up against? The AI tools that are available on the dark web and in public cyber marketplaces give security perpetrators a wide choice of AI weaponry. Also, IoT and edge networks now present much broader enterprise attack surfaces. Security threats can come in videos, phone calls, social media sites, corporate systems and networks, vendor clouds, IoT devices, network end points, and virtually any entry point into a corporate IT environment that electronic communications can penetrate. Here are some of the current AI-embellished security attacks that companies are seeing: Convincing deepfake videos of corporate executives and stakeholders that are intended to dupe companies in pursuing certain actions or transferring certain assets or funds. This deep faking also extends to voice simulations of key personnel that are left as voicemails in corporate phone systems.  Phishing and spearfishing attacks that send convincing emails (some with malicious attachments) to employees, who mistakenly open them because they think the sender is their boss, the CEO or someone else they perceive as trusted. AI supercharges these attacks because it can automate and send out a large volume of emails that hit many employee email accounts. That AI continues to “learn” with the help of machine learning so it can discover new trusted sender candidates for future attacks.   Related:Adaptive messaging that uses generative AI to craft messages to users that correct grammar and that “learn” from corporate communication styles so they can more closely emulate corporate communications that make them seem legitimate. Mutating code that uses AI to change malware signatures on the fly so antivirus detection mechanisms can be evaded. Data poisoning that occurs when a corporate or cloud provider’s AI data repository is injected by malware that alters (“poisons”) so the data produces erroneous and misleading results.  Fighting Back With Tech To combat these supercharged AI-based security threats, IT has number of tools, techniques and strategies it can consider. Fighting deepfakes. Deepfakes can come in the form of videos, voicemails and photos. Since deepfakes are unstructured data objects that can’t be parsed in their native forms like real data, there are new tools on the market that can convert these objects into graphical representations that can be analyzed to evaluate whether there is something in an object that should or shouldn’t be there. The goal is to confirm authenticity.  Related:Fighting phishing and spear phishing. A combination of policy and practice works best to combat phishing and spear phishing attacks. Both types of attacks are predicated on users being tricked into opening an email attachment that they believe is from a trusted sender, so the first line of defense is educating (and repeat-educating) users on how to handle their email. For instance, a user should notify IT if they receive an email that seems unusual or unexpected, and they should never open it. IT should also review its current security tools. Is it still using older security monitoring software that doesn’t include more modern technologies like observability, which can check for security intrusions or malware at more atomic levels?  Is IT still using IAM (identity access management) software to track user identities and activities at a top level in the cloud and on top and atomic levels on premises, or has it also added cloud identity entitlements management (CIEM), which gives it an atomic level view of  user accesses and activities in the cloud? Better yet, has IT moved to identity governance administration (IGA), which can serve as an over-arching umbrella for IAM and CIEM plugins, plus provide detailed audit reports and automated compliance across all platforms? Fighting embedded malware code. Malware can lie dormant in systems for months, giving a bad actor the option to activate it whenever the timing is right. It’s all the more reason for IT to augment its security staff with new skillsets, such as that of the “threat hunter,” whose job is to examine networks, data and systems on a daily basis, hunting down malware that might be lurking within, and destroying it before it activates. Fighting with zero-trust networks. Internet of Things (IoT) devices come into companies with little or no security because IoT suppliers don’t pay much attention to it and there is a general expectation that corporate IT will configure devices to the appropriate security settings. The problem is, IT often forgets to do this. There are also times when users purchase their own IoT gear, and IT doesn’t know about it. Zero-trust networks help manage this, because they detect and report on everything that is added, subtracted or modified on the network. This gives IT visibility into new, potential security breach points. A second step is to formalize IT procedures for IoT devices so that no IoT device is deployed without the device’s security first being set to corporate standards.  Fighting AI data poisoning. AI models, systems and data should be continuously monitored for accuracy. As soon as they show lowered levels of accuracy or produce unusual conclusions, the data repository, inflows and outflows should be examined for quality and non-bias of data. If contamination is found, the system should be taken down, the data sanitized, and the sources of the contamination traced, tracked and disabled. Fighting AI with AI. Most every security tool on the market today contains AI functionality to detect anomalies, abnormal data patterns and user activities. Additionally, forensics AI can dissect a security breach that does occur, isolating how it happened, where it originated from and what caused it. Since most sites don’t have on-staff forensics experts, IT will have to train staff in forensics skills. Fighting with regular audits and vulnerability testing. Minimally, IT vulnerability testing should be performed on a quarterly basis, and full security audits on an annual basis. If sites use cloud providers, they should request each provider’s latest security audit for review. An outside auditor can also help sites prepare for future AI-driven security threats, because auditors stay on top of the industry, visit many different companies, and see many different situations. An advanced knowledge of threats that loom in the future helps sites prepare for new battles. Summary AI technology is moving faster than legal rulings and regulations. This leaves most IT departments “on their own” to develop security defenses against bad actors who use AI against them.  The good news is that IT already has insights into how bad actors intend to use AI, and there are tools on the market that can help defensive efforts. What’s been missing is a proactive and aggressive battle plan from IT. That has to start now. 

Job SummaryChipcolate is hiring a Full-stack Engineer (Node + React) to craft end-to-end features for our high-throughput financial platform. You’ll write clean TypeScript on both server and client, design performant Postgres schemas, and ship delightful UIs that make complex agent activity feel effortless.Salary: €65 000 – €85 000 gross / yearLocation: Remote within ± 4 hours of Central European TimeEmployment type: Full-time, permanentAbout UsChipcolate is a small Italian company of craftsman-engineers who believe great software should be as elegant as it is robust. Historically we worked on embedded systems, web applications and 3D printing. At this time, we are working with a customer to build high-throughput financial services that power thousands of autonomous agents. We operate in a quite unstructured and flexible way, that’s the only way to get speed and quality.Mission: Empower our customer to be set for success from the get goLearn more: chipcolate.com · LinkedIn (@chipcolate) · GitHub (https://github.com/chipcolate)ResponsibilitiesDesign, implement and test REST services in Node.js (TypeScript) running on containerized infra.Model and optimize datasets in Postgres (including partitioning, indexes, materialized views).Build responsive front-ends in React with modern tooling (vite, shadcn-ui, tailwind).Use React Query / TanStack Query for data-fetching, caching and optimistic updates.Own end-to-end features: requirements → architecture → code → CI/CD → observability dashboards.Collaborate with SREs to keep our HA, multi-region stack secure and performant.Write automated tests (Jest, Playwright) and participate in blameless code reviews.Experience & QualificationsMust-have3 + years building production Node.js back-ends (Express/Fastify/Nest or similar).Solid SQL skills and deep understanding of Postgres internals (query planner, locking, tuning).React expertise: hooks, context, component composition, performance profiling.Proficiency with TypeScript, Git, CI pipelines and Docker.Comfortable taking a user story from Figma wireframe to deployed feature.Nice-to-haveWorked on OLAP / analytical workloads (e.g. column-store extensions, DuckDB, ClickHouse).Hands-on with React Query or comparable client caching libraries.Familiarity with event-driven architectures (Kafka, NATS, RabbitMQ).Experience with Supabase (self-hosted) on the backendExperience instrumenting apps with OpenTelemetry and Grafana.No degree required—show us shipped code, OSS commits, or anything that proves you can build.BenefitsFlexible hours & fully remoteFast growing environmentFun and innovative application domain20 days paid leave + local public holidaysCompetitive salaryApplication ProcessApply online with a CV (or GitHub profile) and a short note on your proudest “save-the-day” incident.Skill test.Cultural chat and Technical deep-dive with our CTO (60 min, system-design & live problem-solving).Offer within 7 working days or final interview.Ready to make high-stakes infrastructure feel effortless? Apply today—let’s engineer reliability together.Apply NowLet's start your dream job Apply now Meet JobCopilot: Your Personal AI Job HunterAutomatically Apply to Remote Full-Stack Programming JobsJust set your preferences and Job Copilot will do the rest-finding, filtering, and applying while you focus on what matters. Activate JobCopilot